COMP6712 Advanced Security and Privacy
2022/23 Semester 2
Department of Computing, PolyU

General Information

Venue: BC302
Time: Tuesday, 18:30-21:20, week 1-13
Instructor: Haiyang Xue, haiyang.xue@polyu.edu.hk
TA:
- Xun LIU, compxun.liu@connect.polyu.hk
- Mengling LIU, 22117804r@connect.polyu.hk

Outline

This course will cover the most important features of security and privacy issues. The topics include network security, computer security and privacy-preserving computation (aka secure computation), and relevant knowledge in basic cryptography and advanced privacy-enhancing technologies. Two case studies of security and privacy in Blockchain and AI are also included. Refer to the syllabus for details.

Updating Announcements

Syllabus

The syllabus [pdf] is subject to change, and I will continuously update it as the semester progresses.

Date	Topics\slides	Outline	Readings	Lecture notes
Week 1: Jan 10	Course Overview [slides]	course plan, reading materials, grading, a brief introduction to every topic	[Sta] William Stallings, Cryptography and Network Security: Principles and Practice [Du] Wenliang Du, Computer Security: A Hands-on Approach [KPS] Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World [KL] Jonathan Katz, and Yehuda Lindell, Introduction to Modern Cryptography
Week 2: Jan 17	Basic Cryptography 1: Symmetric-key cryptography [slides]	symmetric encryption, one-time pad, blockcipher, hash function, MAC, authenticated encryption.	[KL] Section 2-7 [Std] Chapter 3, 5, 6, 7, 11, 12 Goldreich, Foundation of Cryptography II, Section 5.3.1, 5.3.2, 5.3.3, 5.4.3.	Lecture 2 by Haiyang Xue Source code
Week 3: Jan 31	Basic Cryptography 2: Public-key cryptography [slides]	Diffie-Hellman, public key encryption, RSA, Digital signature	[KL] Section 8, 10,11, 12.1-12.5	Lecture 3 by Huijiong Yang, Tianyu Zheng, Zhikang Xie
Week 4: Feb 7	Network Security Principles [slides]	authenticated key exchange, PKI, and certification authorities	[KL] Section 12.7 Dan Boneh and Victor Shoup, A Graduate Course in Applied Cryptography, Section 22 [Du] Section 24	Lecture 4 by Jialong Zhou and Zhiyuan Sun
Week 5: Feb 14	Network Security in Practice [slides]	secure sockets layer (SSL), transport layer security (TLS), HTTPS	[Sta] Section 16 [KPS] Section 13 RFC 2246, 5246, 8446	Lecture 5 by Zizhao Peng, Jerry Tong and Fangxiao Wang
Week 6: Feb 21	Authentication [slides][outline]	access control, password authentication, biometric authentication, public key authentication	Dan Boneh and Victor Shoup, A Graduate Course in Applied Cryptography, Section 18 Authentication Cheat Sheet An Administrator’s Guide to Internet Password Research Biometrics: A Tool for Information Security SSH.com RFC 4251, 4252 [KPS] Section 13.8	Lecture 6 by Sai Ho Cheung, Weimin Chen, and Junjie Ma
Week 7: Feb 28	Privacy-Enhancing Technologies 1 [slides][outline]	post-quantum cryptography and fully-homomorphic encryption	Post-quantum Cryptography by NIST Cryptographic Standards in the Post-Quantum Era Awesome Homomorphic Encryption in Github Homomorphic Encryption Standardization	Lecture 7 by Yerkezhan Sartayeva and Haiyang Xue
Week 8: Mar 7	Privacy-Enhancing Technologies 2 [slides]	zero-knowledge proofs	Dan Boneh and Victor Shoup, A Graduate Course in Applied Cryptography, Section 19, 20 Berry Schoenmakers, Lecture Notes Cryptographic Protocols, Section 4, 5 awesome-zero-knowledge-proofs	Lecture 8 by Rui Song and Yuhuan Liu
Week 9: Mar 14	Privacy-Enhancing Technologies 3 [slides]	secure multiparty computation	David Evans, Vladimir Kolesnikov and Mike Rosulek, A Pragmatic Introduction to Secure Multi-Party Computation, Section 1, 2, 3 Dan Boneh and Victor Shoup, A Graduate Course in Applied Cryptography, Section 23 Lindell, Resources for Getting Started with MPC	Lecture 9 by Donghui Dai, Huaien Zhang
Week 10: Mar 21	Security and Privacy in Practice	security and privacy in Blockchain	Blockchain whitepaper blockchain.com
Week 11: Mar 28	Recap
Week 12: Apr 4	Final presentation 1	papers from S&P, CCS, USENIX, NDSS, CRYPTO, or EUROCRYPT
Week 13: Apr 11	Final presentation 2	papers from S&P, CCS, USENIX, NDSS, CRYPTO, or EUROCRYPT

Grading

It will be based on two assignments (20%), projects (45%), and a final exam (35%).
Assignments

Assignment 1, submit via Blackboard, Deadline: 28 Feb. 11:00 pm
Assignment 2, submit via Blackboard, Deadline: 3 Apr. 11:00 pm

Projects: final presentation and lecture notes. All submissions will be made public.

Choose any paper you are interested in from IEEE S&P 18-22, ACM CCS 18-22, USENIX 18-22, NDSS 18-22, CRYPTO 18-22, or EUROCRYPT 18-22, and give a 20-minute presentation.
- Send your choice to the TA\Instructor on or before Mar 27.
- I will post Presentation Schedule here on Mar 28. If necessary, you can discuss your presentation with the instructor in advance.
- Reference: How to Present a Paper, How to Give a Technical Presentation
Every 2~3 students, as a team, should choose one lecture from week 3 to week 9 and write lecture notes. All submissions will be made public.
- Guidelines for writing lecture notes can be found here.
- I will give an example for week 2. I will also provide readings as a reference.
- Lecture notes for week x should be submitted to TA and me on or before the end of week x+6, where x belongs to {3, 4, 5, 6, 7, 8, 9}.
- Comments will be given and revision may be required.

Final exam: I will give a Summary of what you should know about the final.

COMP6712 Advanced Security and Privacy 2022/23 Semester 2 Department of Computing, PolyU