6.033 | Spring 2018 | Undergraduate

Computer System Engineering

Week 12: Security Part II

Lecture 21: Authentication and Passwords

Lecture 21 Outline

  1. Introduction
  2. Authentication via Passwords
  3. Implementing Passwords
  4. Session Cookies
  5. Phishing
  6. Bootstrapping/Resetting
  7. Password Alternatives

Lecture Slides

Reading

  • Book section 11.2

Recitation 21: Why Cryptosystems Fail

Lecture 22: Secure Channels

Lecture 22 Outline

  1. Today’s Threat Model
  2. Secure Channel Primitives
  3. Secure Channel Abstraction
  4. Key Exchange
  5. Cryptographic Signatures for Message Authentication
  6. Key Distribution
  7. TLS: A Protocol That Does All of This
  8. Discussion

Lecture Slides

Reading

  • Book sections 11.3, 11.4, and 11.5

Recitation 22: Domain Name System Security Extensions (DNSSEC)

Tutorial 12: Final Design Project Report

Having now had two rounds of feedback on your design, you’re working on your final report. Unlike the proposal document, the report should contain enough detail that it could feasibly be turned over to Facilities for implementation. It should also contain an evaluation of your design. See the Design Project section for detailed information.

Course Info

Instructor
As Taught In
Spring 2018
Learning Resource Types
Lecture Notes
Written Assignments
Projects with Examples
Instructor Insights