Skip to main content
Fennie
HomeGet Started
Berkeley
Electrical Engineering and Computer Sciences
4 credits

Berkeley CS 161: Computer Security

CS 161 is Berkeley's upper-division security course, covering memory-safety attacks and defenses, cryptography, web security, and network security. Its centerpiece is a substantial project sequence, including a famous secure file-sharing system built in Go that students design and defend themselves.

Fennie is independent and not affiliated with UC Berkeley. This is an unofficial study guide.

Build my CS 161 study plan

What makes it hard

The course demands an attacker's mindset — exam questions hand you a system and ask how it breaks, which is a different skill from building things that work. The design project punishes hand-wavy security reasoning: your scheme has to survive adversarial grading, and patching a broken design late is expensive.

What you'll cover

  • Memory safety and exploitation
  • Symmetric and public-key cryptography
  • Web security: XSS, CSRF, SQL injection
  • Network protocols and attacks
  • Secure system design

The CS 161 study guide

How to study for Berkeley CS 161, step by step.

  1. 1

    Rebuild your C-and-memory mental model first

    The memory-safety unit assumes you can picture the stack precisely — saved registers, return addresses, calling conventions. Review 61C-level material in week one so the exploitation walkthroughs land.

  2. 2

    Practice thinking as the attacker

    For every mechanism the course presents, ask how you'd break it before learning the defense. Exams hand you systems and ask what goes wrong — that adversarial habit is the actual graded skill.

  3. 3

    Design the crypto project before writing any code

    The secure file-sharing project rewards upfront design: write out your scheme, the threat model, and why each attack fails against it. Teams that code first and patch later lose the most time.

  4. 4

    Learn the crypto primitives by their guarantees

    For each primitive — MACs, signatures, symmetric encryption — know exactly what it does and does not guarantee. Most project vulnerabilities and exam traps come from using a primitive outside its guarantee.

  5. 5

    Run past exams as breaking practice

    Past 161 exams are scenario-heavy and the question style is stable across semesters. Work them timed, and review the official solutions for the attack angles you missed.

  6. 6

    Put the threat-model thinking on a Daily Plan with Fennie

    Upload the CS 161 schedule and Fennie's Daily Plans pace project design time and exam prep together, generating how-does-this-break scenario quizzes and crypto-guarantee flashcards from your actual course materials. Free to start.

    Start my CS 161 plan free

How Fennie helps with CS 161

Fennie's Daily Plans pace CS 161 so the design-heavy project gets real upfront thinking time instead of a last-week scramble. Use chat to stress-test your understanding of each primitive's guarantees and walk through how attacks actually work, and quiz on scenario-style questions that mirror the exams' break-this-system format.

FAQ

Is CS 161 hard?

It's moderate by Berkeley upper-division standards — the workload is lighter than CS 162, but the exams demand adversarial reasoning that takes practice to develop. The project is the main time sink and rewards careful design over raw coding hours.

What should I know before taking CS 161?

CS 61C-level comfort with C, memory layout, and assembly is the working prerequisite for the memory-safety unit, plus general programming maturity for the Go project. The cryptography is taught from scratch but moves quickly.

How long does the CS 161 project take?

The secure file-sharing project is the big one — expect tens of hours across design, implementation, and testing. The design phase is the highest-leverage part: schemes that are thought through before coding survive adversarial test suites far better.

Pass CS 161 with a plan, not a cram

Upload your CS 161 materials and Fennie generates a Daily Plan paced to your deadline — plus chat, flashcards, and quizzes built from the actual course content.

Get started free

More Berkeley courses

CS 61AThe Structure and Interpretation of Computer Programs

CS 61A is Berkeley's legendary intro CS course, taught primarily in Python with excursions into Scheme and SQL. It emphasizes abstraction — higher-order functions, recursion, object-oriented programming, and interpreters — and it's the first course in the CS 61 series that every CS and Data Science student takes.

CS 61BData Structures

CS 61B is Berkeley's data structures course, taught in Java, covering lists, trees, hashing, graphs, sorting, and asymptotic analysis. It's the second course in the 61 series and the one most cited in industry-interview prep — its projects, including the famous build-your-own-world and Gitlet (build a mini Git), are substantial software engineering exercises.

CS 70Discrete Mathematics and Probability Theory

CS 70 is Berkeley's discrete math and probability course, required for the CS major, covering proofs, graph theory, modular arithmetic, RSA, polynomials, counting, and a substantial probability unit. It's the theory gateway — and by reputation, the hardest lower-division course in the major.

CS 61CGreat Ideas of Computer Architecture (Machine Structures)

CS 61C completes Berkeley's 61 series, going below the abstraction line: C programming, RISC-V assembly, CPU datapaths and pipelining, caches, virtual memory, and parallelism. It's required for the CS and EECS majors and is the course where software students finally see what the hardware is doing.