
Update on the textbook (May 10, 2022): I have already published the 3rd edition of my book. There are three volumes. The "Internet Security" volume contains all the contents covered in this course, so you should get this volume if you plan to buy one.
Explore classic cipher systems, including substitution and transposition ciphers, and examine how frequency analysis reveals letters and common sequences, forming the building blocks of modern ciphers.
Explore polyalphabetic ciphers and the Enigma machine, showing how rotors, wiring, and a plugboard create shifting mappings, guarded by initial rotor positions and a secret codebook.
Explore how encryption modes—CBC, CFB, OFB, and CTR—use IV and feedback to prevent identical ciphertext for identical plaintext in block ciphers.
Demonstrates a padding oracle attack, where an oracle’s padding validity feedback allows attackers to progressively reveal plaintext from ciphertext, with practical lab demonstrations.
Examine classic and modern crypto systems, from the Enigma to DES and AES, and learn about block modes, initialization vectors, padding, padding oracle attacks, and authenticated encryption with GCM.
Discover how digital signatures prove message origin and integrity by signing hashes with a private key and verifying with a public key using RSA.
Examine how a man-in-the-middle intercepts and alters public key exchanges, differentiating eavesdropping from interception, and explore how PKI helps thwart these attacks.
Explore how public key infrastructure defeats man in the middle attacks by validating certificates, proving private key ownership, and protecting identity and public keys amid domain name system cache poisoning.
Analyze PKI attack surfaces across verification, approval, and user confirmation, including certificate authority breaches and private key exposure, and how hash weaknesses enable forged certificates and domains that resemble sites.
Learn how TLS encrypts data, negotiates a key via the handshake, and manages records between the application and transport layers, comparing TLS 1.3 and 1.2 and the evolution from SSL.
Explain the tls handshake protocol, detailing key exchange and authentication, compare rsa-based and diffie-hellman methods, and describe ephemeral keys and forward secrecy in tls 1.3.
After a handshake, the SSL layer splits data into records, encrypts with a MAC, and transmits over TCP; boundaries may not align with TCP segments, so a buffer holds leftovers.
Build a tls client that performs a tcp handshake to establish a tls session, verifies the server certificate with trusted roots, and prints handshake details like the cipher.
Explore how a tls mitm proxy intercepts and inspects client-server traffic by installing a root certificate, generating on-demand certificates, routing via dns, and optionally modifying responses.
Explore how blockchain and Bitcoin underpin cryptocurrency and their applications. Build a blockchain emulator on your computer using container technology, with labs to come.
Explain how double spending occurs in Bitcoin, how confirmations and hash power influence security, and why waiting for several blocks reduces double spending risk.
Cryptography is a foundation in cybersecurity. It is the underlying building block of many defense mechanisms, systems, and protocols. Without crypto, we will not be able to safely conduct many things on the Internet, such as web browsing, online banking, working remotely, etc. Without crypto, blockchain and cryptocurrency will not exist.
In this course, we systematically study the basic principles of cryptography. In particular, we focus on the three essential pillars of cryptography, including secret-key encryption, one-way hash function, and public-key cryptography. We study how they work and how they are used in the real-world applications. We also look at the risks they face, and how these risks are mitigated in the real world. Furthermore, we study the common mistakes people make when using crypto algorithms and protocols. We show how these mistakes can be exploited in attacks.
The course emphasizes hands-on learning. For each topic covered, students not only learn the theory, they also get to work on the hands-on exercises developed by the instructor. These exercises are called SEED labs, and they are being used by over 1000 institutes worldwide. The course is based on the widely-adopted textbook written by the instructor. The title of the book is "Computer & Internet Security: A Hands-on Approach".