CS 465 Computer Security

Jan 3

Introduction

Slides: Introduction

Assignments

Due: Homework #1

Jan 5

Introduction

Slides: Terminology

Assignments

Jan 7

Cryptography

Slides: Cryptography

Assignments

Jan 10

Advanced Encryption Standard (AES)

Slides: AES

Assignments

Jan 12

No Class: Work on Project #1

Slides: AES

Assignments

Jan 14

Block Cipher Modes and Padding

Reading: How to Choose an Authenticated Encryption Mode
Reading: The Galois/Counter Mode of Operation (GCM)
Slides: Block Cipher Modes

Assignments

Due: Homework #2

Jan 17

Holiday --- No class

Assignments

Jan 18

Assignments

Due: Project #1: AES

Jan 19

Authenticated Encryption Modes

Reading: How to Choose an Authenticated Encryption Mode
Reading: The Galois/Counter Mode of Operation (GCM)
Slides: Block Cipher Modes

Assignments

Jan 20

Assignments

Due: Homework #3

Jan 21

Cryptographic Hash Functions

Reading: NIST Hash Project
Reading: Chinese researchers find first SHA-1 collision 2005
Reading: Google announces practical collision SHA-1, Feb 2017
Slides: Cryptographic Hash Functions

Hash Attack

Slides: Hash Attack Discussion

Assignments

Jan 24

Message Authentication Codes (MAC)

Reading: SHA-1 spec
Reading: Why I hate CBC-MAC
Slides: MAC

Assignments

Jan 25

Assignments

Due: Project #2: Hash Attack

Jan 26

Recap Hash Attack, Discuss MAC Attack

Slides: MAC Attack Discussion

Assignments

Jan 28

No Class: Work on MAC Attack HW & Project #3

Assignments

Due: Homework #4

Jan 31

Public-Key Cryptography

Slides: Intro + Diffie-Hellman

Assignments

Feb 1

Assignments

Due: Project #3: MAC Attack

Feb 2

Diffie-Hellman

Slides: Diffie-Hellman

Assignments

Feb 4

RSA Part 1

Slides: RSA
Please Stop Encrypting with RSA Directly

Assignments

Due: Homework #5

Feb 7

RSA Part 2

Slides: RSA

Assignments

Feb 8

Assignments

Due: Project #4: Diffie-Hellman

Feb 9

Public Key Infrastructure: Digital Certificates and Signatures

Slides: PKI

Assignments

Feb 11

No Class: Work on HW #6 and Project #5

Assignments

Due: Homework #6

Feb 14

In Class Review for Midterm Exam 1.

Slides: Midterm Exam 1 study guide

Assignments

Due: Homework #7

Feb 15

Due: Midterm #1 (first day in Testing Center)

Feb 16

No Class

Due: Midterm #1

Feb 17

Due: Midterm #1 (last day in Testing Center)

Feb 18

Transport Layer Security (TLS)

Reading: The First Few Milliseconds of an HTTPS Connection
Reading: The Illustrated TLS Connection
Slides: TLS

Assignments

Feb 19

Assignments

Feb 21

Holiday --- No class

Assignments

Due: Homework #8

Feb 22

Logjam TLS Attack

Reading: Weak Diffie-Hellman and the Logjam Attack
Reading: TLS, Pre-Master Secrets and Master Secrets

Assignments

Due: Project #5: RSA

Feb 23

TLS Wrap Up

Assignments

Feb 25

No Class: Work on Project #6

Assignments

Feb 26

Assignments

Due: Project #6: TLS

Feb 28

Midterm 1 Results Q/A

Hand back exams
Discuss commonly missed questions

Assignments

Mar 1

Assignments

Due: Homework #9

Mar 2

Passwords

Reading: Easy Ways to Build a Better P@$5w0rd (NIST)
Reading: How to Devise Passwords That Drive Hackers Away
Slides: Passwords

Assignments

Mar 4

Guest Lecture from Industry

Assignments

Mar 7

Passwords Continued/Multi-factor Authentication and Password Managers

Slides: Passwords
Slides: Multi-factor authentication and password vaults
Reading: An Administrator's Guide to Password Research

Assignments

Mar 8

Assignments

Due: Project #7: Password Cracking

Mar 9

Binary Layout/Exploitation and Buffer Overflows

Reading: Smashing the Stack For Fun and Profit
Reading: Smashing the Stack For Fun and Profit (Today)
Reading: Smashing the Stack in 2011
Reading: Smashing the Modern Stack for Fun and Profit
Slides: Stack Frame Layout Simplified
Slides: Buffer Overflow

Assignments

Mar 10

Assignments

Due: Homework #11

Mar 11

Binary Layout/Exploitation and Buffer Overflows 2

Reading: Smashing the Stack For Fun and Profit
Reading: Smashing the Stack For Fun and Profit (Today)
Reading: Smashing the Stack in 2011
Reading: Smashing the Modern Stack for Fun and Profit
Slides: Stack Frame Layout Simplified
Slides: Buffer Overflow

Assignments

Mar 14

Encryption Backdoor Debate -- Read in advance and come to class with 3 to 5 points in favor or against government surveillance of encrypted traffic that you found compelling

Assignments

Mar 15

Assignments

Mar 16

No Class: Work on HW #10 and Project #9

Assignments

Due: Homework #10

Mar 18

Holiday --- no class

Assignments

Mar 19

Assignments

Due: Project #9: Buffer Overflow

Mar 21

In Class Review for Midterm Exam 2.

Reading: Midterm Exam 2 study guide

Assignments

Mar 22

Due: Midterm #2 (first day in Testing Center)

Mar 23

No Class

Due: Midterm #2

Mar 24

Due: Midterm #2 (last day in Testing Center)

Mar 25

Guest Lecture from Industry

Assignments

Mar 28

Secure Email

Slides: Secure Email

Assignments

Mar 29

Assignments

Due: Project #8: Extracting Secrets

Mar 30

Secure Email Wrap Up

Slides: Secure Email

Assignments

Apr 1

No Class: Work on HW #12 and Project #10

Assignments

Apr 2

Assignments

Due: Homework #12

Apr 4

Midterm 2 Results Q/A

Hand back exams
Discuss commonly missed questions

Assignments

Apr 5

Assignments

Due: Project #10: Secure Email

Apr 6

Guest Lecture: Dr. Kent Seamons

Research in Security at BYU

Assignments

Apr 8

Social Engineering

Reading: Integer Manipulation Vulnerabilities: Microsoft Whitepaper
Slides: Social Engineering

Assignments

Apr 11

Provable Security

Zero-Knowledge Proofs

Just for fun we'll talk about this at a high-level

Assignments

Due: Homework #13

Apr 13

Trust & Rubber Ducky Demo

Reading: Reflections on Trusting Trust

Assignments

Due: Project #11: Extra Credit - last day for submission

Winter 2022

Section 1: MWF, 11:00am - 11:50am, TMCB 120

Schedule

Week 1

Week 2

Week 3

Week 4

Week 5

Week 6

Week 7

Week 8

Week 9

Week 10

Week 11

Week 12

Week 13

Week 14

Week 15