Instructor:
Charalampos (Babis) Papamanthou
ECE Department
Email: cpap at umd.edu
Office: 3409 A.V. Williams Building
Office hours: Tuesday 5pm-6pm
TA:
Scott Zimmermann
Email: sczimmer at terpmail.umd.edu
Office: 1145 A.V. Williams Building
Office hours: Wednesday 2pm-3pm
Lecture Meeting times:
Tuesday and Thursday, 12:30pm-1:45pm
SPH 0308
Lectures will be published on this webpage after class.
Homework and programming assignments will be published on this webpage, but should be submitted through Canvas.
Discussions will be managed at Canvas. Please do use the discussions at Canvas and do not email the instructor or the TA individually with course-related questions.
| Date | Lectures | |
|---|---|---|
| 09/03/13 | Security goals and tools. Attacks from the real world. | Lecture 1 |
| 09/05/13 | Security principles. Symmetric key encryption. One-time pads. | Lecture 2 |
| 09/10/13 | Feistel/substitution ciphers. DES and AES algorithms. | Lecture 3 |
| 09/12/13 | Collision resistant hash functions. Birthday attacks. MACs. | Lecture 4 |
| 09/17/13 | SHA-2 algorithm. Applications and security properties of MACs. | Lecture 5 |
| 09/19/13 | Pseudorandomness. Introduction to public key encryption. | Lecture 6 |
| 09/24/13 | Number theory basics. Euclidean algorithm. | Lecture 7 |
| 09/26/13 | RSA encryption. Extended Euclidean algorithm. | Lecture 8 |
| 10/01/13 | Chinese remainder theorem. ElGamal encryption. | Lecture 9 |
| 10/03/13 | Digital signatures. Certificates. | Lecture 10 |
| 10/08/13 | Certification authorities. Kerberos authentication. | Lecture 11 |
| 10/10/13 | Diffie-Hellman key exchange. Schnorr's protocol. Anonymous commnunication and Tor. | Lecture 12 |
| 10/15/13 | Passwords and authentication. | Lecture 13 |
| 10/17/13 | Cracking passwords and rainbow tables. | Lecture 14 |
| 10/22/13 | Midterm exam. | No lecture |
| 10/24/13 | Midterm solutions. | Lecture 15 |
| 10/29/13 | Access control. Information flow. Linux permissions and setuid. | Lecture 16 |
| 10/31/13 | OS security. Buffer overflow attacks. | Lecture 17 |
| 11/05/13 | Networking basics. Link Layer. ARP poisoining. | Lecture 18 |
| 11/07/13 | TCP/IP. Vulnerabilities. SYN flooding and TCP session hijacking. | Lecture 19 |
| 11/12/13 | DNS spoofing and remote exploitation (invited lecture and demo by Josh Kamdjou). | Lecture 20 |
| 11/14/13 | Web security. XSS and SQL injection attacks. | Lecture 21 |
| 11/19/13 | Malware. Visuses, worms, rootkits, trojans. | Lecture 22 |
| 11/21/13 | Special topics: Merkle trees and secure storage. | Lecture 23 |
| 11/26/13 | Special topics: Proofs of retrievability. | Lecture 24 |
| 11/28/13 | Thanksgiving break. | No lecture |
| 12/03/13 | Mobile security (invited lecture by Chandu Ketkar from Cigital). | Lecture 25 |
| 12/05/13 | Special topics: Fully-homomorphic encryption. | Lecture 26 |
| 12/10/13 | Final review. | Lecture 27 |
| 12/12/13 | Final exam. | No lecture |
| Homework | Date posted | Due date | |
|---|---|---|---|
| Homework 1 | 09/17/13 | 09/24/13 | |
| Homework 2 | 10/08/13 | 10/25/13 | |
| Homework 3 | 11/01/13 | 11/15/13 | |
| Homework 4 | 11/22/13 | 12/06/13 |
Read here.