CS 161: Computer Security

Announcements:

Homework 4 is due Friday, October 23, 11:59 PM PT.
Project 2 is released: spec, docs, starter code, userlib source code. The design doc draft is due Wednesday, October 28, 11:59 PM PT. The entire project is due Friday, November 13, 11:59 PM PT.
Optional: Lab 1 is due Friday, October 30, 11:59 PM PT.

Instructor: Nicholas Weaver

Lecture: Tu/Th, 12:30pm-2:00pm PT

Date	Lecture	Readings	Discussion	HW
Thu 08/27	Introduction (recording)	Optional: CS61C review Optional: G&T § 1.1, Craft § 1-1.1, 1.3	No discussion!	HW1
Mon 08/31	Project 1 released		x86, GDB, and Security Principles (solutions) (recording)
Tue 09/01	Security Principles (recording)	Notes (Principles) Notes (Design Patterns) Optional: G&T § 1.1.4, 3.4.6
Thu 09/03	Buffer Overflows (recording)	Notes, sections 1-6 Smashing The Stack For Fun And Profit Slides on a normal x86 function call, a crash, a control-flow diversion, and code injection Optional: G&T § 3.4, Craft § 6.1-6.3
Tue 09/08	Buffer Overflow Defenses (recording)	Notes Pointer Authentication Real World Exploit Example Optional: G&T § 9.4-9.5; Craft § 6.5-6.7	Software Security (solutions) (recording)
Thu 09/10	Cryptography - IND-CPA + One-Time Pads (recording)	Notes, sections 1-4 Enigma Machine Notebook Optional: G&T § 8.1.0-8.1.3, 8.1.6-8.1.7; Craft § 7.1, 7.3.2 - 7.3.3	Software Security (solutions) (recording)
Tue 09/15	Block Ciphers + Symmetric Key Encryption (recording)	Notes, sections 5-6 AES Demo Optional: Stick figure guide to AES, G&T § 8.1.0-8.1.3, 8.1.6-8.1.7; Craft § 7.1, 7.3.2 - 7.3.3	Cryptography I (solutions) (recording)	HW2
Thu 09/17	Integrity (MACs) + Pseudorandom Generators (recording)	Notes, sections 1-2 Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2; Craft § 7.5	Cryptography I (solutions) (recording)
Tue 09/22	Public Key Exchange (recording)	Notes, section 1 Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2	Cryptography II (solutions) (recording)
Thu 09/24	Public Key Encryption (recording)	Notes, section 2 Optional: G&T § 1.3.2, 1.3.4, 8.2.3, 8.3, 8.4.1, 8.4.3; Craft § 7.4.2
Fri 09/25	Project 1 due (11:59pm PT)
Mon 09/28	Optional Lab 1 released		Cryptography III (solutions) (recording)	HW3
Tue 09/29	Voting + Blockchain (recording)	Risks of Cryptocurrencies How to make money with Bitcoin
Thu 10/01	Password Hashing + Signal + Tor (recording)	Notes (Passwords) Notes (Key Management)
Mon 10/05	Project 2 soft release		Midterm Review
Tue 10/06	Command Injection + SQL Injection (recording)	Web notes, section 5 Squigler demo
Thu 10/08	Intro to Web + Cookies (recording)	Web notes, section 1-3, 7
Fri 10/09	Midterm (5:00pm-7:00pm PT)
Tue 10/13	CSRF + Stored XSS (recording)	Notes, section 6, 8 OWASP page on CSRF OWASP page on XSS	Web Security I (solutions) (recording)	HW4
Thu 10/15	Reflected XSS + UI Attacks (recording)	Web notes, section 6 XSS Prevention Cheat Sheet Content Security Policy	Web Security I (solutions) (recording)
Tue 10/20	Captchas + Networking Background (recording)	Networking notes, sections 1-3	Web Security II (solutions)
Thu 10/22	Low-Level Network Attacks (recording)	Networking notes, sections 1-3	Web Security II (solutions)
Tue 10/27	TCP/TLS		Web Security III	HW5
Wed 10/28	Project 2 design doc due (11:59pm PT)
Thu 10/29	DNS
Fri 10/30	Optional Lab 1 due (11:59pm PT)
Fri 10/30	Optional Lab 2 released
Tue 11/03	Optional Lecture (Election Week)		Review (optional)
Thu 11/05	Optional Lecture (Election Week)		Review (optional)
Tue 11/10	DNSSEC		Network Security I	HW6
Thu 11/12	Denial of Service
Fri 11/13	Project 2 due (11:59pm PT)
Fri 11/13	Project 3 released
Tue 11/17	Firewalls		Network Security II
Thu 11/19	Intrusion Detection		Network Security II
Tue 11/24	Network Censorship + Hardware Attacks		Network Security III	HW7
Thu 11/26	Thanksgiving (No Lecture)		Network Security III
Tue 12/01	Nuclear Weapons + Personal Security		Final Review
Thu 12/03	Malcode + Reflections on Trusting Trust
Fri 12/04	Project 3 due (11:59pm PT)
Fri 12/04	Optional Lab 2 due (11:59pm PT)
Thu 12/17	Final exam (11:30am-2:30pm PT)