Kontakt a konzultačné hodiny
adresa: Katedra informatiky, FMFI UK, Mlynská dolina, 842 48 Bratislava
miestnosť: M-214
e-mail: stanek@dcs.fmph.uniba.sk
telefón: (+421 2) 60295 101
Konzultačné hodiny: dohodou
Dokumenty
Dokumenty o kryptológii určené viac-menej laikom (vopred ďakujem za ľubovoľné pripomienky k obsahu
alebo forme):
Výuka ZS 2023/24
Diplomový seminár (3) (Str 11:30-13:00 M-IV)
Kryptológia 1 (Str 16:30-18:00 M-V, Štv 16:30-18:00 M-IV)
Slidy zo ZS 2022/23: archív
Lectures:
- Introduction - about, intro
- Cryptanalysis of simple ciphers - slides, examples: substitution cipher, Vigenere cipher
- Block ciphers: slides 1; modes: slides 2
- Stream ciphers - slides
- Public-key cryptograpfy - introduction - slides
- RSA scheme (correctness and implementation) - slides
- Security of the RSA - slides
- Discrete logarithm and related schemes - slides
- Exercise 1 - EN, SK
- Hash functions - slides
- Massage authentication codes - slides
- Passwords - slides
- HOTP and TOTP - slides
- Digital signature schemes - slides
- Hash-based signatures - slides
- Introduction to LWE - slides
- Code-based encryption schemes - slides
- Exercise 2 - EN, SK
- Cryptographic protocols - introduction - slides
- Noise protocol framework - slides
- Password authenticated key exchange - slides
- TLS - slides
- Weaknesses in real-world protocols - slides
- Secret sharing schemes - slides
- Exercise 3 - EN, SK
Homework assignments (students):
- Ciphertext ctXX.txt was obtained by encrypting an utf-8 encoded text file using AES-256 cipher in the ECB mode:
openssl enc -e -aes-256-ecb -K key -in ptXX.txt -out ctXX.txt
wherekeyis hexadecimal representation of a string, padded with zeroes if necessary, e.g. for string Cryptology (1) the value of the key is43727970746f6c6f677920283129000000000000000000000000000000000000. Luckily, we know that the key belongs to the set of frequently used passwords (see xato-net-10-million-passwords.txt file from SecLists). Send your solution by e-mail with subject "Cryptology (1) - HW 1" containing: (a) brief description of your solution, (b) source code, (c) password, (d) plaintext file. Data files are in this archive.
Deadline: 18.10.2023 (midnight), after the deadline: -2 points for each started day - RSA scheme. The messages m1 and m2 differ in the least significant bit (i.e. the 1st least significant bit), the 100th least significant bit and the 1000th least significant bit. Data files in the archive contain public key and corresponding ciphertexts c1 and c2. Compute m1. Send your solution by e-mail with subject "Cryptology (1) - HW 2" containing: (a) brief description of your solution, (b) source code, (c) m1.
Deadline: 2.11.2023 (midnight), after the deadline: -2 points for each started day - The hash functions f1, f2, f3, f4 for 2-block messages are based on these compression functions (E is AES-128, the initialization vector h_0 is your homework number, source code is available here):
- f1: h_i = E_{h_{i-1}}(m_i) xor h_{i-1}
- f2: h_i = E_{m_i}(h_{i-1}) xor m_i
- f3: h_i = E_{i}(h_{i-1}) xor m_i
- f4: h_i = E_{m_i}(h_{i-1}) xor h_{i-1}
Note: Use byteorder 'big' (default since Python 3.11)
Deadline: 25.11.2023 (midnight), after the deadline: -2 points for each started day - Find secret vector s in an LWE instance where matrix A has an additional internal structure. Every second row is computed from the previous row by multiplying scalars with c_mult constant and adding c_add constant. All computations are in GF(307). Error vector is selected uniformly from the set {-3,...,3}^m. File pkXX.txt contains A, c_mult, c_add, and vector b. The code that generates an instance of this problem is here, and the instances for you to solve are in this archive. Send your solution by e-mail with subject "Cryptology (1) - HW 4" containing: (a) brief description of your solution, (b) source code, (c) s.
Deadline: 13.12.2023 (midnight), after the deadline: -2 points for each started day
Veda
Témy: kryptológia, informačná bezpečnosť
Publikácie (UK):
Evipub
Iné zdroje:
DBLP