CIS700/CSE791: Information Security and Privacy (IS&P)
Instructor: Yuzhe (Richard) Tang
When: Fr 9:30AM - 12:15PM
Where: Link Hall 058
Course schedule
Day | Topic | Task | Readings |
---|---|---|---|
sep 1 | Intro | [Slides] | |
sep 8 | TEE | SGX intro, memory protection [Companion slides] | [SGX explained] |
sep 15 | Key exchange & Software attestation | CryptoEng , [SGX explained]-3.3 |
|
sep 29 | Lab 1: SGX memory-protection profiling [lab-1] | SGX programming on Linux [pdf] | |
oct 6 | Attack surface on SGX | [SGX explained]-3.4,3.8 | |
oct 13 | non-SGX TEE | [SGX explained]-4 | |
oct 20 | Controlled side-channel [pdf], Enclaved shuffling-Ju | ||
oct 27 | presentation-Kyle,Denat,Carlos | [link] | |
nov 3 | presentation-Kelly,Lab 2: Memory-access side-channel [lab-2] | [link] | |
nov 17 | Blockchain introduction, presentation-Ju | [link], [Blockchain book] (Chapter 2) | |
nov 28 | Blockchain: mining | [Blockchain book] (Chapter 2,5) | |
dec 1 | Blockchain applications | [Blockchain book] (Chapter 9) | |
dec 8 | Lab 3: Blockchain mining | [lab-3] |
Presentation papers
TEE
- SGX attacks
- High-Resolution Side Channels for Untrusted Operating Systems [pdf]
- Telling Your Secrets Without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution [pdf]
- Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX [pdf]
- Observing and Preventing Leakage in MapReduce, [pdf]
- DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization, [pdf]
- SGX software system
Blockchain
- SMARTPOOL: Practical Decentralized Pooled Mining [pdf]
- Town Crier: An Authenticated Data Feed for Smart Contracts [pdf]
- Making Smart Contracts Smarter [pdf]
- Catena: Efficient Non-equivocation via Bitcoin [pdf]
- BLOCKBENCH: A Framework for Analyzing Private Blockchains [pdf]
- A Case Study for Blockchain in Healthcare: "MedRec" prototype for electronic health records and medical research data [pdf]
Reference books
SecEng
: Security Engineering: A Guide to Building Dependable Distributed Systems, Ross J. AndersonInfoSec
: Principles of Computer System Design: An Introduction, Information Security (Chapter 11), Jerome H. Saltzer, M. Frans KaashoekCryptoEng
: Cryptography Engineering: Design Principles and Practical Applications 1st Edition, Niels Ferguson, Bruce Schneier, Tadayoshi Kohno.