Certificate Transparency

End-to-end encryption

Man-in-the-middle attacks

Public key infrastructure (PKI)

Merkle trees

Anonymous messaging

Encrypted search

Bitcoin

Ethereum

Smart contracts

Algorand

Zero-knowledge proof

Rollups

Zero-knowledge smart contracts

Web3

Multi-Party Computation (MPC)

Cryptocurrency wallets

Backdoor-resilient authentication

Federated learning

CS 294-163: Secure Systems from Decentralized Trust UC Berkeley Fall 2022 This graduate seminar focuses on the development of secure systems built from decentralized trust, including end-to-end encryption systems and secure collaborative learning. It requires a solid introduction to cryptography and systems. Topics include blockchain, smart contracts, and zero-knowledge proofs, among others. This course is a graduate seminar on developing (secure) systems from decentralized trust.

In the past years, there has been much excitement in both academia and industry around the notion of decentralized security, which refers to, loosely speaking, security mechanisms that do not rely on the trustworthiness of any central entity. In only a few years, this area has generated many beautiful cryptographic constructs as well as a tremendous amount of real-world adoption, through blockchain, secure custody of secrets, secure collaborative learning – and now forming the technical backbone of the movement on “web3.0”.

The course will cover topics such as decentralized ledger systems, decentralized authentication and access control, end-to-end encryption systems, secure collaborative learning through secure multi-party computation, and others. For concrete learning, throughout the class we will develop a decentralized trust stack enabling common decentralized trust applications (3 units).  This is an advanced course, requiring a solid introduction to cryptography (CS161 or equivalent) and to systems (CS162 or equivalent). There is no required textbook for this class. You can refer to the [Berkeley CS161 textbook](https://textbook.cs161.org/) to refresh on security concepts and [A Graduate Course in Applied Cryptography](http://toc.cryptobook.us/) for cryptography.

CS 294-163: Secure Systems from Decentralized Trust

Blockchain

Computer Security and Cryptography

BGP and ASN refresher

Transit vs. Peering

Internet Topology Evolution

Netflix-Comcast dispute

Private Peerings

Blackholing

Mobile internet access

Internet access inequity

IP allocation patterns

DNS (Domain Name System)

DNS failure modes

Domain name security

IPv4 open market

QUIC

Third-party content

HTTP/2

ACME Protocol

Middleboxes

HTTPS

TLS 1.0-1.2

HSTS

Multicast

CDN protocols

Ubiquitous encryption

Tier 1

Peering policies

Submarine links

BGP and ASNs

RPKI

BGP communities

Satellite internet access

MAC rotation

DNSSEC

EDNS

Domain name attacks

IPv4 pricing and sales

GDPR regulation

WebPKI

Let's Encrypt

Internet security problems

Carrier Grade NAT

TLS 1.3

Content delivery strategies

Anycast

Online censorship

Signal messaging protocol

iMessage attacks

Internet Exchange Points (IXPs)

Transit costs

Content centralization

MPLS

BGP hijacking

Last-mile Internet access

Residential internet access technology

IPv4 vs. IPv6

L3-L4 privacy

Load balancing

Domain name ecosystem players

IANA, RIRs, ICANN

.org dispute

HTTP/3

HTTP/1.x

Certificates

Attack origins

HTTPS interception

HPKP

CDN mechanics

Points of presence (POPs)

SMTP and SMS security

CS 249i The Modern Internet Stanford University Winter 2022–2023 Stanford University's CS 249i is an advanced networking course focusing on modern Internet topology, routing practices, and recent network protocols. The course covers pressing privacy, security, and abuse challenges, with a mix of lectures, guest talks, and practical projects. CS249i is an advanced networking course that covers how the Internet has evolved and operates today. Topics include modern Internet topology and routing practices, recently introduced network protocols, popular content delivery strategies, and pressing privacy, security, and abuse challenges. The course consists of a mixture of lectures, guest talks, and investigative projects where students analyze how the Internet operates in practice.  This course assumes a basic understanding of networking, including protocols like Ethernet, IP, and TCP, as well as routing concepts and socket programming. This is not an introductory networking course and students should first take Stanford [CS 144](https://cs144.stanford.edu), EE 284, or equivalent. For a refresher, consider "Computer Networking: A Top-Down Approach" by J. Kurose and K. Ross or "Computer Networks: A Systems Approach" by L. Peterson and B. Davie. Projects will be implemented in [Go](https://golang.org/). 

CS 249i The Modern Internet

Computer Networks

Stream ciphers

Advanced Encryption Standard (AES)

Cipher Block Chaining (CBC)

Merkle-Damgard construction

Active attacks

Discrete logarithm assumption

Identification protocols

SecurID

Digital signature

Post-quantum digital signatures

Symmetric-key encryption

Block cipher

Chosen Plaintext Attacks (CPA)

PMAC

Hash-based Message Authentication Code (HMAC)

Trapdoor function

One-time passwords

Secure Socket Layer (SSL)

Shor's algorithm

Diffie-Hellman key exchange

Semantic security

Pseudo Random Functions (PRF)

CBC-MAC

Secure Hash Algorithm (SHA)

Finite cyclic groups

Chosen Ciphertext Attacks (CCA) security

Salts

Authenticated key exchange

Grover's algorithm

Cipher

One time pad

Iterated Even-Mansour ciphers

Counter mode

Collision-resistant hashing

Authenticated encryption

Computational Diffie-Hellman (CDH) assumption

RSA trapdoor permutation

Certificate revocation

S/Key

Transport Layer Security (TLS)

Post-quantum cryptography

Perfect secrecy

Pseudo Random Permutations (PRP)

Message integrity

Davies-Meyer construction

Arithmetic modulo primes

ElGamal public key encryption

Hash-based signatures

Password protocols

Challenge-response authentication

Post-quantum key exchange

CS 255: Introduction to Cryptography Stanford University Winter 2023 This course offers an introduction to cryptographic techniques used in computer security, covering encryption, message integrity, digital signatures, key management, and more. It is suitable for advanced undergraduates and masters students with some proof techniques and programming experience. Cryptography is an indispensable tool for protecting information in computer systems. This course explains the inner workings of cryptographic primitives and how to use them correctly.

This course is an introduction to the basic theory and practice of cryptographic techniques used in computer security. We will cover topics such as encryption (secret-key and public-key), message integrity, digital signatures, user authentication, key management, cryptographic hashing, Network security protocols (SSL, IPsec), public-key infrastructure, digital rights management, and a bit of zero-knowledge protocols.

Optional readings can be found in the textbooks denoted by KL and AC in the syllabus below. The optional AC book, by Boneh and Shoup, is more advanced (and free) and is intended for students wishing to go deeper. The [online version of the course](https://crypto.stanford.edu/~dabo/courses/OnlineCrypto/) is another resource for the material covered in class.

- **Boneh-Shoup (AC):** (free) *[A Graduate Course in Applied Cryptography](https://cryptobook.us) (V 0.5)* by D. Boneh and V. Shoup
- **KL:** *[Introduction to Modern Cryptography](http://www.cs.umd.edu/~jkatz/imc.html)* (2nd edition) by J. Katz and Y. Lindell.  The course is self contained, however a basic understanding of probability theory and modular arithmetic will be helpful. The course is intended for advanced undergraduates and masters students. Students are expected to have experience with basic proof techniques and some programming experience. Students can supplement the lectures with an [online version of the course](https://www.coursera.org/learn/crypto) (MOOC) that covers some of the material.

The following books can be used to supplement the lectures:

- Optional: *[A Graduate Course in Applied Cryptography](https://cryptobook.us)* by D. Boneh and V. Shoup. (free)
- Optional: *[Introduction to Modern Cryptography](http://www.cs.umd.edu/~jkatz/imc.html)* by J. Katz and Y. Lindell.

Note that the textbooks do not cover all the material discussed in class.

CS 255: Introduction to Cryptography

Certificate Transparency

3 courses cover this concept

CS 294-163: Secure Systems from Decentralized Trust

CS 249i The Modern Internet

CS 255: Introduction to Cryptography