52 cosas que deberías saber si quieres dedicarte a la criptografía
Según la Universidad de Bristol, la critografía abarca matemáticas pura, ciencias de la computación e ingeniería electrónica. Por ello y según su criterio, todo estudiante del doctorado en el campo de la criptografía (en dicha universidad) al final del primer año, debería ser capaz de responder al 90% de las siguientes preguntas:
Computer Engineering ([E])
- What is the difference between the following?
- A general-purpose processor.
- A general-purpose processor with instruction-set extensions.
- A special-purpose processor (or co-processor).
- An FPGA.
- What is the difference between a multi-core processor and a vector processor?
- Estimate the relative computational and storage capabilities of
- a smart-card
- a micro-controller (i.e. a sensor node)
- an embedded or mobile computer (e.g., a mobile phone or PDA)
- a laptop- or desktop-class computer.
Theoretical Computer Science ([F])
- What is meant by the complexity class P?
- What is meant by the complexity class NP?
- How can we interpret NP as the set of theorems whose proofs can be checked in polynomial time?
- How does randomness help in computation, and what is the class BPP?
- How does interaction help in computation, and what is the class IP?
- What are Shannon's definitions of entropy and information?
Mathematical Background ([A,B])
- What is the difference between the RSA and the Strong-RSA problem?
- What are the DLP, CDH and DDH problems?
- What is the elliptic curve group law?
- Outline the use and advantages of projective point representation.
- What is a cryptographic pairing?
Basic (Practical or Deployed) Cryptographic Schemes and Protocols ([A])
- Describe the key generation, encryption and decryption algorithms for RSA-OAEP and ECIES.
- Describe the key generation, signature and verification algorithms for DSA, Schnorr and RSA-FDH.
- Describe and compare the round structure of DES and AES.
- Draw a diagram (or describe) the ECB, CBC and CTR modes of operation.
- Describe the Shamir secret sharing scheme.
- How are Merkle-Damgaard style hash functions constructed?
Cryptographic Implementation Details ([A])
- How does the CRT method improve performance of RSA?
- How do you represent a number and multiply numbers in Montgomery arithmetic?
- Write a C program to implement Montgomery arithmetic.
- Describe the binary, m-ary and sliding window exponentiation algorithms.
- Describe methods for modular reduction using "special" primes that define GF(p) and GF(2^n).
- Describe the NAF scalar multiplication algorithm.
Security Definitions and Proofs ([A,B,C])
- What is the IND-CCA security definition for symmetric key encryption?
- What is the IND-CCA security definition for public key encryption?
- What is the UF-CMA security definition for digital signatures?
- Roughly outline the BR security definition for key agreement?
- Give one proof of something which involves game hopping
- Outline the difference between a game based and a simulation based security definition.
Mathematical Attacks ([A,B])
- How does the Bellcore attack work against RSA with CRT?
- Describe the Baby-Step/Giant-Step method for breaking DLPs
- Give the rough idea of Pollard rho, Pollard "kangaroo" and parallel Pollard rho attacks on ECDLP.
- What is meant by index calculus algorithms?
- Roughly outline (in two paragraphs only) how the NFS works.
Practical Attacks ([D])
- What is the difference between a covert channel and a side-channel?
- What is the difference between a side-channel attack and a fault attack?
- What is usually considered the difference between DPA and SPA?
- Are all side channels related to power analysis?
- Look at your C code for Montgomery multiplication above; can you determine where it could leak side channel information?
- Describe some basic (maybe ineffective) defences against side channel attacks proposed in the literature for AES.
- Describe some basic (maybe ineffective) defences against side channel attacks proposed in the literature for ECC.
- Describe some basic (maybe ineffective) defences against side channel attacks proposed in the literature for RSA.
Advanced Protocols and Constructions ([A,B])
- What is the Fiat-Shamir transform?
- What does correctness, soundness and zero-knowledge mean in the context of a Sigma protocol?
- What is the purpose and use of a TPM?
- Describe the basic ideas behind IPSec and TLS.
- What is the BLS pairing based signature scheme?
- What is the security model for ID-based encryption, and describe one IBE scheme.
- Pick an advanced application concept such as e-Voting, Auctions or Multi-Party Computation. What are the rough security requirements of such a system?
Buscar
Entradas Recientes
- Posts
- Reemplazando la bateria del AirTag
- OpenExpo Europe décima edición, 18 de mayo: El Epicentro de la Innovación y la Transformación Digital
- Docker Init
- Kubernetes para profesionales
- Agenda: OpenExpo Europe 2022 llega el 30 de junio en formato presencial
- Libro 'Manual de la Resilencia', de Alejandro Corletti, toda una referencia para la gestión de la seguridad en nuestros sistemas
- Mujeres hackers en ElevenPaths Radio
- Creando certificados X.509 caducados
- Generador de imágenes Docker para infosec