[CNS 2022] Cryptography and Network Security
Frequently Asked Questions | Course Info | Syllabus | Teaching Team | Readings by week | More Info
This is a portal page.
Please check NTU COOL for the latest and detailed information.
Frequently Asked Questions
Q: How can I enroll?
A: We will announce HW0 during the very first class and distribute the enrollment code based on the HW0 score by the second class. You will have 5 days to finish HW0.
Q: Can I audit?
A: Yes, if you’re an NTU student. No, otherwise. Due to limited TA resources, we won’t grade your homework.
Q: What are the prerequisites?
A: Having basic knowledge in discrete mathematics, programming, and networking is strongly recommended. You're also expected to comprehend research papers and conduct a research project.
Course Info
- Course number: CSIE 7190
- Location: R101
- Time: 14:20-17:20 (Tue.)
- Website: NTU COOL
Syllabus
Please log in to NTU COOL to access slides and videos.Wk. | Date | Topic | Reading | HW |
---|---|---|---|---|
1 | Feb 15 | Course Introduction [pdf] | HW0 due on 02/19 23:59 | |
2 | Feb 22 | Security and Crypto Overview [pdf] | #1 | |
3 | Mar 01 | Randomness Generation, Cryptographic Hash Functions | #2 | HW1 out |
4 | Mar 08 | Symmetric Cryptography | #3 | |
5 | Mar 15 | Asymmetric Cryptography | #4 | |
6 | Mar 22 | Key Management | #5 | |
7 | Mar 29 | Authentication | #6 | |
8 | Apr 05 | No Class (Spring Break) | HW1 due; HW2 out | |
9 | Apr 12 | Catch-up Lecture | #7 | |
10 | Apr 19 | Anonymity and Privacy | ||
11 | Apr 26 | Internet Insecurity | #8 | Proposal due |
12 | May 03 | [Pre-recorded] Transport Layer Security [Live] Q&A |
#9 | |
13 | May 10 | [Live] Exam | HW2 due; HW3 out | |
14 | May 17 | [Pre-recorded] DDoS Attack and Defense [Live] Project Discussion |
#10 | |
15 | May 24 | [Pre-recorded] Smart Contract / Verifiable Randomness [Live] Project Discussion |
#11 | |
16 | May 31 | [Live] Group Presentation | #12 | |
17 | Jun 07 | [Live] Group Presentation | HW3 due | |
18 | Jun 14 | No Class | Report due |
Teaching Team
- Email: cns [at] csie.ntu.edu.tw
TA | Office Hour | Location |
---|---|---|
許育銘 | Wed 15:00-16:00 | R307 |
賴侃軒 | Mon 10:00-12:00 | R307 |
蔡奇夆 | Tue 17:15-18:15 | 地下室中柱 |
林義閔 | Tue 11:00-12:00 | 地下室中柱 |
Readings by week (TBD)
- M. Surbatovich, J. Aljuraidan, L. Bauer, A. Das, and L. Jia. 2017. Some Recipes Can Do More Than Spoil Your Appetite: Analyzing the Security and Privacy Risks of IFTTT Recipes. In Proceedings of the 26th International Conference on World Wide Web (WWW'17).
- M. Green and M. Smith. Developers are Not the Enemy! The Need for Usable Security APIs. IEEE Secur. Priv., vol. 14, no. 5, pp. 40‒46, 2016.
- Collin Jackson and Adam Barth. 2008. Forcehttps: protecting high- security web sites from network attacks. In Proceedings of 17th international conference on World Wide Web (WWW'08).
- N. Heninger, Z. Durumeric, E. Wustrow, and J. A. Halderman. 2012. Mining your Ps and Qs: detection of widespread weak keys in network devices. In Proceedings of the 21st USENIX conference on Security symposium (Security'12).
- A. Young and M. Yung. 1996. Cryptovirology: Extortion-Based Security Threats and Countermeasures. In Proceedings of the 1996 IEEE Symposium on Security and Privacy (SP'96).
- J. Bonneau, J. Clark, and S. Goldfeder. 2015. On bitcoin as a public randomness source. Cryptology ePrint Archive.
- Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel. 2013. An empirical study of cryptographic misuse in android applications. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (CCS'13).
- A. Juels and R. Rivest. 2013. Honeywords: Making password-cracking detectable. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (CCS'13).
- Adrian Perrig, Ran Canetti, J. D. Tygar, Dawn Song. 2000. Efficient Authentication and Signing of Multicast Streams Over Lossy Channels. In IEEE Symposium on Security and Privacy (S&P'00).
- Alma Whitten and J. D. Tygar. 1999. Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0. In USENIX Security Symposium (SEC'99).
- Arvind Narayanan, Narendran Thiagarajan, Mugdha Lakhani, Michael Hamburg, and Dan Boneh. 2011. Location privacy via private proximity testing. In Network and Distributed System Security Symposium (NDSS'11).
- Laurent Eschenauer and Virgil D. Gligor. 2002. A key-management scheme for distributed sensor networks. In ACM SIGSAC conference on Computer & communications security (CCS'02).
- John Brainard, Ari Juels, Ronald L. Rivest, Michael Szydlo, and Moti Yung. 2006. Fourth-factor authentication: somebody you know. In ACM conference on Computer and communications security (CCS'06).
- Zeyu Lei, Yuhong Nan, Yanick Fratantonio, and Antonio Bianchi. 2021. On the insecurity of SMS one-time password messages against local attackers in modern mobile devices. In Network and Distributed System Security Symposium (NDSS'21).
- Yuncong Hu, Kian Hooshmand, Harika Kalidhindi, Seung Jin Yang, and Raluca Ada Popa (2021). Merkle2: A Low-Latency Transparency Log System. In IEEE Symposium on Security and Privacy (SP'21).
- R. Dingledine, N. Mathewson, and P. Syverson. 2004. Tor: The Second-Generation Onion Router. In USENIX Security.
- D. Fifield, C. Lan, R. Hynes, P. Wegmann, and V. Paxson. 2015. Blocking-resistant communication through domain fronting. In Privacy Enhancing Technologies.
- Ola Nordström and Constantinos Dovrolis. 2004. Beware of BGP attacks. SIGCOMM Comput. Commun. Rev. 34, 2 (April 2004), 1-8.
- Giuseppe Ateniese and Stefan Mangard. 2001. A new approach to DNS security (DNSSEC). In Proceedings of the 8th ACM conference on Computer and Communications Security (CCS '01).
- Mathy Vanhoef and Frank Piessens. 2017. Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS '17).
- David G. Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, and Scott Shenker. 2008. Accountable internet protocol (AIP). In Proceedings of the ACM SIGCOMM 2008 conference on Data communication (SIGCOMM '08).
- Sangtae Lee, Youngjoo Shin, and Junbeom Hur. 2020. Return of version downgrade attack in the era of TLS 1.3. Proceedings of the 16th International Conference on emerging Networking EXperiments and Technologies. Association for Computing Machinery, New York, NY, USA, 157‒168.
- Xin Zhang, Hsu-Chun Hsiao, Geoffrey Hasker, Haowen Chan, Adrian Perrig and David G. Andersen. 2011. SCION: Scalability, Control, and Isolation On Next-Generation Networks. In Proceedings of the IEEE Symposium on Security and Privacy (S&P).
- A. Juels and J. Brainard. 1999. Client puzzles: A cryptographic countermeasure against connection depletion attacks. In Network and Distributed System Security Symposium (NDSS).
- R. Rasti, M. Murthy, and V. Paxson. 2015. Temporal Lensing and its Application in Pulsing Denial of Service Attacks. In IEEE Symposium on Security and Privacy (IEEE S&P).
- M. Tran, M. S. Kang, H.-C. Hsiao, W.-H. Chiang, S.-P. Tung and Y.-S. Wang. 2019. On the Feasibility of Rerouting-based DDoS Defenses. In IEEE Symposium on Security and Privacy (IEEE S&P)