| Date | Topic&Presentation | Reading assignments |
| Jan. 16 | Course outline and Questionnaire | N/A |
| Jan. 18 | Security and distributed systems review | N/A |
| Jan. 23 and 25 | Logical key hierarchy, by EJ Jung | [WGL00] C.K. Wong et al, Secure Group Communications Using Key Graphs, [KPT04]Y. Kim et al, Tree-Based Group Key Agreement |
| Jan. 30 and Feb. 1 | Merkle hash tree by Alex Halfpenny | [WL98] C.K. Wong and S. Lam, Digital Signatures for Flows and Multicasts, [PCT00] A. Perrig et al, Efficient Authentication and Signing of Multicast Streams over Lossy Channels |
| Feb. 6 and 8 | One-way key chain by Peter Likarish Project proposal due on Feb. 6 | [PST02] A. Perrig et al, SPINS: Security Protocols for Sensor Networks |
| Feb. 13 and 15 | Threshold cryptography by EJ Jung | [Sh79] A. Shamir, How to Share a Secret, [KZL01] J. Kong et al, Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks |
| Feb. 20 and 22 | Distributed hash table by Uday Verma | [SMK01] I. Stoica et al, Chord: A Scalable Peer-to-peer Lookup Service for Internet
Applications, [RD01] A. Rowstron and P. Druschel, Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems |
| Feb. 27 and Mar. 1 | Lectures on Single Sign-on and Reputation systems | N/A |
| Mar. 6 | Single Sign-On by Wenli He | [WSF03] V. Welch et al, Security for grid services, [KR00] D.P. Kormann and A.D. Rubin, Risks of the passport single signon protocol |
| Mar. 8 | Reputation systems by Saurav Pandit | [KSG03] S. Kamvar et al, The EigenTrust Algorithm for Reputation Management in P2P Networks |
| Mar. 13 and 15 | Spring break | N/A |
| Mar. 20 and 22 | Signature of viruses and worms by Kyle Barkmeier | [CCC05] M. Costa et al, Vigilante: End-to-End Containment of Internet Worms |
| Mar. 27 and 29 | Fast dictionary attack by Nguyen Tien Dat Project pseudo code due on Mar. 27 | [Sh05] Z. Shuanglei RainbowCrack, [NS05] A. Narayanan and V. Shmatikov, Fast Dictionary Attacks on Passwords Using TimeSpace Tradeoff |
| Apr. 3 and 5 | Memory Safety by Xin Xiao, slides by authors | [BZ06] E. Berger and B. Zorn, DieHard: Probabilistic Memory Safety for Unsafe Languages |
| Apr. 10 and 12 | Protecting databases from SQL injection
attacks by Rob Hansen | [BK04]
S.W. Boyd and A.D. Keromytis, SQLrand: Preventing SQL injection attacks [HP05] R. Hansen and M. Patterson, Guns and Butter: Towards Formal Axioms of Input Validation |
| Apr. 17 | Role-based access control by Samuel Petreski | [HMM00] A. Herzberg et al, Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers |
| Apr. 19 | Hash function and breaking them by Thomas E Hansen | [WY05] X. Wang and H. Yu, How to Break MD5 and Other Hash Functions, [WYY05] X. Wang et al, Finding Collisions in the Full SHA-1 |
| Apr. 24 and 26 | Trusted computing by Arvind Suryakumar Project final report due | [GPC03] T. Garfinkel et al, Terra: A Virtual Machine-Based Platform for Trusted
Computing, [SCG03] G.E. Suh et al, AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing |
| May 1 and 3 | Project presentation | N/A |