Differences

This shows you the differences between two versions of the page.

Link to this comparison view

cs-465:lectures-2015 [2016/11/21 16:45] (current)
seamons created
Line 1: Line 1:
 +'''​Course Introduction'''​
 +* Course Introduction [[media:​cs-465:​course_introduction.pdf | pdf]] 
  
 +'''​Applied Cryptography'''​
 +* Cryptography Introduction [[media:​cs-465:​Cryptography_Introduction.pdf| pdf]] [[media:​cs-465:​Cryptography_Introduction.pptx| pptx]]
 +** http://​en.wikipedia.org/​wiki/​Symmetric-key_algorithm
 +** [http://​en.wikipedia.org/​wiki/​Block_cipher Block Cipher]
 +
 +* AES [[media:​cs-465:​AES.pdf|pdf]] [[media:​cs-465:​AES.pptx|pptx]]
 +** [http://​students.cs.byu.edu/​~cs465ta/​labs/​fips-197.pdf FIPS 197]
 +** http://​en.wikipedia.org/​wiki/​Advanced_Encryption_Standard
 +** Watch an [http://​students.cs.byu.edu/​~cs465ta/​lectures/​rijndael_ingles2004.swf AES flash demo] in your web browser
 +** Stick Figure [http://​www.moserware.com/​2009/​09/​stick-figure-guide-to-advanced.html Guide] to AES [http://​www.moserware.com/​assets/​stick-figure-guide-to-advanced/​A%20Stick%20Figure%20Guide%20to%20the%20Advanced%20Encryption%20Standard%20%28AES%29.pdf pdf version] [http://​www.moserware.com/​assets/​stick-figure-guide-to-advanced/​A%20Stick%20Figure%20Guide%20to%20the%20Advanced%20Encryption%20Standard%20%28AES%29.pptx pptx version]
 +** AES ff_mult [http://​docs.google.com/​presentation/​d/​13vkvFGAOcujmaiWLPLdw0gdQE-5psRy2x2pbb98kXHk examples]
 +
 +* Block Cipher Modes and Padding [[media:​cs-465:​BlockCipherModes.pdf|pdf]] ​ [[media:​cs-465:​BlockCipherModes.pptx|pptx]]
 +** [https://​en.wikipedia.org/​wiki/​Block_cipher_mode_of_operation block modes]
 +** [http://​www.di-mgt.com.au/​cryptopad.html Padding]
 +
 +* Feistel Model [[Media:​cs-465:​FeistelModel.pdf|pdf]] [[Media:​cs-465:​FeistelModel.pptx|pptx]]
 +** [http://​en.wikipedia.org/​wiki/​Feistel_cipher Feistel Cipher]
 +** Use an inductive proof to show that the model works
 +
 +* Cryptographic Hash Function [[media:​cs-465:​Hash.pdf| pdf]] [[media:​cs-465:​Hash.pptx| pptx]]
 +** [http://​en.wikipedia.org/​wiki/​Cryptographic_hash_function Cryptographic Hash Function]
 +** [http://​en.wikipedia.org/​wiki/​Hash_function Hash Function]
 +** [http://​en.wikipedia.org/​wiki/​Birthday_attack Birthday Attack]
 +** [http://​en.wikipedia.org/​wiki/​NIST_hash_function_competition SHA-3]
 +** [http://​csrc.nist.gov/​groups/​ST/​hash/​index.html NIST Hash Project]
 +
 +* MAC [[media:​cs-465:​MAC.pdf|pdf]] [[media:​cs-465:​MAC.pptx|pptx]]
 +** [http://​en.wikipedia.org/​wiki/​HMAC HMAC]
 +** [http://​en.wikipedia.org/​wiki/​Length_extension_attack Length Extension Attack]
 +** [https://​blog.whitehatsec.com/​hash-length-extension-attacks/​ Hash Length Extension Attacks]
 +** [http://​netifera.com/​research/​flickr_api_signature_forgery.pdf Flickr Extension Attack]
 +
 +* DH [[media:​cs-465:​DH.pdf|pdf]] [[media:​cs-465:​DH.pptx|pptx]]
 +** [http://​en.wikipedia.org/​wiki/​Diffie-Hellman_key_exchange Diffie-Hellman Key Exchange]
 +** [http://​mathworld.wolfram.com/​Diffie-HellmanProtocol.html Diffie-Hellman Protocol]
 +** How does Eve conduct a Man-in-the-Middle attack?
 +
 +* RSA [[Media:​cs-465:​RSA.pdf|pdf]] [[Media:​cs-465:​RSA.pptx|pptx]]
 +** [http://​en.wikipedia.org/​wiki/​RSA_(algorithm) RSA]
 +
 +* Digital Signatures ​ [[Media:​cs-465:​DigitalSignatures.pdf|pdf]] [[Media:​cs-465:​DigitalSignatures.pptx|pptx]]  ​
 +** [http://​www.thoughtcrime.org/​blog/​the-cryptographic-doom-principle/​ cryptographic doom] 
 +** [http://​world.std.com/​~dtd/​sign_encrypt/​sign_encrypt7.html sign-and-encrypt]  ​
 +** [http://​crypto.stackexchange.com/​questions/​5458/​should-we-sign-then-encrypt-or-encrypt-then-sign ​  order of sign versus encrypt]  ​
 +** [http://​crypto.stackexchange.com/​questions/​202/​should-we-mac-then-encrypt-or-encrypt-then-mac order of mac versus encrypt]
 +
 +* Certificates ​ [[Media:​cs-465:​Certificates.pdf|pdf]] [[Media:​cs-465:​Certificates.pptx|pptx]]
 +** [http://​en.wikipedia.org/​wiki/​Public-key_infrastructure PKI]
 +** [http://​en.wikipedia.org/​wiki/​Trusted_third_party Trusted Third Party]
 +*** [http://​en.wikipedia.org/​wiki/​DigiNotar DigiNotar attack]
 +*** [http://​support.microsoft.com/​kb/​293817 Verisign Attack 2001]
 +
 +'''​Authentication'''​
 +
 +* Transport Layer Security (TLS) [[Media:​cs-465:​TLS.pdf|pdf]] [[Media:​cs-465:​TLS.pptx|pptx]]
 +** [http://​en.wikipedia.org/​wiki/​Transport_Layer_Security TLS] (see handshake description)
 +** [https://​docs.google.com/​document/​d/​1C85G1FQjeE693p9ShNSFOdyW7yg1udRxkj9okmOamjc/​edit?​usp=sharing EXAMPLE] TLS cipher name example
 +
 +* Passwords ​ [[Media:​cs-465:​Passwords.pdf|pdf]] [[Media:​cs-465:​Passwords.pptx|pptx]] ​
 +** [http://​bit.ly/​1HAMls7 Beyond passwords - Multifactor auth, pasword vaults, single signon]
 +** [http://​arstechnica.com/​security/​2013/​10/​how-the-bible-and-youtube-are-fueling-the-next-frontier-of-password-cracking/​ How the Bible and Youtube are Fueling the Next Frontier of Password Cracking]
 +** [http://​www.nytimes.com/​2012/​11/​08/​technology/​personaltech/​how-to-devise-passwords-that-drive-hackers-away.html How to Devise Passwords that Drive Hackers Away]
 +** [http://​en.wikipedia.org/​wiki/​PBKDF2 PBKDF2]
 +
 +* Strong Password Protocols ​ [[Media:​cs-465:​strongpasswordprotocols.pdf|pdf]] [[Media:​cs-465:​strongpasswordprotocols.pptx|pptx]] ​
 +
 +
 +'''​Software Security'''​
 +
 +* Buffer Overflow Attacks [[Media:​cs-465:​Buffer_Overflow.pdf|pdf]] ​ [[Media:​cs-465:​Buffer_Overflow.pptx|pptx]]
 +** [http://​www.cs.wright.edu/​people/​faculty/​tkprasad/​courses/​cs781/​alephOne.html Smashing the Stack for Fun and Profit]
 +** [http://​en.wikipedia.org/​wiki/​Buffer_overflow_protection Buffer Overflow Protection]
 +** [http://​www.phrack.com/​issues.html?​issue=56&​id=5 Bypassing StackGuard] - Phrack article explaining weakness that led to XOR canary
 +** [https://​docs.google.com/​presentation/​d/​1FnqqExqirZTQYsI3kN_74OfyiQKBoIsNShXk2ApcNrI/​edit?​usp=sharing Stack Frame Layout]
 +
 +* Secure Email [[Media:​cs-465:​Secure_Email.pdf|pdf]] [[Media:​cs-465:​Secure_Email.pptx|pptx]]
 +
 +* Social Engineering ​ [[Media:​cs-465:​Social_Engineering.pdf|pdf]] [[Media:​cs-465:​Social_Engineering.pptx|pptx]]
 +
 +* Software Security 1 [[Media:​cs-465:​Software_Security_Part_A.pdf|pdf]] [[Media:​cs-465:​Software_Security_Part_A.pptx|pptx]] [http://​www.clift.org/​fred/​sqli.zip sqli examples from class]
 +
 +* Software Security 2 [[Media:​cs-465:​Software_Security_Part_B.pdf|pdf]] [[Media:​cs-465:​Software_Security_Part_B.pptx|pptx]] [https://​docs.google.com/​presentation/​d/​1eqFB1IklngE5x2iEVxkU2q9cV-eFH7JJPF7TK9AE0BM/​edit?​usp=sharing Multi-Factor Authenticaiton,​ password vaults]
cs-465/lectures-2015.txt ยท Last modified: 2016/11/21 16:45 by seamons
Back to top
CC Attribution-Share Alike 4.0 International
chimeric.de = chi`s home Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0