18-739 — Foundations of Security and Privacy

Schedule (subject to change)

Date

Topic

Reading

Notes

Tue Aug 30

Course Overview [PPT][PDF]
Cryptography: Cryptography Basic [PPT] [PDF]

 All times below are PDT

 

 

PROTOCOLS

 

Thu Sep1

Introduction to Model Checking [PPT] [PDF]
  • Automated Analysis of Cryptographic Protocols Using Murphi [PS]
  • Optional: Securing Frame Communication in Browsers [PDF]

 Murphi (gcc 4.2.x) [Murphi3.1_gcc4.2.zip]

Murphi (gcc 4.3.x) [Murphi3.1_gcc4.3.zip]

Tue Sep 6

Model checking authenticated key exchange: SSL/TLS Case Study [PPT] [PDF]
  • Finite-State Analysis of SSL 3.0 [PS]
  • Optional: Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate [PDF]
  • Optional: Derivation of the JFK Protocol [PS]

 HW 1 handed out [PDF]

 Model Files [18739Fall2011hw1.zip]

Thu Sep 8

Anonymous communication protocols [PPT] [PDF]
  • Untraceable Electronic Mail ... [PDF]
  • The Dining Cryptographers Problem… [PDF]
  • Tor: The Second-Generation Onion Router [PDF]

 

Tue Sep 13 (*)

Lujo Bauer

Passwords I [PDF]
  • Of Passwords and People: Measuring the Effect of Password-Composition Policies [PDF]

 

Thu Sep 15 (*)

Jeremiah Blocki

Passwords II
  • TBD

 

Tue Sep 20

Electronic Voting I [PPT] [PDF]
  • ThreeVotingProtocols: ThreeBallot, VAV, and Twin [PDF]
  • Scantegrity II Municipal Election at Takoma Park: The First E2E Binding Governmental Election with Ballot Privacy [PDF]

 HW 1 due today 12:01 AM

Thu Sep 22

Electronic Voting II [PPT] [PDF]
  • Verifiability, Privacy, and Coercion-Resistance: New Insights from a Case Study [PDF]
  • Proving Coercion-Resistance of Scantegrity II [PDF]

 

Tue Sep 27

Project Proposals

 

Project proposals due

Thu Sep 29

Introduction to Logic [PDF]
  • Background in Logic: Classical Logic, Stanford Encyclopedia of Philosophy
  • Optional: Sections 3.1-3.4 of Dynamic Logic by Harel, Kozen, Tiuryn

HW 2 handed out [PDF]

Tue Oct 4

Protocol Logics: Protocol Composition Logic (PCL) I

[PPT] [PDF]
  • Protocol Composition Logic (PCL) [PDF]
  • Optional: A Logic of Authentication [PDF]

      BAN slides (Harper) [PDF]

 

Thu Oct 6

Protocol Composition Logic (PCL) II [PPT] [PDF]
  • Protocol Composition Logic (PCL) [PDF]

 

Tue Oct 11

Introduction to Computational Cryptography [PPT] [PDF]
  • Bellare-Rogaway Lecture Notes:
    Chapter 1: [PDF]
  • Chapter 4: [PDF]

 

Thu Oct 13

Introduction to Computational Cryptography (contd)

HW 2 due today before class

 

 

PRIVACY

 

Tue Oct 18 (*)

Divya Sharma

Database Privacy: k-anonymity and de-anonymization attacks
  • Protecting Respondents' Identities in Microdata Release [PDF]
  • Robust De-anonymization of Large Sparse Datasets (How to Break Anonymity of the Netflix Prize Dataset) [PDF]

HW 3/Mid Sem handed out [PDF]

Thu Oct 20 (*)

Cryptographic Soundness [PDF]
  • Reconciling Two Views of Cryptography
    (The Computational Soundness of Formal Encryption) [PDF]
  • Optional: Encryption-Scheme Security in the Presence of Key-Dependent Messages [PDF]

 

Tue Oct 25

Cryptographic Soundness (contd.) [PPT] [PDF]
  • Optional: Completeness Theorems for the Abadi-Rogaway Language of Encrypted Expressions [PDF]

HW 3/Mid Sem due before class

Thu Oct 27 (*)

Arvind Narayanan (Stanford)

Privacy & Online Advertising
  • Adnostic: Privacy Preserving Targeted Advertising [PDF]
  • Privad: Practical Privacy in Online Advertising [PDF]

Tue Nov 1

Specifying Privacy Policies: [PPT] [PDF]

Contextual Integrity & Logics of Privacy [PPT] [PDF]

Case study: HIPAA Privacy Rule
  • Privacy and Contextual Integrity: Framework and Applications [PDF]
  • Experiences in the Logical Specification of the HIPAA and GLBA Privacy Laws [PDF]

 

Thu Nov 3 (*)

Limin Jia

Privacy Policy Enforcement through Audit

Case study: HIPAA Privacy Rule [PDF]
  • Policy Auditing over Incomplete Logs: Theory, Implementation and Applications [PDF]

Tue Nov 8

Learning to Audit to Protect Privacy [PPT] [PDF]
  • Regret Minimizing Audits: A Learning-Theoretic Basis for Privacy Protection [PDF]

HW 4 handed out [PDF]

Thu Nov 10 (*)

Michael Tschantz

Purpose Restrictions in Privacy Policies: Semantics and Audit

·        On the Semantics of Purpose Requirements in Privacy Policies [PDF]

 

Tue Nov 15

Database Privacy: Differential Privacy

[PPT] [PDF]
  • Differential Privacy [PDF]
  • Optional: Differentially Private Recommender Systems: Building Privacy into the Netflix Prize Contenders [PDF]

 

Thu Nov 17 (*)

Aleksandra Korolova (Stanford)

Privacy in Social Networks

  • Privacy Violations Using Microtargeted Ads: A Case Study [PDF]
  • Personalized Social Recommendations - Accurate or Private? [PDF]

HW 4 due today before class

Tue Nov 22 (*)

Jing Wang (Booz Allen)

Health Information Privacy and Security: An Industry Perspective

[PPT] [PDF]

·        TBD

 

Thu Nov 24

No class—university holiday

 

 

Tue Nov 29 (*)

Ashwin Machanavajjhala

(Yahoo! Research)

No Free Lunch in Data Privacy

[PPT] [PDF]
  • No Free Lunch in Data Privacy [PDF]
  • Optional: Data Publishing against Realistic Adversaries [PDF]

 

Thu Dec 1

Advanced Topics and Current Research
  •  Towards a Formal Model of Accountability [PDF]

 

Tue Dec 6 (Students)

Project presentations

 

Project models/code & report due today 12:01 AM

HW 5/End Sem handed out on Dec 5 (due Tue Dec 8) [PDF]

Thu Dec 8 (Students)

Project presentations/Wrap up

 

HW 5/End Sem due today

 

 

 

 

 

e='mso-spacerun:yes'>