Lecture Schedule

Date Subject Resources
Sept. 8-10 Week 1: Course intro. Security goals and principles, secret keys, brute force, bits of security
Sept. 15-17 Week 2: Thinking Securely. Classical ciphers, formal security notions, attack games
Sept. 22-24 Week 3: Encrypting data. Block ciphers, AES, cipher modes of operation, randomized encryption
Sept. 29-30 Week 4: Fingerprinting data. Random oracles, hash functions, the SHA family, birthday paradox, collisions, pre-image and second-preimage resistance
Oct. 6-8 Week 5: Authenticating data. Message authentication, message authentications codes, authenticated encryption, AES-GCM
Oct. 15 Week 6: Bootstrapping a shared secret. Public-key cryptography, public-key agreement, Diffie-Hellman, forward secrecy
Oct. 20-22 Week 7: Linking data to a public key. Digital signatures, forgeries, RSA signatures and padding
Oct. 27-29 Week 8: Linking a public key to an identity. Trust-on-first-use (SSH), Digital certificates, X.509
Nov 3-7 Fall reading week. No lectures.
Nov 10-12 Week 9: Server authentication. Public-key infrastructure, certificate authorities, revocation, pinning, trust stores
Nov. 17-19 Week 10: Securing the Transport Layer. Transport Layer Security (TLS), TLS handshake, ciphersuites, HTTP over TLS (HTTPS).
Nov. 24-26 Week 11: Client authentication. Secure password generation and storage.
Dec. 1-3 Week 12: Software security. A quick introduction to memory safety in software design through the lens of stack buffer overflows in the C programming language.
  • TBA
Dec. 8 Week 13: Course Review. Final lecture is Tuesday, Dec. 8th (No lecture Dec. 10th)