Cryptographic primitives are effective tools that can help achieve various security goals. However, programs that use cryptography can often be fragile, and simple programming errors can result in large security “holes.” Even worse, a company can come away with a false sense of security if their applications use cryptography—due to simple programming errors in how the cryptography is used, their applications could be just as or more vulnerable to attack, but the company may think that it is secure due to the use of cryptography. This course covers how to use cryptography correctly, and teaches programmers how to avoid many common mistakes that result in gaping security holes.
Lab – 15 minutes discussion followed by 1 hour of computer work
2L-1: Setting up secure sessions and using them properly.
Secure random bit generation.
2L-2: Authenticating users and objects
Topics covered: password management, and authenticating objects such as software updates.