Course Schedule Fall 2017
This schedule is subject to change. Please check back frequently.
| Week | Date | Lecture | Homework | Reading (optional for CMSC 23200) |
|---|---|---|---|---|
| Week 1 | Sep 25 |
The security mindset |
Cryptanalysis of the Windows Random Number Generator. Dorrendorf, Gutterman, Pinkas. CCS. 2007. | |
| Sep 27 |
Message integrity |
Homework 1 out
|
||
| Sep 29 |
Hash functions and pseudorandomness |
|||
| Week 2 | Oct 2 |
Confidentiality |
Project 1 out
|
On the Security of RC4 in TLS. AlFardan, Bernstein, Paterson, Poettering, Schuldt. USENIX Security. 2013. |
|
Oct 2
6–8pm |
Java minicourse (Ry. 255) |
|||
| Oct 4 |
Block ciphers |
Homework 1 due 6pm
Homework 2 out
Grad. paper response 1 due 6pm
|
||
| Oct 6 |
Public key cryptography |
|||
| Week 3 | Oct 9 |
RSA |
New directions in cryptography. Diffie, Hellman. Trans. Information Theory. 1976. | |
| Oct 11 |
Digital signatures |
Grad. paper response 2 due 6pm
|
||
| Oct 13 |
Key exchange and key management |
|||
| Week 4 | Oct 16 |
TLS and HTTPS |
Homework 2 due 6pm
Project 1 due 6pm
Project 2 out
|
Reining in the web with content security policy. Stamm, Sterne, Markham. WWW. 2010. |
| Oct 18 |
Web architecture |
Grad. paper response 3 due 6pm
|
||
| Oct 20 |
Web attacks and defenses |
|||
| Week 5 | Oct 23 |
Authenticating people |
Homework 3 out
|
Measuring real-world accuracies and biases in modeling password guessability. Ur, Segreti, Bauer, Christin, Cranor, Komanduri, Kurilova, Mazurek, Melicher, Shay. Usenix Security. 2015. |
| Oct 25 |
Authentication (cont.) and access control |
Grad. paper response 4 due 6pm
|
||
| Oct 27 |
No lecture |
|||
| Week 6 | Oct 30 |
Networking basics |
Project 2 due 6pm
Project 3 out
|
Bro: a system for detecting network intruders in real-time. Paxson. Computer Networks. 1999. |
| Nov 1 |
Network attacks |
Grad. paper response 5 due 6pm
|
||
| Nov 3 |
Network attacks (cont.) |
|||
| Week 7 | Nov 6 |
Network defenses |
Homework 3 due 6pm
Homework 4 out
|
The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). Shacham. CCS. 2007. |
| Nov 8 |
Memory safety |
Project 3 due 6pm
Project 4 out
Grad. paper response 6 due 6pm
|
||
| Nov 10 |
Memory safety (cont.) |
|||
| Week 8 | Nov 13 |
Isolation |
Tor: The second-generation onion router. Dingledine, Mathewson, Syverson. Usenix Security. 2004. | |
| Nov 15 |
Trusted computing and side channels |
Grad. paper response 7 due 6pm
|
||
| Nov 17 |
Anonymity |
Homework 4 due 6pm
|
||
| Week 9 | Nov 20 |
Web privacy |
Homework 5 out
Project 4 due 6pm
Project 5 out
|
Cookies That Give You Away: The Surveillance Implications of Web Tracking. Englehardt, Reisman, Eubank, Zimmerman, Mayer, Narayanan, Felten. WWW. 2015. |
| Nov 22 |
The underground economy |
Grad. paper response 8 due 6pm
|
||
| Nov 24 |
Thanksgiving break – No lecture |
|||
| Week 10 | Nov 27 |
Advanced threats |
||
| Nov 29 |
Human factors |
Grad. paper response 9 due 6pm
|
||
| Dec 1 |
Exam review |
Homework 5 due 6pm
|
||
| Week 11 | Dec 4 |
Project 5 due 6pm
|
Final Exam: Friday, December 8, 10:30am–12:30pm in Ry. 251
Unfortunately,
some articles require a paid subscription to a journal or digital library. These articles are linked
via the UChicago library proxy, and you must authenticate with your CNetID to view them.