CS 161: Computer Security

Announcements

Project 1 has been released.
- The checkpoint (Q1–Q4, no write-up) are due Friday, February 10th at 11:59 PM PT.
- The full project (Q1–Q7, plus write-up) are due Friday, February 24th at 11:59 PM PT.
- All logistical information can be found at #26.
Homework 2 has been released on Gradescope and will be due Friday, February 17th at 11:59 PM PT. Please ask all homework 2 related questions in #118.
As a reminder: You can request an extension for any assignment by filling out this form.
- We’ll try to approve all extensions within reason. If we find that you might be falling behind, we may reach out to make sure you’re staying on track with the course.

Past Announcements

2023-01-30:

Project 1 has been released.
- The checkpoint (Q1–Q4, no write-up) are due Friday, February 10th at 11:59 PM PT.
- The full project (Q1–Q7, plus write-up) are due Friday, February 24th at 11:59 PM PT.
- All logistical information can be found at #26.
- We will be holding a project party this week. We will announce the details later and add them to our course calendar, so keep an eye out for that!
  - Update 1/31: There will be a project party on Thursday, February 2nd at 5-7 PM PT at Wozniak Lounge.
Homework 1 has been released on Gradescope and will be due Friday, February 3rd at 11:59 PM PT. Please ask all homework 1 related questions in #20.
As a reminder, BRIDGE and exam-prep sections both begin this week. Make sure to check out the course calendar for more details.
You can request an extension for any assignment by filling out this form.
- We’ll try to approve all extensions within reason. If we find that you might be falling behind, we may reach out to make sure you’re staying on track with the course.

2023-01-24:

Discussion sections and office hours will begin this week. You can find the appropriate schedules on our course calendar.
- As a reminder, there is no required attendance for discussion sections (attendance is highly encouraged). You can attend any section that you want. If you are unable to make it to a section, we will post a recorded walk-through of the worksheet to the website by the end of the week.
- We will be holding a BRIDGE discussion section as well as an exam-prep discussion section starting next week, so be on the lookout for those as well!
  - BRIDGE will be an extended time discussion section to connect the previous week’s lectures to the previous week’s discussion worksheet/topic via minilectures and extra question time
- For now, we are not planning to hold any hybrid sections, we’ll make an announcement if that changes.
- While we highly encourage attending office hours in person, we will have support for remote office hours too as all our office hours will be held in a hybrid format meaning that TAs will take both online and in-person tickets. However, TAs will prioritize in-person tickets.
Homework 1 has been released on Gradescope and will be due Friday, February 3rd at 11:59 PM PT. Please ask all homework 1 related questions in #20.
Project 1 will be released in a separate post tomorrow in which you can find the details, so keep an eye on that as well!

2023-01-06:

Pre-Semester FAQ

Enrollment

Q1: I’m on the waitlist. What are the odds of the class expanding, and will I get in the class?

We expanded the class capacity to 705 last week, so we anticipate (though can’t promise) that everyone interested in the class will be able to enroll.

Q2: I’m not a declared CS major or CS minor. Can I enroll in the class?

Sorry, course staff is not in charge of enrollment. We have to follow the department’s enrollment policies, which restricts CS 161 enrollment to declared CS majors and CS minors only. We don’t have enrollment codes to hand out or any other way to circumvent this policy; if you have further questions, please reach out to the emails listed in the linked document.

Q3: I plan to declare CS this spring. Can I enroll in the class after I declare?

If your declaration is processed in time, and the enrollment system lets you enroll in the class this semester, we can let you enroll. However, we are not offering assignment extensions if you enroll late. If you plan to enroll in the class this spring, you need to keep up with the class before you enroll; we can give you access to all the assignments while you wait to enroll (see Q5 below).

Q4: I’m a concurrent enrollment student. When can I enroll in the class?

We accepted all concurrent enrollment applications last week. We plan to continue accepting applications as they come in, as long as the department approves and we have capacity/budget.

Q5: I want to audit the class and/or keep up with assignments before I officially enroll. Can I audit the class?

Sure, we can add you to the course Gradescope and Ed forum. Send an email to cs161-staff@berkeley.edu with 1) your name, 2) your SID, and 3) whether you’re auditing or plan to enroll later.

If you’re just auditing and don’t ever plan on enrolling, please do not submit any assignments that would require staff effort to grade (e.g. problem sets, exams). If you’re auditing and we spend extra staff time grading your work, we will drop you from the class.

Q6: I officially enrolled in the class, but I don’t have access to Gradescope/Ed.

We sync the rosters once a day, so you may need to wait a bit before being automatically added to the class. If you’ve been officially enrolled for 48 hours and haven’t been added, send an email to cs161-staff@berkeley.edu. Please don’t ask us about being added until 48 hours have passed; we don’t have time to manually add each student.

Exams

Q7: When are the exams?

The midterm is on Monday, March 13, 2023, 7–9pm PT.

The final exam is on Friday, May 12, 2023, 3–6pm PT.

Q8: Can I take this class remotely? Do you offer remote exams?

We don’t mandate in-person attendance. However, generally we have found that students learn best through highly interactive discussions and office hours, and we definitely do hope to see you in the classroom at some point during the semester!

We are offering remote exams only at the same time as the scheduled exam. There will be no remote exams starting at any other time. We’ll release a form closer to the exams for you to sign up for a remote exam.

Q9: Do you offer alternate time exams?

If you are unable to take the exam at the scheduled time, we will be offering only one alternate exam time, in-person only, immediately after the scheduled exam. Specifically, the alternate midterm time is Monday, March 13, 2023, 9–11pm PT. The alternate final exam time is Friday, May 12, 2023, 6–9pm PT (we’ll give you a few minutes to walk between exams). There are no other alternate exam times. There are no remote exams at alternate times. We’ll release a form closer to the exams for you to sign up for an alternate-time exam.

Other questions

If you have a question that wasn’t answered above, you can email cs161-staff@berkeley.edu. Please don’t email instructors directly; you will get a faster answer by emailing cs161-staff@berkeley.edu.

Instructors: Raluca Ada Popa and Peyrin Kao

Lecture:

M/W, 5:00–6:30 PM PT in Dwinelle 155

Skip to current week

Date	Lecture	Discussion	HW	Project
Wed 01/18	1. Introduction and Security Principles Slides Recording Ch. 1	No discussion	HW1
Mon 01/23	2. x86 Assembly and Call Stack Slides Recording Ch. 2 x86/GDB Cheat Sheet	61C Review, Security Principles (solutions) (recording)
Wed 01/25	3. Memory Safety Vulnerabilities Slides Recording Ch. 3	61C Review, Security Principles (solutions) (recording)		Project 1 Checkpoint
Mon 01/30	4. Memory Safety Vulnerabilities II Slides Recording Ch. 3	Memory Safety (solutions) (recording) Exam Prep (solutions) (recording)
Wed 02/01	5. Mitigating Memory Safety Vulnerabilities Slides Recording Ch. 4
Mon 02/06	6. Intro to Cryptography Slides Recording Ch. 5	Memory Safety Mitigations (solutions) (recording) Exam Prep (solutions) (recording)	HW2
Wed 02/08	7. One-Time Pad & Block Ciphers Slides Recording Ch. 6
Mon 02/13	8. Block Cipher Chaining Modes (continued) & Cryptographic Hashes Slides Recording Ch. 7 Ch. 8	Symmetric-Key Cryptography (solutions) (recording) Exam Prep (solutions) (recording)		Project 1
Wed 02/15	9. PRNGs and Diffie-Hellman Key Exchange Slides Recording Ch. 9 Ch. 10
Mon 02/20	Presidents' Day (no lecture)	Integrity, Authenticity, and Diffie-Hellman (solutions) (recording) Exam Prep (solutions) (recording)	HW3
Wed 02/22	10. Diffie-Hellman Key Exchange and Public-Key Encryption Slides Recording Ch. 11 Ch. 12
Mon 02/27	11. Digital Signatures, Certificates and Password Hashing Slides Recording Ch. 13 Ch. 14	Public-Key Cryptography (solutions) (recording) Exam Prep (solutions) (recording)
Wed 03/01	12. Bitcoin Slides Recording Ch. 16
Mon 03/06	13. Intro to Web Slides Recording Ch. 18 Ch. 19	Certificates and Passwords (solutions) (recording) Exam Prep (solutions) (recording)	HW4
Wed 03/08	14. Cookies and CSRF Slides Recording Ch. 20 Ch. 21			Project 2 Design
Mon 03/13	Midterm (7–9pm PT)	Cookies and CSRF (solutions) (recording) Exam Prep (solutions) (recording)
Wed 03/15	15. SQL Injection and CAPTCHAs Slides Recording Ch. 22 Ch. 23
Mon 03/20	16. XSS and UI Attacks Slides Recording Ch. 17	SQL Injection and XSS Exam Prep (recording)	HW5
Wed 03/22	17. Intro to Networking Slides Recording Ch. 25	SQL Injection and XSS Exam Prep (recording)
Mon 03/27	Spring Break	No discussion
Wed 03/29	Spring Break	No discussion		Project 2
Mon 04/03	18. Low-Level Network Attacks Slides Ch. 26 Ch. 28 Ch. 27	DHCP, ARP, and WPA	HW6
Wed 04/05	19. Transport Layer (TCP and UDP) Slides Ch. 29 Ch. 30	DHCP, ARP, and WPA
Mon 04/10	20. TLS Slides Ch. 31	TLS and TCP
Wed 04/12	21. DNS Slides Ch. 32	TLS and TCP		Project 3
Mon 04/17	22. DNSSEC Slides Ch. 33	DNS and DNSSEC	HW7
Wed 04/19	23. Denial of Service and Firewalls Slides Ch. 34 Ch. 35	DNS and DNSSEC
Mon 04/24	24. Intrusion Detection Slides Ch. 36	Intrusion Detection, Malware, and Tor
Wed 04/26	25. Tor Slides Ch. 39	Intrusion Detection, Malware, and Tor
Mon 05/01	RRR week
Wed 05/03	RRR week
Fri 05/12	Final Exam (3–6pm PT)