Course Description Class Logistics & Grading Topics Important Dates List of Projects
Instructor: Prateek Saxena (prateeks at comp dot nus dot edu dot sg)
Room & Timings: Tue 10:00-12:00, COM1-VCRM
Semester: AY 2022/2023 Semester 1


  • The first lecture falls on a public holiday, so has been moved to Aug 11th 4-6pm SGT, COM1-VCRM

Course Description

Many practical examples of distributed systems are around us: public cloud services, client-server APIs, blockchains, online social networks, messaging platforms, and so on. These systems are designed to withstand adversarial environments and are often under real attacks. Security is at the heart of designing such systems. The module will expose you to both classical results and present-day research problems in distributed systems security. The class differs from distributed algorithms / systems classes in that we will spend disproportionately large effort talking about worst-case scenarios (e.g. arbitrarily malicious behavior, permissionless networks, etc).

Course Philosophy

The philosophy of this class: learn only a few things but learn them well. Of course, expect to know about many other exciting concepts and open problems. Distributed systems security is both a very practically relevant and a theoretical sub-field. The examples of algorithms you will see will be short and can appear deceptively simple at first glance. Some of the classical results you will see might appear unbelievable at first. You may find yourself spending considerable time internalizing a single concept, which will sharpen your analytical skills.

At the end of the class, you will:

  • Demonstrate complete understanding of one topic of our shared choice
  • Gain exposure to other interesting problems of active research

Research Topics & Readings

Lectures will provide the motivation and background for the following topics:
  • [ Lecture 1 Aug 9 Aug 11, 4 - 6pm, VC Room ] ) Overview; Logistics
    • Please attend the lecture to find out details
  • [ Lecture 2 Aug 16 ] Byzantine Broadcast and Agreement; Dolev-Strong protocol
  • [ Lecture 3 Aug 23] Simulation Attacks; FLM Impossibility; Digital Signatures; Proof-of- schemes
  • [ Lecture 4 Aug 30] Network Adversaries: Unreliable networks, Asynchronous networks, and Partitioning attacks
  • [ Lecture 5 Sep 6] Safety over Liveness: BFT & State-machine replication
  • [ Lecture 6 Sep 13] Liveness over Safety: Bitcoin; Longest-chain protocols; GHOST / Ethereum
  • Recess week
  • [ Lecture 7 Sep 27 ] Scaling Communication Costs: AlgoRand, Sharding, Parallel Chains
  • [ Lecture 8 Oct 4 ] Scaling Computation Costs: Cross-shard Transactions
  • [ Lecture 9 Oct 11 ] Scaling Computation Costs: Verifiable Off-chain computation
  • [ Lecture 10 Oct 18 ] Distributed Commit Protocols; HTLC; Bridges
  • [ Lecture 11 Oct 25 ] Challenges in Decentralized Web & Social Networks
  • [ Lecture 12 Nov 1] Challenges in Decentralized Learning
  • [ Lecture 13 Nov 8] Guest Lecture: Post Compromise Security

Class Logistics & Grades

This class is a research-focused class and not graded on the curve. It counts towards the computer systems cluster requirement for PhD students. I will explain the detailed logistics of the course in the first lecture. There will be no final exam, labs or tutorials. To get the most out of the class, please come to lectures, and ask lots of questions. Naive questions are often the best!

There are 3 components on which you will be tested:

  1. Term Paper. Write a paper about a problem / research question related to distributed systems security (see here for inspiration). Each group must pick a distinct paper to present. The topic will be agreed upon with the instructor by Aug 30th. Thereafter, you are requested to meet the instructor once midway through the semester to discuss your progress and agree on the scope of the final paper. You will be graded on a mid-term draft of the paper and the final submission (see first lecture slides for details).

  2. Class Presentation. A recorded 30-45 minute "lecture-style" presentation (with offline Q&A) of your final paper. Graded on clarity and correctness of exposition.

  3. Extended Learning Exercise. Most lectures will have an extended learning exercise, e.g. a fun problem to think about, a paper to read, and so on. The exercise is given during the lecture and is due in 10 days. Solve it on your own and submit your solution (PDF format) for any 1 lecture topic in this course.

The component weightage in assigning grades is:

  • (30 points) Class Presentation
  • (20 points) Mid-term draft of the paper
  • (20 points) Final term paper
  • (15 points) Extended Learning exercise
  • (15 points) Class and Forum participation
  • Automatic Extension on Submission timelines: You have a total quota of 72 hours for extensions. You can use all or part of it for any submission, without seeking the instructor's permission.

Who should take this class?

Please come for the first lecture or email me if you're unusre whether this class is for you.


The prerequisite is a firm foundation in undergraduate-level algorithms, security, and logic. Exceptions to prerequisite requirements are allowed with the permission of the instructor.

Note on Ethics

In this class, you will be exposed to several powerful attack techniques. This class is not an invitation exploit vulnerabilities in the wild without informed consent of all involved parties. Attacking someone else's computer system is an offence; you are expected to use your knowledge with discretion.

For all readings and assignments, please feel free to discuss with your peers and use the Internet. But, you should write up your own submissions and cite any external resources you utilize in your write-ups. All students must comply with NUS academic honesty policies.