Ruslan Ospanov can offer his services in developing and conducting courses in the field of cryptography and distributed ledger technologies (blockchain) and invites you to cooperate. On a contractual basis.
Examples of courses:
This course discusses guidelines based on current research aimed at building new systems with a long life cycle. The course aims to provide guidance in the field of cryptography and is addressed to professionals who develop and implement cryptographic solutions within organizations. In this course, we will focus on only two decisions that are important to users of cryptography.
First, is it possible to consider a cryptographic algorithm suitable for further use today, if it is already in use. The first principle is that if an algorithm is not considered suitable for modern use, or is considered for such use with only some caution, then this should be taken as an indication that the algorithm should be replaced as a matter of urgency.
Second, we consider whether the cryptographic algorithm is suitable for use in new or future systems. The second principle is that specialists are now planning and preparing to phase out the use of existing algorithms over 5-10 years, and replace them with algorithms that they consider safe for future use.
This course examines algorithms that have been standardized to a certain extent and have been deployed or planned to be deployed in real systems, and therefore will be of interest to decision makers in manufacturing and government.
Course program
(each topic is designed for a minimum of 1 hour,
so the minimum course duration is 20 hours)
Module | Theme |
1.General issues. | 1.1. Introduction. Definitions. |
1.2. Cryptograpic security. | |
1.3. Side channel attacks. | |
1.4. Random number generation. | |
1.5. Key management system. | |
2. Cryptographic primitives. | 2.1. Symmetric block ciphers. |
2.2. Hash functions. | |
2.3. Symmetric stream ciphers. | |
2.4. Asymmetric cryptographic primitives. | |
2.5. Key sizes. | |
3. Cryptographic schemes. | 3.1. Encryption modes of symmetric block encryption algorithms. |
3.2. Message Authentication Codes (MACs). | |
3.3. Authenticated encryption (with attached data). | |
3.4. Key derivation functions. | |
3.5. Asymmetric cryptographic schemes. | |
4. Cryptographic protocols. | 4.1. Key installation protocols. |
4.2. Identification and authentication protocols. | |
4.3. Key exchange protocols with password authentication. | |
4.4. Some specific cryptographic protocols. | |
4.5. Some application specific protocols. |
This course focuses on standards, cryptography, and standards in the field of cryptography. The course aims to provide guidance in the field of cryptographic standards and is addressed to professionals developing and implementing cryptographic solutions within organizations, as well as to students and others who want to understand what cryptography can provide.
In recent years, standards have been issued for most commonly used types of cryptographic schemes and for most common uses of cryptography. This course is designed to provide an introduction to all major types of cryptographic schemes and guidance on standardized techniques. The purpose of the course is to provide sufficient information about the standardized schemes used, in particular, to provide fairly comprehensive information about what standards exist and what they contain. This will allow users to select algorithms for practical use, with the confidence that the algorithms have been studied well enough by the academic community to be standards. Of course, standardization alone does not guarantee that any algorithm will not be subject to attack in the future, but in general standardized methods represent the state of the art in cryptography. However, there are exceptions where cryptographic techniques are used that have not been thoroughly studied by the wider community - such exceptions tend to be application-specific standards. Like all users of cryptography, users of standardized techniques are encouraged to keep abreast of new developments in the field.
Course program
(each topic is designed for a minimum of 1 hour,
thus the minimum course duration is 65 hours)
Module | Subject |
1.Standards and standardization process | 1.1. Introduction. Why are standards needed? |
1.2. International standardization organizations. | |
1.3. National standards organizations. | |
1.4. Industrial Standardization Organizations. | |
1.5. Cryptographic assessment organizations. | |
2. Functions-services and security mechanisms. (based on ISO 7498.2 standard) | 2.1. Safety standards. Security model. |
2.2. Security functions and services. | |
2.3. Security mechanisms. | |
2.4. Security management. | |
2.5. Security basics. | |
3. Standards for encryption algorithms. | 3.1. Definitions and basic properties. |
3.2. Block cipher algorithm standards. | |
3.3. Encryption mode standards. | |
3.4. Standards for stream encryption algorithms. | |
3.5. Standards for asymmetric encryption algorithms. | |
4. Standards for cryptographic hash functions. | 4.1. Definitions and basic properties. |
4.2. Hash functions based on block ciphers. | |
4.3. Specialized hash functions. | |
4.4. Hash functions based on modular arithmetic. | |
4.5. Selection of hash functions. Other schemes for constructing hash functions. | |
5. Message authentication code standards. | 5.1. Definitions and basic properties. |
5.2. Block Cipher-Based Message Authentication Codes (CBC-MAC). | |
5.3. Message authentication codes based on hash functions. | |
5.4. Message Authentication Algorithms (MAA). | |
5.4. PMAC. | |
6. Digital signature standards. | 6.1. Definitions and basic properties. |
6.2. Digital Signature Algorithm (DSA). | |
6.3. RSA-based signature schemes. | |
6.4. Other standards. | |
6.5. Digital signatures and the law. | |
7. Non-repudiation standards. | 7.1. Model of non-repudation. |
7.2. Non-repudiation service functions. | |
7.3. Non-repudation using symmetric cryptography. | |
7.4. Non-repudiation using asymmetric cryptography. | |
7.5. Timestamps and non-repudiation. | |
8. Standards for authentication protocols. | 8.1. Definitions and basic properties. |
8.2. Cryptographic and non-cryptographic mechanisms. | |
8.3. Authentication using symmetric cryptography. | |
8.4. Authentication using asymmetric cryptography. | |
8.5. “Manual authentication” protocols. | |
9. Standards for control systems and key installation. | 9.1. Definitions and basic properties. |
9.2. Key management schemes. | |
9.3. Key establishment schemes using symmetric cryptography. | |
9.4. Key establishment schemes using asymmetric cryptography. | |
9.5. Other schemes. | |
10. Public key infrastructure standards. | 10.1. Definitions and basic properties. |
10.2. Public key certificate formats. | |
10.3. Public key certificate management. | |
10.4. Storing and retrieving public key certificates. Determining the status of public key certificates. | |
10.5. Certificate policy and certification practice regulations. | |
11. Standards for managing trusted third party services. | 11.1. Definitions and basic properties. |
11.2. Requirements for trusted third parties. | |
11.3. Architecture of trusted third parties. | |
11.4. Timestamp services. | |
11.5. Digital archiving services. | |
12. Cryptographic API standards. | 12.1. Definitions and basic properties. |
12.2. GSS-API. | |
12.3. PKCS #11. | |
12.4. Other cryptographic APIs. | |
12.5. Security questions. | |
13. Other standards. | 13.1. Generating random bits. |
13.2. Authenticated encryption. | |
13.3. Security modules. | |
13.4. Standards for the use of biometric methods. | |
13.5. Information security management. |
TECHNOLOGY (from the Greek art, skill, skill and Greek study) - a set of methods and tools to achieve the desired result; a method of transforming the given into the necessary; mode of production. Technology is the application of any scientific knowledge to solve practical problems. Technology includes methods, techniques, mode of operation, sequence of operations and procedures; it is closely related to the means, equipment, tools, and materials used. Technology is a real (practical) solution to a specific scientific, technical, production, economic and socio-political problem. (Nekrasov S.I., Nekrasova N.A. Philosophy of science and technology: thematic dictionary. - Orel: OSU. 2010.)
This course is dedicated to blockchain technology. The course is aimed at giving a general understanding of this technology and is addressed to everyone who wants to understand at a high level how blockchain technology works and what it can be used for.
Currently, there is quite a high level of excitement around the issue of using blockchain, but this technology has not been well studied. Blockchain is not some kind of magic, magic that will help solve all problems. As with all new technologies, there is a tendency to try to apply it to everything imaginable. This course attempts to provide students with a high-level understanding of blockchain technology sufficient to begin effective implementation.
Course program
(each topic is designed for a minimum of 1 hour,
thus the minimum course duration is 15 hours)
1.Blockchain architecture.
1.1. Introduction. History of the issue. Internet. Cryptography. Cypherpunk (Cypherpunks). Tasks. David Chaum and DigiCash. Wei Dai and b-money. Nick Szabo and Bitgold. Nick Szabo and smart contracts. Stuart Haber, W. Scott Stornetta and timestamp server. Adam Back and hashcash. Leslie Lamport and Paxos. Merkle Tree. Satoshi Nakamoto and Bitcoin. Classification of blockchain technology. Components of blockchain technology.
1.2. Cryptographic hash functions. Definition of a cryptographic hash function. Properties. Classification. Cryptographic hash function schemes. KDF. Examples. Application. Hash pointers. Block chain. Merkle Tree.
1.3. Asymmetric cryptography algorithms. Asymmetric cryptography. Digital signatures. Properties. Elliptic Curve Digital Signature Algorithm (ECDSA). Use of private and public keys.
1.4. Transactions. Addresses. Ledgers. Transaction. Information contained in the transaction. Metadata. Amount Inputs. Outputs. ID/Hash. User address. Formation of the address. Private key storage. Wallet. Transactions ledger. Centralized ledgers. Distributed ledgers.
1.5. Blocks. Block chains. Transaction pool. Transaction blocks. Creating blocks. Block data fields. Block number. The current hash value of the block. The previous hash value of the block. Merkle tree root hash. Timestamp. Block size. Nonce value. List of transactions included in the block. Block chains.
2. Consensus algorithms.
2.1. Consensus tasks. Consensus. Agreement protocol. Objectives of the agreement. The Byzantine agreement problem. Consensus problem. Interactive consistency problem. Byzantine agreement protocol. Consensus protocol. Interactive consistency protocol.
2.2. Proof-of-Work algorithm. Description of the algorithm.
2.3. Proof-of-Stake algorithm. Description of the algorithm.
2.4. Modifications to consensus algorithms. Reusable-Proofs-of-Work (RPoW). Delegated Proof-of-Stake (DPoS). Leased Proof of Stake (LPoS). Proof of Importance (Pol). Proof of Activity (POA). Proof of Capacity (PoC) (Proof-of-space). Proof of Burn (PoB). Ouroboros Proof-of-stake (PoS). Proof of Research.
2.5. Review of other consensus algorithms. Byzantine Fault Tolerance (BFT). Proof of Elapsed Time (PoET). Simplified Byzantine Fault Tolerance (SBFT). Delegated Byzantine Fault Tolerance (DBFT). Directed Acyclic Graphs (DAG). Proof of Weight (PoWeight). Proof-of-Authority (PoAuthority).
3. Miscellaneous.
3.1. Forking. Forks. Soft fork. Hard fork. Examples. Replacement of cryptographic algorithms. Quantum computers and post-quantum cryptography.
3.2. Smart contracts. Smart contract. Work principles. Examples. Ethereum.
3.3. Types of blockchain. Permissionless Blockchain (open blockchain). Permissioned Blockchain (closed blockchain). Public blockchains. Consortium blockchains. Fully private blockchains. Permissioned private shared ledgers. Permissioned public shared ledgers. Unpermissioned public shared ledgers.
3.4. Blockchain platforms. Cryptocurrencies. Bitcoin. Bitcoin Cash. Litecoin. Ethereum. Ethereum Classic. Dash. Ripple. Hyperledger. MultiChain. Waves. Nxt. NEM. NEO.
3.5. Possibilities of blockchain technology. Possibility of using blockchain technology. Limitations of application. Misconceptions about application possibilities. Possible areas of application. Flowchart for determining the need for blockchain technology.
Over the past decade, cryptographic protocols have emerged as a major focus of research in theoretical cryptography. For example, at the largest annual international cryptographic conferences Crypto and EUROCRYPT, most of the reports are devoted specifically to protocols. This situation is not only a reflection of the prevailing interests of researchers, but there are also objective grounds for the conclusion that cryptographic protocols have become the main object of cryptographic research. In banking payment systems today, instead of payment orders on paper, their electronic form is used. The benefits of such a replacement are very tangible, and therefore banks will never refuse it, no matter what technical and cryptographic (related to ensuring integrity) difficulties arise. But payment orders are only one of the many types of documents in circulation in business. But there are also documents that government bodies and public organizations work with, legal documents, etc. In recent years, in developed countries there has been a clear trend of transferring all document flow into electronic form. It is important to note that as the transition to electronic documents seems inevitable, there is a need to ensure, on a case-by-case basis, integrity and untraceability, i.e. development of appropriate cryptographic protocols.
In 1994, Timothy C. May first proposed considering the problem of sending a secret message to the future, i.e. the task of encrypting messages that can only be decrypted after a specified time in the future.
Solving this problem has a number of interesting practical applications, for example:
The scope can be very broad and includes not only auctions and voting, but also financial markets and their regulation, e-commerce, and law.
There is also a need for such a cryptographic application in the Republic of Kazakhstan. In particular, in 2015, the Government Procurement Web Portal of the Republic of Kazakhstan expressed its need for a tool that would provide encryption of the data of portal users (suppliers), with the ability to decrypt it no earlier than a specified time.
This course proposes to consider a number of cryptographic protocols (distributed key generation protocols, secret sharing protocols, El-Gamal encryption algorithm) to build a data encryption service for a given time.
Course program
Module | Subject |
1. Introduction to the theory of cryptographic protocols. | 1.1. The concept of a cryptographic protocol, the strength and complexity of crypto protocols. |
1.2. Types of cryptographic protocols. | |
1.3. Examples of cryptographic protocols. | |
2. Key distribution protocols | 2.1. The concept of a key distribution protocol. Types of key distribution protocols. |
2.2. Examples of key distribution protocols. Diffie-Hellman protocol. RSA protocol. | |
2.3. El-Gamal Protocol. | |
3. Secret sharing protocols | 3.1. The concept of a secret sharing protocol. Types of secret sharing protocols. |
3.2. Examples of secret sharing protocols. | |
3.3. Feldman Verifiable Threshold Secret Sharing Protocol. | |
4. Distributed key generation protocols | 4.1. The concept of a distributed key generation protocol. |
4.2. Examples of distributed key generation protocols. | |
4.3. Pedersen distributed key generation protocol | |
5. A protocol that provides encryption of messages, decryption of which will be possible no earlier than a specified time (Time-Lapse Cryptography) | 5.1. The task of encrypting messages that can only be decrypted after a specified time in the future. Application area. Approaches to solution. |
5.2. Time-Lapse Cryptography data encryption service for a specified time. | |
5.3. Modified options for data encryption service for a specified time. |
Over the past decade, cryptographic protocols have emerged as a major focus of research in theoretical cryptography. For example, at the largest annual international cryptographic conferences Crypto and EUROCRYPT, most of the reports are devoted specifically to protocols. This situation is not only a reflection of the prevailing interests of researchers, but there are also objective grounds for the conclusion that cryptographic protocols have become the main object of cryptographic research. In banking payment systems today, instead of payment orders on paper, their electronic form is used. The benefits of such a replacement are very tangible, and therefore banks will never refuse it, no matter what technical and cryptographic (related to ensuring integrity) difficulties arise. But payment orders are only one of the many types of documents in circulation in business. But there are also documents that government bodies and public organizations work with, legal documents, etc. In recent years, in developed countries there has been a clear trend of transferring all document flow into electronic form. It is important to note that as the transition to electronic documents seems inevitable, there is a need to ensure, on a case-by-case basis, integrity and untraceability, i.e. development of appropriate cryptographic protocols.
Due to the general availability of the used channels for transmitting voice information in IP networks, the confidentiality of VoIP services is of particular relevance. For this, two different approaches are possible: the formation of a direct secure channel between correspondents (for example, a VPN tunnel) and the use of special security protocols for IP services. The first method is widely used when building virtual corporate networks. However, to implement it, correspondents must support the VPN protocol, which is not typical for all VoIP devices (Table 1). Specific IP telephony security protocols can be divided into three categories:
• signaling security protocols (Secured SIP);
• media information security protocols (SRTP);
• key generation/distribution protocols for media information security protocols
(MIKEY, SDES, ZRTP, DTLS).
This course examines encryption key distribution protocols for use in voice over IP (VoIP) (ZRTP) systems.
Course program
Module | Subject |
1. Introduction to the theory of cryptographic protocols. | 1.1. The concept of a cryptographic protocol, the strength and complexity of crypto protocols. |
1.2. Types of cryptographic protocols. | |
1.3. Examples of cryptographic protocols. | |
2. Key distribution protocols | 2.1. The concept of a key distribution protocol. Types of key distribution protocols. |
2.2. Public key distribution protocols. Examples of public key distribution protocols. Diffie-Hellman protocol. | |
2.3. Elliptic curve cryptographic protocols. Diffie-Hellman protocol on elliptic curves. | |
3. ZRTP protocol is a cryptographic encryption key agreement protocol used in voice over IP (VoIP) systems. | 3.1. Security protocols in IP telephony. |
3.2. ZRTP protocol: cryptographic algorithms used (hashing algorithms, encryption algorithms, authentication tag types, key agreement protocols, SAS types, MAC message authentication code, CRC checksum). | |
3.3. ZRTP protocol: general description of the protocol. |
A cryptographic algorithm is understood as an algorithm that implements the calculation of one of the cryptographic functions, i.e. functions necessary to implement a cryptographic system. Such functions include: key generation, generation of pseudo-random sequences, encryption function, calculation and verification of message authenticity code values and digital signatures, calculation of hash function values, etc. Cryptographic tasks consist of ensuring confidentiality, integrity, untraceability, authentication, non-repudiation and etc.
This course proposes to consider the basic principles of constructing symmetric block encryption algorithms using the example of existing standards (AES, “Kuznechik”, “Kalina”).
Course program
Module | Subject |
1. Introduction to the theory of cryptographic algorithms. | 1.1. The concept of a cryptographic algorithm. Types of cryptographic algorithms. |
1.2. Encryption algorithms. Types of encryption algorithms. | |
1.3. The concept of cryptographic strength of encryption algorithms. | |
2. Symmetric block encryption algorithms. | 2.1. Structure of symmetric block encryption algorithms. |
2.2. Operating modes of symmetric block encryption algorithms. | |
2.3. Cryptanalysis of symmetric block encryption algorithms. | |
3. Standards for symmetric block encryption algorithms. | 3.1. Review of symmetric block cipher algorithm standards. |
3.2. Description of the symmetric block encryption algorithm AES (Advanced Encryption Standard, FIPS Publication 197 standard). | |
3.3. Description of the symmetric block encryption algorithm “Kalyna”, standard DSTU 7624:2014. | |
3.4. Description of the symmetric block encryption algorithm "Grasshopper" ("Kuznyechik"), included in the GOST R 34.12–2015 standard "Information technology. Cryptographic information protection. Block ciphers." |