Advanced Computer Security

Course Description

This course is intended to provide a graduate level introduction to broad set of topics in the areas of cryptography and computer security. The course assumes a basic understanding of complexity theory, number theory, probability and information theory as a common foundation upon which to build. 

The course will be concerned with cryptography (descriptions of various ciphers), cryptographic protocols, cryptanalysis, and computer security from the point of view of both the intruder and the system administrator.

This quarter we will take a partilcular look at the dark side of cyber security, including attacks in cyber-physical systems exemplified by the so-called Internet-of-things.

Students will each present several research papers and the lead the dicussion of those papers.

Recommended Reading

  • Bruce Schneier, Applied Cryptography, Second edition, John Wiley & Sons: New York, 1996.
  • Ross Anderson, Security Engineering, Second edition, Wiley: New Yoirk, 2008.

Bruce Schneier's book provides a good basis from where we can discuss the  research literature. It is hard to believe that this book is 20 years old, but it is encyclopedic in scope, and provides an excellent reference for many of the topics that we will be discussing over the course of the quarter.

Ross Anderson's book is more modern and takes a much more engineering-oriented approach. He has generously made it available electronically.

You should read the blog Krebs on Security with regularlity.

You may be also interesting in browsing the Rainbow Series of books.

Deviant Ollam teaching you to pick locks is time well spent.

Required Reading

You should read these historical NSA monographs. When you are finished, your first assignment is to work through the accompanying children's activity book. It's good for you, and harder than you think it is.

To get you in the right frame of mind, we will learn to pick locks. We will be doing this during the first week.

There will be approximately 28 papers covered during the course of the quarter. This list will be filled out over the next few days. See the page dedicated to the readings for details.

Course Requirements

The course will consist of reading, presentation and discussion of research papers in various areas of cryptography and computer security. Some of these papers, such as Shannon's original 1949 publication on communications secrecy are classics and foundational, but most papers will be from the recent research literature. The topics are eclectic, but designed to give the student an good understanding of the pervasiveness of computer securty issues in modern life.

Each student will be expected to lead the discussion several research papers. The goal is to help hone your presentation skills, one of the most critical skills that you will develop during graduate school. The most common method is for the student to prepare a Power Point presenation on the content of the paper, much as one might see at a research conference. Alternatively, an "old school" approach of taking chalk in hand is also acceptable.

All students are expected to carefully read each paper and engage in its discussion. Passive listening to the presentation is not considered sufficient engagement in the seminar.

Course Project

Each student is required to write a term paper can be original research (preferred), an in depth survey of an area of cryptography and computer security, or for the more practical minded an approved implementation project. Topic proposals are required at the beginning of the second week of the course. 

You will write a report describing your project. This report will be peer-reviewed during the eighth week of the quarter, with the reviews returned to you at the beginning of the ninth week so you have a week to make any final changes. You will prepare a poster for presenting your project at a poster session at the end of the quarter. This presentation constitutes you final examination. Presentations will be judged by Profs. Long and Miller, and the public will be invited (just like a poster session at a conference).

A long time ago, my friends at Hewlett-Packard Laboratories put together this guide for project proposals. It is a simple one page document, and your should follow it when submitting your term paper of project proposal. 

Grading

The project report constitutes 40% of your grade, your final poster presentation is 30% of your grade, and class participation (presenting papers, engaging in discussions) is also 30%.

  • Project: 40%
  • Presentations: 30%
  • Oral Final: 30%

Instructors and Assistants