Course history

This page serves as an example syllabus for interested students. You can also check out past specific versions of this course (some are behind university login pages):

Course overview

This course will cover basic principles of cryptography and computer security. Specific topics will include cryptography, network security, operating system security, and web security. Course projects will focus both on writing secure code and exploiting insecure code.

Administrative links

Instructor: Joseph Bonneau (jcb@cs.nyu.edu)

Prerequisites

Computer security is a broad topic covering almost all areas of computer science. Experience with computer programming at a systems level (e.g. C, C++ programming) is recommended hence the formal prerequisite of CSCI-UA.0201 (Computer Systems Organization). Recommended prerequisite courses include CSCI-UA.0202 (Operating Systems), CSCI-UA.0480-009 (Computer Networks). Experience with web development will also be helpful.

The largest programming assignment will be implemented in Go. Experience programming Go specifically is not necessary if you have experience with a language like C, C++ or JavaScript.

Assignments

Four practical projects and four written problem sets will be assigned, along with a midterm and a final exam.

  • Collaboration: You may work with a partner on the Chatterbox programming projects (and submit one solution). All other work should be completed individually. You may discuss problem sets with classmates but your writeup should always be your own words.
  • Deadlines: All course assignments will be due on Thursday evenings at 21:59, unless otherwise specified. Late submission will result in a 25% penalty per day (or fraction thereof) that the work is turned in late.
  • Extensions: All students are granted three automatic, integral 24-hour extensions ("late days") which can be used on any assignment or problem set to submit late with no penalty (and without asking in advance). Beyond that, the penalty applies. Extra extensions will only be granted in extreme circumstances.
  • Grading: Projects and homework are worth 40% of your final grade. The midterm exam is worth 25% and the final exam 35%.
assignment
Project #1

In this project, students will implement an encrypted messaging application in Go, implementing a version of the Signal double-ratchet protocol. Implementations must handle out-of-order, dropped or corrupted messages at the network level and should take care to zeroize all key material to maintain forward secrecy./p>

assignment
Project #2

In this project, students will use a variety of tools to examine network security in practice, in particular exploring TLS and Certificates, DNS and DNSSEC, and port scanning using nmap.

assignment
Project #3

In this project, students will get hands-on web security experience by examining and exploiting an insecure example web server, taking advantage of cross-site scripting, XSRF and SQL injection.

assignment
Project #4

In this project, students will take on the role of a security consultant, reading the design docs for a fictional startup designing a secure communication app and offering suggestions on how to improve security.

Readings

The class will follow my textbook-in-progress, available via Google Docs. Each lecture will roughly follow one chapter. There are also many pointers to advanced reading on each topic. Note that this textbook is a rough draft, being prepared and updated as we go. There will be content errors and editorial errors. Please add comments and corrections! In particular, if something doesn't make sense, please ask a question in a comment inline.

Because this text is being designed specifically for this course, we will generally cover one chapter in every lecture. Every lecture will also be accompanied by outside readings that expand on what is discussed in class or present the same material in a different way. Neither the readings nor the lectures are a replacement for each other; fully understanding the material will require attendance as well as reading.

Syllabus

Lecture 1
Introduction & threat modeling

Part 1: Cryptographic tools
Lecture 2
Identification protocols, One-way functions, PRFs

Lecture 3
Hash functions, MACs and authenticated data structures

Lecture 4
Symmetric encryption: historical ciphers, one-time pads and stream ciphers

Lecture 5
Symmetric encryption: block ciphers, MACs and authenticated encryption

Lecture 6
Public key cryptography: Key distribution, Kerberos, Diffie-Hellman key exchange

Lecture 7
Public key cryptography: public-key encryption, the discrete log assumption

Lecture 8
Public key cryptography: digital signatures, RSA and factoring assumptions

Part 2: Cryptographic applications
Lecture 9
Secure messaging: PGP, OTR and Signal

Lecture 10
TLS and HTTPS

Lecture 11
PKI on the web, certificates, certificate transparency

Lecture 12
Blockchains and cryptocurrency

Part 3: Network security
Lecture 13
Network security overview

Lecture 14
Link-layer security: Ethernet, WiFi, Mobile

Lecture 15
IP and VPNs

Lecture 16
DNS and TCP

Lecture 17
Surveillance & Censorship

Lecture 18
Anonymity & Tor

Part 4: Systems security
Lecture 19
Access Control

Lecture 20
POSIX permissions

Lecture 21
Exploits and Isolation

Lecture 22
Control Flow Attacks

Part 5: Web security
Lecture 23
Web security: the same origin policy, isolation

Lecture 24
More web security: Cross-site scripting and XSRF

Lecture 25
Browser privacy

Lecture 26
Authentication, passwords and biometrics

Lecture 27
Ethical and legal aspects of security