| Lecture |
Date |
Summary and Reading |
| 1 |
Aug 31 |
Introduction, course overview, and why security is harder than it looks
|
Cryptography: Its Uses and Limitations |
| 2 |
Sept 2 |
Introduction to cryptography; the public-key vs. private-key settings
- Slides for lecture 2 (note that we covered material in class which is not contained on these slides)
- KPS, Sections 2.1-2.4, 3.2
|
| 3 |
Sept 7 |
Private-key encryption: some simple schemes and why they are insecure; the one-time pad; security notions for private-key encryption
- Slides for lecture 3
- Stinson: "Cryptography: Theory and Practice (2nd edition)", Chapter 1 (available in the library). This is not required, but goes into more detail about how to attack the shift and substitution ciphers.
|
| 4 |
Sept 9 |
Private-key encryption: block ciphers; modes of encryption
- Slides for lecture 4 (again, in class we covered more than what appears on these slides)
- KPS, Sections 2.1-2.4, 3.1-3.3, 3.5, 4.1, 4.2, 4.4 (note: you are not required to know specific details about either DES or AES)
|
| 5 |
Sept 14 |
DES, 3-DES, and AES. Chosen-ciphertext attacks.
Modular arithmetic and the basics for RSA
|
| - |
Sept 16 |
(Class cancelled due to Rosh Hashana)
|
| 6 |
Sept 21 |
RSA, hybrid encryption
- (There were no slides for this lecture.
Specific topics covered include fast algorithms for modular exponentiation, primality testing and finding random primes, using RSA for encryption, why "textbook RSA" encryption is insecure and how to fix it, the importance of randomized encryption, and hybrid encryption.)
- KPS, Sections 6.3.1-6.3.4, 6.6. (Section 7.4 was mentioned in class, but is not required), 6.3.6.1, 6.3.6.2
|
| 7 |
Sept 23 |
Message authentication: a definition of security and constructions. Hash functions and collision resistance. Signature schemes. Why the "textbook RSA" signature scheme is insecure and how to fix it
- KPS, Sections 4.3, 5.1., 5.2.2
- KPS, Sections 2.5.5, 2.6.5, 6.3.6.3
|
| 8 |
Sept 28 |
Bad crypto: when and why crypto fails. Some essays and case studies.
The following articles are completely optional, and are intended for those who enjoy this sort of material
|
| - |
Sept 30 |
(Class cancelled due to Sukkot)
|
System Security |
9 |
Oct 5 |
System security, introduction to access control
|
| *** |
Oct 7 |
First midterm
|
| 10 |
Oct 12 |
More on access control; general design principles
|
| 11 |
Oct 14 |
Capabilities; more on access control |
| 12 |
Oct 19 |
Access control policies
|
| 13 |
Oct 21 |
Access control policies. Secure file systems/operating systems
|
Network Security Principles |
| 14 |
Oct 26 |
Authentication protocols, passwords |
| 15 |
Oct 28 |
Authentication protocols, other methods for authentication of human users |
| 16 |
Nov 2 |
Authentication protocols. Key exchange. |
| 17 |
Nov 4 |
Protocols for mutual authentication and key exchange: weaknesses, attacks, defenses, and principles |
| *** |
Nov 9 |
Second midterm
|
| 18 |
Nov 11 |
Authentication and mediated authentication
|
| 19 |
Nov 16 |
Exam review. Mediated authentication, Kerberos. Certificate authorities and PKI
|
| 20 |
Nov 18 |
PKI
|
| 21 |
Nov 23 |
Revocation. Anonymity
The following are optional, and are for those who want to find out more about some topics discussed briefly in class:
|
Network Security in Practice |
| 22 |
Nov 30 |
Real-world network security considerations. Real-world protocols: IPsec
- Slides for lecture 22
- For more details about the concept of network layers, see any book on computer networking; e.g., Section 1.3 of "Computer Networks, a Systems Approach (3rd edition)," by Peterson and Davie (on reserve in the CS library)
- KPS, Chapter 16; Sections 17.1, 17.2.2, 17.3.1, 17.3.2, 17.5 (you do not need to memorize the details of the protocols, but you should understand the protocols in sufficient detail to explain them if they are given to you on an exam)
|
| 23 |
Dec 2 |
Real-world protocols for network security: IKE and SSL
- Slides for lecture 23
- KPS, Sections 18.4-18.6, 19.1-19.8, 19.12 (you do not need to memorize the details of the protocols, but you should understand the protocols in sufficient detail to explain them if they are given to you on an exam)
- KPS, Sections 22.1-22.3 (even though we did not discuss PGP in this lecture, these sections just provide some overview of PGP reinforcing what we discussed in previous lectures)
|
Application-Level Security |
| 24 |
Dec 7 |
Things that go wrong; buffer overflows, etc.
The following references are optional:
|
| 25 |
Dec 9 |
Secure programming, web and mobile code security, viruses and worms
The following references are optional:
- Secure Programming for Linux
- Shifting the Odds: Writing (More) Secure Software, by Bellovin
- Securing Java, by McGraw and Felten
- Proof-Carrying Code, by Necula
- Computer Virus-Antivirus Coevolution, by Nachenberg
- How to Own the Internet in Your Spare Time, by Staniford, Paxson, and Weaver
- The Morris Worm: How it Affected Computer Security and Lessons Learned by It, by Boettger
- The Future of Internet Worms, by Naxario, et al.
|
| Final exam |
Dec 16 |
Final exam --- 10:30 - 12:30 in 3117 CSIC |