Built up handful of handy features from a bare bones (single-process, almost no syscalls) operating system.

• Implemented userspace
  • Processes, threads, page faults, and appropriate syscalls
• Implemented thread priority
  • Scheduling, timers, deadlock avoidance in synchronization primitives
• Implemented a file system
  • Inodes, path resolution, caching, and appropriate syscalls

For prospective students: this class is fun, but fun and difficult aren’t mutually exclusive.

Source | Highly Recommended Reading

Title is a mouthful but that’s what it was officially labeled as! In addition to being a programming assignment this was a major exercise in secure design, so the source also includes a design document detailing the possible attack vectors and appropriate defenses. In particular the system was designed to allow trusted users to share files with each other using a client and an insecure data server. The goal was to allow for client’s to share arbitrarily large files, update + revoke access privileges, and modify files in such a way that it would be computationally infeasible for an attacker to recover information, modify a file silently, or impersonate another user even with full control over the storage server.

Implementation relies on traditional RSA, Argon2 for key derivation + password hashing, and generous applications of HMAC. Sadly still vulnerable to Rubber-hose Cryptanalysis.

Source | Relevant XKCD | Specification