| Date |
Topic |
Readings |
|
Part I: An Overview of Security and Cryptography |
| Jan 12 |
Introduction and Administrivia |
|
| Jan 14 |
Access Control Matrix
|
SM Ch. 1 |
| Jan 19 |
Orange Book, Security Principles
|
Readings:
SM Ch. 2,3
Orange Book. Preface, intro, Sections 5, 6, 8, 10, Appendices A, B, C, and Glossary. Skim rest.
Saltzer and Schroeder,
Section 1A. Skim 1B.
|
| Jan 21 |
Symmetric Crypto I: Caesar Cipher to AES
|
SM Ch. 7.1–7.4
|
| Jan 26 |
Symmetric Crypto II: Caesar Cipher to AES (contd.)
|
SM Ch. 7.1–7.4
|
| Jan 28 |
Public-Key Crypto I: Encryption, Signing, RSA
|
SM Ch. 7.5
|
| Feb 2 |
Public-Key Crypto II: Hash functions.
|
SM Ch. 7.6
Patrick Tsang's article on cryptography and side channels
|
| Feb 4 |
Crypto Practical Considerations
|
SM Ch. 8
NIST-recommended key
lengths, see Table 4 on p66,
Grad/Honors reading: Kocher's timing attacks paper, understand the attack. It's okay to skip complicated formulas
|
| Feb 9 |
PKI
|
SM Ch. 10
My take on secure email communication |
| Feb 11 |
Authentication
|
SM Ch. 9
Rainbow
Tables
Grad Reading: Abadi and Needham paper on cryptographic protocols. Sections 1–4. Get the general idea for the remaining sections, and understand all the Principles.
|
| Feb 16 |
OS Security
|
SM Ch. 4, 6.4
Trusting trust
Spafford's article on the Morris Worm |
| Feb 18 |
Network Security
|
SM Ch. 5
The insecurity of WEP |
| Feb 23 |
Hourly Exam I: Covers Part I of Course |
|
Part II: Topics in Privacy |
| Feb 25 |
Guest Lecture: Kalpana Shankar |
A taxonomy of privacy (skim) |
| Mar 2 |
Hourly Exam 1 (part 2): Covers Part I of Course
|
|
| Mar 4 |
Anonymizing Networks: Terminology, Tor, Attacks
|
Anonymity Terminology
(Pfitzmann, Hansen) (skim),
Tor,
Murdoch and Danezis' paper
on Traffic Analysis (skim)
|
| Mar 9 |
Discussion about first exam
|
|
| Mar 11 |
But I've Got Nothing to Hide
|
Dan Solove's papers on "I've got nothing to
hide"
|
| Mar 16 |
Spring Break, no class |
| Mar 18 |
Spring Break, no class |
| Mar 23 |
Guest Lecture: Kelly Caine.
Electronic Health Records
|
Munchausen letter,
Shachak and Jadad article,
Tang et al. article
|
| Mar 25 |
Electronic Documents
|
SM Ch. 13 |
| Mar 30 |
Social Networking: Facebook I |
Saving
Facebook, Sections I and II |
| Apr 1 |
Social Networking: Facebook II |
Saving
Facebook, Sections III, IV and V |
| Apr 6 |
Review session |
|
| Apr 8 |
Hourly Exam II: Covers Part II of Course |
|
Part III: Revisiting Crypto Tools, Usable Security and Privacy |
| Apr 13 |
WEP Insecurity
|
The insecurity of WEP |
| Apr 15 |
Merkle Trees, Rainbow Tables
|
SM 7.6.3,
Rainbow
Tables
|
| Apr 20 |
Cloud Security: Outsourced Storage and Computation |
Gellman paper |
| Apr 22 |
Usable design I
|
SM Ch. 18,
CG Ch. 2, 5 |
| Apr 27 |
Usable design II
|
CG Ch. 19, 21 |
| Apr 27 |
Review Session in I-105, 8:30–9:30pm
|
Review the final study guide
|
| Apr 29 |
Project/Term-paper 5-minute presentations |
Upload presentations by Apr 28th! |
| May 4 |
Finals Week, no class |
| May 6 |
Class Final Exam, 5–7pm, Informatics
West 107: Covers Entire Syllabus (Parts I, II, III of Course) |