This repository contains materials for the Cryptography course at Politecnico di Torino, focusing on both implementation and attack scenarios to bridge theory and practice.
The exercises are divided into two main parts:
-
C Programming with OpenSSL:
Learn how to implement cryptographic primitives and protocols in C. Exercises include:- Random Numbers: Generating cryptographically secure pseudo-random numbers.
- Symmetric Encryption: Implementing and understanding symmetric ciphers.
- Digests & MACs: Working with hash functions and message authentication codes.
- Big Numbers: Handling large integer arithmetic for crypto applications.
- Asymmetric Cryptography: Exploring public-key techniques and RSA.
-
Python for Cryptography and Attacks:
Focus on rapid prototyping, cryptanalysis, and CTF-style challenges. Python is used for both implementing cryptographic primitives and attacking them, making it ideal for practical exploit development and cryptanalysis.
Note
For further details, refer to the course slides and materials provided during the lectures.
The repository is organized as follows:
| Section | Description |
|---|---|
C/OpenSSL |
Exercises using C and OpenSSL covering various cryptographic topics. |
C/CTFs |
Capture The Flag (CTF) challenges implemented in C, focusing on practical cryptographic problems and solutions. |
Python |
Python-based cryptography exercises, attacks, and CTF challenges. |
Inside the C/OpenSSL folder, exercises are structured into dedicated directories:
| Exercise | Description |
|---|---|
Random Numbers |
Generating cryptographically secure pseudo-random numbers using OpenSSL. |
Symmetric Encryption |
Implementing symmetric encryption algorithms with OpenSSL. |
Digests and MACs |
Exploring cryptographic digests and MACs. |
Big Numbers |
Handling big numbers in cryptographic operations. |
Asymmetric Cryptography |
Working with asymmetric cryptography and public key operations. |
Inside the C/CTFs folder, exercises are structured into dedicated directories:
| CTF Challenge | Description |
|---|---|
Rand |
Bytewise operations on random strings to capture the flag. |
Encryption |
Various encryption challenges including padding, decryption, and more. |
Digest |
Compute keyed digests and modify digest algorithms to capture the flag. |
HMAC |
Compute HMAC-SHA256 of two files to capture the flag. |
Asymmetric |
Find missing parameters using BIGNUM primitives to capture the flag. |
The Python/ directory has been significantly expanded and now includes a wide range of cryptography exercises, attacks, and CTF-style challenges. The structure is as follows:
The Basics section provides comprehensive implementations of fundamental cryptographic concepts:
| Exercise/Subdirectory | Description |
|---|---|
symmetric/ |
Symmetric cryptography fundamentals: key generation, block/stream ciphers, padding, AEAD, hash functions, and key derivation. |
asymmetric/ |
Asymmetric cryptography fundamentals: prime generation, RSA operations, digital signatures, and key exchange protocols. |
The Attacks section contains practical implementations of cryptographic attack techniques:
| Exercise/Subdirectory | Description |
|---|---|
symmetric/ |
Attacks on symmetric cryptography: ECB/CBC attacks, padding oracle attacks, keystream reuse, and cipher vulnerabilities. |
asymmetric/ |
Attacks on asymmetric cryptography: RSA vulnerabilities, factorization attacks, side-channel analysis, and mathematical cryptanalysis. |
The CTF section contains practical challenge scenarios designed to test and improve cryptographic attack skills:
| Exercise/Subdirectory | Description |
|---|---|
symmetric/ |
CTF challenges focused on symmetric cryptography attacks: padding oracles, mode vulnerabilities, cookie forgery, and implementation flaws. |
asymmetric/ |
Progressive RSA challenges (Levels 1-9) and public-key cryptosystem attacks, covering factorization, parameter attacks, and advanced cryptanalysis. |
hash/ |
Hash function challenges including collision attacks, length extension vulnerabilities, and cryptographic hash analysis. |
- GitHub: @eliainnocenti
- Email: elia.innocenti@studenti.polito.it