CS 161: Computer Security

Announcements:

Project 1 is due Friday, September 25, 11:59 PM PT.
Homework 2 is due Monday, September 28, 11:59 PM PT.

Instructor: Nicholas Weaver

Lecture: Tu/Th, 12:30pm-2:00pm PT

Date	Lecture	Readings	Discussion	HW
Thu 08/27	Introduction (recording)	Optional: CS61C review Optional: G&T § 1.1, Craft § 1-1.1, 1.3	No discussion!	HW1
Mon 08/31	Project 1 released		x86, GDB, and Security Principles (solutions) (recording)
Tue 09/01	Security Principles (recording)	Notes (Principles) Notes (Design Patterns) Optional: G&T § 1.1.4, 3.4.6
Thu 09/03	Buffer Overflows (recording)	Notes, sections 1-6 Smashing The Stack For Fun And Profit Slides on a normal x86 function call, a crash, a control-flow diversion, and code injection Optional: G&T § 3.4, Craft § 6.1-6.3
Tue 09/08	Buffer Overflow Defenses (recording)	Notes Pointer Authentication Real World Exploit Example Optional: G&T § 9.4-9.5; Craft § 6.5-6.7	Software Security (solutions) (recording)
Thu 09/10	Cryptography - IND-CPA + One-Time Pads (recording)	Notes, sections 1-4 Enigma Machine Notebook Optional: G&T § 8.1.0-8.1.3, 8.1.6-8.1.7; Craft § 7.1, 7.3.2 - 7.3.3	Software Security (solutions) (recording)
Tue 09/15	Block Ciphers + Symmetric Key Encryption (recording)	Notes, sections 5-6 AES Demo Optional: Stick figure guide to AES, G&T § 8.1.0-8.1.3, 8.1.6-8.1.7; Craft § 7.1, 7.3.2 - 7.3.3	Cryptography I (solutions) (recording)	HW2
Thu 09/17	Integrity (MACs) + Pseudorandom Generators (recording)	Notes, sections 1-2 Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2; Craft § 7.5
Fri 09/18	Optional Lab 1 released
Tue 09/22	Public Key Exchange	Notes, section 1 Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2	Cryptography II
Thu 09/24	Public Key Encryption	Notes, section 2 Optional: G&T § 1.3.2, 1.3.4, 8.2.3, 8.3, 8.4.1, 8.4.3; Craft § 7.4.2
Fri 09/25	Project 1 due (11:59pm PT)
Tue 09/29	Integrity and Authentication + Key Management	Notes (Passwords) Notes (Key Management)	Cryptography III	HW3
Thu 10/01	CryptoFails		Cryptography III
Tue 10/06	Intro to Web + Same-Origin Policy		Midterm Review
Thu 10/08	SQL Injection + XSS
Fri 10/09	Midterm (5:00pm-7:00pm PT)
Mon 10/12	Project 2 released		Web Security I	HW4
Tue 10/13	Cookies + Session Management
Thu 10/15	CSRF + Phishing + UI Attacks
Fri 10/16	Optional Lab 1 due (11:59pm PT)
Fri 10/16	Optional Lab 2 released
Tue 10/20	Networking Background, TCP		Web Security II
Thu 10/22	Low-Level Network Attacks
Fri 10/23	Project 2 design doc due (11:59pm PT)
Tue 10/27	TLS		Web Security III	HW5
Thu 10/29	DNS		Web Security III
Tue 11/03	DNSSEC		Network Security I
Thu 11/05	Denial of Service
Fri 11/06	Project 2 due (11:59pm PT)
Fri 11/06	Project 3 released
Tue 11/10	Firewalls		Network Security II	HW6
Thu 11/12	Intrusion Detection		Network Security II
Tue 11/17	Network Censorship		Network Security III
Thu 11/19	Hardware Attacks		Network Security III
Tue 11/24	Project 3 due (11:59pm PT)		Miscellaneous Topics	HW7
Tue 11/24	Nuclear Weapons
Thu 11/26	Thanksgiving (No Lecture)
Tue 12/01	Personal Security		Final Review
Thu 12/03	Malcode, Reflections on Trusting Trust
Fri 12/04	Optional Lab 2 due (11:59pm PT)
Thu 12/17	Final exam (11:30am-2:30pm PT)