CS 161: Computer Security

Fall 2020 students: The tentative course website is at https://fa20.cs161.org/.

Announcements:

  • Final logistics have been released.
  • Homework 7 has been released. It is due Sunday, August 9 at 11:59pm PT.
  • Project 3 has been released. It is due Monday, August 10 at 11:59pm PT.

Instructors: Peyrin Kao and Ryan Lehmkuhl

Lecture: Online

Show/hide optional readings

Skip to current week

Date Lecture Readings Discussion HW
Mon
06/22
Introduction

Optional: CS61C review

No discussion! HW1
Tue
06/23
Security Principles

Notes (Principles)

Notes (Design Patterns)

Wed
06/24

Project 1 released

x86, GDB, and Security Principles (solutions)
Wed
06/24
Buffer Overflows

Notes

Smashing The Stack For Fun And Profit, by Aleph One

Thu
06/25
Buffer Overflow Defenses

Notes

Mon
06/29
IND-CPA, OTP and Block ciphers

Notes, sections 1-5

Software Security (solutions)HW2
Tue
06/30
Symmetric key encryption + PRG

Notes, section 6

AES Demo

Wed
07/01
Public Key Exchange

Notes, section 1

Cryptography I (solutions)
Thu
07/02
Public Key Encryption + Hashing

Notes, section 2

Mon
07/06
Integrity and Authentication + Key Management

Notes

Cryptography II (solutions)HW3
Tue
07/07

Project 1 due (11:59pm PT)

Tue
07/07
Hierarchical Key Management + Password Hashing

Notes (Key Management)

Notes (Passwords)

Wed
07/08
Networking Background

Notes, section 1-3

Networking terminology quick-reference

Cryptography III (solutions)
Thu
07/09
Networking Attacks - TCP and DHCP

Notes, section 4

Packet Capturing Demo

Mon
07/13

Midterm

No discussion! HW4
Mon
07/13
Midterm (no lecture)

None

Tue
07/14

Project 2 released

Tue
07/14
TLS

Notes, section 5

Wed
07/15
DNS

Notes, sections 6-7

Network Security I (solutions)
Thu
07/16
DNSSEC

Notes, sections 7-8

Reliable DNS Forgery in 2008: Kaminsky’s Discovery

Mon
07/20
Denial of Service

Notes, section 8

How DNSSEC Works

Network Security II (solutions)HW5
Tue
07/21
Firewalls

Notes

Wed
07/22

Project 2 design doc due (11:59pm PT)

Network Security III (solutions)
Wed
07/22
Intrusion Detection
Thu
07/23
Intro to web security, Same-origin policy

Same-origin policy

Mon
07/27
SQL Injection

SQL Injection Attacks by Example

Web Security I (solutions)HW6
Tue
07/28
XSS
Wed
07/29

Project 2 due (11:59pm PT)

Web Security II (solutions)
Wed
07/29
Cookies and Session Management

Cookies

Thu
07/30

Project 3 released

Thu
07/30
CSRF + Phishing

OWASP Cheatsheet Series (take a look at XSS, CSRF, SQL Injection, Clickjacking and Command Injection)

Mon
08/03
UI Attacks Web Security III (solutions)HW7
Tue
08/04
Anonymity, Tor
Wed
08/05
Bitcoin

Bitcoin Paper

Miscellaneous Topics
Thu
08/06
Bitcoin
Mon
08/10

Project 3 due (11:59pm PT)

Final Review
Mon
08/10

Optional Lecture: COVID-19 Contact Tracing (5:00pm-6:00pm PT)

Tue
08/11

Optional Lecture: Signal Protocol (5:00pm-5:30pm PT)

Tue
08/11

Optional Lecture: DNA Cryptography (5:30pm-6:00pm PT)

Wed
08/12

Optional Lecture: Using Buffer Overflows to Speedrun Super Mario Bros. 3 (5:00pm-6:00pm PT)

Thu
08/13

Final exam