Kontakt a konzultačné hodiny
adresa: Katedra informatiky, FMFI UK, Mlynská dolina, 842 48 Bratislava
miestnosť: M-214
e-mail: stanek@dcs.fmph.uniba.sk
telefón: (+421 2) 60295 101
Konzultačné hodiny: dohodou
Dokumenty
Dokumenty o kryptológii určené viac-menej laikom (vopred ďakujem za ľubovoľné pripomienky k obsahu
alebo forme):
Výuka ZS 2023/24
Diplomový seminár (3) (Str 11:30-13:00 M-V)
Kryptológia 1 (Str 16:30-18:00 M-II, Štv 16:30-18:00 M-II)
Slidy zo ZS 2023/24: archív
Lectures:
- Introduction - about, intro
- Cryptanalysis of simple ciphers - slides, examples: substitution cipher, Vigenere cipher
- Block ciphers: slides 1; slides 2
- Stream ciphers - slides
- Public-key cryptography - introduction - slides
- RSA scheme (correctness and implementation) - slides
- Security of the RSA - slides
- Discrete logarithm and related schemes - slides
- Exercise 1 - EN, SK
- Hash functions - slides
- Massage authentication codes - slides
- Passwords - slides
- HOTP and TOTP - slides
- Digital signature schemes - slides
- Hash-based signatures - slides
- Introduction to LWE - slides
- Code-based encryption schemes - slides
- Exercise 2 - EN, SK
- Cryptographic protocols - introduction - slides
- Noise protocol framework - slides
- Password authenticated key exchange - slides
- TLS - slides
- Weaknesses in real-world protocols - slides
- Exercise 3 - EN, SK
- Secret sharing schemes - slides
Homework assignments (students):
- Find the plaintext for given ciphertexts. The ciphertexts were produced by the following Python script, using
a variant of one-time pad cipher: hw1.py. The plaintexts are quotes in English language.
Each plaintext was encrypted three times, producing three ciphertexts cipherA, cipherB, and cipherC
(each time an independent key was used).
Please, send your solution by e-mail with subject "Cryptology (1) - homework 1" containing: (1) plaintext that
makes sense, (2) short description of your solution, and (3) the source code used for analysis.
Ciphertexts: zip
Deadline: 23/10/2024 at midnight - Find the plaintext m given ElGamal public parameters (p, g, y), and 16 independent encryptions of texts m, m+1, m+2, ...,
m+15. The ciphertexts have form (r,s), see the lecture for details. You have an additional information that m is from the set {2^{987}, 2^{987}+1, ..., 2^{987}+4000}.
Please, send your solution by e-mail with subject "Cryptology (1) - homework 2" containing: (1) m value, (2) short description of your solution, and (3) the source code used for analysis.
Input data: zip
Deadline: 8/11/2024 at midnight - Schnorr signature scheme was modified to use a shady signature computation, see the source code schnorr.py. Knowing a public key and signatures for messages "0", "1", ..., "1023", calculate the corresponding private key x.
Please, send your solution by e-mail with subject "Cryptology (1) - homework 3" containing: (1) value of x, (2) short description of your solution, and (3) the source code.
Input data: zip
Deadline: 27/11/2024 at midnight - You have eavesdropped messages in the first two steps of ElGamal-EKE protocol. A user's password
is in the set of 2 million passwords 'p000000000' - 'p001999999'. Messages are available in the
corresponding data file (hw4-data.zip). The source code for generating these messages:
genHW4.py (remark: use pycryptodome).
Please, send your solution by e-mail with subject "Cryptology (1) - homework 4" containing:
(1) the smallest set of possible passwords, (2) source code, (3) brief description of your solution.
Deadline: 19/12/2024 at midnight