CIS700/CSE791: Information Security and Privacy (IS&P)

Instructor: Yuzhe (Richard) Tang

When: Fr 9:30AM - 12:15PM

Where: Link Hall 058

Course schedule

Day Topic Task Readings
sep 1 Intro [Slides]
sep 8 TEE SGX intro, memory protection [Companion slides] [SGX explained]
sep 15 Key exchange & Software attestation CryptoEng, [SGX explained]-3.3
sep 29 Lab 1: SGX memory-protection profiling [lab-1] SGX programming on Linux [pdf]
oct 6 Attack surface on SGX [SGX explained]-3.4,3.8
oct 13 non-SGX TEE [SGX explained]-4
oct 20 Controlled side-channel [pdf], Enclaved shuffling-Ju
oct 27 presentation-Kyle,Denat,Carlos [link]
nov 3 presentation-Kelly,Lab 2: Memory-access side-channel [lab-2] [link]
nov 17 Blockchain introduction, presentation-Ju [link], [Blockchain book] (Chapter 2)
nov 28 Blockchain: mining [Blockchain book] (Chapter 2,5)
dec 1 Blockchain applications [Blockchain book] (Chapter 9)
dec 8 Lab 3: Blockchain mining [lab-3]

Presentation papers

TEE

  1. SGX attacks
    • High-Resolution Side Channels for Untrusted Operating Systems [pdf]
    • Telling Your Secrets Without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution [pdf]
    • Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX [pdf]
    • Observing and Preventing Leakage in MapReduce, [pdf]
    • DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization, [pdf]
  2. SGX software system
    • Oblivious multi-party machine learning on trusted processors, [pdf]
    • SCONE: Secure Linux Containers with Intel SGX, [pdf]

Blockchain

  • SMARTPOOL: Practical Decentralized Pooled Mining [pdf]
  • Town Crier: An Authenticated Data Feed for Smart Contracts [pdf]
  • Making Smart Contracts Smarter [pdf]
  • Catena: Efficient Non-equivocation via Bitcoin [pdf]
  • BLOCKBENCH: A Framework for Analyzing Private Blockchains [pdf]
  • A Case Study for Blockchain in Healthcare: "MedRec" prototype for electronic health records and medical research data [pdf]

Reference books

  • SecEng: Security Engineering: A Guide to Building Dependable Distributed Systems, Ross J. Anderson
  • InfoSec: Principles of Computer System Design: An Introduction, Information Security (Chapter 11), Jerome H. Saltzer, M. Frans Kaashoek
  • CryptoEng: Cryptography Engineering: Design Principles and Practical Applications 1st Edition, Niels Ferguson, Bruce Schneier, Tadayoshi Kohno.