This course will cover the most important features of computer security, including topics such as
cryptography, operating systems security, network security, and language-based security. After
completing this course, students will be able to analyze, design, and build secure systems of
List of course topics (tentative):
Introduction to computer security. Basic concepts, threat models, common security goals.
Cryptography and cryptographic protocols, including encryption, authentication, message
authentication codes, hash functions, one-way functions, public-key cryptography, secure
channels, zero knowledge in practice, cryptographic protocols and their integration into
distributed systems, and other applications.
Operating system security: memory protection, access control, authorization,
authenticating users, enforcement of security, security evaluation, trusted devices, digital
Network security. Firewalls, intrusion detection systems, viruses and worms, web
security. Case studies: DNS, IPSec.
Software security. Secure software engineering, defensive programming, buffer overruns
and other implementation flaws. Language-based security: analysis of code for security
errors, safe languages, and sandboxing techniques.
Advanced topics and case studies, to be chosen according to instructor and student
interest. (Possible examples: privacy, mobile code, digital rights management and copy
protection, trusted devices, denial of service and availability, network based attacks,
security and the law, electronic voting, quantum cryptography, penetration analysis,
ethics, full disclosure.)
Assignments, Projects, and Exams
All homeworks are due on Friday at 11am in drop box #2 (in the slot labeled CS161/Fall 2005)
in 283 Soda. The deadlines will be enforced strictly. Late homework will be accepted only in