Cyber and cyber-physical technologies have an ever-increasing role in our lives. As they are becoming more complex and ubiquitous, the need to ensure their safety, security and reliability is increasing as well. Security and privacy are disciplines dedicated to protecting cyber and cyber-physical systems, as well as their users from adversarial actions. This course is a foundational security and privacy course, providing an introduction to tools, concepts and ideas of modern security and privacy research.
We will begin by defining the fields of security and privacy and introducing the key concepts, such as adversaries, threat models and risk management. We will then focus on cryptography and communication security, and will cover topics related to classical cryptosystems, symmetric key cryptography, public key cryptography, hash functions, message authentication codes, digital signatures, key management and distribution, and web security.
The following is the planned class progression covering the 11 weeks of the quarter. The class will meet twice a week on Tuesdays and Thursdays from 2:30-3:50pm in EEB 003.
Week 1: Course overview. Introduction to security and privacy.
Week 2: Introduction and classical cryptosystems.
Week 3: Classical cryptosystems. Cryptanalysis of classical crypto systems.
Week 4: Cryptanalysis. Stream and block ciphers. Modern symmetric key crypto systems. Introduction to public key cryptography.
Week 5: Public key cryptography. RSA and ElGamal.
Week 6: Diffie-Hellman. Midterm.
Week 7: Hash functions.
Week 8: Iterated hash functions and message authentication codes (MACs).
Week 9: Digital signatures.
Week 10: Key management and distribution.
Week 11: Web security (SSL/TLS). Emerging technologies. Ethics and course wrap-up.
Finals week: Final exam.
About the Course:
The course will consist of homework, midtem, final exam, two projects and in-class activities.
There will be up to six homework assignments in this course.
Homework assignments will be a mix of written questions and computer-aided problems. While these computer-aided problems may be designed with a specific programming language/tool in mind, you are welcome to code them up using any software tool you prefer. You should, however, submit all your code and simulation models with your homework.
Midterm and final exam:
Both exams are planned to be open notes exams. You will be allowed to use books and lecture notes during the exam.
Projects are an important part of this course, as they are expected to give you a more practical, hands-on experience with some important security and privacy concepts. There will be two projects through the quarter, and you will have several weeks to work on those assignments. You are encouraged to work in groups of two persons, but if you prefer, you can work on those assignments individually.
Each project will be graded based upon deliverables, which will be defined in each individual assignment.
In-class activities are just that – activities done in class. Occasionally, worksheets will be handed out in class, and will be used to review class material and facilitate discussion. Please be sure to write your name and the date of each activity when you turn it in, since in-class activities will be graded on a scale 0-2, where:
- 0 means missed or irrelevant in-class activity,
- 1 means relevant answers submitted, and
- 2 means good and interesting answers submitted, and/or interesting discussion in
There could possibly be an in-class activity every week of the quarter, but we will take five best scores when determining your grade.
Your grade in this course will be based on homework, midterm, final exam, projects and in-class activities. The expected grade breakdown is:
- Homework – 35%
- Projects – 30%
- Final exam – 20%
- Midterm – 10%
- In-class activities – 5%
The course textbook is D. Stinson, Cryptography Theory and Practice, Third Edition, CRC Press, 2006.
Some additional resources you may want to consider:
- Kaufman, R. Perlman, and M. Speciner, Network Security: Private Communication in a Public World, Prentice Hall, 2002
- Stallings, Cryptography and Network Security, Principles and Practice, 5th Edition, Prentice Hall, 2006
- Schneier, Applied Cryptography, Protocols, Algorithms and Source Code in C, Wiley, 1996
- Menezes, P. Van Oorschot, S. Vanstone, Handbook of Applied Cryptography (available online)
- Daswani, C. Kern, and A. Kesavan, Foundations of Security, What Every Programmer Needs to Know, Apress, 2007
Collaboration: In this course, we want you to learn from each other. Therefore, you are allowed (and encouraged) to talk to your classmates and other students about all course assignments. You may also consult outside reference materials, or the instructor. However, all material that you decide to turn in should reflect your own understanding of the subject matter at the time of writing. If you work with someone else on any assignment, please include their names on the material that you turn in.
Assignment Turn-in: Please, do not use email for assignment submissions. Instead, please turn your homework and your simulation/programming assignments using the course dropbox.
Late Assignment Turn-in: All assignments are due by 3:50pm on an assigned date, but we understand that you may have to sometimes turn them in late. The grading penalty is 20% of the grade that you would otherwise receive for each day, or part of the day, that you are late. No submissions will be accepted after 5 days.
Checking grades: Grades will be posted to the course gradebook.
The syllabus page shows a table-oriented view of the course schedule, and the basics of course grading. You can add any other comments, notes, or thoughts you have about the course structure, course policies or anything else.
To add some comments, click the "Edit" link at the top.