KRS1 - Kryptografické systémy a ich aplikácie (doc. RNDr. Jozef Jirásek, PhD.)

Lab 01

1. Decipher (monoalphabetic substitution cipher):
   1. 
   2. Zgyzhs rh z hrnkov hfyhgrgfgrlm xrksvi uli gsv Svyivd zokszyvg.
2. How many keys are there for enciphering in English/Slovak/Spanish alphabet?
   • monoalphabetic substitution cipher
   • affine cipher (Maple: ? numtheory[phi], Maxima: ? totient, Python: ? sympy.totient)
   • polygraphic substitution cipher of length 4
3. Following ciphertext was encrypted using affine cipher. First two letters of plaintext are if. Decipher.
   NEJFX VPCOB PYUKN RUKPC TPUBP VKBO

Lab 02

1. Decipher (shift cipher of english text)
   1. frequence analysis
   2. frequence coincidence
   Dolu fvb dlyl h ahkwvsl huk P dhz h mpzo Pu aol Whslvgvpj aptl, Huk zpkl if zpkl vu aol liipun apkl Dl zwyhdslk aoyvbno aol vvgl huk zsptl, Vy zrpaalylk dpao thuf h jhbkhs mspw aoyvbno aol klwaoz vm Jhtiyphu mlu Tf olhya dhz ypml dpao aol qvf vm spml, Mvy P svclk fvb lclu aolu.
   eng_freq = [ .082, .015, .028, .043, .127, .022, .020, .061, .070, .002, .008, .040, .024, .067, .075, .019, .001, .060, .063, .091, .028, .010, .023, .001, .020, .001]
   
2. Decipher (english text, Vigenere)
   opkjcpcsrqtkhespzxxsjmuinieiovvryaaqaeicjnystxnemmbyzrvvvjo pwxzinqjibxzjdmjfsxnizvjiqidfzzymlxyeiljiqidfzzzaspwxcbnihe spzxxsjmuinbnijiehjzutsvrxdvmwmwkihaujharvzvgqsgfqhwtroqvsa bnijycrzzgfwpzxtxuxsrkmvtxmgorxopkxwqvsaxafzmteoquroruxcmic piirjbkwwwjyzqtavmtlopkzipeimihmzmkcvxviovvhnwlxkeiiqmxwwse wvzkmriexdnoirmwoiwcrhlzwdvlsfqrxdwtmgtiinmtxshfrgggwowlqhi xcqsdtgmzirikedtyefirzvqreppvjmwsxvijspziiwrumxizirmexcmkrr rfxzxriowvrjbkxvekiqmtmtxyihmzlchfjvbzeqoyenvuxpivrpbopwdvh jzgrsbgpjqzwqvztoqyrcxtymzkrhppadlkpmemedtgfzifropkmbxvvimz edskiiboezzlpimxepmcmognegfviiqjibxzjdmjydhrxzazswxvqnivtse imioordvvzdwawwwjyzaujqcsimvuxswrvztowhiumijuprrvadvlsfqrxd wtgcrkedvkhwrklzcvhoxvadtredtvemqtmhecmxqfirgfpjzkhhioxrpkv segtgqieppvxcmzeppvpdazwogmiicsfsvzrmmjavmtlxwxvswgsilyxcxy ixwsqcrmygvkvofzpdboigeehzfvsgyiinkbizmjxvkuqdmceoqurcjjxvv jefhzdzlteaijjjzbyzrvvvjopwxzinithcxyimqtjcvdeoqurgitymqzcs bgsncxig
   code
3. LFSR
   • What is maximal period of LFSR (degree n)?
   • What can you say about the degree of LFSR if you know n bits of the generated sequence (e.g. 000101011101100)?
4. Print next 50 bits of (Fibonacci) LFSR defined si+4 = si + si+1 + si+3 and inicialized with vector [1, 1, 0, 0]
5. Compute the sequence, which you get by modular sum of two LFSRs. What is the period of resulting sequence?
   ai+5 = ai+1, IV = [0, 1, 1, 0, 1]
   bi+2 = bi + bi+1, IV = [0, 1]
   ci = ai + bi
6. Find the minimal LFSR which generates the sequence from previous task (Berlekamp-Massey algorithm).
code

Lab 03

1. Show that pycryptodome implementations work correctly for test vectors:
   1. RC4 (RFC 6229)
   2. DES (Validating the Correctness of Hardware Implementations of the NBS Data Encryption Standard, data)
   3. 3DES (NIST Special Publication 800-67 Rev1 p. 19)
   4. ChaCha20 (RFC 7539)
   5. ChaCha20-Poly1305 (RFC 7539)
2. Choose plaintext (the same for all ciphers from the previous task, e.g. 128 bits long). Compute how many bits of ciphertext are changed if you change just one bit of the plaintext.

Lab 04

1. Encipher some text, which length is not multiple of 8. Try different modes of padding.
   from Crypto.Util.Padding import pad, unpad
   from Crypto.Cipher import AES, DES
   from Crypto.Random import get_random_bytes
   from base64 import b64encode, b64decode
   
   #encryption
   data = b'TestUPJS'
   key = get_random_bytes(8)
   cipher = DES.new(key, DES.MODE_ECB)
   ct = cipher.encrypt(data)
   print(ct)
   print(b64encode(ct).decode('utf-8'))
   
   #decryption
   decipher = DES.new(key, DES.MODE_ECB)
   pt = decipher.decrypt(ct)
   print(pt)
   
2. Display ciphertext encrypted in several modes ECB/CBC/OFB/CFB/CTR/OPENPGP using the same key. Find the differencies in decrypted text after changing one bit in ciphertext for several modes of block cipher. Use at least 3 blocks and change bit in the second one.
   def wrap(text, size=8):
     for i in range((len(text)+size-1) // size):
       print(text[i*size:(i+1)*size])
   

   ---

   DES.new(..., DES.MODE_CBC, iv=?)
   

   ---

   rb = get_random_bytes(8)
   cipher = DES.new(rb, DES.MODE_OPENPGP, iv=get_random_bytes(8))
   ct = cipher.encrypt(b'abcd1234')
   decipher = DES.new(rb, DES.MODE_OPENPGP, iv=ct[:10])
   pt = decipher.decrypt(ct[10:])
   

   ---

   from Crypto.Util import Counter
   
   rb = get_random_bytes(8)
   nonce = get_random_bytes(4)
   cipher = DES.new(rb, DES.MODE_CTR, counter=Counter.new(32, prefix=nonce))
   ct = cipher.encrypt(b'abcd1234')
   decipher = DES.new(rb, DES.MODE_CTR, counter=Counter.new(32, prefix=nonce))
   pt = decipher.decrypt(ct)
   
   Bonus*: Use modern modes of operation for AES.

Lab 05

1. Find the prime of the length at least 420 bits (nextprime).
2. Find the generator of the group Z*p (at least 35 digits long in the base 10) - you can use Lagrange theorem
   p = 9081321110693270343633073697474256143651
3. Decipher text encrypted using RSA (the least significant byte of the number represents the ascii code of the first character):
   p = 19669081321110693270343633073697474256143563558458718976746753830538032062222257
   q = 74121768604305613921745580037409259811952655310075487163797179490457039169594213
   e = 2**16+1
   c = 457716555223273825704148364196947662526456383872312885913872033868857417571016723717157292001931658990661403522966925784509993828339567050645537597819658756771
   

Lab 06

1. Implement Merkle-Hellman cryptosystem. First check using the example from wikipedia and then decipher (8-bit ASCII):
   w = [1, 2, 4, 9]
   
   q1 = 17
   r1 = 15
   c1 = [29, 25, 22, 16, 22, 28, 22, 16, 22, 16, 22, 44, 9, 16, 0, 24]
   
   q2 = 19
   r2 = 7
   c2 = [23, 7, 23, 20, 23, 21, 23, 21, 23, 36, 9, 0, 29, 14, 23, 7, 23, 20, 29, 9, 23, 20, 15, 36, 0, 16]
   
2. OAEP is implemented in python as PKCS1_OAEP. Try to encrypt with several parameters PKCS1_OAEP.new.

Lab 07

1. Encrypt and decrypt using El Gamal: p = 97, g > 50, m = 75
2. Encrypt and decrypt using El Gamal text encoded into numbers (a -> 01, ... z -> 26, code each char as two subsequent digits). As a generator use at least 35 digits long decadic number.
   p = 9081321110693270343633073697474256143651
   d = 1026722818625797069602002237808990689994 #private key
   
3. How many points are there for the following elliptic curves?
   1. E_11(1, 6)
   2. E_11(3, 5)
   3. E_1009(2, 4)
   4. E_10007(3, 10000)

Lab 08

1. Which HASH algoritms are supported in Python / Java? hashlib in Python / Hash Algos in JDK
2. HW: Compute HASHes (at least crc32, md5, sha1, sha224, ripemd128, whirlpool, tiger128.3, haval128.3, gost) [you can use online tool for HASHes] and create table with columns Algorithm/Length of the hash in bits/Number of changed bits in hash after changing just one charactes (Compute average from 5 different positions of changed character).
   Sed id imperdiet nunc. Curabitur at orci sollicitudin, blandit magna at, volutpat eros. Praesent in venenatis dui. Duis malesuada, felis egestas molestie iaculis, odio tellus ornare nibh, non egestas libero mauris ut magna. Donec luctus congue mi, sed tristique eros rutrum sit amet. Nam a fermentum augue. Sed bibendum purus a nisi scelerisque, sit amet imperdiet nibh pretium. Nullam elementum lacus nunc, id placerat justo consectetur ut. Donec scelerisque auctor euismod. Suspendisse ornare interdum mattis. Donec tempus, nisl vitae euismod laoreet, est ante pellentesque massa, dapibus consectetur est elit id turpis. Vestibulum molestie ultricies blandit. Sed consectetur tortor in lectus ullamcorper dictum. Morbi vel quam at tortor eleifend scelerisque vel eu elit. Quisque consequat massa id est gravida tincidunt.
3. HW: Choose a password and check if it is possible to crack it from its MD5/SHA1 hash (HashKiller). Find a password which
   1. looks complicated, but can be cracked
   2. is not cracked yet, but is as simple as possible
4. How would you store passwords (let say in your web app)?
   hashlib
   BCrypt Attacks
   Argon2 (winner of Password Hashing Competition)
   Argon2 Wikipedia
   Argon2 Online
   

Lab 09

1. Sign the message and check the validity of the signature.
   Quisque bibendum tincidunt ipsum at lobortis. Etiam euismod consequat arcu in facilisis. Nulla iaculis turpis sed sem efficitur fringilla. Maecenas pulvinar velit eget tempor aliquet. Nulla odio nisl, commodo sit amet pellentesque quis, molestie at nisl. Praesent vel urna orci. Morbi convallis ante vel augue consectetur cursus. Integer rhoncus tincidunt tincidunt. Aliquam elementum nisl et dui auctor venenatis. Morbi tincidunt erat magna, ac gravida odio tristique nec. Vestibulum nec ex at dolor pulvinar varius. Fusce id pharetra leo. Cras sit amet molestie eros. Sed euismod tempus odio id sagittis. Cras aliquam dui in mauris blandit, vel pharetra augue tristique. Nulla vel magna nulla. Nullam cursus nunc arcu, id ullamcorper lacus feugiat vel. Pellentesque lectus ipsum, maximus eu fermentum ac, tincidunt eu augue. Nam et pellentesque lectus, in elementum risus. Cras arcu mauris, dictum eget accumsan sit amet, pharetra nec lorem. Sed felis risus, molestie in est at, rutrum consequat mauris. Morbi ultricies nulla non nunc malesuada congue. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Donec consectetur arcu ac elit imperdiet fringilla. Aliquam sed leo est. Aenean sit amet nunc et ante posuere congue. Duis volutpat ante vitae massa viverra ultricies. Maecenas quis dictum nulla. Ut consectetur magna eget vulputate semper. Fusce non aliquam nulla. Morbi a sodales massa. Phasellus non lacus sed est aliquet lobortis vitae vel lectus. Maecenas mi purus, ornare eget tincidunt aliquet, sodales ac ligula. Donec vel neque vel orci rhoncus convallis. Aenean dolor nulla, tempus ac neque sed, facilisis hendrerit massa. Etiam est diam, pellentesque sed dapibus in, cursus volutpat odio. Suspendisse elementum cursus augue nec congue. Donec ac mi nulla. Vivamus fringilla sapien cursus euismod mattis. Fusce semper vel justo non ultricies. Donec dictum interdum urna, in tincidunt neque posuere fermentum. Morbi at suscipit nisi. Morbi eros dui, porttitor nec condimentum sed, euismod et nibh. Etiam eget bibendum ante, ac fermentum elit. In consequat sit amet nibh non feugiat. Etiam et nulla sed urna porttitor congue eget laoreet metus. Curabitur fringilla id tellus feugiat accumsan. Donec a dui vitae tellus aliquet gravida.
   Algorithm:
   1. Lamport signature scheme.
   2. Merkle signature scheme. You can use just any hash as initial one-time signature.

Lab 10

1. Share the secret (4 digit PIN code) between 7 friends in such way, that any four of them could compute the PIN. Use Shamir scheme. Show that it is good scheme for four people, i.e. for one triple of keys show that the PIN could be 1111, 3210, or 6789.
2. Divide keys between 1 CEO, 3 directors and 20 officers. Share secret 10 digits code for opening the safe deposit in following way for opening:
   1. CEO + 1 director
   2. 3 directors
   3. 5 officers
   Which other combinations of people could open the safe deposit in your arrangment of the keys?
   Find any other combination for dividing the keys and all minimal subsets of users.

Lab 11

1. Agree on a pairwise encryption key using Diffie-Hellman exchange. Use a group of at least 512-bit size (safe in the mid-80s [Cryptographic Key Length Recommendation]).
2. Burmester-Desmedt key exchange Protocol. Show the negotiation of a shared key for four participants.
3. Describe the sequence of messages for key agreement using Diffie-Hellman exchange for 4 participants (A, B, C, D) in such way, that A sends the least possible number of messages.

Lab 12

1. Which certificates use web page www.upjs.sk and email server smtp.gmail.com? Find at least 3 webpages with different root certificates (show its ertificates' chains).
   openssl s_client -status -showcerts -connect www.upjs.sk:443
   openssl s_client -status -showcerts -starttls smtp -connect smtp.gmail.com:587
   
   openssl x509 [-in certificate] -text -noout
   
2. Find sites with different results in SSL tests and compare them.
   1. SSL Observatory
   2. SSL Test
SSL Configuration Generator

© 2003-2023