本文概述了信息安全与密码学领域的52个核心知识点,涵盖计算机工程、理论计算机科学、数学背景、密码机制与协议等多个方面。从复杂度类到密码学配对,从侧信道攻击到高级协议构建,全面解析信息安全的关键技术与挑战。
信息安全与密码学博士:应该掌握的52个知识,是英国Bristol大学密码安全工作组提出的一个概念。参考:http://bristolcrypto.blogspot.com/
工作组将52个问题分为 9个方面,包括:计算机工程方面;理论计算机科学方面;数学背景;基本密码机制与协议;密码实现详情;安全定义和证明;数学攻击;实际攻击;高级协议与构造。对自己来说,
有些问题是可以回答的,比如 1-5,9, 17-18等,
有些是生涩的,比如 33-45的数学攻击和实际攻击。
有些是有待研究的,比如
- T22-- 蒙哥马利算法表示数乘;
- T23 --C语言执行蒙哥马利算法;
- T19-- Shamir秘密共享方案;
- T50-- 基于BLS的配对签名方案;
- T46-- 菲亚特-沙米尔(Fiat-Shamir)变换?
后面需要将每个内容写篇文章。立个Flag!
附录:52 Things.
Computer Engineering ([E]) 计算机工程方面
Number 1:What is the difference between the following? 下列处理器有什么差异?
-
A general-purpose processor.
-
A general-purpose processor with instruction-set extensions.
-
A special-purpose processor (or co-processor).
-
An FPGA.
Number 2:What is the difference between a multi-core processor and a vector processor? 多核处理器和矢量处理器的差异是什么?
Number 3:Estimate the relative computational and storage capabilities of... 评估以下处理器的计算和存储性能?
-
a smart-card
-
a micro-controller (i.e. a sensor node)
-
an embedded or mobile computer (e.g., a mobile phone or PDA)
-
a laptop- or desktop-class computer.
Theoretical Computer Science ([F]) 理论计算机科学方面
Number 4:What is meant by the complexity class P? P类复杂度的含义?
Number 5:What is meant by the complexity class NP? NP类复杂度的含义?
Number 6: How can we interpret NP as the set of theorems whose proofs can be checked in polynomial time? 我们如何将NP解释为可以在多项式时间内检验其证明的定理集合?
Number 7:How does randomness help in computation, and what is the class BPP? 随机性在计算中有什么作用?BPP类问题是什么?
Number 9:What are Shannon's definitions of entropy and information? 香农关于熵和信息的定义是怎样的?
Mathematical Background ([A,B]) 数学背景
Number 10:What is the difference between the RSA and the Strong-RSA problem? RSA和强RSA难题的区别是什么?
Number 11:What are the DLP, CDH and DDH problems? DLP,CDH和DDH难题的区别是什么?
Number 12:What is the elliptic curve group law? 椭圆曲线群的定律是什么?
Number 13:Outline the use and advantages of projective point representation. 描述射影坐标表示点的用途和优势。
Number 14:What is a cryptographic pairing? 密码学意义上的配对是什么?
Basic (Practical or Deployed) Cryptographic Schemes and Protocols ([A]) 基本密码机制与协议
Number 16: Describe the key generation, signature and verification algorithms for DSA, Schnorr and RSA-FDH. 描述DSA,Schnorr和RSA-FDH算法的密钥生成、签名和验签过程。
Number 17:Describe and compare the round structure of DES and AES. 描述和比较DES和AES的循环结构。
Number 18:Draw a diagram (or describe) the ECB, CBC and CTR modes of operation. 画出ECB、CBC和CTR的操作示意图
Number 19:Describe the Shamir secret sharing scheme. 描述Shamir秘密共享方案。
Number 20:How are Merkle-Damgaard style hash functions constructed? Merkle-Damgaard 类型的Hash函数是如何建立的?
Cryptographic Implementation Details ([A]) 密码实现详情
Number 21:How does the CRT method improve performance of RSA? CRT方法如何改善了RSA的性能?
Number 22:How do you represent a number and multiply numbers in Montgomery arithmetic? 如何用蒙哥马利算法表示一个数并将数相乘?
Number 23:Write a C program to implement Montgomery arithmetic. 编写C语言执行蒙哥马利算法。
Number 24:Describe the binary, m-ary and sliding window exponentiation algorithms.描述二进制,m进制和滑动窗口取幂算法
Number 25:Describe methods for modular reduction using "special" primes that define GF(p) and GF(2^n). 描述使用定义GF(p)和GF(2 ^ n)的“特殊”素数进行模块化归约的方法。
Number 26:Describe the NAF scalar multiplication algorithm. 描述NAF标量乘法算法。
Security Definitions and Proofs ([A,B,C]) 安全定义和证明
Number 27:What is the AEAD security definition for symmetric key encryption? 对称密钥加密的IND-CCA安全定义是什么
Number 28:What is the IND-CCA security definition for public key encryption? 公开密钥加密的IND-CCA安全定义是什么
Number 29:What is the UF-CMA security definition for digital signatures? 数字签名的UF-CMA安全定义是什么
Number 30:Roughly outline the BR security definition for key agreement? 大致概述关键协议的BR安全定义。
Number 31:Give one proof of something which involves game hopping. 提供一个涉及游戏跳动的证据。
Number 32:Outline the difference between a game based and a simulation based security definition. 概述基于游戏的和基于仿真的安全定义的区别。
Mathematical Attacks ([A,B]) 数学攻击
Number 33:How does the Bellcore attack work against RSA with CRT? Bellcore攻击如何通过CRT对RSA起作用?
Number 34:Describe the Baby-Step/Giant-Step method for breaking DLPs. 描述破坏DLP的Baby-Step / Giant-Step方法。
Number 35:Give the rough idea of Pollard rho, Pollard "kangaroo" and parallel Pollard rho attacks on ECDLP. 给出Pollard rho,Pollard“ kangaroo”和并行Pollard rho对ECDLP的攻击的粗略想法。
Number 36:What is meant by index calculus algorithms? 索引演算算法是什么意思?
Number 37:Roughly outline (in two paragraphs only) how the NFS works. 粗略概述(仅用两段)NFS的工作方式。
Practical Attacks ([D]) 实际攻击
Number 38:What is the difference between a covert channel and a side-channel? 隐性信道和侧信道之间有什么区别?
Number 39:What is the difference between a side-channel attack and a fault attack? 旁道攻击和故障攻击有什么区别?
Number 40:What is usually considered the difference between DPA and SPA? DPA和SPA之间通常有什么区别?
Number 41:Are all side channels related to power analysis? 所有的侧信道都与功率分析有关吗?
Number 42:Look at your C code for Montgomery multiplication above; can you determine where it could leak side channel information? 查看上面蒙哥马利乘法的C代码; 您能确定哪里可能泄漏侧信道信息吗?
Number 43:Describe some basic (maybe ineffective) defences against side channel attacks proposed in the literature for AES. 描述文献中针对AES提出的一些针对边信道攻击的基本(可能无效)防御措施。
Number 44:Describe some basic (maybe ineffective) defences against side channel attacks proposed in the literature for ECC. 描述文献中针对ECC提出的一些针对边信道攻击的基本(可能无效)防御措施。
Number 45:Describe some basic (maybe ineffective) defences against side channel attacks proposed in the literature for RSA. 描述文献中针对RSA提出的一些针对边信道攻击的基本(可能无效)防御措施。
Advanced Protocols and Constructions ([A,B]) 高级协议与构造
Number 46:What is the Fiat-Shamir transform? 什么是菲亚特-沙米尔(Fiat-Shamir)变换?
Number 47:What does correctness, soundness and zero-knowledge mean in the context of a Sigma protocol? 在Sigma协议中,正确性,健全性和零知识意味着什么?
Number 48:What is the purpose and use of a TPM? TPM的目的和用途是什么?
Number 49:Describe the basic ideas behind IPSec and TLS. 描述IPSec和TLS背后的基本思想。
Number 50:What is the BLS pairing based signature scheme? 什么是基于BLS配对的签名方案?
Number 51:What is the security model for ID-based encryption, and describe one IBE scheme. 什么是基于ID的加密的安全模型,并描述一种IBE方案。
Number 52:Pick an advanced application concept such as e-Voting, Auctions or Multi-Party Computation. What are the rough security requirements of such a system? 选择一个先进的应用程序概念,例如电子投票,拍卖或多方计算。 这种系统的基本安全要求是什么?
Further Reading (进一步参考文献)
-
[A] Nigel's book is deliberately informal and tries to give quick flavours of what is important in theory and practice.
-
[B] The Katz Lindell book is a better formal introduction to modern theoretical cryptography but it is less good in its treatment of what is important in the real world (e.g. the coverage of AES, ECC, implementation, etc is quite limited).
-
[C] Goldreich's two volume book is a very good introduction to the deep theory, but deliberately does not cover practical cryptography.
-
[D] Elisabeth's DPA book is the best introduction to all things about side-channels.
-
[E] Dan's book is a good starting place for computer architecture and learning VHDL.
-
[F] Goldreich's book on complexity theory is a good place to start. Its approach is much more down-to-earth and sensible than other approaches (i.e. P vs NP is presented in terms of is it easier to check or find proofs?)
扫一扫
1147
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
