The assignments will give you hands-on experience in implementing the concepts we learn in the class. Have fun!

Assignment 1

2/11–2/26

Checkpoint due: 2/19

This homework will cover the software security section. You will create actual working exploits (e.g., buffer overflows, breaking things even with ASLR enabled, non-exec stacks, format string vulnerabilities etc).

Lead TA: Isabel
Helper TA: Will

Assignment 2

3/16–4/1

Checkpoint due: none

This homework will cover the cryptography section. You will have a mix of theoretical questions to reason about the security of cryptographic constructions as well as construct working attacks that could arise with improper use of primitives (e.g., combining with compression, message padding, poor key generation).

Lead TA: Arushi and Sophia

Assignment 3

4/12–4/29

Checkpoint due: 4/20

This homework will focus mostly on the web-based attacks that we learn in class. We have a dummy e-commerce application that you will try and break using a combination of web exploits (e.g., XSS, playing with cookies).

Lead TA: Amy and Hannah