Одним из главных принципов уникальной «системы Физтеха», заложенной в основу образования в МФТИ, является тщательный отбор одаренных и склонных к творческой работе представителей молодежи. Абитуриентами Физтеха становятся самые талантливые и высокообразованные выпускники школ всей России и десятков стран мира.

Студенческая жизнь в МФТИ насыщенна и разнообразна. Студенты активно совмещают учебную деятельность с занятиями спортом, участием в культурно-массовых мероприятиях, а также их организации. Администрация института всячески поддерживает инициативу и заботится о благополучии студентов. Так, ведется непрерывная работа по расширению студенческого городка и улучшению быта студентов.

Адрес e-mail:

Семинары (англ.)

Introduction. Monoalphabetic ciphers. Polyalphabetic ciphers. Block ciphers. DES. GOST. Block ciphers. AES. Operation modes. Number theory. Public-key cryptosystems (RSA, ElGamal). Signatures. Hashs. MACs. User authentication. Key management on symmetric schemes. Kerberos. User authentication. Key management on asymmetric schemes. Certificates. PKI. X509.3. PGP. Encrypted channels. SSL/TLS. SSH. Encrypted channels. IPSec. Software vulnerabilities. Buffer overflow. Viruses. Payment systems. Cards. E-coins. Voting. Mobile networks (GSM, CDMA). Wireless networks. Group projects. Group projects.

1. Introduction. Monoalphabetic ciphers. Polyalphabetic ciphers.

Content:

Bibliography, online resources. Terms. Cryptography, cryptology, cryptoanalysis. Encryption, decryption. Encoding, decoding, coding. Error-correcting coding. Protocol, algorithm, scheme. Mathematical definition of encryption/decryption. Alphabet. Domains of messages, ciphers, keys. Cardinality of domains. Encryption and decryption functions. Functions: bijective (one-to-one), surjective (one-to-many), injective (many-to-one), trap-door, one-way. Types of cryptosystems: symmetric (block, stream), asymmetric (public-key, signature, key distribution). Characteristics and applications. Exhaustive search (brute force) attack. Monoalphabetic ciphers. Definition. Shift ciphers. Caesar cipher. Affine ciphers. Cardinality of key's domain. Frequency cryptoanalysis. Samples. Polyalphabetic ciphers. Viginer cipher. Cryptoanalysis. Period detection methods: Kasiski, autocorrelation, index coincidence [rtf pdf].

Assignment.

Theory. Cryptoanalysis of polyalphabetic ciphers [rtf pdf]. Decrypt Viginer's cipher [zip].

2. Block ciphers. DES. GOST.

Content:

Application of block ciphers. Feistel's scheme. DES, 3DES (in short). Galois fieds GF(2), GF(2^k). Polynomials. Operations with polynomials (+,*,mod). GOST.

Related:

Block ciphers DES, GOST, AES in brief [doc pdf].

3. Block ciphers. AES. Operation modes.

Content:

AES (Rijndael) [pdf]. AES polynomials, operations. Operation modes (ECB, CBC, OFB, CFB), initialization vector IV. Comparison of block ciphers. Benchmarks.

Assignment:

Operations with polynomials in AES [zip].

4. Number theory.

Content:

Modular arithmetics. Technique of exponentiation of big integers modulo a number (square and multiply). Euclid's algorithm, extended Euclid's algorithm. Inverse numbers. Euler's phi-function, Euler's theorem. Fermat's theorem. Chinese Remainder Theorem (CRT). Groups, rings, fields. Generators. Irreducible polynomials. Ring Z_n. Groups Z_p^*, Z_n^*. Prime numbers. Distribution of primes. Primality tests: probabilistic (Fermat, Miller-Rabin), deterministic (hindu's algorithm). Primes of special forms. Sophie-Germain primes, their application. Generation of primes.

Related.

Number theory seminar notes [ps].

5. Public-key cryptosystems (RSA, ElGamal). Signatures. Hashs. MACs.

Content:

Overview of PKCs [ppt]. Number-theoretic problems of most PKCs: factorization, Discrete Logarithm Problem (DLP). Basics of factorization methods. A Tale of Two Sieves, Carl Pomerance Factoring - State of the Art and Predictions, Bruce Schneier Key sizes of PKCs based on factorization and DLP. Selecting Cryptographic Key Sizes, Arjen K. Lenstra, Eric R. Verheul Public-key cryptosystems: RSA, ElGamal. ElGamal in elliptic curves. Application. Hashs. SHA-1 Collision in part of MD5 (the compression function) Message Authentication Codes (MAC). HMAC. Application. Digital signatures schemes: RSA, ElGamal. Standards: DSA/DSS, ElGamal in elliptic curves. Application. The Evolution of Public Key Cryptography, Video Lecture OAEP, RSA Labs OAEP FAQ

Handouts:

Presentation: Public-key cryptosystems in the real world [downloaded ppt].

Assignment:

Sign and verify a message and a signature. Factorize numbers. [zip].

6. User authentication. Key management on symmetric schemes. Kerberos.

Content:

Passwords, hashing, salts. One-time passwords and an implementation. Web authentication. Cookie. Dos and Don’ts of Client Authentication on the Web [pdf]. Slides on Web User Authentication [pdf]. Cookie Central. Symmetric authentication schemes. Kerberos. Secure extensions to DNS (DNSSEC).

Related.

Peter Gutman's presentations [downloaded zip archive]

7. User authentication. Key management on asymmetric schemes. Certificates. PKI. X509.3. PGP.

Content:

Public-key infrastucture (PKI). Certificate chains, X509.3. Overview of Certification Systems: X.509, CA, PGP and SKIP ITU-T Recommendation X.509 PGP. OpenPGP.

Related.

Peter Gutman's presentations [downloaded zip archive]

8. Encrypted channels. SSL/TLS. SSH.

Content:

SSL 3.0 / TLS 1.0. Analysis of the SSL 3.0 protocol by David Wagner and Bruce Schneier. Apache-SSL, OpenSSL. SSH.

Related.

Peter Gutman's presentations [downloaded zip archive]

9. Encrypted channels. IPSec.

Content:

IP Security Protocol (IPSec). A Cryptographic Evaluation of IPsec, N. Ferguson and B. Schneier

10. Software vulnerabilities. Buffer overflow. Viruses.

Content:

Software vulnerabilities, buffer overflow, viruses. Blended attack exploits, vulnerabilities and buffer-overflow techniques in computer viruses [pdf]. An Undetectable Computer Virus [pdf]. Smashing The Stack For Fun And Profit.

Assignment:

Do a simple buffer overflow on a webserver [zip].

Related.

The Quine Page (self-reproducing code) Peter Szor's site Virus Bulletin Underground Information Center

11. Payment systems. Cards. E-coins. Voting.

Content:

Electronic Payment Systems Electronic Credit Card payments SET (see also in Cryptography and Network Security by W.Stallings) Size of Payments UEPS (see also in Applied Cryptography by B.Schneier) Electronic Cash (E-cash) (see also Yiannis S. Tsiounis Ph.D. Thesis, Electronic Payments: where do we go from here?) On-Line Cash Payments Untraceability, Double Spending Blind Signatures (RSA Blind Signature), Unexpandability Off-Line Cash Payments, E-Coins Schnorr's Digital Signature Scheme Owner, Coin Tracing Sample Payment Systems: eCash, NetCash Smart Cards Tamper Resistance Differential Power Analysis, Investigations of Power Analysis Attacks on Smartcards Electronic Voting Analysis of an Electronic Voting System

12. Mobile networks (GSM, CDMA). Wireless networks.

Content:

Terms: TDMA, CDMA, 3G, GSM, EDGE, WCDMA. Data transmission: TDMA (in GSM) vs CDMA. GSM history: GSM, GSM2, GSM3. GSM2 scheme. User authentication. GSM2 algorithms: authentication (A3), encryption (A5/1, A5/2, A5/3), key generation (A8). Flaws in A3, A5/1, A5/2. GSM3.

Presentations:

GSM [zip].

13. Group projects.

14. Group projects.

Если вы заметили в тексте ошибку, выделите её и нажмите Ctrl+Enter.

© 2001-2016 Московский физико-технический институт
(государственный университет)

Техподдержка сайта

МФТИ в социальных сетях

soc-vk soc-fb soc-tw soc-li soc-li
Яндекс.Метрика