Lecture Schedule

The syllabus below is subject to change as the semester progresses. For dates in the past, it reflects what has been covered; for dates in the future, it reflects potential topics which I might cover.

You are responsible for all the material referenced below, even if it not explicitly covered in class. (You are, of course, also responsible for material covered in class, even if it is not covered in the reading material below.) "P&P" refers to "Security in Computing" (3rd edition), by Pfleeger and Pfleeger. "KPS" refers to "Network Security: Private Communication in a Public World" (2nd edition), by Kaufman, Perlman, and Speciner.

I sometimes provide a copy of my slides for convenience. However, looking at these slides is not a substitute for attending lectures; they are just a guideline to what was covered in class.

Lecture Date Summary and Reading
1 Aug 31 Introduction, course overview, and why security is harder than it looks

Cryptography: Its Uses and Limitations

2 Sept 2 Introduction to cryptography; the public-key vs. private-key settings
  • Slides for lecture 2 (note that we covered material in class which is not contained on these slides)
  • KPS, Sections 2.1-2.4, 3.2
3 Sept 7 Private-key encryption: some simple schemes and why they are insecure; the one-time pad; security notions for private-key encryption
  • Slides for lecture 3
  • Stinson: "Cryptography: Theory and Practice (2nd edition)", Chapter 1 (available in the library). This is not required, but goes into more detail about how to attack the shift and substitution ciphers.
4 Sept 9 Private-key encryption: block ciphers; modes of encryption
  • Slides for lecture 4 (again, in class we covered more than what appears on these slides)
  • KPS, Sections 2.1-2.4, 3.1-3.3, 3.5, 4.1, 4.2, 4.4 (note: you are not required to know specific details about either DES or AES)
5 Sept 14 DES, 3-DES, and AES. Chosen-ciphertext attacks. Modular arithmetic and the basics for RSA
- Sept 16 (Class cancelled due to Rosh Hashana)
6 Sept 21 RSA, hybrid encryption
  • (There were no slides for this lecture. Specific topics covered include fast algorithms for modular exponentiation, primality testing and finding random primes, using RSA for encryption, why "textbook RSA" encryption is insecure and how to fix it, the importance of randomized encryption, and hybrid encryption.)
  • KPS, Sections 6.3.1-6.3.4, 6.6. (Section 7.4 was mentioned in class, but is not required),,
7 Sept 23 Message authentication: a definition of security and constructions. Hash functions and collision resistance. Signature schemes. Why the "textbook RSA" signature scheme is insecure and how to fix it
  • KPS, Sections 4.3, 5.1., 5.2.2
  • KPS, Sections 2.5.5, 2.6.5,
8 Sept 28 Bad crypto: when and why crypto fails. Some essays and case studies. The following articles are completely optional, and are intended for those who enjoy this sort of material
- Sept 30 (Class cancelled due to Sukkot)

System Security

9 Oct 5 System security, introduction to access control
*** Oct 7 First midterm
10 Oct 12 More on access control; general design principles
11 Oct 14 Capabilities; more on access control
12 Oct 19 Access control policies
13 Oct 21 Access control policies. Secure file systems/operating systems

Network Security Principles

14 Oct 26 Authentication protocols, passwords
15 Oct 28 Authentication protocols, other methods for authentication of human users
16 Nov 2 Authentication protocols. Key exchange.
17 Nov 4 Protocols for mutual authentication and key exchange: weaknesses, attacks, defenses, and principles
*** Nov 9 Second midterm
18 Nov 11 Authentication and mediated authentication
19 Nov 16 Exam review. Mediated authentication, Kerberos. Certificate authorities and PKI
20 Nov 18 PKI
21 Nov 23 Revocation. Anonymity The following are optional, and are for those who want to find out more about some topics discussed briefly in class:

Network Security in Practice

22 Nov 30 Real-world network security considerations. Real-world protocols: IPsec
  • Slides for lecture 22
  • For more details about the concept of network layers, see any book on computer networking; e.g., Section 1.3 of "Computer Networks, a Systems Approach (3rd edition)," by Peterson and Davie (on reserve in the CS library)
  • KPS, Chapter 16; Sections 17.1, 17.2.2, 17.3.1, 17.3.2, 17.5 (you do not need to memorize the details of the protocols, but you should understand the protocols in sufficient detail to explain them if they are given to you on an exam)
23 Dec 2 Real-world protocols for network security: IKE and SSL
  • Slides for lecture 23
  • KPS, Sections 18.4-18.6, 19.1-19.8, 19.12 (you do not need to memorize the details of the protocols, but you should understand the protocols in sufficient detail to explain them if they are given to you on an exam)
  • KPS, Sections 22.1-22.3 (even though we did not discuss PGP in this lecture, these sections just provide some overview of PGP reinforcing what we discussed in previous lectures)

Application-Level Security

24 Dec 7 Things that go wrong; buffer overflows, etc. The following references are optional:
25 Dec 9 Secure programming, web and mobile code security, viruses and worms The following references are optional:
Final exam Dec 16 Final exam --- 10:30 - 12:30 in 3117 CSIC