CS 161: Computer Security

Announcements:

Homework 3 is due Friday, February 26, 11:59 PM PT.
Project 2 is released. The design doc draft is due Friday, March 12, 11:59 PM PT.
Optional Lab 1 is due Friday, March 19, 11:59 PM PT.

Instructor: Nicholas Weaver

Lecture: Tu/Th, 6:30pm-8:00pm PT

Date	Lecture	Readings	Discussion	HW
Tue 01/19	Introduction (Youtube, Kaltura)	Optional: 61C review Memory Safety notes, section 1 C, x86, and GDB cheatsheet Project 1 Q1 video walkthrough Optional: Review videos Optional: G&T § 1.1, Craft § 1-1.1, 1.3	No discussion	HW1
Thu 01/21	Security Principles (Youtube, Kaltura)	Security Principles notes Optional: Review videos Optional: G&T § 1.1.4, 3.4.6	No discussion
Mon 01/25	Project 1 released		61C Review, Security Principles (solutions) (Youtube, Kaltura)
Tue 01/26	Buffer Overflows (Youtube, Kaltura)	Memory Safety notes, section 2 Smashing The Stack For Fun And Profit Slides on a normal x86 function call, a crash, a control-flow diversion, and code injection. Optional: Review videos Optional: G&T § 3.4, Craft § 6.1-6.3
Thu 01/28	Buffer Overflow Defenses (Youtube, Kaltura)	Memory Safety notes, section 3 Pointer Authentication Real World Exploit Example Optional: Review videos Optional: G&T § 9.4-9.5; Craft § 6.5-6.7
Mon 02/01	Optional Lab 1 released		Memory Safety (solutions) (Youtube, Kaltura)	HW2
Tue 02/02	IND-CPA + One-Time Pads + Block Ciphers + Symmetric Key Encryption (Youtube, Kaltura)	Cryptography notes, sections 1-3 Enigma Machine Notebook Optional: Review videos Optional: G&T § 8.1.0-8.1.3, 8.1.6-8.1.7; Craft § 7.1, 7.3.2 - 7.3.3
Thu 02/04	Symmetric Key Encryption (cont.) + Hashing + Integrity (MACs) + Pseudorandom Generators (Youtube, Kaltura)	Cryptography notes, sections 4-6 AES Demo Optional: Review videos Optional: Stick figure guide to AES, G&T § 8.1.0-8.1.3, 8.1.6-8.1.7; Craft § 7.1, 7.3.2 - 7.3.3
Tue 02/09	Pseudorandom Generators (cont.) + Public Key Exchange (Youtube, Kaltura)	Cryptography notes, section 7 Optional: Review videos Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2; Craft § 7.5	Symmetric-Key Cryptography (solutions) (Youtube, Kaltura) Exam Prep (solutions)
Thu 02/11	Public Key Encryption + Digital Signatures (Youtube, Kaltura)	Cryptography notes, sections 8-9 Optional: Review videos Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2
Tue 02/16	Certificates (Youtube, Kaltura)	Cryptography notes, section 10 Optional: Review videos Optional: G&T § 1.3.2, 1.3.4, 8.2.3, 8.3, 8.4.1, 8.4.3; Craft § 7.4.2	Asymmetric Cryptography (solutions) (Youtube, Kaltura)	HW3
Thu 02/18	Password Hashing + Blockchain (Youtube, Kaltura)	Cryptography notes, sections 11-12 Risks of Cryptocurrencies How to make money with Bitcoin Optional: Review videos
Fri 02/19	Project 1 due (11:59pm PT)
Mon 02/22	Project 2 released		Public Key Cryptography (solutions) (Youtube, Kaltura)
Tue 02/23	Signal + Tor (Youtube, Kaltura)	Optional: Review videos
Thu 02/25	Command Injection + SQL Injection	Web notes, section 5 Squigler demo
Tue 03/02	Intro to Web + Cookies	Web notes, section 1-3, 7	Midterm Review	HW4
Thu 03/04	CSRF + Stored XSS	Web notes, section 6, 8 OWASP page on CSRF OWASP page on XSS
Fri 03/05	Midterm (5:00pm-7:00pm PT)
Tue 03/09	Reflected XSS + UI Attacks	Web notes, section 6 XSS Prevention Cheat Sheet Content Security Policy	Web Security I
Thu 03/11	Captchas + Networking Background	Networking notes, section 1
Fri 03/12	Project 2 design doc draft due (11:59pm PT)
Tue 03/16	Low-Level Network Attacks	Networking notes, sections 2-4	Web Security II
Thu 03/18	DNS	Networking notes, sections 8-9
Fri 03/19	Optional Lab 1 due (11:59pm PT)
Fri 03/19	Optional Lab 2 released
Tue 03/23	Spring Break (No Lecture)		Spring Break (No discussion)	HW5
Thu 03/25	Spring Break (No Lecture)		Spring Break (No discussion)
Tue 03/30	IP + TCP + TLS	Networking notes, sections 5-7	Web Security III
Thu 04/01	TLS (continued) + Denial of Service	Networking notes, section 7	Web Security III
Tue 04/06	DNSSEC	Networking notes, section 10	Network Security I	HW6
Thu 04/08	Intrusion Detection
Fri 04/09	Project 2 due (11:59pm PT)
Mon 04/12	Project 3 released		Network Security II
Tue 04/13	Abusing Intrusion Detection
Thu 04/15	Network Censorship + Malware
Tue 04/20	Malcode		Network Security III	HW7
Thu 04/22	Special Topics - Boeing 737-MAX + Quantum		Network Security III
Tue 04/27	Special Topics - Nukes + Tor + Side channels		Special Topics
Thu 04/29	Personal Security + Ask Nick Anything
Fri 04/30	Project 3 due (11:59pm PT)
Tue 05/04	RRR Week		Final Review
Thu 05/06	RRR Week
Fri 05/07	Optional Lab 2 due (11:59pm PT)
Fri 05/14	Final exam (11:30am-2:30pm PT)