COMP6712 Advanced Security and Privacy
2023/24 Semester 2
Department of Computing, PolyU

General Information

Venue: Y302
Time: Monday, 18:30-21:20, week 1-13
Instructor: Haiyang Xue, haiyang.xue@polyu.edu.hk
TA:
- Xun LIU, compxun.liu@connect.polyu.hk
- Shenxing WEI, shenxing.wei@connect.polyu.hk

Outline

This course will cover the most important features of security and privacy issues. The topics include network security, computer security and privacy-preserving computation (aka secure computation), and relevant knowledge in basic cryptography and advanced privacy-enhancing technologies. A guest lecture on security and privacy in Blockchain is also included. Refer to the syllabus for details.

Updating Announcements

Previous Course 2022/23-2

Syllabus

The syllabus [pdf] is subject to change, and I will continuously update it as the semester progresses.

Date	Topics\slides	Outline	Readings	Lecture notes
Week 1: Jan 15	Course Overview [slides]	course plan, reading materials, grading, a brief introduction to every topic	[KL] Jonathan Katz, and Yehuda Lindell, Introduction to Modern Cryptography [BS] Dan Boneh and Victor Shoup, A Graduate Course in Applied Cryptography [Sta] William Stallings, Cryptography and Network Security: Principles and Practice [Du] Wenliang Du, Computer Security: A Hands-on Approach [KPS] Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World
Week 2: Jan 22	Basic Cryptography 1: Symmetric-key cryptography [slides]	symmetric encryption, one-time pad, blockcipher, hash function, MAC, authenticated encryption.	[KL] Section 2-7 [Std] Chapter 3, 5, 6, 7, 11, 12 Goldreich, Foundation of Cryptography II, Section 5.3.1, 5.3.2, 5.3.3, 5.4.3.	Lecture 2 by Haiyang Xue Source code
Week 3: Jan 29	Basic Cryptography 2: Public-key cryptography [slides], [sage]	Diffie-Hellman, public key encryption, RSA, Digital signature	[KL] Section 8, 10,11, 12.1-12.5 A security website	Lecture 3
Week 4: Feb 5	Network Security Principles [slides]	authenticated key exchange, PKI, and certification authorities	[KL] Section 12.7 [BS], Section 22 [Du] Section 24	Lecture 4
Week 5: Feb 19	Network Security in Practice [slides]	secure sockets layer (SSL), transport layer security (TLS), HTTPS	[Sta] Section 16 [KPS] Section 13 RFC 2246, 5246, 8446	Lecture 5
Week 6: Feb 26	Authentication [slides]	access control, password authentication, biometric authentication, public key authentication	[BS], Section 18 Authentication Cheat Sheet An Administrator’s Guide to Internet Password Research Biometrics: A Tool for Information Security SSH.com RFC 4251, 4252 [KPS] Section 13.8	Lecture 6
Week 7: Mar 4	Privacy-Enhancing Technologies 1 [slides]	post-quantum cryptography and fully-homomorphic encryption	Post-quantum Cryptography by NIST Cryptographic Standards in the Post-Quantum Era Awesome Homomorphic Encryption in Github Homomorphic Encryption Standardization	Lecture 7
Week 8: Mar 11	Privacy-Enhancing Technologies 2 [slides]	zero-knowledge proofs	[BS], Section 19, 20 Berry Schoenmakers, Lecture Notes Cryptographic Protocols, Section 4, 5 awesome-zero-knowledge-proofs	Lecture 8
Week 9: Mar 18	Privacy-Enhancing Technologies 3 [slides]	secure multiparty computation	David Evans, Vladimir Kolesnikov and Mike Rosulek, A Pragmatic Introduction to Secure Multi-Party Computation, Section 1, 2, 3 [BS], Section 23 Lindell, Resources for Getting Started with MPC	Lecture 9
Week 10: Mar 25	Guest Lecture: Blockchain	security and privacy in Blockchain	Blockchain whitepaper blockchain.com
Week 11: Apr 1	Easter Holiday
Week 12: Apr 8	Final presentation 1	papers from S&P, CCS, USENIX, NDSS, CRYPTO, or EUROCRYPT
Week 13: Apr 15	Final presentation 2	papers from S&P, CCS, USENIX, NDSS, CRYPTO, or EUROCRYPT

Grading

It will be based on two assignments (20%), projects (45%), and a final exam (35%).
Assignments

Assignment 1, submit via Blackboard, Deadline: 10 Mar. 6:00 pm
Assignment 2, submit via Blackboard, Deadline: 10 Apr. 11:00 pm

Projects: final presentation and lecture notes. All submissions will be made public.

Choose any paper you are interested in from IEEE S&P 18-23, ACM CCS 18-23, USENIX 18-23, NDSS 18-23, CRYPTO 18-23, or EUROCRYPT 18-23, and give a 20-minute presentation.
- Send your choice to the TA\Instructor on or before Mar 27.
- I will post Presentation Schedule here on Mar 28. If necessary, you can discuss your presentation with the instructor in advance.
- Reference: How to Present a Paper, How to Give a Technical Presentation
Every 2~3 students, as a team, should choose one lecture from week 3 to week 9 and write lecture notes. All submissions will be made public.
- Guidelines for writing lecture notes can be found here.
- I will give an example for week 2. I will also provide readings as a reference.
- Lecture notes for week x should be submitted to TA and me on or before the end of week x+6, where x belongs to {3, 4, 5, 6, 7, 8, 9}.
- Comments will be given and revision may be required.

Final exam: I will give a Summary of what you should know about the final.

COMP6712 Advanced Security and Privacy 2023/24 Semester 2 Department of Computing, PolyU