| Week of |
Day |
Topic |
Reading |
Lec. notes |
Milestones |
| Aug 24 |
Tu |
|
Introduction, basic concepts |
Anderson 1, Saltzer and Schroeder 75 |
|
|
|
|
Th |
Ethics and responsibility |
Thompson 84 (alternate link), Schneier 08
|
|
|
| Aug 31 |
Tu |
|
Voting security |
Kohno et al. 04 |
|
Project 1 out |
|
|
Th |
Crypto intro |
Anderson 5.1-5.6 |
PDF |
|
| Sep 7 |
Tu |
|
Crypto intro + protocols |
Anderson 3, 5.7 |
PDF |
|
|
|
Th |
Crypto protocols 2 |
HAC 12, Cryptyc, Abadi96, Burrows89 |
PDF |
|
| Sep 14 |
Tu |
|
Crypto primitives |
HAC 6–9, 11 |
PDF |
|
|
|
Th |
Formalizing cryptography |
Goldwasser & Bellare ch. 5–6, 8; see also Bellare98 |
PDF |
|
| Sep 21 |
Tu |
|
Guest Lecture: Distributed systems (Byzantine) |
Anderson 6; Castro and Liskov 99 (Optional) |
|
Project 1, part 1 due |
|
|
Th |
Guest Lecture: Buffer Overflow, Return to libc, and other x86 security vulnerabilites |
Shacham 07 (Section 1 only) |
|
|
| Sep 28 |
Tu |
|
Zero knowledge |
|
notes 1 (PDF) notes 2 (PDF) |
|
|
|
Th |
OS security basics |
Lampson71, ClarkWilson87, Anderson: read 4, skim 8-10 |
|
Project 1, part 2 due |
| Oct 5 |
Tu |
|
Final project introduction |
|
|
|
|
|
Th |
OS security architectures |
Plan 9, KeyKOS/KeySAFE |
|
|
| Oct 12 |
Tu |
|
No class (MIDTERM RECESS) |
|
|
|
Th |
TBD (DSW out of town) |
|
Final project proposals due |
| Oct 19 |
Tu |
|
Common OS vulnerabilities |
Provos02 (OpenSSH) |
|
|
|
|
Th |
Networking: TCP/IP, DNS |
Anderson 21, Friedl |
|
Cross-student feedback due |
| Oct 26 |
Tu |
|
Modern programming language basics |
Specifying and checking software workshop (many overview talks) |
|
|
|
|
Th |
Web security |
Chrome/Chromium, XSRF, Caja project |
|
|
| Nov 2 |
Tu |
|
TBD |
|
|
|
|
Th |
Distributed systems (Rational) |
|
|
Final project status milestone due |
| Nov 9 |
Tu |
|
Viruses, spam, intrusion detection |
Anderson 21, Graham02, Graham03 |
examples |
|
|
|
Th |
Smart cards & tamper resistance |
Anderson 11, 14, 16, Bunnie’s Xbox hacks |
|
Cross-student feedback due |
| Nov 16 |
Tu |
|
Tempest (& Smart Tempest) |
Unofficial TEMPEST page, Anderson 17 |
|
|
|
|
Th |
Untrusted platforms |
CT99, ST97, Anderson 22, 23 |
|
|
| Nov 23 |
Tu |
|
In-class public policy discussion |
Anderson 24-26 |
|
|
|
|
Th |
No class (THANKSGIVING) |
|
| Nov 30 |
Tu |
|
Final project presentations |
|
|
|
Th |
Final project paper due |