Think of these lecture notes as a living textbook that
strives to strike a balance between the
systems-oriented issues and the cryptographic issues.
Without the latter, many aspects of the former cannot
be fully comprehended, and, without the former, the
latter are too dry to appreciate.
Note for instructors using
these slides/notes: |
It is not uncommon for
the instructors who use these notes/slides to want to know
how exactly I use them in class since there is much more
information on a typical slide than you will usually find in
a powerpoint presentation.
Here is the answer: When I
teach the theoretical portions of this course, I actually
work out the formulas on the chalkboard
and, when I do so, I follow the derivations presented in
these lecture notes. On the other hand, when I
teach the systems portion of the course, I spend quite a bit
of time demonstrating the issues on my Linux laptop, again in the manner described in these lecture
notes. These lecture notes are intended as
much for showing in class in the form of slides as they are
for focused reading by the students on their own. When used
as slides, these serve as backdrop to the explanations
provided on the chalkboard or through demonstrations on a
Regarding homework assignments:
Homework assignments typically involve writing Perl or Python scripts
in order to gain a deeper understanding of the ideas
through actual implementation. (From a pedagogical
standpoint, scripting is much more efficient for this than
writing code in raw C.) In the part of the course
that deals with encryption and hashing, students write
scripts for implementing DES, AES, RC4, SHA1, SHA512,
etc. In the part of the course that deals with more
system related issues, the students are asked to write
scripts that carry out DoS attacks, buffer overflow attacks,
etc., against servers (for buffer overflow attacks, that
would be a socket program in C with intentionally embedded
If you are an instructor and you'd like
to see these homework assignments (along with the two
best solutions submitted by the students at Purdue),
send me a note at firstname.lastname@example.org. If you do so, please place
the string "requesting security homework" in your subject
line to get past my merciless spam filter.
IMPORTANT: Your email
request for this material must establish two things: that
you are an instructor and that you are using these lecture
notes to teach your class. An anonymous email request
(using, say, a gmail or a yahoomail address) that does not
indicate your institutional affiliation will be ignored.
Useful resources for homework assignments:
When will this material be updated next?:
If you are writing Perl and/or Python
scripts for solving homework problems or for course projects, you will find the
book "Scripting with Objects" a useful
resource for this course.
Chapters 2 and 3 of the book provide
quick and easy-to-follow introductions to Perl and Python, respectively.
class in Python is useful for creating compact
implementations for hash functions (see Lecture 15 for an
example) and for writing scripts for block and stream
If you'd rather do your homework in C++ or Java, you will find the book
"Programming With Objects" a useful resource.
This book is now being used at a number of universities for teaching
object-oriented programming in both C++ and Java simultaneously.
The 2013 update of the lecture notes has been completed.
The next serious update of this material is scheduled for
the January – April 2014 time frame.