[CNS 2020] Cryptography and Network Security

Course Info | Syllabus | Teaching Team | Readings by week | More Info

Course Info


Please log in to NTU COOL to access slides and videos.
Wk. Date Topic Reading HW
1 Mar 03 Course Introduction (Online) [pdf] [video] #1
2 Mar 10 Security and Crypto Overview #2
3 Mar 17 Cryptographic Hash Functions #3 HW1 out
4 Mar 24 Symmetric Cryptography #4
5 Mar 31 Asymmetric Cryptography #5
6 Apr 07 Key Establishment & Public Key Infrastructure #6
7 Apr 14 Authentication #7 HW1 due (extended)
8 Apr 21 Anonymity and Privacy #8
9 Apr 28 Insecurity of TCP/IP, BGP, DNS #9
10 May 05 Transport Layer Security
11 May 12 Exam HW2 due; proposal due
12 May 19 Distributed Denial of Service #10
13 May 26 Selected Topic: IoT security #11
14 Jun 02 Selected Topic: 4G security (Guest Lecture) #12
15 Jun 09 Selected Topic: Software security #13
16 Jun 16 Project Discussion
17 Jun 23 Group Presentation (back to the classroom)
18 Jun 30 Group presentation (back to the classroom) Report due on 7/7

Teaching Team

TA Office Hour Location
毛偉倫 Wed. 14:00-15:00 R307
董書博 Wed. 10:30-11:30 R307
蕭乙蓁 Fri. 13:30-14:30 R217
謝啟仁 Thu. 11:00-12:00 R217

Readings by week

    • A. Juels and R. Rivest. “Honeywords: Making password-cracking detectable,” in ACM CCS, 2013.
    • M. Green and M. Smith, “Developers are Not the Enemy! The Need for Usable Security APIs,” IEEE Secur. Priv., vol. 14, no. 5, pp. 40–46, 2016.
    • J. Karlin et al., “Decoy Routing: Toward Unblockable Internet Communication,” Proc. USENIX Work. Free Open Commun. Internet, 2011.
    • MD5 considered harmful today
    • A. Perrig, R. Canetti, J. D. Tygar, and D. Song, “The TESLA broadcast authentication protocol,” in RSA CryptoBytes, 2005.
    • H. Abelson et al. "Keys under doormats: mandating insecurity by requiring government access to all data and communications," Journal of Cybersecurity 1.1 (2015): 69-79.
    • Egele, Manuel, et al. “An empirical study of cryptographic misuse in android applications.” Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM, 2013.
    • M. Meli, M. R. McNiece, and B. Reaves. "How Bad Can It Git? Characterizing Secret Leakage in Public GitHub Repositories," in NDSS. 2019.
    • J. Aas et al., “Let’s encrypt: An automated certificate authority to encrypt the entire web,” in ACM CCS, 2019.
    • A. Narayanan et al., “Location privacy via private proximity testing,” in NDSS, 2011.
    • L.-S. Huang et al. “Analyzing Forged SSL Certificates in the Wild,” in IEEE S&P, 2014.
    • Laurent Eschenauer and Virgil D. Gligor. “A key-management scheme for distributed sensor networks,” in ACM CCS, 2002.
    • A. Das, J. Bonneau, M. Caesar, N. Borisov, and X. Wang. “The Tangled Web of Password Reuse,” in NDSS, 2014.
    • K. C. Wang and M. K. Reiter, “How to End Password Reuse on the Web,” in NDSS, 2019.
    • R. Dingledine, N. Mathewson, and P. Syverson, “Tor: The Second-Generation Onion Router,” in USENIX Security, 2004.
    • D. Fifield, C. Lan, R. Hynes, P. Wegmann, and V. Paxson, “Blocking-resistant communication through domain fronting,” in Privacy Enhancing Technologies, 2015.
    • K. Butler, T. R. Farley, P. McDaniel, and J. Rexford, “A survey of BGP security issues and solutions,” in Proceedings of the IEEE, 2010.
    • O. Nordström and C. Dovrolis, “Beware of BGP attacks,” ACM SIGCOMM Comput. Commun. Rev., vol. 34, no. 2, p. 1, 2004.
    • An Illustrated Guide to the Kaminsky DNS Vulnerability
    • Adrian, David, et al. “Imperfect forward secrecy: How Diffie-Hellman fails in practice.” Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 2015.
    • A. Juels and J. Brainard, “Client puzzles: A cryptographic countermeasure against connection depletion attacks,” in NDSS, 1999.
    • A. Yaar, A. Perrig, and D. Song, “SIFF: A Stateless Internet Flow Filter to Mitigate DDoS Flooding Attacks,” in IEEE S&P, 2004.
    • M. Surbatovich, J. Aljuraidan, L. Bauer, A. Das, and L. Jia, “Some Recipes Can Do More Than Spoil Your Appetite: Analyzing the Security and Privacy Risks of IFTTT Recipes,” in WWW, 2017.
    • Spectre and Meltdown
    • Englehardt, Steven, and Arvind Narayanan. “Online tracking: A 1-million-site measurement and analysis.” Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2016.
    • M. R. Clarkson, S. Chong and A. C. Myers, “Civitas: Toward a Secure Voting System,” 2008 IEEE Symposium on Security and Privacy (sp 2008), Oakland, CA, 2008.

More Info