Light

openseced / appliedcrypto Goto Github PK

View Code? Open in Web Editor NEW

5.0 2.0 0.0 3.39 MB

Learning module for Applied Cryptography

Makefile 5.88% TeX 94.12%

applied-cryptography labs lectures learning-materials

appliedcrypto's Introduction

Module: Applied Cryptography (appliedcrypto)

This is a learning module on Applied Cryptography. It's aim is to cover high-level cryptography --- mechanisms and their properties --- such that the students are aware of the possibilities and (if desired) can apply them when designing secure systems.

Each subdirectory has a README. For lectures, it contains a link to the video recording, a short summary, the intended learning outcomes and reading instructions. For assignments, it shortly describes the assignment. Apart from this README, there are the sources for the material.

The recommended order for the lectures:

intro
shared-key
one-way
pub-key
zkp-smc
sidechannels

File Structure and Building

To build the PDFs, after cloning the repository you must clone its required submodules:

$ git submodule update --recursive --init

Then you can go into the directory of the desired document and run make.

Contributing

The module is part of the Open Security Education project and the maintainer is Daniel Bosk.

To contribute, please fork the repository, make your changes, commit them and then create a pull request in the original repository.

appliedcrypto's People

Contributors

Stargazers

Watchers

appliedcrypto's Issues

Students don't have that much network prerequisites

[overview] Split into 45 min sessions?

The intro and symmetric crypto sections take 2*45 minutes.
The public-key crypto section takes 2*45 minutes, plus another 15 minutes.
The counter-intuitive section and side-channels took 2*45 + 15 minutes.

Add better coverage of hash functions

Particularly that collision resistance implies second preimage resistance, which in turn also implies preimage resistance.

The reductions are something along the lines of this:

col(): x <- rand(), x' <- second_pre(x)
second_pre(x): y <- H(x), do x' <- pre(y) until x' != x

It's actually a bit more complicated when looking at the details, I can recommend reading "Cryptographic Hash-Function Basics: Definitions, Implications, and Separations for Preimage Resistance, Second-Preimage Resistance, and Collision Resistance" by Rogaway and Shrimpton. They cover the details very nicely.

Add key-derivation functions

An important topic, similar to padding (#36).

[spuriouslab] Clarify plausibility

If a ciphertext has length $n$ and a key $k$ decrypts it to a plaintext that makes sense only in the first $n-k$ characters, where the $k$ last ones are random looking --- then it's not plausible that it's correct.

To achieve different lengths one could have a padding scheme and a block size larger than one character. However, then it must still fit the padding.

Make the postbox tutorial focused on some details

We should perhaps focus it more on the cryptographic details, rather than the high-level constructs.

Add Shannon's maxim as complement to Kerchoff's principle

Add seed+counter -> hash to applied-hashes

Douglas' idea. Add seed+counter mode+truncation to construct hash function. Hash functions are just embedded ciphers.

Also talk about keyed hash functions, HMAC.

Add remaining sidechannels papers

VoltageKeyExtraction,
AcousticKeyExtraction,
ElectromagneticKeyExtraction.

[zkp] In-depth about zero-knowledge proofs

Zero-knowledge proofs (of knowledge):

Basic principles for construction.
Overview of achievable properties.

Add some parts of sidechannels to overview

The sidechannels module has been deprecated and moved into this. It should be included in the overview.

Make it easy to build a release

Add a makefile for building a release of this module.

Resources on multi-party computation

https://github.com/rdragos/awesome-mpc

Add material on sender--receiver anonymity

Rework exercises

Some exercises in overview takes too much effort, or rather time, especially since people work individually. They can be possible in groups. Still some must be changed.

Useful exercises

These exercises can be very useful.

[overview] Add quick overview in intro

The intro section should give an overview of what's to come: shared-key, public-key and counter-intuitive stuff.

[pubkey] Add ElGamal crypto as example

The RSA algorithm requires more number theory than ElGamal. Thus adding ElGamal as an example is good as it basically only requires residue (congruence) classes. And the discrete logarithm problem is quite intuitive.

Split `zkp-smc` into `zero-knowledge` and `multiparty-computation`

Add steganography

@article{johnson1998exploring,                                                     
  title={Exploring steganography: Seeing the unseen},
  author={Johnson, Neil F and Jajodia, Sushil},
  journal={Computer},
  volume={31},
  number={2},
  pages={26--34},
  year={1998},
  publisher={IEEE},
  URL={http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4655281},
}
@article{anderson1998limits,
  title={On the limits of steganography},
  author={Anderson, Ross J and Petitcolas, Fabien AP},
  journal={Selected Areas in Communications, IEEE Journal on},
  volume={16},
  number={4},
  pages={474--481},
  year={1998},
  publisher={IEEE},
  URL={http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=668971},
}
@article{provos2003hide,
  title={Hide and seek: An introduction to steganography},
  author={Provos, Niels and Honeyman, Peter},
  journal={Security \& Privacy, IEEE},
  volume={1},
  number={3},
  pages={32--44},
  year={2003},
  publisher={IEEE},
  URL={http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1203220},
}

[crypto] add new figures

Add new figures to overview, the old ones are missing due to belonging to a textbook.

Add more concrete examples

There is a lack of concrete examples before the pub-key part. This makes it abstract and difficult to follow.

Add prerequisites

We need

set notation,
probability theory.

Add reading material and a learning session for these topics.

Interesting material

Two three cases from the start, going through

We can have two--three cases that we start with on the first lecture and return to every lecture. That way some topics will not be applicable to some cases but applicable to others.

That's good from a variation theoretic perspective.

[symcrypt] More in-depth on symmetric crypto

Symmetric crypto:

Theoretical representations: PRF, PRP, PRNG, one-way functions.
Basic principles for construction.
How to use.

Also treat key distribution (symmetric, e.g. Kerberos).

Rework learning sessions

Merge learning sessions

crypto
symcrypt
pubkey

to form one overview learning module.

Then hashsign will complement them.

[mpc] In-depth about MPC

Multi-party computation, fully homomorphic encryption:

Basic principles for construction.
Overview of achievable properties.

Add Ali Baba's cave as example of ZKP

Add Ali Baba's cave as example of ZKP --- with illustration!

Replace references with open access

Currently some references are closed-access books, replace those with open-access versions. At least try to use the same text-book for all references. However, optimally the original paper should be cited.

Add commitments to applied-hashes

Don't use both \oplus and "mod 2" at the same time

Explain that \oplus is xor. Also ensure it's clear what \oplus means so that we don't need to specify \mod 2 at the same time.

Describe Argon2, bcrypt or scrypt in details in applied-hashses

Describe Argon2, bcrypt or scrypt in details in applied-hashses, to complement the password hashing lecture.

Emphasize every primitive as an "ideal functionality"

Focus on the high-level properties, similarly to how an ideal functionality is used in the UC framework.

Improve ILOs and abstracts

The abstract must be improved for

one-way
pub-key
zkp-smc

[hashsign] add new figures

There are some figures missing in hashsign due to them coming from a textbook.

Add Schneier-Kelsey logs paper to reading

[spuriouslab] Allow more schemes

Currently it says to use the scheme that is used for the message to break. We could extend this with experimenting with other schemes too and compare the results.

[spuriouslab] Change to generalized brute forcing

Change the spuriouslab to focus more generally on brute forcing. Include collisions for hash functions, e.g. two passwords could generate the same hash and what that would mean.

One aim is that the students should realize that there is always a problem of verifying the correct solution with brute forcing.

Add notes

We should add notes since there is no one text which covers these topics, and most text covers each topic too deeply.

[overview] Formulate ILOs for learning session

What do we want the students to learn from this learning session? Formulate ILOs which clearly states this.

[sidechannels] Interesting material

These papers are cited in the slides, but it's nice to have the websites included too.

[pubkey] In-depth coverage of public key crypto

Public-key encryption:

Basic principles for construction.
Overview of achievable properties: homomorphisms, non-homomorphisms.

The RSA algorithm requires more number theory than ElGamal. Thus adding ElGamal as an example is good as it basically only requires residue (congruence) classes. And the discrete logarithm problem is quite intuitive.

Add more material on group chats

For instance Private Group Messaging.

Add a short intuition clip for each advanced video (or paper)

The more advanced videos, like conference presentations, don't provide the intuition that well for students. Record videos providing intuition to watch before such videos. Do the same for papers.

[bitcoin] Translate bitcoin material, make active learning

Translate the current material in the bitcoin module from Swedish to English.

The abstract.tex is a bit ahead of the rest of the module. Rewrite the module so that it uses active learning to teach the students to analyse the desired properties and then look for mechanisms that combined gives those properties. Bitcoin is an easy and intuitive way to learn this.

Thus add the corresponding aim.tex.

[spuriouslab] Improve ILOs

The ILOs can be improved. What do we want them to learn more exactly?

Add group and ring signatures

[sign] In-depth about digital signatures, message authentication

Digital signatures:

Basic principles for construction.
Overview of achievable properties: standard, non-repudiation, group, ring, blind.

Cover padding problems

We should have a part on padding. That's kind of essential for practice.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.