Computer Security (CS:\(4640\):\(0001\)), Spring 2018

Computer Science Department, The University of Iowa

Class Time and Location

Class Location: \(118\mathrm{G}\) MLH (MacLean Hall)

Class Time: Tuesday and Thursday \(3:30\) PM - \(4:45\) PM

Instructor

Omar Haider Chowdhury

Office: \(201\mathrm{G}\) MLH (MacLean Hall)

Email: omar-chowdhury@uiowa.edu

Phone: \(319\)-\(335\)-\(0745\)

Office hours:

• Tuesday (\(10:00\) am - \(11:30\) am),
• Thursday (\(2:30\) pm - \(3:30\) pm), or by email appointment

Teaching Assistant

Ryan Brummet

Email: ryan-brummet@uiowa.edu

Office hours: B1C MLH (MacLean Hall)

• Wednesday (\(3:00\) pm - \(4:30\) pm),
• Friday (\(11:00\) am - \(12:30\) pm), or by email appointment

Topics:

The topics that will be covered in this class include:

• Cryptography (symmetric/asymmetric cryptography, cryptographic hash, digital signatures);

• User and Machine-to-Machine Authentication (textual and graphical passwords, crypto-graphic authentication);

• Access control models (DAC, MAC, RBAC, ABAC);

• OS Security (CPU modes, System call, Filesystem permissions);

• Software Vulnerabilities (Buffer overflow, Format string attack, Integer overflow);

• Automatic software vulnerability detection (static analysis, symbolic execution, concolic execution, fuzzing-based testing)

• Web and Network Security (SQL injection, Cross-site scripting, DNS security)

• Advanced topics (Mobile security, taint analysis/tracking, cryptocurrency, recent attacks)

Grading policy

The following will contribute to the final grade of this class.

• Homework assignments, including written and programming assignments, will contribute to the \(\mathbf{40\%}\) of the course grade.

• Midterm examination 1 will contribute to the \(\mathbf{15\%}\) of the course grade.

• Midterm examination 2 will contribute to the \(\mathbf{15\%}\) of the course grade.

• Term project will contribute to the \(\mathbf{30\%}\) of the course grade.

• There is no final exam for this course

Class Schedule

Date	Topics	Notes
Jan 16, 2018	Introduction, administrative announcements, motivation
Jan 18, 2018	Introduction to Cryptography	Historical Ciphers,
Jan 23, 2018	Introduction to Cryptography (contd.); Security of Cryptosystem	Random OTP, IND-CPA, Perfect Secrecy; Homework 1 out
Jan 25, 2018	Security of Cryptosystem; Stream and Block Ciphers; Cipher Modes	RC4, DES, 3DES, AES, AES+ECB, AES+CBC, AES+CTR
Jan 30, 2018	Security Proof of Random OTP satisfies Perfect Secrecy; Computational Security; IND-CPA; Cryptographic Hash Functions	Probabilistic Encryption, IND-CPA, Cryptographic Hash Functions and its properties
Feb 1st, 2018	Cryptographic Hash Functions; Merkle Hash Tree; Merkle–Damgård construction; MAC	Cryptographic Hash Functions and its properties; Message Authentication Code; Homework 1 due