CS 360 · UMass

Introduction to Security

Interactive demos for CS 360 at UMass Amherst. Pick a topic to explore.

Taught by Eugene Bagdasarian

Asymmetric Encryption

🔐
Asymmetric

RSA Encryption

Key generation, modular exponentiation, and the math behind public-key encryption. Encrypt and decrypt messages live in the browser.

Explore RSA →
🤝
Key Exchange

Diffie-Hellman

See how two parties establish a shared secret over a public channel without ever transmitting the secret itself.

Explore DH →
📨
End-to-End

E2E with RSA

Alice sends a message to Bob — a full walkthrough of end-to-end RSA encryption showing each step of the real protocol.

See Alice → Bob →

Authentication

🔒
Flask · Cookies · CORS

Auth & Web Security

Password hashing (MD5 vs SHA-256+salt), rainbow table attacks, session cookies, cookie attributes (HttpOnly, SameSite), third-party tracking cookies, Same-Origin Policy & CORS.

Open Auth Demo →

Hash Functions

🔒
Secure · SHA-2

SHA-256

The Merkle-Damgård construction, message schedule, and compression function — with a live demo verified against the browser's native crypto API.

Explore SHA-256 →
⚠️
Deprecated · MD5

MD5

Four rounds, 64 operations, and a full step-by-step implementation walkthrough — plus a clear explanation of why MD5 is no longer safe to use.

Explore MD5 →

Networking & Security

🌐
TCP/IP · OSI

Network Communication

The OSI model, encapsulation, TCP three-way handshake, IP/MAC addressing — plus an interactive SYN flood attack simulation.

Explore Networking →
💔
TLS · CVE-2014-0160

TLS & Heartbleed

How TLS encrypts traffic, the TLS handshake step-by-step, HTTP vs HTTPS — then exploit the Heartbleed bug to leak server memory live.

Explore Heartbleed →
📜
X.509 · PKI

Certificate Authority

Build your own CA, sign a server certificate, and install it in Chrome. See the chain of trust in action and simulate the ACME protocol.

Open CA Demo →