CIS 5374 : Information Security and Privacy
Spring 2012

Instructor:
  Bogdan Carbunar
  Office: ECS 310
  E-mail: carbunar at cs dot fiu dot edu

Lectures:
  Thu., 19.50-22.30, Room GL 139

Office Hours:
  Bogdan: Thu. 6:30-7:30 pm, Room ECS 310

Web page: http://www.cs.fiu.edu/~carbunar/teaching/cis5374/cis5374.html

Announcements

[Posted on Thu. April 26 2012]: The solution for homework 3 is here.
[Posted on Thu. April 18 2012]: Final project presentations are on Thu., April 19, 2012. The project report and project source code deadline is extended until Sun. April 22, at 11:59pm. The final exam is on Sat. April 28, 2012.
[Posted on Thu. April 12 2012]: The solution for homework 2 is here.
[Posted on Wed. April 3 2012]: Homework 3 is here. The homework is due on Thu. April 12 2012 before class. The submission rules are exactly as in the announcement below.
[Posted on Tue. Mar. 27 2012]: Homework 2 is here. The homework is due on Thu. April 5 2012 before class. Students attending need to print their solution, clip it and deposit it on my desk at the beginning of class. Remote students need to send the homework to my e-mail address (see above) before class (at 7:49pm). The file of the homework needs to be in pdf (Adobe) format.
[Posted on Wed. Mar. 21 2012]: The solution for the midterm is here.
[Posted on Thu. Feb. 23 2012]: The solution for homework 1 is here.
[Posted on Wed. Feb. 7 2012]: Homework 1 is here. The homework is due on Thu. Feb 23 2012 before class. Students attending need to print their solution, clip it and deposit it on my desk at the beginning of class. Remote students need to send the homework to my e-mail address (see above) before class (at 7:49pm). The file of the homework needs to be in pdf (Adobe) format.

Course Overview

This course will cover the most important features of information security and privacy, including topics such as symmetric ciphers, basic number theory, public key cryptosystems, digital signatures, oblivious transfer, private information retrieval, digital payments, anonymizers and mixnets, and network security.

List of course topics (tentative):

Textbooks

I will use mainly the following materials:

Note that you should not view the availability of lecture notes as a substitute for attending class: our discussion in class may deviate somewhat from the written material, and you should take your own notes as well.

Lectures

The following schedule is tentative and subject to change.

Readings from the textbooks are indicated as follows: Sch:Ch1.2 denotes Schneier, chapter 1.2, P&P:Ch1.2 denotes Pfleeger & Pfleeger, chapter 1.2. Optional readings are in parentheses.

Topic Readings
1 Jan 12 Class overview; Introduction   Slides [pdf].
2 Jan 19 Intermediate Protocols: Part I   Slides [pdf] [ppt].
3 Jan 26 Intermediate Protocols: Part II   Sch:Ch 4
Slides [pdf] [ppt].
4 Feb 2 Symmetric Key Cryptography   Slides [pdf] [ppt].
5 Feb 9 Public Key Cryptography   Slides [pdf] [ppt].
6 Feb 16 Zero Knowledge Proofs   Sch: Ch 5.1, 5.2, 21, 23.11
Slides [pdf] [ppt].
Paper: U. Feige, A. Fiat, A. Shamir. "Zero Knowledge Proofs of Identity". [pdf].
Presenter: A.S.M. Hasan Mahmud. Slides [ppt].
7 Feb 23 Private Information Retrieval   Sch: Ch 5.5, 5.7, 5.8, 23.13
Slides [pdf] [ppt]
Paper: E. Kushilevitz, R. Ostrovsky. "Replication is Not Needed: Single Database, Computationally-Private Information Retrieval. [pdf]
Presenter: Mahmudur Rahman. Slides [ppt].
8 Mar 1 Midterm, GL 139, 7:50-9:50pm
9 Mar 8 Project Proposal Presentation
10 Mar 15 Spring Break!
11 Mar 22 Digital Payments   Slides [pdf] [ppt].
Paper: D. Chaum. "Blind Signatures for Untraceable Payments". [pdf].
Presenter: Mershack Okoe. Slides [ppt].
12 Mar 29 Network Security   Slides [pdf] [ppt].
13 Apr 5 Anonymous Channels   Slides [pdf] [pptx].
Paper: R. Dingledine, N. Mathewson, P. Syverson. "Tor: The Second Generation Onion Router". [pdf].
Presenter: Yuanzhen Gu. Slides [ppt].
14 Apr 12 Web Privacy   Slides [pdf].
Paper: Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage. "Experimental Security Analysis of a Modern Automobile" [pdf]..
Presenter: Gaurav Mastakar. Slides [ppt].
15 Apr 19 Final Project Presentations, Final Review   Slides.
16 Apr 28, Saturday !!! Final Exam, GL 139, 12 noon-2pm

Pre-requisites

You are expected to have good knowledge of programming in C/C++, Java or C\#. The class project is to be implemented in one of these languages.
We will study basic number theory and apply it to cryptographic protocols. While you are not expected to know number theory, you should be comfortable with basic math concepts.

Grading Summary

Your final grade will be computed from the following categories - this is however subject to radical change

Warning

From time to time, we may discuss vulnerabilities in widely-deployed computer systems. This is not intended as an invitation to go exploit those vulnerabilities. It is important that we be able to discuss real-world experience candidly; students are expected to behave responsibly.

You may not break into machines that are not your own; you may not attempt to attack or subvert system security. Breaking into other people's systems is inappropriate, and the existence of a security hole is no excuse.

Unethical or inappropriate actions may result in failing the course and being referred for further discipline.

Collaboration and Academic Integrity Policy

Homeworks are to be done individually, on your own (not in groups). The project(s) will be done in groups.

For homeworks, you must always write up the solutions on your own. Similarly, you may use references to help solve homework problems, but you must write up the solution on your own and cite your sources. You may not share written work or programs with anyone else.

Code of Academic Integrity

http://www.fiu.edu/~oabp/misconductweb/2codeofacainteg.htm

Back to main page