[CNS 2020] Cryptography and Network Security
Course Info | Syllabus | Teaching Team | Readings by week | More Info
Course Info
- Course number: CSIE 7190
- Location: R101
- Time: 14:20-17:10 (Tue.)
- Website: NTU COOL
Syllabus
Please log in to NTU COOL to access slides and videos.
1 |
Mar 03 |
Course Introduction (Online) [pdf] [video] |
#1 |
|
2 |
Mar 10 |
Security and Crypto Overview |
#2 |
|
3 |
Mar 17 |
Cryptographic Hash Functions |
#3 |
HW1 out |
4 |
Mar 24 |
Symmetric Cryptography |
#4 |
|
5 |
Mar 31 |
Asymmetric Cryptography |
#5 |
|
6 |
Apr 07 |
Key Establishment & Public Key Infrastructure |
#6 |
|
7 |
Apr 14 |
Authentication |
#7 |
HW1 due (extended) |
8 |
Apr 21 |
Anonymity and Privacy |
#8 |
|
9 |
Apr 28 |
Insecurity of TCP/IP, BGP, DNS |
#9 |
|
10 |
May 05 |
Transport Layer Security |
|
|
11 |
May 12 |
Exam |
|
HW2 due; proposal due |
12 |
May 19 |
Distributed Denial of Service |
#10 |
|
13 |
May 26 |
Selected Topic: IoT security |
#11 |
|
14 |
Jun 02 |
Selected Topic: 4G security (Guest Lecture) |
#12 |
|
15 |
Jun 09 |
Selected Topic: Software security |
#13 |
|
16 |
Jun 16 |
Project Discussion |
|
|
17 |
Jun 23 |
Group Presentation (back to the classroom) |
|
|
18 |
Jun 30 |
Group presentation (back to the classroom) |
|
Report due on 7/7 |
Teaching Team
- Email: cns [at] csie.ntu.edu.tw
毛偉倫 |
Wed. 14:00-15:00 |
R307 |
董書博 |
Wed. 10:30-11:30 |
R307 |
蕭乙蓁 |
Fri. 13:30-14:30 |
R217 |
謝啟仁 |
Thu. 11:00-12:00 |
R217 |
Readings by week
- A. Juels and R. Rivest. “Honeywords: Making password-cracking detectable,” in ACM CCS, 2013.
- M. Green and M. Smith, “Developers are Not the Enemy! The Need for Usable Security APIs,” IEEE Secur. Priv., vol. 14, no. 5, pp. 40–46, 2016.
- J. Karlin et al., “Decoy Routing: Toward Unblockable Internet Communication,” Proc. USENIX Work. Free Open Commun. Internet, 2011.
- MD5 considered harmful today
- A. Perrig, R. Canetti, J. D. Tygar, and D. Song, “The TESLA broadcast authentication protocol,” in RSA CryptoBytes, 2005.
- H. Abelson et al. "Keys under doormats: mandating insecurity by requiring government access to all data and communications," Journal of Cybersecurity 1.1 (2015): 69-79.
- Egele, Manuel, et al. “An empirical study of cryptographic misuse in android applications.” Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM, 2013.
- M. Meli, M. R. McNiece, and B. Reaves. "How Bad Can It Git? Characterizing Secret Leakage in Public GitHub Repositories," in NDSS. 2019.
- J. Aas et al., “Let’s encrypt: An automated certificate authority to encrypt the entire web,” in ACM CCS, 2019.
- A. Narayanan et al., “Location privacy via private proximity testing,” in NDSS, 2011.
- L.-S. Huang et al. “Analyzing Forged SSL Certificates in the Wild,” in IEEE S&P, 2014.
- Laurent Eschenauer and Virgil D. Gligor. “A key-management scheme for distributed sensor networks,” in ACM CCS, 2002.
- A. Das, J. Bonneau, M. Caesar, N. Borisov, and X. Wang. “The Tangled Web of Password Reuse,” in NDSS, 2014.
- K. C. Wang and M. K. Reiter, “How to End Password Reuse on the Web,” in NDSS, 2019.
- R. Dingledine, N. Mathewson, and P. Syverson, “Tor: The Second-Generation Onion Router,” in USENIX Security, 2004.
- D. Fifield, C. Lan, R. Hynes, P. Wegmann, and V. Paxson, “Blocking-resistant communication through domain fronting,” in Privacy Enhancing Technologies, 2015.
- K. Butler, T. R. Farley, P. McDaniel, and J. Rexford, “A survey of BGP security issues and solutions,” in Proceedings of the IEEE, 2010.
- O. Nordström and C. Dovrolis, “Beware of BGP attacks,” ACM SIGCOMM Comput. Commun. Rev., vol. 34, no. 2, p. 1, 2004.
- An Illustrated Guide to the Kaminsky DNS Vulnerability
- Adrian, David, et al. “Imperfect forward secrecy: How Diffie-Hellman fails in practice.” Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 2015.
- A. Juels and J. Brainard, “Client puzzles: A cryptographic countermeasure against connection depletion attacks,” in NDSS, 1999.
- A. Yaar, A. Perrig, and D. Song, “SIFF: A Stateless Internet Flow Filter to Mitigate DDoS Flooding Attacks,” in IEEE S&P, 2004.
- M. Surbatovich, J. Aljuraidan, L. Bauer, A. Das, and L. Jia, “Some Recipes Can Do More Than Spoil Your Appetite: Analyzing the Security and Privacy Risks of IFTTT Recipes,” in WWW, 2017.
- Spectre and Meltdown
- Englehardt, Steven, and Arvind Narayanan. “Online tracking: A 1-million-site measurement and analysis.” Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2016.
- M. R. Clarkson, S. Chong and A. C. Myers, “Civitas: Toward a Secure Voting System,” 2008 IEEE Symposium on Security and Privacy (sp 2008), Oakland, CA, 2008.
More Info