CS 161: Computer Security
Instructors: Raluca Ada Popa and David Wagner
Lecture: M/W/F 1-2pm at Dwinelle 155
Date | Lecture | Readings | Discussion |
---|---|---|---|
Wed 01/22 |
Introduction | Required: If You Are Being Stalked by an Ex, an App Can’t Protect You Optional: G&T § 1.1, Craft § 1-1.1, 1.3] |
No discussion! |
Fri 01/24 |
Security principles | Notes on Principles for Building Secure Systems. Notes on Design Patterns for Building Secure Systems. Optional: G&T § 1.1.4, 3.4.6 |
|
Mon 01/27 |
Buffer overflows | Notes on Memory Safety. Smashing The Stack For Fun And Profit, by Aleph One Optional: G&T § 3.4, Craft § 6.1-6.3 |
x86, GDB, and Security Principles |
Wed 01/29 |
Memory safety | Slides from Matthias Vallentin on a Normal x86 function call, a crash, a control-flow diversion, and Code Injection. |
|
Fri 01/31 |
Memory Safety Defenses | Notes on Reasoning About Code Optional: G&T § 9.4-9.5; Craft § 6.5-6.7 |
|
Mon 02/03 |
Software Security | Notes on Secure Software Development Optional: G&T § 9.4-9.5; Craft § 6.5-6.7 Optional: Eevee’s guide for Testing for People Who Hate Testing |
Software Security |
Wed 02/05 |
Cryptography: Definitions | Notes. |
|
Fri 02/07 |
Block Ciphers and Symmetric key encryption | Notes. Optional: Stick figure guide to AES |
|
Mon 02/10 |
Symmetric key encryption | Cryptography I | |
Wed 02/12 |
Public Key Exchange |
[G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2; Craft § 7.5] |
|
Fri 02/14 |
Public Key Encryption | The Debian PGP disaster that almost was DSA requirements for random k value [G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2] |
|
Sat 02/15 |
Project 1 Party (4-7pm, Soda Hall - Wozniak Lounge) |
||
Sun 02/16 |
MT 1 Review (5-7pm, HP Auditorium) |
MT Review | |
Mon 02/17 |
Holiday | ||
Wed 02/19 |
Midterm 1 In-Class Review | Midterm 1 8:00-9:30pm, 150 Wheeler |
|
Fri 02/21 |
Hashing | ||
Mon 02/24 |
Integrity and Authentication | Notes. |
Cryptography II |
Tue 02/25 |
Homework 2a Due |
||
Wed 02/26 |
Key Management | ||
Fri 02/28 |
Hierarchical Key Management | ||
Mon 03/02 |
Network Security: Background | Networking terminology quick-reference. |
Cryptography III |
Wed 03/04 |
Network Background | [G&T § 5.1.3, 5.2.3, 5.3.3-5.3.4, 5.4.4; Craft § 5.3.1] |
|
Fri 03/06 |
Network Attacks: TCP, DHCP, DNS | G&T § 6.1.3 (pp. 278-284), 1.1.1, 7.1.2, 8.3 |
|
Sat 03/07 |
Networking Tutorial (5-7pm, HP Auditorium) |
||
Mon 03/09 |
Network Attacks: DNS | Reliable DNS Forgery in 2008: Kaminsky’s Discovery |
Network Security I |
Wed 03/11 |
DNSSEC | ||
Fri 03/13 |
Denial of Service | ||
Mon 03/16 |
Firewalls | Notes on Firewalls. |
Network Security II |
Wed 03/18 |
Intrusion Detection | ||
Fri 03/20 |
Detection, Secure Channels | ||
Mon 03/23 |
Spring break | No discussion! | |
Wed 03/25 |
Spring break | ||
Fri 03/27 |
Spring break | ||
Mon 03/30 |
TLS | G&T § 1.1.1, 7.1.2, 8.3 |
Network Security III |
Tue 03/31 |
Project 2 Implementation Due (11:59pm) |
||
Wed 04/01 |
Intro to WebSec, Same-origin policy | [G&T § 7.1.1, 7.1.3-7.1.4, 7.3.1-7.3.2, 7.3.4, 7.3.6; Craft § 12.1.1, 12.1.2, 12.1.3] |
|
Fri 04/03 |
SQL Injection | ||
Mon 04/06 |
Midterm 2 Review | Midterm 2 5:00-6:30pm |
No discussion! (Exam week) |
Tue 04/07 |
|||
Wed 04/08 |
XSS | ||
Fri 04/10 |
Session Management | OWASP Cheatsheet Series (take a look at XSS, CSRF, SQL Injection, Clickjacking and Command Injection) Secure Session Management With Cookies for Web Applications [G&T § 7.1.4, 7.2.1, 7.2.7, Craft § 12.1.4] Optional: “Cookies Lack Integrity” |
|
Mon 04/13 |
Session Management, CSRF | [G&T § 7.1.4, 7.2.1, 7.2.7; Craft § 12.1.4] |
Web Security I |
Wed 04/15 |
CSRF Defense; Phishing Attacks | ||
Fri 04/17 |
UI Attacks | Project 3-1 Due (11:59pm) |
|
Sat 04/18 |
|||
Mon 04/20 |
Electronic Voting | Web Security II | |
Wed 04/22 |
Anonymity, Tor | ||
Fri 04/24 |
Contact Tracing | ||
Mon 04/27 |
Bitcoin | Miscellaneous Topics | |
Wed 04/29 |
Bitcoin | ||
Fri 05/01 |
Certificate Transparency | ||
Sun 05/03 |
Project 3-2 Due |
||
Mon 05/04 |
RRR Week | ||
Wed 05/06 |
RRR Week | ||
Fri 05/08 |
RRR Week | ||
Mon 05/11 |
Finals Week | ||
Tue 05/12 |
Final (8-11am) |
||
Wed 05/13 |
Finals Week | ||
Fri 05/15 |
Finals Week |