chore: fix all broken links

_posts/lecture-notes/internet-security/2023-09-11-symmetric-key-cryptography-1.md

@@ -191,7 +191,7 @@ Let $m \in \left\lbrace 0, 1 \right\rbrace^n$ be the message to encrypt. Then ch
 - Encryption: $E(k, m) = k \oplus m$.
 - Decryption: $D(k, c) = k \oplus c$.
 
-This scheme is **provably secure**. See also [one-time pad (Modern Cryptography)](../modern-cryptography/2023-09-07-otp-stream-cipher-prgs.md#one-time-pad-(otp)).
+This scheme is **provably secure**. See also [one-time pad (Modern Cryptography)](../../modern-cryptography/2023-09-07-otp-stream-cipher-prgs/#one-time-pad-(otp)).
 
 ## Perfect Secrecy
 
@@ -225,7 +225,7 @@ since for each $m$ and $c$, $k$ is determined uniquely.
 
 *Proof*. Assume not, then we can find some message $m_0 \in \mathcal{M}$ such that $m_0$ is not a decryption of some $c \in \mathcal{C}$. This is because the decryption algorithm $D$ is deterministic and $\lvert \mathcal{K} \rvert < \lvert \mathcal{M} \rvert$.
 
-For the proof in detail, check [Shannon's Theorem (Modern Cryptography)](../modern-cryptography/2023-09-07-otp-stream-cipher-prgs.md#shannon's-theorem).
+For the proof in detail, check [Shannon's Theorem (Modern Cryptography)](../../modern-cryptography/2023-09-07-otp-stream-cipher-prgs/#shannon's-theorem).
 
 ### Two-Time Pad is Insecure
 

_posts/lecture-notes/internet-security/2023-10-04-rsa-elgamal.md

@@ -140,7 +140,7 @@ This is an inverse problem of exponentiation. The inverse of exponentials is log
 
 Given $y \equiv g^x \pmod p$ for some prime $p$, we want to find $x = \log_g y$. We set $g$ to be a generator of the group $\mathbb{Z}_p$ or $\mathbb{Z}_p^*$, since if $g$ is the generator, a solution always exists.
 
-Read more in [discrete logarithm problem (Modern Cryptography)](../modern-cryptography/2023-10-03-key-exchange.md#discrete-logarithm-problem-(dl)).
+Read more in [discrete logarithm problem (Modern Cryptography)](../../modern-cryptography/2023-10-03-key-exchange/#discrete-logarithm-problem-(dl)).
 
 ## ElGamal Encryption
 

_posts/lecture-notes/internet-security/2023-10-09-public-key-cryptography.md

@@ -15,7 +15,7 @@ date: 2023-10-09
 github_title: 2023-10-09-public-key-cryptography
 ---
 
-In symmetric key cryptography, we have a problem with key sharing and management. More info in the first few paragraphs of [Key Exchange (Modern Cryptography)](../modern-cryptography/2023-10-03-key-exchange.md).
+In symmetric key cryptography, we have a problem with key sharing and management. More info in the first few paragraphs of [Key Exchange (Modern Cryptography)](../../modern-cryptography/2023-10-03-key-exchange).
 
 ## Public Key Cryptography
 
@@ -32,7 +32,7 @@ These keys are created to be used in **trapdoor one-way functions**.
 
 A **one-way function** is a function that is easy to compute, but hard to compute the pre-image of any output. Here are some common examples.
 
-- *Cryptographic hash functions*: [Hash Functions (Modern Cryptography)](../modern-cryptography/2023-09-28-hash-functions.md#collision-resistance).
+- *Cryptographic hash functions*: [Hash Functions (Modern Cryptography)](../../modern-cryptography/2023-09-28-hash-functions/#collision-resistance).
 - *Factoring a large integer*: It is easy to multiply to integers even if they're large, but factoring is very hard.
 - *Discrete logarithm problem*: It is easy to exponentiate a number, but it is hard to find the discrete logarithm.
 
@@ -87,7 +87,7 @@ Choose a large prime $p$ and a generator $g$ of $\mathbb{Z}_p^{ * }$. The descri
 > 3. Alice and Bob calculate $g^{xy} \bmod p$ separately.
 > 4. Eve can see $g^x \bmod p$, $g^y \bmod p$ but cannot calculate $g^{xy} \bmod p$.
 
-Refer to [Diffie-Hellman Key Exchange (Modern Cryptography)](../modern-cryptography/2023-10-03-key-exchange.md#diffie-hellman-key-exchange-(dhke)).
+Refer to [Diffie-Hellman Key Exchange (Modern Cryptography)](../../modern-cryptography/2023-10-03-key-exchange/#diffie-hellman-key-exchange-(dhke)).
 
 ## Message Integrity
 

_posts/lecture-notes/internet-security/2023-10-18-tls.md

@@ -62,13 +62,13 @@ You can check if TLS is used on your browser. The address should begin with `htt
 
 ## CBC Padding Oracle Attack
 
-Recall [CBC Mode (Internet Security)](./2023-09-18-symmetric-key-cryptography-2.md#cipher-block-chaining-mode-(cbc)) .
+Recall [CBC Mode (Internet Security)](../2023-09-18-symmetric-key-cryptography-2/#cipher-block-chaining-mode-(cbc)) .
 
 Suppose that each block has $8$ bytes. If the message size is not a multiple of the block size, we pad the message. If we need to pad $b$ bytes, we pad $b$ bytes with $b$, encoded in binary.
 
 If the padding is not valid, the decryption algorithm outputs a *padding error* during the decryption process. The attacker can observe if a padding error has occurred, and use this information to recover the plaintext.
 
-To defend this attack, we can use [encrypt-then-MAC (Modern Cryptography)](../modern-cryptography/2023-09-26-cca-security-authenticated-encryption.md#encrypt-then-mac-(etm)), or hide the padding error.
+To defend this attack, we can use [encrypt-then-MAC (Modern Cryptography)](../../modern-cryptography/2023-09-26-cca-security-authenticated-encryption/#encrypt-then-mac-(etm)), or hide the padding error.
 
 ### Attack in Detail
 
@@ -114,7 +114,7 @@ $$
 
 ## Hashed MAC (HMAC)
 
-Let $H$ be a has function. We defined MAC as $H(k \parallel m)$ where $k$ is a key and $m$ is a message. This MAC is insecure if $H$ has [Merkle-Damgård construction](../modern-cryptography/2023-09-28-hash-functions.md#merkle-damgård-transform), since it is vulnerable to length extension attacks. See [prepending the key in MAC is insecure (Modern Cryptography)](../modern-cryptography/2023-09-28-hash-functions.md#prepending-the-key).
+Let $H$ be a has function. We defined MAC as $H(k \parallel m)$ where $k$ is a key and $m$ is a message. This MAC is insecure if $H$ has [Merkle-Damgård construction](../../modern-cryptography/2023-09-28-hash-functions/#merkle-damgård-transform), since it is vulnerable to length extension attacks. See [prepending the key in MAC is insecure (Modern Cryptography)](../../modern-cryptography/2023-09-28-hash-functions/#prepending-the-key).
 
 Choose a key $k \leftarrow \mathcal{K}$, and set