Kontakt

Dokumenty

Výuka

Veda

Kontakt a konzultačné hodiny

adresa: Katedra informatiky, FMFI UK, Mlynská dolina, 842 48 Bratislava
miestnosť: M-214
e-mail: stanek@dcs.fmph.uniba.sk
telefón: (+421 2) 60295 101

Konzultačné hodiny: dohodou

Dokumenty

Dokumenty o kryptológii určené viac-menej laikom (vopred ďakujem za ľubovoľné pripomienky k obsahu alebo forme):

  1. Kryptológia (23 strán): pdf, verzia 2b, 2020
  2. Kryptológia II (30 strán): pdf, verzia 2b, 2020

Výuka ZS 2021/22

Diplomový seminár (3) (Str 11:30-13:00 M-217 - zatiaľ)

Kryptológia 1 (Str 09:50-11:20 F1-109, Štv 17:20-18:50 F1-109)

Slidy zo ZS 2021/22: archív

Lectures:

  1. Introduction - about, intro
  2. Cryptanalysis of simple ciphers - slides, examples: substitution cipher, Vigenere cipher
  3. Block ciphers: slides 1; modes: slides 2
  4. Stream ciphers - slides
  5. Public-key cryptograpfy - introduction - slides
  6. RSA scheme (correctness and implementation) - slides
  7. Security of the RSA - slides
  8. Discrete logarithm and related schemes - slides
  9. Exercise 1 - EN, SK
  10. Hash functions - slides
  11. Massage authentication codes - slides
  12. Passwords - slides
  13. HOTP and TOTP - slides
  14. Digital signature schemes - slides
  15. Hash-based signatures (SK) - slides
  16. Introduction to LWE - slides
  17. Code-based encryption schemes - slides
  18. Exercise 2 - EN, SK
  19. Cryptographic protocols - introduction - slides
  20. Password authenticated key exchange - slides

Homework assignments (students):

  1. Known plaintext attack on a block cipher. The block cipher is described here and demo source code is here. Your instance is defined with two permutations perm1 and perm2. The file datXX.txt contains two plaintext blocks and corresponding ciphertext block. Find the key. Send your solution by e-mail with subject "Cryptology (1) - HW 1" containing: (a) brief description of your solution, (b) the source code you used, (c) the key (hexadecimal or binary string). Data files are in this archive.
    Hint: The cipher is linear - it can be written as a system of linear equations.
    Deadline: 19.10.2022 (midnight), extended to 25.10.2022 (midnight)
  2. Find the plaintext encrypted in cipher-XX.bin file using RSA with PKCS#1 v1.5 padding (echo "Some plaintext" | openssl pkeyutl -encrypt -pubin -inkey pk-XX.key -out cipher-XX.bin). The public key file is pk-XX.key. Send your solution by e-mail with subject "Cryptology (1) - HW 2" containing: (a) brief description of your solution, (b) the source code if used, (c) private exponent in hexadecimal, (d) plaintext as an ASCII string. Data files are in this archive.
    Hint: Short public modulus.
    Deadline: 3.11.2022 (midnight)
  3. Forge a signature for a message "Cryptology 2022" in a variant of ElGamal signature scheme. The scheme is defined by domain parameters p, q, g (generated as for DSA, i.e. q | (p-1) and g is a generator of order q subgroup), private key x and public key y=g^x mod p. The verification function for a signature (r,s) of message m tests: 0 < r < p & 0 < s < q & g^s = (y^r)(r^SHA256(m)) (mod p). Python source code for verification: py. As an attacker you have access to public parameters, and you have obtained two messages with signatures. Luckily, r1 and r2 are related (hint: square). Send your solution by e-mail with subject "Cryptology (1) - HW 3" containing: (a) brief description of your solution, (b) the source code you used, (c) the signature in the form r, s = (...,...). Data files (parameters and two signatures) are in this archive.
    Deadline: 1.12.2022 (midnight)
  4. Find passwords of length 10 corresponding to given hash values in a rainbow table (file RT.dat), or identify a situation when password is not in the table. The rainbow table covers approx. 2^{26} passwords. Your solution must not search through all chains from their starting point. The 'hash' of a password pw is computed as follows: AES(pw, 'Homework 4 - RT!'). Construction of the rainbow table and its parameters should be obvious from the source code: hw4-gen.py. Send your solution by e-mail with subject "Cryptology (1) - HW 4" containing: (a) passwords for given hashes, together with number of AES calls used for finding each password, (b) brief description of your solution, (c) the source code you used.
    Hashes and the rainbow table: zip
    Deadline: polnoc 14.12.2022

Veda

Témy: kryptológia, informačná bezpečnosť
Publikácie (UK): Evipub
Iné zdroje: DBLP