Note: Lecture topics, readings, and assignments (especially in the second half of the quarter) are subject to change.
| Week | Date | Lecture Topic | Reading/Presentation | Assignment |
|---|---|---|---|---|
| 1 | Tu 03/31 | Threat Modeling | ||
| Th 04/02 | Secure Channels |
SPKI/SDSI 2.0: A Simple Distributed Security Infrastructure. Ronald L. Rivest (joint work with Butler Lampson and Carl Ellison). |
||
| 2 | Tu 04/07 | Cryptographic Messaging |
The Double Ratchet Algorithm. Moxie Marlinspike. |
|
| Th 04/09 | Cryptographic Storage |
SPORC: Group Collaboration Using Untrusted Cloud Resources. Ariel J. Feldman, William P. Zeller, Michael J. Freedman, and Edward W. Felten. OSDI 2010. |
||
| 3 | Tu 04/14 | Transparency |
CONIKS: Bringing Key Transparency to End Users. Marcela S. Melara, Aaron Blankstein, Joseph Bonneau, Edward W. Felten, and Michael J. Freedman. USENIX Security 2015. |
|
| Th 04/16 | Computing on Encrypted Data |
Big Data Analytics over Encrypted Datasets with Seabed. Antonis Papadimitriou, Ranjita Bhagwan, Nishanth Chandran, Ramachandran Ramjee, Andreas Haeberlen, Harmeet Singh, Abhishek Modi, and Saikrishna Badrinaryanan. OSDI 2016. |
||
| 4 | Tu 04/21 | Secure Hardware |
Shielding Applications from an Untrusted Cloud with Haven. Andrew Baumann, Marcus Peinado, and Galen Hunt. OSDI 2014. |
|
| Th 04/23 | Side Channels |
Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution Jo Van Bulck, Marina Minkin, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. USENIX Security 2018. |
Project #1 | |
| 5 | Tu 04/28 |
No class.
|
||
| Th 04/30 |
No class.
|
|||
| 6 | Tu 05/05 | Anonymous Messaging |
Dissent: Accountable Anonymous Group Messaging. Henry Corrigan-Gibbs and Bryan Ford. CCS 2010. |
|
| Th 05/07 | Oblivious RAM |
Obladi: Oblivious Serializable Transactions in the Cloud. Natacha Crooks, Matthew Burke, Ethan Cecchetti, Sitar Harel, Rachit Agarwal, and Lorenzo Alvisi. OSDI 2018. |
Project #2 | |
| 7 | Tu 05/12 | Private Data Retrieval |
Coeus: A System for Oblivious Document Ranking and Retrieval. Ishtiyaque Ahmad, Laboni Sarker, Divyakant Agrawal, Amr El Abbadi, and Trinabh Gupta. SOSP 2021. |
|
| Th 05/14 | Differential Privacy |
Privacy Accounting and Quality Control in the Sage Differentially Private ML Platform. Mathias Lécuyer, Riley Spahn, Kiran Vodrahalli, Roxana Geambasu, and Daniel Hsu. S&P 2019. |
||
| 8 | Tu 05/19 | Secure Multi-Party Computation |
MP-SPDZ: A Versatile Framework for Multi-Party Computation. Marcel Keller. CCS 2020. |
|
| Th 05/21 | Distributed Trust |
Splinter: Practical Private Queries on Public Data. Frank Wang, Catherine Yun, Shafi Goldwasser, Vinod Vaikuntanathan, and Matei Zaharia. NSDI 2017. |
Project #3 | |
| 9 | Tu 05/26 | Privacy-Preserving Data Analytics |
SECRECY: Secure collaborative analytics in untrusted clouds. John Liagouris, Vasiliki Kalavri, Huammad Faisal, and Mayank Varia. NSDI 2023. |
|
| Th 05/28 | Privacy-Preserving AI Inference |
BOLT: Privacy-Preserving, Accurate and Efficient Inference for Transformers. Qi Pang, Jinhao Zhu, Helen Mollering, Wenting Zheng, and Thomas Schneider. S&P 2024. |
||
| 10 | Tu 06/02 | AI Agent Security |
Defeating Prompt Injections by Design. Edoardo Debenedetti, Ilia Shumailov, Tianqi Fan, Jamie Hayes, Nicholas Carlini, Daniel Fabian, Christoph Kern, Chongyang Shi, Andreas Terzis, and Florian Tramèr. |
|
| Th 06/04 | TBD | |||
| 11 | W 06/10 |
Final project presentations at 3:00 AM - 6:00 PM (Location TBD).
|
Final Project |