Курс "Защита информации", кафедра радиотехники, Московский физикотехнический институт (МФТИ)
2010:
Главная
Экзамен
Лекции
Семинары
Проекты
Эссе

Преподаватели
Литература
 Архив:
2009
2008fall
2008
2007
2006
2005
2004
2003

English
Classes, Spring 2007
Introduction. Monoalphabetic ciphers. Polyalphabetic ciphers.
Block ciphers. GOST.
Block ciphers. AES. Operation modes.
Number theory.
Publickey cryptosystems (RSA, ElGamal). Signatures. Hashs. MACs.
Elliptic Curves.
User authentication. Key management on symmetric schemes. Kerberos.
User authentication. Key management on asymmetric schemes. Certificates. PKI. X509.3. PGP.
Encrypted channels. SSL/TLS. SSH.
Encrypted channels. IPSec.
Software vulnerabilities. Buffer overflow. Viruses.
Mobile networks (GSM, CDMA). Wireless networks.
Group projects.
Group projects.
Introduction. Monoalphabetic ciphers. Polyalphabetic ciphers.
Content:
Bibliography, online resources.
Terms. Cryptography, cryptology, cryptoanalysis. Encryption, decryption. Encoding, decoding, coding. Errorcorrecting coding. Protocol, algorithm, scheme.
Mathematical definition of encryption/decryption. Alphabet. Domains of messages, ciphers, keys. Cardinality of domains. Encryption and decryption functions.
Functions: bijective (onetoone), surjective (onetomany), injective (manytoone), trapdoor, oneway.
Types of cryptosystems: symmetric (block, stream), asymmetric (publickey, signature, key distribution). Characteristics and applications.
Exhaustive search (brute force) attack.
Monoalphabetic ciphers. Definition. Shift ciphers. Caesar cipher. Affine ciphers. Cardinality of key's domain.
Frequency
cryptoanalysis. Samples.
Polyalphabetic ciphers. Vigenere cipher. Cryptoanalysis. Period detection methods: Kasiski, autocorrelation, index coincidence [
rtf
pdf
].
Assignment.
Decrypt Vigenere cipher [
zip
].
Block ciphers. DES. GOST.
Content:
Application of block ciphers.
Galois fieds GF(2), GF(2^k). Polynomials. Operations with polynomials (+,*,mod).
Feistel's scheme. GOST.
DES, 3DES (in short).
Related:
Block ciphers DES, GOST, AES in brief [
doc
pdf
].
Block ciphers. AES. Operation modes.
Content:
AES (Rijndael) [
pdf
].
AES polynomials, operations.
Operation modes (ECB, CBC, OFB, CFB), initialization vector IV.
Comparison of block ciphers.
Benchmarks
.
Assignment:
Operations with polynomials in AES [
zip
].
Number theory.
Content:
Modular arithmetics.
Technique of exponentiation of big integers modulo a number (square and multiply).
Euclid's algorithm, extended Euclid's algorithm. Inverse numbers.
Euler's phifunction, Euler's theorem. Fermat's theorem.
Chinese Remainder Theorem (CRT).
Groups, rings, fields. Generators. Irreducible polynomials. Ring Z_n. Groups Z_p^*, Z_n^*.
Prime numbers. Distribution of primes.
Primality tests
Fermat's Little Theorem  criteria of prime.
MillerRabin polynomial probabilistic test.
AKS2002 (Agrawal, Kayal and Saxena)
polynomial deterministic test [downloaded
zip
].
Primes of special forms. SophieGermain primes, their application.
Generation of primes.
Related.
About AKS2002
.
Original paper AKS2002:
PRIMES is in P
.
Primality Tests on MathWorld
.
Number theory: seminar notes ¹1 [
ps
], seminar notes ¹2 [
pdf
doc
].
Publickey cryptosystems (RSA, ElGamal). Signatures. Hashs. MACs.
Content:
Overview of PKCs [
ppt
].
Numbertheoretic problems of most PKCs: factorization, Discrete Logarithm Problem (DLP).
Basics of factorization methods.
A Tale of Two Sieves
, Carl Pomerance
Factoring  State of the Art and Predictions
, Bruce Schneier
Key sizes of PKCs based on factorization and DLP.
Selecting Cryptographic Key Sizes
, Arjen K. Lenstra, Eric R. Verheul
Publickey cryptosystems: RSA, ElGamal. ElGamal in elliptic curves. Application.
Hashs.
SHA1
Collision in part of MD5 (the compression function)
Collision in part of MD5 (the compression function)
Message Authentication Codes (MAC).
HMAC
. Application.
Digital signatures schemes: RSA, ElGamal. Standards: DSA/DSS, ElGamal in elliptic curves. Application.
The Evolution of Public Key Cryptography
, Video Lecture
OAEP
,
RSA Labs OAEP FAQ
Handouts:
Presentation:
Publickey cryptosystems in the real world
[downloaded
ppt
].
Assignment:
Sign and verify a message and a signature. Factorize numbers. [
zip
].
Elliptic curves.
Content:
Elliptic curves.
Additive group of points of ellipic curve.
Operations in elliptic curve group: addition of two points, multiplication of point by number.
Handout:
Elliptic curves, russian, pp. 6585 [
pdf
].
Assignment:
Do some math in elliptic curves. [
zip
].
User authentication. Key management on symmetric schemes. Kerberos.
Content:
Passwords, hashing, salts.
Onetime passwords
and an
implementation
.
Web authentication. Cookie.
Dos and Don’ts of Client Authentication on the Web
[
pdf
].
Slides on Web User Authentication
[
pdf
].
Cookie Central
.
Symmetric authentication schemes.
Kerberos
.
Secure extensions to DNS (
DNSSEC
).
Related.
Peter Gutman's presentations
[downloaded
zip
archive]
User authentication. Key management on asymmetric schemes. Certificates. PKI. X509.3. PGP.
Content:
Publickey infrastucture (PKI).
Certificate chains, X509.3.
Overview of Certification Systems: X.509, CA, PGP and SKIP
ITUT Recommendation X.509
PGP.
OpenPGP
.
Related.
Peter Gutman's presentations
[downloaded
zip
archive]
Encrypted channels. SSL/TLS. SSH.
Content:
SSL 3.0
/
TLS 1.0
.
Analysis of the SSL 3.0 protocol
by David Wagner and Bruce Schneier.
ApacheSSL
,
OpenSSL
.
SSH.
Related.
Peter Gutman's presentations
[downloaded
zip
archive]
Encrypted channels. IPSec.
Content:
IP Security Protocol (
IPSec
).
A Cryptographic Evaluation of IPsec
, N. Ferguson and B. Schneier
Software vulnerabilities. Buffer overflow. Viruses.
Content:
Software vulnerabilities, buffer overflow, viruses.
Blended attack exploits, vulnerabilities and bufferoverflow techniques in computer viruses
[
pdf
].
An Undetectable Computer Virus
[
pdf
].
Smashing The Stack For Fun And Profit
.
Assignment:
Do a simple buffer overflow on a webserver [
zip
].
Related.
The Quine Page (selfreproducing code)
Peter Szor's site
Virus Bulletin
Underground Information Center
Mobile networks (GSM, CDMA). Wireless networks.
Content:
Terms
:
TDMA
,
CDMA
,
3G
,
GSM
,
EDGE
,
WCDMA
.
Data transmission:
TDMA
(in GSM) vs
CDMA
.
GSM history: GSM, GSM2, GSM3.
GSM2 scheme. User authentication.
GSM2 algorithms: authentication (A3), encryption (A5/1, A5/2, A5/3), key generation (A8). Flaws in A3, A5/1, A5/2.
GSM3.
Presentations:
GSM [
zip
].
Group projects.
Group projects.
Page last update: Thu May 10 07:59:31 2007 MSD.
Website last update: