Crypto pages

• CSI:Dublin
• Magma Tutorials
• Talks
• Criptografas Latinoamericanas

Personal links

• My Flickr
• My twitter
• My tumblr

Third-party links

• Laboratory of Cybersecurity CIC-IPN
• SHA-3 Hardware
• MIRACL
• RELIC
• Breaking ECC2K-130
• ECC news by Galbraith et al.
• Mike's blog
• The Pairing-Based Crypto Lounge
• The Cryptology Pointers
• Matthew Green's blog
• IACR's eprint archive (curr)

My sponsors & affiliations

My previous sponsors & affiliations

π

edit SideBar

• View
• Edit
• History
• Print

16PSE01 - Secure Programming

• This is an "optional" course in the Master of Software Engineering in the Security line of research at CIMAT.

Description

• This is an introduction course to the defying world of secure programming. The main contemporary security problems are mainly due to problems in the implementation. It is a common say that a design free of errors will not have (errors) in the practice; however, an implementation that securely manages the information is a task that requires certain knowledge in information security.

Objective

• Review the typical problems in computer programming that affect the security of the applications that can be translated in weakness and vulnerabilities in the information systems.

Specific objectives

• Learn the adequate programming techniques that reduce the appearance of errors and vulnerabilities in software
• Learn programming techniques of secure programming to prevent the unauthorized use of the computer memory, and information missuse.
• Practice several aspects of secure programming in high-level languages such as C/C++.
• Use the programming languages for implementing cryptographi protocols
• It is also a goal of this module that the assistants seek deeper detail about the topic

Organization

• This course is offered yearly
• Videoconference support is available on request
• There will be a practice test, a student talk, and a written exam
• Some years this module is jointly offered with other professors which may include additional topics, grades are divided by the time used by each lecturer.

Topics

1. Introducción
   1. General concepts on information security
   2. Software vulnerabilities
2. Safe C/C++
   1. Strings
   2. Pointers
   3. Memory management
   4. Input/Output
   5. Concurrency
3. Safe C#
   1. Objects
   2. Assemblies
   3. Excemptions
   4. Files and streams
   5. Multithread
   6. Interoperability
4. Applied Cryptography to C/C++/Java
   1. Inttroduction to security protocols
   2. Generation of Cryptographically secure pseudo-random numbers
   3. User authentication
   4. Information Encryption
   5. Cryptographic protocols implementation

Grades

Rules

• Email delivery to luis.dominguez
• Pack your homework and name the file appropriately: t1_lastname.zip
• Use PGP to encrypt your file. Public Key
• Time delivery is at mid-night of the day, 10% penalty per delayed day
• No plagiarism
• Include bibliography
• Add documentation in LNCS format to your homework:
  • For programs, the report must be 4-6 pages + bib
  • For essay, 5-10 pages + bib

Sections available

| Back to other courses