CS 465 Computer Security
BYU
|
Computer Science
Winter 2022
Section 1: MWF, 11:00am - 11:50am, TMCB 120
Navbar
Syllabus
Schedule
Lecture Material
Homework
Homework #1
Homework #2
Homework #3
Homework #4
Homework #5
Homework #6
Homework #7
Homework #8
Homework #9
Homework #10
Homework #11
Homework #12
Homework #13
Projects
Project #1: AES
Project #2: Hash Attack
Project #3: MAC Attack
Project #4: Diffie-Hellman
Project #5: RSA
Project #6: TLS
Project #7: Password Cracking
Project #8: Extracting Secrets
Project #9: Buffer Overflow
Project #10: S/MIME and PGP
Project #11: CTF Extra Credit
Help
Instructor and TAs
Office Hours
Midterm 1 Study Guide
Midterm 2 Study Guide
Class Slack Channel
Lectures and other Resources
Course Introduction
Course Introduction
Terminology
Applied Cryptography
Introduction to Cryptography
Lecture Slides - Cryptography into
History of Cryptography
AES
Lecture Slides
Last semster's Slides for this lecture
FIPS197
AES on Wikipedia
AES Flash Demo
(Try watching in Firefox... Chrome hates flash)
AES youtube Demo
Stick Figure Guide to AES
and
PDF version
Finite Field Multiply Examples
Block Cipher Modes
Lecture Slides
Wikipedia on Block Cipher Modes
Padding
How to Choose an Authenticated Encryption Mode
The Galois/Counter Mode of Operation (GCM)
Cryptographic Hash Functions
Lecture Slides
Wikipedia on
Cryptographic Hash Functions
Birthday Attack
SHA-1
SHA-3
Chinese researchers find first SHA-1 collision 2005
Google announces practical collision on SHA-1 Feb 2017
Class Slides for Hash Attack Discussion
Hash Collision Probabilities
Message Authentication Codes (MAC)
Lecture Slides
HMAC
Length Extension Atacks
Hash Length Extension Attacks
Flickr api length extension attack
Moxy Marlinspike's Crytographic Doom
Vaudenay's MAC attack
Class Slides for MAC Attack Discussion
Public Key Crypto
Diffie-Hellman
Lecture Slides
Wikipedia on
Diffie-Hellman
Math explanation on
Diffie-Hellman
Sample toy DH parameter generation python code
RSA
Lecture Slides
Wikipedia on
RSA
Please Stop Encrypting with RSA Directly
Extended Euclidean Calculation
Example #1
Extended Euclidean Calculation
Example #2
Certificates
Lecture Slides on PKI
Trusted 3rd Party
Verisign issues
DigiNotar
Certificate Hierarchies
Certificate Revocation Broken in Practice
Midterm #1
Study Guide
TLS -
Lecture Slides
First few seconds of an HTTPS connection
The Illustrated TLS Connection
Passwords and Authentication Processes
Lecture Slides
Beyond simple Authentication - Multifactor Auth and Password Vaults
An administrators Guide to Internet Password Research
Easy Ways to Build a Better P@$5w0rd (NIST)
How to Devise Passwords That Drive Hackers Away
Mickens - This World of Ours - and Gigantic Martian Insect Party
Buffer Overflow Attacks
Lecture Slides
Stack Frame Layout simplified
Smashing the Stack for Fun and Profit
Smashing the Stack for Fun and Profit (Today)
Smashing the Modern Stack for Fun and Profit
Secure Email
LectureSlides
Sources for S/MIME certificates
Why Johnny Can't Encrypt
Why Johnny Still Can't Encrypt
System Usability Scale
Filippo Valsorda's Why I'm giving up on PGP
Phishing article from Class
DKIM
SPF for email
Overview of DMARC
Authenticated Received Chain ARC
Integer Manipulation Vulnerabilties
Microsoft's Doc
Midterm #2
Study Guide