Instructor: 紀博文 Po-Wen Chi
Email: neokent@gapps.ntnu.edu.tw
Office: 514
Phone: 02-7749-6684
Time: Mon 9:10 - 12:10
Location: B102
TA: 侯佑霖
Email: laurenhou0512@gmail.com
Goals:
Make students be familiar with basic security technologies and how they are applied in the real world.
Provide backgrounds for further studying in cryptography and network security.
Scope:
Cryptographic primitives.
Network and system security in the real world.
William Stallings, Cryptography and Network Security: Principles and Practice (7th Edition).
The most popular information security textbook in Taiwan.
Dan Boneh and Victor Shoup, A Graduate Course in Applied Cryptography.
This is a good book for entering the crypto world.
Free, unfortunately not completed yet.
Victor Shoup, A Computational Introduction to Number Theory and Algebra.
Free. If you need math backgrounds about cryptography, this is a good book.
N. P. Smart, Cryptography, An Introduction
Free, unfortunately not maintained.
N. P. Smart, Cryptography Made Simple.
A good book but expensive.
But I find a pdf from its publisher.
W. Du, Computer & Internet Security: A Hands-on Approach, Second Edition
A good book for you to experience security in the real world.
Michael J. Evans and Jeffrey S. Rosenthal, Probability and Statistics - The Science of Uncertainty, 2nd edition.
Homework: 40%
Writing assignment.
Labs.
Programming.
Midterm: 30%
Final Projects: 30%
Due: 2024.09.29 PM11:59
Due: 2024.10.20, PM 11:59
Due: 2024.11.17 PM11:59
Due: 2024.12.08 PM11:59
Date: AM 9:10-12:10
midterm
review
Schedule: TBD
Group project. (2-3 members)
You need to prepare a proposal after the midterm.
Proposal Due:
This proposal must includes your team members, your emails, your topic, your motivation and your reference works.
I will give you my comments about your proposal so that you can prepare your final project well.
Reference Suggestions:
Crypto, EuroCrypt, AsiaCrypt
PKC: International Conference on Practice and Theory of Public Key Cryptography
FC: Financial Cryptography
TCC: Theory of Cryptography Conference
ACNS: International Conference on Applied Cryptography and Network Security
ISC: The Information Security Conference
USENIX Security Symposium
CCS: ACM Conference on Computer and Communications Security
AsiaCCS: ACM ASIA Conference on Computer and Communications Security
S&P: IEEE Symposium on Security and Privacy
NDSS: ISOC Network and Distributed System Security Symposium
ACSAC: Annual Computer Security Applications Conference.
Of course, there are lots of conferences. After you make your decision, please give me a proposal.
Final Presentation:
The schedule is Here.
Each presentation is 30 minutes, including QA.
Everyone should ask at least one question to the following two talks.
You need to submit a report to the moodle.
In Chinese.
Use your own words to introduce the paper.
The most important part, your research idea about this topic.
Due: TBD
The Heartbleed bug (CVE-2014-0160) is a severe implementation flaw in the OpenSSL library, which enables attackers to steal data from the memory of the victim server. There is a lab about this vulnerability on Seed Labs as the following link.
https://web.ecs.syr.edu/~wedu/seed/Labs_12.04/Networking/Heartbleed/
Unfortunately, this lab is for Ubuntu 12.04 because of OpenSSL version. It is a pity that we cannot enjoy this lab on the latest Seed Lab VM. Is it possible to encapsulate Ubuntu 12.04 as a docker image and to do this lab on Seed Lab Ubuntu 20.04? Please show how to do this. If this is not possible, please give an convincing explanation with some experiments as the proof.
Due: 2024.12.27 PM 11:59
Bonus: +5