CS558: Network Security and Applied Cryptography
Boston University, Computer Science, Fall 2015

Course Syllabus
    Assignments     Link to websubmit     Link to piazza    

Instructors: Dr. Foteini Baldimtsi and Prof. Sharon Goldberg
Office Hours: Tuesdays 2:30PM-5:30PM, MCS135
Lectures: Tuesday & Thursday 11AM-12:30PM, Location: CAS 203 

Course Assistants: Yilei Chen (chenyl@bu.edu) and Kyle Hogan (klhogan@bu.edu)

Course Assistant Office Hours: Fridays 2:00PM-4:00PM, Location: CS undergraduate lab

Discussions Hours: Fridays 11:00AM-12:00PM and 12:00PM-1:00PM, Location MCS B23

Communications: We will use piazza to communicate with you. You are welcome to use Piazza to set up study groups, to post interesting security incidents you read about (please tag these as "interesting incident in the news"), or to discuss the course with other students. If you have a question about the course you should: (a) Come to office hours, OR (b) Post to Piazza. You are welcome to post to Piazza anonymously, but please don't use private posts to ask technical questions. The rest of the class is probably also interested in your question, so make it public!

If you need to talk to the course staff in private, you can send us a private message on Piazza to let us know that you want to have a private conversation during office hours. Then show up at office hours to discuss your issue. You should not expect a response; instead assume we have read your message and you should then just show up at office hours. If you want to talk to one of us in person but absolutely can't make office hours, please send the relevant person an email with at least three different options for when you are available to meet.

Course Summary: This course provides an introduction to the basic principles and techniques of building secure information systems. The focus of the course is applied cryptography and network security. This course will train you how to "think like an adversary"---thinking about how adversary might attack a system by subverting and exploiting assumptions made during system design---and will discuss threat modeling and formal cryptographic approaches to defining and proving security or privacy. Topics in applied cryptography include encryption, authentication, symmetric key and public key cryptography, cryptographic hash functions, public key infrastructures, and may also cover more advanced topics including secure computation, cryptocurrencies and electronic payment systems. Topics in network security include web security and protocol security (including DNS, BGP, IP, TCP, and TLS).

No background in networking or cryptography will be assumed. The prerequisites are CS210 (or permission of the instructor) and CS237 or equivalent course in basic probability.

Ethics: To defend a system you need to be able to think like an attacker, and that includes understanding techniques that can be used to compromise security. However, using those techniques in the real world may violate the law or the university's rules, and it may be unethical. Under some circumstances, even probing for weaknesses may result in severe penalties, up to and including expulsion, civil fines, and jail time. Our policy is that you must respect the privacy and property rights of others at all times, or else you will fail the course.

Acting lawfully and ethically is your responsibility. Carefully read the Computer Fraud and Abuse Act (CFAA), a federal statute that broadly criminalizes computer intrusion. This is one of several laws that govern ``hacking." Understand what this law prohibits.

Read BU's Conditions of Use and Policy on Computing Ethics and the BU's Academic Conduct Code. As members of the university, you are required to abide by these policies.

Class Notes:  Scribe notes will be posted here after every class. Please use this link to sign up for scribing by Sept. 12th

 Lecture      Scribe Notes   Suggested Readings
09/03 Lec 1: Class overview & logistics  Slides  CFAA law
09/08 Lec 2: Symmetric Enc, Security Def.  Notes1, Notes2  An article on OTP that has a wrong argument
 09/10 Lec 3: Stream ciphers, PRG, PRF  Notes1, Notes2  Misuse of RC4 in Microsft Excel, RC4 attack on SSL/TLS
 09/15 Lec 4: Block ciphers  Notes1, Notes2  Modes of operation
 09/17 Lec 5: Block ciphers, MACs  Notes1, Notes2  SSL Beast attack (reusing IV in CBC mode)
 09/22 Lec 6: MACs, Authentication  Notes1, Notes2  CBC-MAC
 09/24 Lec 7: Secure Channels, Hashing  Notes1, Notes2  
 09/29 Lec 8: HMAC, Password Storing          Notes1, Notes2  HMAC extension attack, Password Storing, Rainbow Tables
 10/01 Lec 9: Public Key Enc, KEM  Notes1, Notes2  
 10/06 Lec 10: Key Exchange, Signatures  Notes1, Notes2  Kerberos
 10/08 Lec 11: PKIs, TLS/SSL  Notes1, Notes2  SSL, check your browser's certificates, SLIDES
 10/15 Lec 12: E-cash  Notes1, Notes2  SLIDES
 10/20 Lec 13: pre-midterm review    
 10/22 MIDTERM    
 10/27 Lec 14: E-cash and Bitcoin  Notes  
 10/29 Lec 15: Bitcoin  Notes1, Notes2  A Coursera class on Bitcoin, Blockchain.info
 11/03 Lec 16: More on Cryptocurrencies  Notes1, Notes2  A full set of Slides on Bitcoin
 11/05 Lec 17: DNSSEC, NSEC, NSEC3  Notes1, Notes2, Notes3  Discussion: Lab 2
 11/10 Lec 18: Web security: SQL Injection  Notes1 Notes2  Friedl's SQL Injection TechtipPrimer on SQL, Slides from CS155 at Stanford, SLIDES from class
Optional: SQL Injection Prevention Cheat Sheet
 11/12 Lec 19: Web security: Background, HTTP, HTML, JS, Cookies, etc
 Notes1 Notes2 Notes3 Notes4  Slides on Web Security Model from CS155 at Stanford
 11/17 Lec 20: Web security: XSS    Slides on XSS and CSRF from CS161 at Berkeley,  Same Origin Policy
Optional: Postcards from the post XSS world
CSRF Prevention Cheat Sheet,
XSS Prevention Cheat Sheet,
list of sites that have been xxsed
 11/19 Lec 21: Web security: CSRF  Notes1 Notes2  
 11/24 Lec 22: Network Security: Background  Notes1 SLIDES, traceroute
 12/01 Lec 23: Network security: Background, Attacks on TCP, TLS packet format, traffic analysis  Notes1 Notes2 Notes3 Notes4.1

 12/03 Lec 24: Network security:  
DoS & Censorship
 Notes1   Great Cannon of China, Great firewall of China, Classic (1997!) slides about the smurf attackDistributed Reflection Denial of Service (DrDoS)
 12/08 Lec 25: Network security: BGP & DNS Security  Notes1 Notes2 Notes3 Notes4
 Kaminsky attack on DNS
Magazine article I wrote about BGP Security
Paper I wrote about using BGP and DNS to circumvent privacy protections for Americans, see also slides
, 12/10 Lec 26: Cryptowars  Notes1  SLIDES, presentation about iOS encryption     
 12/11 Final Poster Session