Foundations of Computer Security
CSC364 - Fall 2025
Overview
This course is an introduction to computer security. It covers the principles and practice of designing secure systems, with topics including cryptography, operating system security, network security, and software security. Students will learn to build, reason about, and analyze secure systems, while also examining how real-world systems break in practice through vulnerabilities, exploits, and attacks. The course serves as an entry point for undergraduates and provides the foundation for advanced courses in applied cryptography, systems and network security, and machine learning security.
Course Information
- Instructor: Prof. Anwar Hithnawi
- TAs: Ashwin Karthikeyan, Nikolay Avramov, Ziyang Jin, Sajad Maghrebi
- E-mail: csc364-2025-09@cs.toronto.edu
- Lectures: Mondays, 9:00–11:00 AM · BA 1180
- Discussions & Tutorials: Wednesdays, 10:00–11:00 AM · BA 1130
- TA Office Hours: Wednesdays, 11:00 AM–12:00 PM · BA 5287
Important Links
- Course Website: Schedule, syllabus, readings, and general course information
- Quercus: Official announcements, lecture slides, and course communication
- Piazza: Public discussion, Q&A, team formation, and peer support
- MarkUs: Submission platform for projects and homework
- Anonymous Feedback: Submit here
Course Evaluation
- Homeworks (10%)
- Projects (20%)
- Midterm Exam (30%) - (October 22, at 10:00)
- Final Exam (40%) - (Please see the Faulty of Arts and Science announcement)
Textbooks
There is no single required textbook for this course. We will rely heavily on the Berkeley Introduction to Security Textbook.
For the cryptography portion of the course, we will use A Graduate Course in Applied Cryptography. Exact sections and reading materials will be specified in the course schedule. Optional readings are recommended for deeper understanding but will not be part of the exam.
Assignments
There will be four written homework assignments and two programming projects. Homework needs to be done individually. Both programming projects may be completed in pairs. Late submissions are subject to the following policy: students may request up to three days of extension without penalty; beyond this, a deduction of 20% will be applied for each additional day late.
| Assignments | Announced | Due |
|---|---|---|
| Homework 1 | Sep 15 | Sep 29 |
| Project 1: Secure Messaging System | Sep 22 | Oct 13 |
| Homework 2 | Sep 29 | Oct 13 |
| Homework 3 | Oct 27 | Nov 10 |
| Project 2: Vulnerability Detection Tool | Nov 3 | Nov 24 |
| Homework 4 | Nov 10 | Nov 24 |
Schedule and Readings
This schedule is tentative and subject to updates throughout the semester.
| # | Week | Lecture (Mon) | Discussion (Wed) | Readings |
|---|---|---|---|---|
| 1 | Sep 8 | Introduction & Security Principles | Tutorial: Math foundations for cryptography I | Required Reading:Optional Reading: |
| 2 | Sep 15 | Introduction to Cryptography & Symmetric Crypto Foundations | Tutorial: Math foundations for cryptography II | Required Reading: |
| 3 | Sep 22 | Message Integrity & Authenticated Encryption | Project 1 design check and help session | |
| 4 | Sep 29 | Key Exchange & Public Key Encryption | Tutorial: Operating System | |
| 5 | Oct 6 | Digital Signature, Certificates, Password Hashing | Tutorial: Computer Networks I | |
| 6 | Oct 13 | Thanksgiving – no lecture | Tutorial: Computer Networks II | |
| 7 | Oct 20 | Operating System Security I | Midterm | |
| 8 | Oct 27 | Reading Week – no lecture | Reading Week – no discussion | |
| 9 | Nov 3 | Operating System Security II | Project 2 design check and help session | |
| 10 | Nov 10 | Network Security I | Ethics Module | |
| 11 | Nov 17 | Network Security II | Lec: Web Security I | |
| 12 | Nov 24 | Web Security II | Final Exam Review | |
| 13 | Dec 1 | Application Security, Special Topics, Wrap-Up | - |