Одним из главных принципов уникальной «системы Физтеха», заложенной в основу образования в МФТИ, является тщательный отбор одаренных и склонных к творческой работе представителей молодежи. Абитуриентами Физтеха становятся самые талантливые и высокообразованные выпускники школ всей России и десятков стран мира.

Студенческая жизнь в МФТИ насыщенна и разнообразна. Студенты активно совмещают учебную деятельность с занятиями спортом, участием в культурно-массовых мероприятиях, а также их организации. Администрация института всячески поддерживает инициативу и заботится о благополучии студентов. Так, ведется непрерывная работа по расширению студенческого городка и улучшению быта студентов.

Адрес e-mail:

Семинары (англ.)

Course "Information Security". Seminar program.
Spring 2003.

 

1. Introduction. Monoalphabetic ciphers.

Content:

Bibliography, online resources. Terms. Cryptography, cryptology, cryptoanalysis. Encryption, decryption. Encoding, decoding, coding. Error-correcting coding. Protocol, algorithm, scheme. Mathematical definition of encryption/decryption. Alphabet. Domains of messages, ciphers, keys. Cardinality of domains. Encryption and decryption functions. Functions: bijective (one-to-one), surjective (one-to-many), injective (many-to-one), trap-door, one-way. Types of cryptosystems: symmetric (block, stream), asymmetric (public-key, signature, key distribution). Characteristics and applications. Monoalphabetic ciphers. Definition. Shift ciphers. Affine ciphers. Cardinality of key's domain. Exhaustive search (brute force) attack. Frequency cryptoanalysis of monoalphabetic ciphers. Samples.

Handout. Typical frequencies of symbols [tiff].

Assignment. Decrypt monoalphabetical cipher [description rtf pdf].

Related.

 

2. Polyalphabetic ciphers.

Content:

Definition. Ciphers: Caesar, Viginer, M-209. Cryptoanalysis. Period detection methods: Kasiski, autocorrelation, index coincidence.

Handouts. Cryptoanalysis of polyalphabetic cipher [rtf pdf].

Assignment. Decrypt Viginer's cipher [description rtf pdf].

Related.

 

3. Block ciphers. Operation modes.

Content:

Application of block ciphers. Feistel's scheme. DES. GOST. Basics of differential and linear cryptoanalysis. AES (Rijndael). Comparison of block ciphers. Operation modes (ECB, CBC, OFB, CFB), initialization vector IV. Galous' fieds GF(2), GF(2^k). Polynomials. Operations with polynomials (+,*,mod). AES polynomials, operations.

Handouts.

Block ciphers DES, GOST, AES in brief [doc pdf]. Algebra basics [pdf]. AES standard [pdf].

Assignment. Operations with polynomials in AES.

Related.

AES/Rijndel

 

4. Number theory.

Content:

Modular arithmetics. Technique of exponentiation of big integers modulo a number (square and multiply). Euclid's algorithm, extended Euclid's algorithm. Inverse numbers. Euler's phi-function, Euler's theorem. Fermat's theorem. Chinese Remainder Theorem (CRT). Groups, rings, fields. Generators. Irreducible polynomials. Ring Z_n. Groups Z_p^*, Z_n^*. Prime numbers. Distribution of primes. Primality tests: probabilistic (Fermat, Miller-Rabin), deterministic (hindu's algorithm). Primes of special forms. Sophie-Germain primes, their application. Generation of primes.

Handouts. Seminar notes (primes, factorization) [ps].

Assignment.

Related.

 

5. Public-key cryptosystems. Signatures. Hashs. MACs.

Content:

Complexity classes (P, NP, NP-complete). Turing's machine. Polynomial and exponential algorithms. Number-theoretic problems of most PKCs: factorization, Discrete Logarithm Problem (DLP). Factorization methods: Pollard's, Elliptic Curve Sieve (ECS), Number Field Sieve (NFS). Key sizes of PKCs based on factorization and DLP. Public-key cryptosystems: RSA, ElGamal. Application. Hashs. Message Authentication Codes (MAC). Application. Digital signatures: RSA, ElGamal, DSA/DSS. Application. (*) OAEP-RSA. Cramer-Shoup. Random oracle model.

Handouts.

Assignment [description ps].

Sign and verify a message and a signature. Factorize numbers.

Related.

A Tale of Two Sieves, Carl Pomerance Factoring - State of the Art and Predictions, Bruce Schneier Selecting Cryptographic Key Sizes, Arjen K. Lenstra, Eric R. Verheul SHA-1 Collision in part of MD5 (the compression function) HMAC The Evolution of Public Key Cryptography, Video Lecture OAEP, RSA Labs OAEP FAQ

 

6. User authentication. Key management.

Content:

Passwords, hashing, salts. Web authentication. Cookie. Dos and Don’ts of Client Authentication on the Web [pdf]. Slides on Web User Authentication [pdf]. Symmetric authentication schemes. Kerberos. Secure extensions to DNS (DNSSEC). Security policy.

Related.

One-time passwords and an implementation. Cookie Central Kerberos DNSSEC Peter Gutman's presentations [downloaded zip archive]

 

7. User authentication. Key management.

Content:

Public-key infrastucture (PKI). Certificate chains, X509.3. SPKI. Certificate chain discovery in SPKI/SDSI [ps]. PGP.

Handouts.

Assignment.

Related.

Overview of Certification Systems: X.509, CA, PGP and SKIP ITU-T Recommendation X.509 OpenPGP DNSSEC Peter Gutman's presentations [downloaded zip archive]

 

8. Encrypted channels.

Content:

SSL/TLS. IP Security Protocol (IPSec).

Handouts.

Assignment.

Related.

Peter Gutman's presentations [downloaded zip archive] TLS, SSL 3.0, Apache-SSL, OpenSSL Analysis of the SSL 3.0 protocol by David Wagner and Bruce Schneier. IPSec A Cryptographic Evaluation of IPsec, N. Ferguson and B. Schneier

 

9. Software vulnerabilities. Buffer overflow. Viruses.

Content:

Software vulnerabilities, buffer overflow, viruses. Blended attack exploits, vulnerabilities and buffer-overflow techniques in computer viruses [pdf]. An Undetectable Computer Virus [pdf].

Handouts.

Assignment.

Do a simple buffer overflow on a server. Check OS at home PC for common OS vulnerabilities.

Related.

The Quine Page (self-reproducing code) Peter Szor's site Virus Bulletin Underground Information Center

 

10. Payment systems. Cards. E-coins. Voting.

Content:

Payment systems. Electronic money. Online voting. Practical Multi-Candidate Election System [pdf]. Some protocols (???).

Handouts.

Assignment.

Related.

 

11. Defence of projects and essays.

Content:

Handouts.

Assignment.

Related.

 

12. Defence of projects and essays.

Content:

Handouts.

Assignment.

Related.

Если вы заметили в тексте ошибку, выделите её и нажмите Ctrl+Enter.

© 2001-2016 Московский физико-технический институт
(государственный университет)

Техподдержка сайта

МФТИ в социальных сетях

soc-vk soc-fb soc-tw soc-li soc-li
Яндекс.Метрика