CS 465 Computer Security

Apr 27

Introduction

Slides: Introduction
Slides: Terminology

Assignments

Due: Homework #1

Apr 29

Cryptography, Advanced Encryption Standard (AES)

Slides: Cryptography
Slides: AES

Assignments

Apr 30

Assignments

Due: Homework #2

May 2

Advanced Encryption Standard (AES)

Slides: AES

Assignments

May 3

Assignments

Due: Project #1: AES

May 4

Block Cipher Modes and Padding

Reading: How to Choose an Authenticated Encryption Mode
Reading: The Galois/Counter Mode of Operation (GCM)
Slides: Block Cipher Modes

Assignments

May 6

Cryptographic Hash Functions

Reading: NIST Hash Project
Reading: Chinese researchers find first SHA-1 collision 2005
Reading: Google announces practical collision SHA-1, Feb 2017
Slides: Cryptographic Hash Functions

Hash Attack

Slides: Hash Attack Discussion
Slides: MAC

Assignments

Due: Homework #3

May 9

Message Authentication Codes (MAC), Public key cryptography

Reading: SHA-1 spec
Reading: Why I hate CBC-MAC
Slides: MAC
Slides: Intro + Diffie-Hellman

Assignments Due: Project #2: Hash Attack

May 10

Assignments

Due: Homework #4

May 11

RSA

Slides: Intro + Diffie-Hellman
Slides: RSA
Please Stop Encrypting with RSA Directly

Assignments

Due: Project #3: MAC Attack

May 12

Assignments

Due: Homework #5

May 13

Slides: RSA

Public Key Infrastructure: Digital Certificates and Signatures

Slides: PKI
Slides: Midterm Exam 1 study guide

Assignments

Due: Project #4: Diffie-Hellman

May 14

Assignments

Due: Homework #7

May 16

Public Key Infrastructure: Digital Certificates and Signatures, In class review for Midterm 1

Assignments

Due: Homework #6

Due: Midterm #1 (first day in Testing Center)

May 17

Due: Midterm #1 (last day in Testing Center)

May 18

Transport Layer Security (TLS)

Reading: The First Few Milliseconds of an HTTPS Connection
Reading: The Illustrated TLS Connection
Slides: TLS

Assignments

May 19

Assignments

Due: Homework #8

May 20

TLS Wrap Up, Midterm 1 Results Q/A

Slides: TLS
Reading: Weak Diffie-Hellman and the Logjam Attack
Reading: TLS, Pre-Master Secrets and Master Secrets

Assignments

Due: Project #5: RSA

May 23

Passwords

Reading: Easy Ways to Build a Better P@$5w0rd (NIST)
Reading: How to Devise Passwords That Drive Hackers Away
Slides: Passwords

Assignments

Due: Project #6: TLS

May 24

Assignments

Due: Homework #9

May 25

Passwords Continued/Multi-factor Authentication and Password Managers

Slides: Passwords
Slides: Multi-factor authentication and password vaults
Reading: An Administrator's Guide to Password Research

Assignments

Due: Project #7: Password Cracking

May 27

Binary Layout/Exploitation and Buffer Overflows

Reading: Smashing the Stack For Fun and Profit
Reading: Smashing the Stack For Fun and Profit (Today)
Reading: Smashing the Stack in 2011
Reading: Smashing the Modern Stack for Fun and Profit
Slides: Stack Frame Layout Simplified
Slides: Buffer Overflow

Assignments

Due: Homework #11

May 31

Assignments

Due: Homework #10

Jun 1

Continue Buffer Overflows, Secure Email

Reading: Integer Manipulation Vulnerabilities: Microsoft Whitepaper
Slides: Stack Frame Layout Simplified
Slides: Buffer Overflow
Slides: Secure Email

Assignments

Due: Project #9: Buffer Overflow

Jun 2

Due: Midterm #2 (first day in Testing Center)

Jun 3

No Class: Take midterm 2 + finish pending projects

Due: Midterm #2 (last day in Testing Center)

Jun 6

Continue Secure Email

Slides: Secure Email

Assignments

Due: Project #8: Extracting Secrets

Jun 7

Assignments

Due: Homework #12

Jun 8

Social Engineering

Slides: Social Engineering

Assignments

Due: Project #10: Secure Email

Jun 10

TBD

TBD, Research in Security, Review for final exam

Assignments

Due: Homework #13

Jun 13

No Class: Finish pending projects

Assignments

Due: Project #11: Extra Credit - last day for submission

Spring 2022

Section 1: MWF, 10:00am - 12:00pm, HBLL 3718

Schedule

Week 1

Week 2

Week 3

Week 4

Week 5

Week 6

Week 7

Week 8