http://ocw.cs.pub.ro/courses/ 2026-04-06T05:38:28+03:00 http://ocw.cs.pub.ro/courses/ http://ocw.cs.pub.ro/courses/lib/tpl/arctic/images/favicon.ico text/html 2017-02-21T11:28:29+03:00 http://ocw.cs.pub.ro/courses/sasc/laboratoare/01?rev=1487669309&do=diff Lab 01 - Introduction Python Crash Course Python Interactive Mode Python is an easy to learn interactive programming language. Throughout this lab, we'll be using Python 2.7. You can run Python code in two ways: * by writing a source file and running it (eventually, with some command line arguments) * by entering commands in interactive mode text/html 2017-02-21T11:28:40+03:00 http://ocw.cs.pub.ro/courses/sasc/laboratoare/02?rev=1487669320&do=diff Lab 02 - Shift and Vigenère ciphers Please download the lab skeleton from here: The archive contains the following: * format_funcs.py: the format functions from the previous lab; * caesar.py: the implementation of the Caesar encryption and decryption from the previous lab; * msg_ex2.txt: the text which needs to be decrypted for exercise 2; * msg_ex3.txt: the text which needs to be decrypted for exercise 3; * ex1.py: implementation of exercise 1; * ex2.py: implementation of exercis… text/html 2017-03-07T15:32:53+03:00 http://ocw.cs.pub.ro/courses/sasc/laboratoare/03?rev=1488893573&do=diff Lab 03 - PRGs Exercise 1 (4p) In this exercise we'll try to break a Linear Congruential Generator, that may be used to generate “poor” random numbers. We implemented such weak RNG to generate a sequence of bytes and then encrypted a plaintext message. The resulting ciphertext in hexadecimal is this: text/html 2017-03-16T16:21:34+03:00 http://ocw.cs.pub.ro/courses/sasc/laboratoare/04?rev=1489674094&do=diff Lab 04 - PRGs, PRFs and PRPs In this lab we shall do some exercises related to PRFs, PRPs and DES. Please check the course, available here: <http://cs.curs.pub.ro/2014/pluginfile.php/13095/mod_resource/content/1/sasc_curs4.pdf> Exercise 1 (4p) Advantage. The purpose of this problem is to clarify the concept of advantage. Consider the following two experiments and : text/html 2017-03-23T19:53:08+03:00 http://ocw.cs.pub.ro/courses/sasc/laboratoare/05?rev=1490291588&do=diff Lab 05 - DES In this lab we'll do some exercises with DES and some of its variants, as we discussed in the last lecture: <http://cs.curs.pub.ro/2014/pluginfile.php/13095/mod_resource/content/2/sasc_curs4_5.pdf> Exercise 1 (2p) Remember DESX defined as the operation DESX( (k1,k2,k3), m) = k1 ⊕ DES(k2, m ⊕ k3), where k1, k3 have 64 bits (same as input/output of DES) and k2 has 56 bits (DES key size). Show a brute force (exhaustive key search) attack on DESX that runs in time . text/html 2017-03-29T08:18:34+03:00 http://ocw.cs.pub.ro/courses/sasc/laboratoare/06?rev=1490764714&do=diff Lab 06 - CBC Padding Attack In this lab we'll try to implement the CBC-padding attack of Serge Vaudenay: <http://link.springer.com/content/pdf/10.1007%2F3-540-46035-7_35.pdf> See sections 3.1 to 3.3 of chapter 3 in the paper above. You may also use this: <http://robertheaton.com/2013/07/29/padding-oracle-attack/> text/html 2017-04-11T22:22:42+03:00 http://ocw.cs.pub.ro/courses/sasc/laboratoare/07?rev=1491938562&do=diff Lab 07 - Correlation Power Analysis In this lab we'll implement a side-channel attack known as Correlation Power Analysis. You can see some details for how to implement this in the lecture notes here The principle is quite simple: * Choose your target (generally the S-box output of some block cipher - in our case AES) * Obtain a large number (thousands) of leakage samples for that target, when processing different plaintexts * Choose a suitable leakage model (usually the hamming weight … text/html 2017-04-24T17:27:30+03:00 http://ocw.cs.pub.ro/courses/sasc/laboratoare/08?rev=1493044050&do=diff Lab 08 - MACs, Hashes, OpenSSL Exercise 1 - Timing attack In this exercise you will perform a timing attack against CBC-MAC. You are given access to a CBC-MAC oracle, which tests whether the received tag matches the one computed using the secret key. Timing attacks exploit naive equality comparisons between the received and computed MACs (for example, the comparison is done byte by byte; more checks means more latency). text/html 2017-05-02T11:00:28+03:00 http://ocw.cs.pub.ro/courses/sasc/laboratoare/09?rev=1493712028&do=diff Lab 09 - OpenSSL AEAD Before you start solving the exercises below, download the [lab archive from here]. Exercise 1 The archive contains the source code for Exercise 2, but sadly it is encrypted. Luckily, we forgot to remove the password file from the archive. text/html 2017-05-08T11:50:50+03:00 http://ocw.cs.pub.ro/courses/sasc/laboratoare/10?rev=1494233450&do=diff Lab 10 - Public key encryption In this lab we'll do some cool exercises using public key encryption methods for key exchange and data encryption. Before starting the labs, download openssl 1.1.0 from here. Save the file to some local folder accessible by you, then compile it and install it to some folder. Open the unpacked folder from bash, and run the following commands: