I400/H400/I590 Advanced Security and Privacy
Spring 2010

[ Home | Policies | Schedule | Project | Resources ]

Class Schedule

Date Topic Readings
Part I: An Overview of Security and Cryptography
Jan 12 Introduction and Administrivia
Jan 14 Access Control Matrix SM Ch. 1
Jan 19 Orange Book, Security Principles Readings:
SM Ch. 2,3
Orange Book. Preface, intro, Sections 5, 6, 8, 10, Appendices A, B, C, and Glossary. Skim rest.
Saltzer and Schroeder, Section 1A. Skim 1B.
Jan 21 Symmetric Crypto I: Caesar Cipher to AES SM Ch. 7.1–7.4
Jan 26 Symmetric Crypto II: Caesar Cipher to AES (contd.) SM Ch. 7.1–7.4
Jan 28 Public-Key Crypto I: Encryption, Signing, RSA SM Ch. 7.5
Feb 2 Public-Key Crypto II: Hash functions. SM Ch. 7.6
Patrick Tsang's article on cryptography and side channels
Feb 4 Crypto Practical Considerations SM Ch. 8
NIST-recommended key lengths, see Table 4 on p66,
Grad/Honors reading: Kocher's timing attacks paper, understand the attack. It's okay to skip complicated formulas
Feb 9 PKI

SM Ch. 10
My take on secure email communication
Feb 11 Authentication SM Ch. 9
Rainbow Tables
Grad Reading: Abadi and Needham paper on cryptographic protocols. Sections 1–4. Get the general idea for the remaining sections, and understand all the Principles.
Feb 16 OS Security SM Ch. 4, 6.4
Trusting trust
Spafford's article on the Morris Worm
Feb 18 Network Security SM Ch. 5
The insecurity of WEP
Feb 23 Hourly Exam I: Covers Part I of Course
Part II: Topics in Privacy
Feb 25 Guest Lecture: Kalpana Shankar A taxonomy of privacy (skim)
Mar 2 Hourly Exam 1 (part 2): Covers Part I of Course
Mar 4 Anonymizing Networks: Terminology, Tor, Attacks Anonymity Terminology (Pfitzmann, Hansen) (skim),
Murdoch and Danezis' paper on Traffic Analysis (skim)
Mar 9 Discussion about first exam
Mar 11 But I've Got Nothing to Hide Dan Solove's papers on "I've got nothing to hide"
Mar 16 Spring Break, no class
Mar 18 Spring Break, no class
Mar 23 Guest Lecture: Kelly Caine.
Electronic Health Records
Munchausen letter,
Shachak and Jadad article,
Tang et al. article
Mar 25 Electronic Documents SM Ch. 13
Mar 30 Social Networking: Facebook I Saving Facebook, Sections I and II
Apr 1 Social Networking: Facebook II Saving Facebook, Sections III, IV and V
Apr 6 Review session
Apr 8 Hourly Exam II: Covers Part II of Course
Part III: Revisiting Crypto Tools, Usable Security and Privacy
Apr 13 WEP Insecurity The insecurity of WEP
Apr 15 Merkle Trees, Rainbow Tables SM 7.6.3,
Rainbow Tables
Apr 20 Cloud Security: Outsourced Storage and Computation Gellman paper
Apr 22 Usable design I SM Ch. 18,
CG Ch. 2, 5
Apr 27 Usable design II CG Ch. 19, 21
Apr 27 Review Session in I-105, 8:30–9:30pm Review the final study guide
Apr 29 Project/Term-paper 5-minute presentations Upload presentations by Apr 28th!
May 4 Finals Week, no class
May 6 Class Final Exam, 5–7pm, Informatics West 107: Covers Entire Syllabus (Parts I, II, III of Course)