Class Schedule

Date Topic and Slides Recommended Readings Assignments
Week 1
09/29/2021 Course overview slides Security Engineering Chapter 1
10/01/2021 Introduction to security slides Multics Security Evaluation (Section 3.4.5) and Reflections on Trusting Trust
Week 2
10/04/2021 Software security: Buffer overflows slides
10/06/2021 Software security: Buffer overflows continued slides, inked Smashing the Stack for Fun and Profit [Corrected and reformatted, original] and Exploiting Format String Vulnerabilities and Once Upon a free()
10/08/2021 Software security: Buffer overflow defenses slides Re-read last readings :) Homework #1 due (11:59pm)
Week 3
10/11/2021 Software security: Misc and principles slides The Eternal War in Memory and Memory Safety in Chrome (2021)
10/13/2021 Cryptography: Introduction slides Security Engineering Ch5
10/15/2021 Cryptography: Symmetric encryption slides Keep reading the previous one! Lab #1a due (11:59pm)
Week 4
10/18/2021 Cryptography: Symmetric encryptionslides
10/20/2021 Cryptography: Block Cipher Modes, Hash functions and MACs slides
10/22/2021 Cryptography: Hash functions, MACs, and Asymmetric key crypto slides
Week 5
10/25/2021 Cryptography: Asymmetric key crypto slides Blog: Don't use RSA
10/27/2021 End of Cryptography and Web security: Certificates slides Certificate Transparency Lab #1b due (11:59pm)
10/29/2021 Web security: Overview and browser security model slides TLS 1.3 Illustrated
Week 6
11/01/2021 Web security: Web application security slides
11/03/2021 Cancelled
11/05/2021 Web security: Web application securityslides Strongly recommended: Advanced SQL Injection, XSS Cheat Sheet Homework #2 due (11:59pm)
Week 7
11/08/2021 Web security: Web application security slides
11/10/2021 Authentication slides
11/12/2021 Web privacy slides Final Project checkpoint #1 due (11:59pm)
Week 8
11/15/2021 Guest lecture: Alex Gantman (Qualcomm) Head of Product Security Engineering -- Not recorded None
11/17/2021 Anonymity slides None
11/19/2021 Mobile platform security slides Lab #2 due (11:59pm)
Week 9
11/22/2021 Usable security slides None
11/24/2021 Physical Security (fun, not important) -- Not recorded None
11/26/2021 No Class: Thanksgiving None Final Project checkpoint #2 due (11:59pm)
Week 10
11/29/2021 Guest lecture: Joe DeBlasio, Google Chrome -- Not recorded None Homework #3 due (11:59pm)
12/1/2021 Side channels pt1 slides None
12/3/2021 Guest lecture: Emily McReynolds, Law+Policy+Security -- Not recorded
Week 11
12/6/2021 Side channels pt2 slides None
12/8/2021 Surprise Security Topic -- Not Recorded Relevant readings: The Export of Cryptography in the 20th Century and the 21st, Diffie and Landau. Lawful Device Access without Mass Surveillance Risk: A Technical Design Discussion, Savage. Lab #3 due (11:59pm)
Materials on assignments page.
12/10/2021 Emerging technologies / Wrap-up -- On Zoom, see Canvas slides
Finals Week
12/13/2021 (No Meeting) None Final Project due (11:59pm)