Servizi per la didattica
PORTALE DELLA DIDATTICA

Cryptography

03LPYOV

A.A. 2022/23

Course Language

Inglese

Course degree

Master of science-level of the Bologna process in Ingegneria Informatica (Computer Engineering) - Torino

Course structure
Teaching Hours
Lezioni 40
Esercitazioni in aula 20
Teachers
Teacher Status SSD h.Les h.Ex h.Lab h.Tut Years teaching
Di Scala Antonio Jose' Professore Ordinario MAT/03 40 0 0 0 4
Teaching assistant
Espandi

Context
SSD CFU Activities Area context
ING-INF/05
MAT/03
3
3
B - Caratterizzanti
F - Altre attività (art. 10)
Ingegneria informatica
Abilità informatiche e telematiche
2022/23
This is a first course of Cryptography. It is about the state-of-the-art of the principal cryptographic algorithms currently used for computer system security purposes.
This is the first course in Cryptography. It is about the state-of-the-art principal cryptographic algorithms currently used for computer system security purposes. This course is an essential element in building the competencies of a cybersecurity expert, as the technological solutions in cybersecurity strongly rely on the use of cryptography. Indeed, superficial knowledge of the cryptographic primitives can lead to decisions and designs, resulting in a weak level of protection and a higher exposition to cyber-attacks.
Students are expected to learn: Cryptographic programming. Symmetric cryptography primitives as: Block Ciphers, Stream Ciphers and Hash Functions. Asymmetric cryptosystems as: Key Exchange, Public Key Cryptography Protocols as: DSA, SRP and SAE.
Students are expected to acquire: • knowledge of the mathematical foundations, e.g. modular arithmetic, needed to understand the cryptographic algorithms as explained in official standards such as NIST SP-Recommendations or FIPS. • knowledge of symmetric cryptography primitives like Block Ciphers, Stream Ciphers, and Hash Functions; • knowledge of the asymmetric cryptosystems used, for instance, for exchanging keys or building Public Key Cryptography; • knowledge of the main protocols used in different fields like Commitments, (Blind) Digital Signatures, SRP, and SAE; • knowledge of the main programming libraries for implementing cryptography algorithms both in C and Python; • abilities to discern the correct cryptographic algorithms to use, depending on the field of application; • abilities to discover flaws in basic cryptographic protocols and when the cryptographic primitives are misused; • knowledge about the main classes of attacks against the presented cryptographic algorithm; • the abilities to mount basic attacks in Python.
Basics of programming in C. Basics of computer security. Basics of linear algebra as in courses of "Linear Algebra and Geometry" of the first year.
Basics of programming in C. Basics of computer security. Basics of linear algebra as in courses of "Linear Algebra and Geometry" of the first year of the Bachelor.
Cryptographic programming: use of cryptographic primitives in C. use of cryptographic primitives in python. Symmetric Cryptography: Block-Ciphers: DES, AES. Operations Modes: ECB,CBC,CTR,OFB,CFB,GCM,CCM. Stream-Ciphers and PRNG: ARX algorithms: RC4, Salsa e Chacha20. Permutation algorithm: Sponge PRNG Hash Functions: ARX : SHA1, SHA2 Permutation: SHA3 Asymmetric Cryptography: DH Key Exchange on finite fields. DH on elliptic curves. RSA. Protocols: DSA,SAE and SRP.
Basics of Cryptography and Cryptanalysis: • Confidentiality, Authentication,Integrity and Nonrepudiation. • (Gen,Enc,Dec) , the key distribution problem and concept of crypto primitives. • Computationally infeasibility or feasibile. Brute Force • Kerckhoff's principle. • Attacks models : COA, KPA, CPA, CCA . • Indistinguishability goals IND . Cryptographic programming: • use of cryptographic primitives in C; • use of cryptographic primitives in Python; • mounting basic attacks against symmetric ciphers, hash functions, and the RSA cryptosystem. Basics of Modular Arithmetic and Elliptic curves. • Calculations in rings of remainders modulo n . The (mod n) notation. • Calculations in Galois fields modulo a polynomial G. • Algorithm to compute the inverse: Euclidean extended and Kuttaka. • Chinese Remainder Theorem (CRT). Euler's Totient function. • Equations of first and second order (mod n). Quadratic residues. Euler's criterion. • Finite and cyclic groups, generators and order. Lagrange's theorem. Fermat's little theorem. • Discrete logarithm problem. • Elliptic curves: definition and construction of the addition law. Symmetric Cryptography: • Block-Ciphers: Feistel and SP-networks. DES, AES; • Operations Modes: ECB, CBC, CTR, OFB, CFB, GCM, CCM; • Stream-Ciphers and PRNG: o ARX algorithms: RC4, Salsa, and Chacha20. o Permutation algorithm: Keccak Sponge PRNG • Hash Functions: o Merkle-Damgård construction. o ARX: SHA1, SHA2 o Permutation based: Keccak Sponge, SHA3 o Birthday's paradox • Message Authentication Codes (MAC). Length extensions attack and HMAC. Asymmetric Cryptography: • DH Key Exchange on finite fields. • DH on elliptic curves. • RSA. Rabin. ElGamal. Hybrid Encryption, KEM/DEM Paradigm. • Protocols: Commitments, (Blind) Digital Signatures, SAE, and SRP.
40 hs of Lectures. 20 hs of Exercises.
The course consists of a total of 40 hours of lessons and 20 hours of exercises structured and distributed into 14 weeks. This means that the lessons and exercises of each week had a precise list of arguments from the Course Topics (see above). Weekly the list of arguments for the lessons are given in advance to the students in a PDF file available on the portale della didattica "material didattico". Such PDF file contains the theory, examples, exercises, hyperlinks to web places, Python code, historical notes and apendixes, that are going to be explained along the lesson by the teacher. Videolectures of lectures and screeshots of explanations of previous years are also available on the portale della didattica "material didattico". The exercises divide into two parts. The first weeks will be devoted to presenting how to write Cryptography code using the C programming Language correctly. The second part will present how to mount attacks against (weakly designed) cryptographic systems using Python. The exercises adopt the Flipped Classroom learning paradigm. Videos presenting the exercises' topics will be provided with material to examine in-depth individual subjects. Videos will be introduced with face-to-face classes presenting the learning objectives, the approach, and the methodology. After each part, dedicated face-to-face classes will allow students to self-assess their preparation level and readiness to sit the exam.
Serious Cryptography: A Practical Introduction to Modern Encryption Jean-Philippe Aumasson, No Starch Press, 2018. Understanding Cryptography, A Textbook for Students and Practitioners Paar, Christof, Pelzl, Jan, Springer-Verlag, 2010. Applied Cryptography: Protocols, Algorithms and Source Code in C Bruce Schneier, Wiley; 20th Anniversary edition,2015.
Serious Cryptography: A Practical Introduction to Modern Encryption Jean-Philippe Aumasson, No Starch Press, 2018. Understanding Cryptography, A Textbook for Students and Practitioners Paar, Christof, Pelzl, Jan, Springer-Verlag, 2010. Applied Cryptography: Protocols, Algorithms and Source Code in C Bruce Schneier, Wiley; 20th Anniversary edition,2015.
Modalità di esame: Prova orale facoltativa; Prova scritta in aula tramite PC con l'utilizzo della piattaforma di ateneo;
Exam: Optional oral exam; Computer-based written test in class using POLITO platform;
Written test; optional request of oral test; The final exam is written. An oral test is optional at the request of the student or at the discretion of the teacher. The written test is considered passed if its result is greater than or equal to 18/30. Only students who have passed the written test can opt to take the oral exam. If requested, the oral exam contributes to determine the final grade together with the written one. Attending the oral exam can lead to both the raising or the lowering of the grade obtained in the written exam.
Gli studenti e le studentesse con disabilità o con Disturbi Specifici di Apprendimento (DSA), oltre alla segnalazione tramite procedura informatizzata, sono invitati a comunicare anche direttamente al/la docente titolare dell'insegnamento, con un preavviso non inferiore ad una settimana dall'avvio della sessione d'esame, gli strumenti compensativi concordati con l'Unità Special Needs, al fine di permettere al/la docente la declinazione più idonea in riferimento alla specifica tipologia di esame.
Exam: Optional oral exam; Computer-based written test in class using POLITO platform;
Expected learning outcomes Understanding of the topics covered, calculation skills and use of the related cryptographic / computer tools introduced. Ability to recognize and use adequate cryptographic tools in engineering disciplines. Ability to build a logical path, using the cryptographic / computer tools introduced. Criteria, rules and procedures for the examination The exam is aimed at ascertaining knowledge of the topics listed in the official teaching program, the ability to apply theory, the related calculation methods and IT methods. The evaluations are expressed out of thirty and the exam is passed if the score reported is at least 18/30. The exam consists of a written test using the PC of 3 closed-ended exercises and 2 open-ended exercises on the topics contained in the teaching program and has the purpose of verifying the level of knowledge and understanding of the topics covered. The written exam aims to verify the above skills (see Expected learning outcomes): the exam, in fact, includes calculation exercises that require the need to choose and apply the most appropriate cryptographic / IT tools for its resolution, but also theoretical concepts, which require the student's ability to build a chain logical by applying in sequence the theoretical results seen in class. Students who pass the written test can be invited to an oral test. The oral exam has the same aims of the written one and contributes to determine the final grade together with the written one. Attending the oral exam can lead to both the raising or the lowering of the grade obtained in the written exam. An example of an exam test is available on the EXERCISE platform on the "portale della didattica". The duration of the written test is 90 minutes. Each closed-ended exercise is worth: 7 points if right, 0 points if unanswered or wrong. The open-ended exercises are worth 6 points. To obtain honors, you must exceed 30 points. During the exam it is not allowed to keep and consult notebooks, books, exercise sheets, forms, personal calculators. The calculators of the platform where the exam takes place is available. The results of the exam are communicated on the teaching portal, together with the date on which students can view the assignment and ask for clarification.
In addition to the message sent by the online system, students with disabilities or Specific Learning Disorders (SLD) are invited to directly inform the professor in charge of the course about the special arrangements for the exam that have been agreed with the Special Needs Unit. The professor has to be informed at least one week before the beginning of the examination session in order to provide students with the most suitable arrangements for each specific type of exam.
Esporta Word


© Politecnico di Torino
Corso Duca degli Abruzzi, 24 - 10129 Torino, ITALY
Contatti