18-487: Introduction to Computer & Network Security and Applied Cryptography
The prerequisites of this class include 15-213
, proficient programming
in C and Java, and familiarity with assembly language.
Security is becoming one of the core requirements in the design of critical systems. This course will introduce students to the intro-level fundamental knowledge of computer security and applied cryptography. Students will learn the basic concepts in computer security including software vulnerability analysis and defense, networking security, and applied cryptography. Students will also learn the fundamental methodology for how to design and analyze security critical systems.
Textbooks:Cryptography: Theory and Practice by Douglas R. Stinson
Introduction to Cryptography with Coding Theory by Trappe and Washington.
The deadline for any assignment can be extended with a 20% penalty per day. No deadline can be extended by more than two days. so assignments will NOT be accepted 48 hours after the due date unless under special permission.
Students are encouraged to talk to each other, to the TAs, to the instructor, or to anyone else about any of the assignments. Any assistance, though, must be limited to the clarification of the problem. Each student must write out his or her own solutions to the homeworks. Consulting another student's or group's solution is prohibited, and submitted solutions may not be copied from any source. These and any other form of collaboration on assignments constitute cheating. If you have any question about whether some activity would constitute cheating, please feel free to ask.
Your final grade for the course will be based on the following weights for the individual assignments:
The Midterm and Final Exams will be closed-book.
We may discuss vulnerabilities in widely-deployed computer systems in class. This is not intended as an invitation to go exploit those vulnerabilities. CMU's policy (and my policy) on this should be clear: you may not break into machines that are not your own; you may not attempt to attack or subvert system security. Breaking into other people's systems is inappropriate, and the existence of a security hole is no excuse.