CMU 15-793
Date Theme Lecture topic Readings Slides Work out Work due
01/13/25 Background Course introduction Slides
01/15/25 Background: security principles, threat model Slides
01/17/25 Background: crypto basics, how to read a paper Required: How to Read a Paper Slides
01/20/25 No class
01/22/25 Isolation OS and VM isolation

Required: Firecracker: Lightweight Virtualization for Serverless Applications

Optional: Blending Containers and Virtual Machines: A Study of Firecracker and gVisor

Slides
01/24/25 Software Fault Isolation

Required: Provably-Safe Multilingual Software Sandboxing using WebAssembly

Optional: Bringing the Web up to Speed with WebAssembly

Slides
01/27/25 Trusted execution environments (TEEs)

Required: VC3: Trustworthy Data Analytics in the Cloud using SGX

Optional: Using innovative instructions to create trustworthy software solutions, Intel SGX Explained

Slides
01/29/25 Side-channel attacks and defenses Overview of side-channel attacks

Optional: Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Last-Level Cache Side-Channel Attacks are Practical

Slides Lab 1
01/31/25 Speculative execution

Required: A Systematic Evaluation of Transient Execution Attacks and Defenses

Slides
02/03/25 Oblivious RAM and applications

Required: GhostRider: A Hardware-Software System for Memory Trace Oblivious Computation

Optional: Path ORAM: An Extremely Smiple Oblivious RAM Protocol

Slides Project pre-proposal meeting
02/05/25 Network security Transport Layer Security (TLS)

Optional: TLS 1.3 blogpost

Slides Project pre-proposal meeting
02/07/25 Certificate Transparency

Required: CONIKS: Bringing Key Transparency to End Users

Slides Project pre-proposal meeting
02/10/25 Anonymous communication: The onion router (Tor)

Required: Tor: The Second-Generation Onion Router

Slides
02/12/25 Anonymous communication: Vuvuzela

Required: Vuvuzela: Scalable Private Messaging Resistant to Traffic Analysis

Optional: Riposte: An Anonymous Messaging System Handling Millions of Users

Slides
02/14/25 No class -- self review for exam
02/17/25 Exam 1
02/19/25 Secure computation systems Introduction to secure computation Slides Lab 2
02/21/25 Secure aggregation

Required: Practical Secure Aggregation for Privacy-Preserving Machine Learning

Slides
02/24/25 ML system security Privacy-preserving inference

Required: GAZELLE: A Low Latency Framework for Secure Neural Network Inference

Optional: A Gentle Introduction to Yao's Garbled Circuits

Slides Lab 1
02/26/25 Secure computation systems Systems for secure computation

Required: MAGE: Nearly Zero-Cost Virtual Memory for Secure Computation

Slides
02/28/25 ML system security Guest lecture: Watermarking large language models (Qi Pang)

Optional: A Watermark for Large Language Models

Slides Final project literature review
03/03/25 Spring break!
03/05/25 Spring break!
03/07/25 Spring break!
03/10/25 Software security Buffer overflow

Required: Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense against Out-of-Bounds Errors

Slides Project proposal
03/12/25 Symbolic execution

Required: Symbolic execution with SymCC: Don't interpret, compile!

Slides
03/14/25 Guest lecture: Software Verification (Pratap Singh) Slides
03/17/25 Blockchain Byzantine consensus: classic BFT & longest-chain consensus Optional: The Saddest Moment Slides
03/19/25 ZK proofs + blockchain

Required: Zerocash: Decentralized Anonymous Payments from Bitcoin

Slides Lab 2
03/21/25 No class -- self review for exam
03/24/25 Exam 2
03/26/25 No class - work on project!
03/28/25 No class - work on project!
03/31/25 No class - work on project!
04/02/25 No class - work on project!
04/04/25 No class - work on project!
04/07/25 Project check-in
04/09/25 Project check-in
04/11/25 Project check-in
04/14/25 No class - work on project!
04/16/25 No class - work on project!
04/18/25 No class - work on project!
04/21/25 No class - work on project!
04/23/25 Poster session
04/30/25 Last day of class Final project report