CS 161: Computer Security

Announcements:

Please fill out the introduction form before the start of the semester so we can plan the course according to your preferences.

Instructor: Nicholas Weaver

Lecture: Tu/Th, 6:30pm-8:00pm PT

Date	Lecture	Readings	Discussion	HW
Tue 01/19	Introduction	Optional: 61C review Optional: G&T § 1.1, Craft § 1-1.1, 1.3	No discussion	HW1
Thu 01/21	Security Principles	Notes (Principles) Notes (Design Patterns) Optional: G&T § 1.1.4, 3.4.6	No discussion
Mon 01/25	Project 1 released		61C Review, Security Principles
Tue 01/26	Buffer Overflows	Notes, sections 1-6 Smashing The Stack For Fun And Profit Slides on a normal x86 function call, a crash, a control-flow diversion, and code injection Optional: G&T § 3.4, Craft § 6.1-6.3
Thu 01/28	Buffer Overflow Defenses	Notes Pointer Authentication Real World Exploit Example Optional: G&T § 9.4-9.5; Craft § 6.5-6.7
Mon 02/01	Optional Lab 1 released		Memory Safety
Tue 02/02	Cryptography - IND-CPA + One-Time Pads	Notes, sections 1-4 Enigma Machine Notebook Optional: G&T § 8.1.0-8.1.3, 8.1.6-8.1.7; Craft § 7.1, 7.3.2 - 7.3.3
Thu 02/04	Block Ciphers + Symmetric Key Encryption	Notes, sections 5-6 AES Demo Optional: Stick figure guide to AES, G&T § 8.1.0-8.1.3, 8.1.6-8.1.7; Craft § 7.1, 7.3.2 - 7.3.3
Tue 02/09	Integrity (MACs) + Pseudorandom Generators	Notes, sections 1-2 Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2; Craft § 7.5	Cryptography I	HW2
Thu 02/11	Public Key Exchange	Notes, section 1 Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2	Cryptography I
Tue 02/16	Public Key Encryption	Notes, section 2 Optional: G&T § 1.3.2, 1.3.4, 8.2.3, 8.3, 8.4.1, 8.4.3; Craft § 7.4.2	Cryptography II
Thu 02/18	Voting + Blockchain	Risks of Cryptocurrencies How to make money with Bitcoin
Fri 02/19	Project 1 due (11:59pm PT)
Mon 02/22	Project 2 released		Cryptography III	HW3
Tue 02/23	Password Hashing + Signal + Tor	Notes (Passwords) Notes (Key Management)
Thu 02/25	Command Injection + SQL Injection	Web notes, section 5 Squigler demo
Tue 03/02	Intro to Web + Cookies	Web notes, section 1-3, 7	Midterm Review
Thu 03/04	CSRF + Stored XSS	Notes, section 6, 8 OWASP page on CSRF OWASP page on XSS
Fri 03/05	Midterm (Time TBA)
Tue 03/09	Reflected XSS + UI Attacks	Web notes, section 6 XSS Prevention Cheat Sheet Content Security Policy	Web Security I	HW4
Thu 03/11	Captchas + Networking Background	Networking notes, section 1
Fri 03/12	Project 2 design draft due (11:59pm PT)
Tue 03/16	Low-Level Network Attacks	Networking notes, sections 2-4	Web Security II
Thu 03/18	DNS	Networking notes, sections 8-9
Fri 03/19	Optional Lab 1 due (11:59pm PT)
Fri 03/19	Optional Lab 2 released
Tue 03/23	Spring Break (No Lecture)		Spring Break (No discussion)	HW5
Thu 03/25	Spring Break (No Lecture)		Spring Break (No discussion)
Tue 03/30	IP + TCP + TLS	Networking notes, sections 5-7	Web Security III
Thu 04/01	TLS (continued) + Denial of Service	Networking notes, section 7	Web Security III
Tue 04/06	DNSSEC	Networking notes, section 10	Network Security I	HW6
Thu 04/08	Intrusion Detection
Fri 04/09	Project 2 due (11:59pm PT)
Mon 04/12	Project 3 released		Network Security II
Tue 04/13	Abusing Intrusion Detection
Thu 04/15	Network Censorship + Malware	Firewalls notes
Tue 04/20	Malcode		Network Security III	HW7
Thu 04/22	Special Topics - Boeing 737-MAX + Quantum		Network Security III
Tue 04/27	Special Topics - Nukes + Tor + Side channels		Special Topics
Thu 04/29	Personal Security + Ask Nick Anything
Fri 04/30	Project 3 due (11:59pm PT)
Tue 05/04			Final Review
Thu 05/06
Fri 05/07	Optional Lab 2 due (11:59pm PT)
Fri 05/14	Final exam (11:30am-2:30pm PT)