- SYMBOLS
(backslash), 10
- - operator, 12
- / operator, 12
- // operator, 12
- //= (floor division) assignment operator, 14
- _ (binary One Complement) bitwise operator, 15, 52
- | (binary OR) bitwise operator, 15, 52
- + operator, 11, 12
- += (add AND) assignment operator, 14
- +KA (notation in cryptographic protocols), 37
- /= (divide AND) assignment operator, 14
- = (subtract AND) assignment operator, 14
- = assignment operator, 14
- != comparison operator, 13
- == comparison operator, 13
- % operator, 12
- %= (modulus AND) assignment operator, 14
- & (binary AND) bitwise operator, 15, 52
- * operator, 12
- ** operator, 12
- **= (exponent AND) assignment operator, 14
- *= (multiply AND) assignment operator, 14
- ^ (binary XOR) bitwise operator, 15, 52
- < comparison operator, 13
- << (binary Left Shift) bitwise operator, 15, 52
- <= comparison operator, 13
- <>= comparison operator, 13
- > comparison operator, 13
- >= comparison operator, 13
- >> (binary Right Shift) bitwise operator, 15, 52
- A
- A (notation in cryptographic protocols), 37
- A → B: m (notation in cryptographic protocols), 37
- A[m] (notation in cryptographic protocols), 37
- a+ file operator, 19
- addition + operator, 12
- Adleman, Leonard (researcher), 34, 226
- AES (Advanced Encryption Standard), 36, 156, 167, 180–187
- AES-GCM, 261
- Affine cipher, 90–93
- algorithms
- ARX algorithms, 149
- asymmetric algorithms, 36
- DEC algorithm,
- deterministic algorithm, 101
- ENC algorithm,
- exploring,
- GEN algorithm,
- Mersenne Twister algorithm, 116
- published and proprietary encryption, 61–62
- RSA algorithm, 104, 226–235, 242
- Secure Hash Algorithms (SHAs), 203–204, 205, 209
- symmetric algorithms, 36
- Alice and Bob, as most famous cryptographic couple, 33–34
- analytical attacks, 48
- AND, 50–55
and
(logical AND), 14
Append
file operator, 19
- arbiter, 35
- arbitrated authentication, 35–36
- ARC4 (ARCFOUR), 147–148
- arithmetic operators, 11–13
- Artjuhov, M. M., 100
- ARX algorithms, 149
- ASCII encoding, 70
- assignment operator, 10, 14
- associativity (as group axiom), 106
- asymmetric algorithms, 36
- Atbash cipher, 77
- attack models, 49–50
- attacks
- analytical attacks, 48
- birthday attack, 59, 207–209
- brute-force attacks, 47–48
- length extension attack, 209–210
- reflection attack, 211
- reordering attack, 211
- replay attack, 211
- side-channel attacks, 48
- social engineering, 48
- Authenticate Then Decrypt, 211
- authentication
- arbitrated authentication, 35
- data origin authentication, 34–35
- direct authentication, 35
- entity authentication, 35–36
- inter-realm authentication, 40
- message authentication codes, 60
- B
- backslash (
), 10
- Base64 encoding text, 70
- bcrypt library, 69
- Bernstein, Daniel, 149
bin()
function, 52
- binary data, 71
- binary digests, 204–205
binascii
library, 140
- birthday attack, 59, 207–209
- bitwise operators, 15, 52
- blind signatures, 33
- block cipher mode, 158
- block ciphers
- AES (Advanced Encryption Standard), 36, 156, 167
- block modes of operation, 158
- CBC mode (formerly Cipher Block Chaining), 159–160
- CFB mode (Cipher Feedback mode), 160–162
- CTR mode (Integer Counter mode or Segmented Integer Counter mode), 162–164
- DIY block cipher using Feistel networks, 165–166
- ECB mode (formerly Electronic Codebook), 158–159
- OFB mode (Output Feedback mode), 162–163
- overview, 156–158
- tricks with stream modes, 164–165
- block modes of operation, 180–187
- Blowfish, 36
- Bob and Alice, as most famous cryptographic couple, 33–34
- Boolean test, 16
break
loop, 18
- brute-force attacks, 47–48
- buffer sequence type, 20, 21
- Bundle, Pip as similar to,
- C
- CA-A (notation in cryptographic protocols), 37
- CA<<A>> (notation in cryptographic protocols), 37
- Caesar cipher, 74–76
- CBC mode (formerly Cipher Block Chaining), 159–160, 180, 185–186
- CBC-MAC (cipher block chaining message authentication code), 206–207
- CCA (Chosen-Ciphertext), 50
- Cert -CK CA(+KA) (notation in cryptographic protocols), 37
- certificate, self-signed, 45–46
- certificate authorities (CAs), 42
- certificate chains, 42–44
- certificate hierarchy, 42–44
- certificate revocation, 44–45
- CFB mode (Cipher Feedback mode), 160–162
- ChaCha cipher, 151–156
- ChaCha20 stream cipher, 145
- channels
- adding symmetric encryption, 215–218
- communication channels, 211
- concatenate message and MAC, 218–221
- creating client socket, 213–214
- creating server socket, 212–213
- creating threaded server with TCP, 214–215
- sending secure messages over IP networks, 212–221
- setting up secure one, 210–221
chmod
command,
- Choctaw Indian language, as historical cipher, 73
- Chosen-Ciphertext (CCA), 50
- Chosen-Plaintext (CPA), 50
- Chromebook, installing Python on, –5
- CIA Triad, 35–36
- cipher block chaining message authentication code (CBC-MAC), 206–207
- Cipher Block Chaining (now CBC mode), 159–160
- Cipher Feedback mode (CFB), 160–162
- cipher space, use of term, 49
- ciphers
- Affine cipher, 90–93
- ARC4 (ARCFOUR), 147–148
- Atbash cipher, 77
- block ciphers, 156–169
- Caesar cipher, 74–76
- ChaCha cipher, 151–156
- column transposition, 87–90
- Hill 2x2, 83–87
- historical ones, 72–93
- Playfair, 79–82
- ROT-13, 76
- Salsa20 cipher, 149–151
- stream ciphers, 141–156
- substitution ones, 73–77
- Vernam cipher, 148–149
- Vignère cipher, 77–79, 129–137
- ciphertext (C)C,
- Ciphertext Only (COA), 49
- classical cryptography
- data obfuscation (DO), 69–72
- historical ciphers, 72–93
- password best practices, 66–69
- client
- creating one for constructing plaintext communications application, 250–251
- modifying of for implementing PKI in application using RSA certificates, 257
- client file, modifying of in implementing Diffie-Hellman key exchange, 264–266
- client socket, creating, 213–214
- clock synchronization, 42
- closure (as group axiom), 106
- Cocks, Clifford (mathematician and cryptographer), 224–226
- codes
- commenting on, 10
- message authentication codes, 60
- collision resistance, 59
- column transposition, 87–90
- comments, on code, 10
- “Communication Theory and Secrecy Systems” (Shannon), 50
- comparison operators, 13
- Composer, Pip as similar to,
- concatenate message and MAC, for incorporating message hashing, 200
- conditionals, use of, 16–17
continue
loop, 18
count()
method, 25
- CPA (Chosen-Plaintext), 50
- cryptanalysis
- defined, 47
- with Python, 123–137
- understanding of, 47–49
- cryptographic family, 33–34
- cryptographic library, configuring your first, 47
- cryptographic one-way hashes, 59–60
- cryptographic protocols, 32–33, 46–47. See also specific protocols
- cryptographically secure pseudorandom number generator (CSPRNG), 115, 141–144, 146
- cryptography
- history of, 31, 242
- origin of term, 32
- study of, 32–49
- understanding of, 32–47
- Cryptography library, 174–175, 189
- Cryptography package, installing, –8
- Cryptosteganography library, 175
cryptosteganography
module, 175, 188, 189, 192
- CTR (counter) style, 157
- CTR mode (Integer Counter mode or Segmented Integer Counter mode), 162–164
- custom functions, 26–27
- D
- data
- binary data, 71
- obfuscating of, 69–72
- data obfuscation (DO), 69–72
- data origin authentication, 34–35
- De Cannière, Christophe, 145
- De Vita Caesarum, Divus Iulis ("The Lives of the Caesars, the Deified Julius" commonly known as The Twelve Caesars), 74–76
- DEC algorithm,
decode()
method, 71
- decoding, 71
- decryption
- Authenticate Then Decrypt, 211
- constructing BLOB decryption with RSA certificates, 232–235
- constructing simple text decryption with RSA certificates, 231–232
- of files using AES, 169
def
keyword, 26
- DES, 36, 156
- deterministic algorithm, 101
- dictionaries, 25–26
- Diffie, Whitfield, 162, 224
- Diffie-Hellman class file, creating, 270–275
- Diffie-Hellman key exchange
- implementing of, 261–276
- overview, 242–245
- purpose of, 34
- as used by TLS, 33
digest()
method, 204
dir()
, 28
- direct authentication, 35
- division / operator, 12
- DO (data obfuscation), 69–72
- double quote ("), 11
- downloading and installing, Python, –8
- E
- ECB mode (formerly Electronic Codebook), 158–159, 180, 181–185
- ECC keys, generating, 240–241
- Ehrsam, W. F., 159
- Electronic Codebook (now ECB mode), 158–159
- electronic money, 33
- elements, orders of, 107–109
- El-Gamal encryption, 235–238
- elliptic curve cryptography (ECC)
- generating ECC keys, 240–241
- key lengths and curves, 241–242
- overview, 238–240
- elliptic curves, 238–239
- Ellis, James, 225
else
loop, 18–19
- ENC algorithm,
encode()
methods, 71
- encoding matrix, 117
- Encrypt and Authenticate, 210–211
- Encrypt Then Authenticate, 211
- encryption
- constructing BLOB encryption with RSA certificates, 232–235
- constructing simple text encryption with RSA certificates, 231–232
- El-Gamal encryption, 235–238
- MAC encryption, 200–201
- symmetric encryption, , 36, 39, 49, 176, 215–218
- encryption key (K),
- encryption protocols, as another name for cryptographic protocols, 32
- entity authentication, 35
- eSTREAM, 145
- Euler's theorem, 100, 111–114
- exponent ** operator, 12
extend()
method, 24
- F
- FA (frequency analysis), 48–49, 120–123
- FCS (Frame Check Sequence), 58–59
- Federal Information Processing Standards Publication (FIPS PUB 180-4), 205
- Feistel cipher/Feistel network, 165–166
- Ferguson, Niels, 162
- Fermat's little theorem, 100, 110–111
- Fernet
- file cryptography using, 175–179
- image cryptography using, 179–180
- Fernet library, 175
- file operations, 19
- files
- decryption of using AES, 169
- downloading using Python, 27–28
- encryption of using AES, 169
- use of, 19
- FIPS PUB 180-4 (Federal Information Processing Standards Publication), 205
- Flexible Image Transport System (FITS), , 195–197
- floor division// operator, 12
for
loop, 17
- forgeries, crafting of, 209–210
- forward secrecy (FS), 60
- Frame Check Sequence (FCS), 58–59
- frequency, determination of, 126–129
- frequency analysis (FA), 48–49, 120–123
- functions, custom functions, 26–27
- G
- GEN algorithm,
- greatest common divisor (GCD), 96–97, 111
- group axioms, 106
- group law, 106
- group theory
- orders of elements, 107–109
- overview, 106–107
- H
- hash code, 67
- hash function, 58
- Hash-based Message Authentication Code (HMAC)
- binary digests, 204–205
- CBC-MAC, 206–207
- described, 60
- message digest with SHA, 203–204
- overview, 201–202
- using HMAC to sign message, 202–203
hashlib
module, 28–29
- Header + Data Units (HDUs), 195
- Hellman, Martin, 162, 224
- helper file
- creating one for constructing plaintext communications application, 251–252
- modifying of for implementing PKI in application using RSA certificates, 258–259
- modifying of in implementing Diffie-Hellman key exchange, 266–270
- hexdigest, conversion to plaintext, 140–141
hexdigest()
method, 204
hexlify
module, 140
- hidden secret, for incorporating message hashing, 201
- Hill 2x2, 83–87
- H(m) (notation in cryptographic protocols), 37
- I
- IDEA, 36
- identity (as group axiom), 106
- identity operators, 16
IF
statement, 16
- image cryptography
- AES and block modes of operation, 180–187
- applying examples, 186
- exploring simple CBC mode example, 185–186
- exploring simple ECB mode example, 181–185
- file cryptography using Fernet, 175–179
- overview, 175–176
- steganography, 187–197
- using Fernet, 179–180
- images
- cryptography libraries, 174–175
- image cryptography, 175–187
- simple image cryptography, 171–174
- storing binary file inside, 192–194
- storing message inside, 188–191
- using cryptography with, 171–197
- working with large ones, 195–197
- immutable, 24
import
command, 28
import math
call, 28
in
membership operator, 15
- indentation, misuse of, 10
index()
method, 25
- indices
- negative index, 22
- positive index, 22
- infinite one-time pad, 164
- infrastructure, 255–256
- installing
- additional packages, –8
- Chryptography package, –8
- IPython,
- Matplotlib, –7
- Pip, –7
- Python, –8
- testing,
- Wireshark, 253–254
- Integer Counter mode, 162–164
- integer factorization, 97
- inter-realm authentication, 40
- inverse (as group axiom), 106
- IPython,
is
identity operator, 16
is not
identity operator, 16
is_prime()
function, 103
- K
- -KA (notation in cryptographic protocols), 37
- KA,B (notation in cryptographic protocols), 37
- Kerberos protocol, 36, 39–40
- Kerckhoffs, Auguste, 61
- key distribution problem, 223
- key escrow, 33
- key exchange, 34
- key space, use of term, 49
- Known-Plaintext (KPA), 50
- Koblitz, Neal, 239
- L
- lambda functions, 125
- length extension attack, 209–210
- libraries
- bcrypt library, 69
-
binascii
library, 140
- configuring your first cryptographic library, 47
- cryptography libraries, 174–175
- Fernet library, 175
- linear equations, solving systems of, 117–119
- linear-feedback register (LPSR), 146
list()
function, 25
- list sequence type, 20–21, 24, 25
- logical operators, 13–14
- loops, use of, 17–19
- M
- (m 1, …, m n) (notation in cryptographic protocols), 37
- MAC encryption, for incorporating message hashing, 200
- macOS, installing Python on,
- Matplotlib
- described, ,
- installing, –7
- MD5, 203
- MDC (modification digest code), 34–35
- membership operators, 15
- Merkle, Ralph, 224
- Mersenne Twister algorithm, 116
- Message Authentication Codes (MACs)
- birthday attack, 59, 207–209
- cipher block chaining message authentication code (CBC-MAC), 206–207
- crafting forgeries, 209–210
- hash-based ones, 201–205
- NIST compliance, 205–206
- overview, 200–201
- message digest, 67
- message hashing, 200
- message integrity
- Message Authentication Codes (MACs), 200–210
- setting up secure channel, 210–221
- message space, use of term, 49
- "A method for obtaining digital signatures and public key cryptosystems" (Rivest, Shamir, and Adleman), 34
- Meyer, C. H., 159
- Miller, Gary L., 100
- Miller, Victor S., 239
- Miller-Rabin primality test, 100–104
- minus - operator, 12
- (m)K (notation in cryptographic protocols), 37
- modification digest code (MDC), 34–35
- modular arithmetic, 96–97
- modular inverses
- Fermat's little theorem to find inverse, 110–111
- overview, 109–110
- modules, defined, 28
- modulus % operator, 12
- multiple-domain Kerberos, 40–41
- multiplication * operator, 12
- mutable, 24
- N
- names
- as case sensitive in Python,
- examples of,
- numbers as not starting,
- National Institute of Science and Technology (NIST), 205
- Needham, Roger (protocol inventor), 36
- Needham-Schroeder protocols, 36–38
- Network Time Protocol (NTP), 42
- NIST compliance, 205–206
not
(logical NOT), 14
not in
membership operator, 15
- NPM, Pip as similar to,
- NumPy, , –7, 117
- O
- OFB (output feedback) style, 157
- OFB mode (Output Feedback mode), 162–163
- one-time pad (OTP), 51, 141
- one-time pad (OTP) function, 56–58
- one-way hashes
- cryptographic one-way hashes, 59–60
- overview, 58–59
- online word list, use of, 125–126
open
method, 27, 28
- operators
- arithmetic operators, 11–13
- bitwise operators, 15, 52
- comparison operators, 13
- identity operators, 16
- logical operators, 13–14
- membership operators, 15
- relational operators, 13
- use of, 11–12
- OR, 50–55
or
(logical OR), 14
- OTP (one-time pad), 51, 141
- OTP (one-time pad) function, 56–58
- Otway-Rees protocol, 38
- Output Feedback mode (OFB mode), 162–163
- output feedback (OFB) style, 157
- P
- passwords
- best practices for, 66–69
- hashing of, 67
- salting of, 67–68
- storage of, 66
- stretching of, 68
- tools for, 68–69
- PEM (privacy enhanced electronic mail), 70–71
- perfect forward secrecy (PFS), 60–61
- perfect secrecy, 51, 56
- perfect security, 50–51
- Pip, installing, –7
- PKI (public-key infrastructure)
- described, 223–224
- implementing of in application using RSA certificates, 255–261
- plaintext
- constructing plaintext communications application, 248–253
- conversion of hexdigest to, 140–141
- Playfair, 79–82
- plus + operator, 11, 12
- preimage resistance, 59
- Preneel, Bart, 145
- prime factorization, 97
- prime number theorem, 98
- prime numbers
- Fermat's little theorem, 100
- generating large ones, 104–106
- Miller-Rabin primality test, 100–104
- overview, 97–98
- prime number theorem, 98
- school primality test, 98–99
Print()
function, 13
- privacy enhanced electronic mail (PEM), 70–71
- protocols
- cryptographic protocols, 32–33, 46–47
- Kerberos protocol, 36, 39–40
- multiple-domain Kerberos, 40–41
- Needham-Schroeder protocols, 36–38
- Network Time Protocol (NTP), 42
- Otway-Rees protocol, 38
- public-key protocol, 36–37
- symmetric key protocol, 36
- Transmission Control Protocol (TCP), 212
- User Datagram Protocol (UDP), 212
- pseudorandom number generation (PRNG), 115, 141–144
- pseudorandomness
- breaking C's rand() function, 116
- overview, 115
- public key MAC encryption, for incorporating message hashing, 200–201
- public-key certificates, 42
- public-key infrastructure (PKI)
- described, 223–224
- implementing of in application using RSA certificates, 255–261
- public-key protocol
- as second protocol of Needham-Schroeder protocols, 36–37
- as similar to protocol proposed by Otway and Rees, 38
- public-key transformation
- constructing BLOB encryption and decryption with, 232–235
- constructing simple text decryption with RSA certificates, 231–232
- exploring basics of RSA, 226–229
- generating RSA certificates, 229–230
- overview, 224–226
- PyFITS, described,
- Python
- basics of, –29
- downloading and installing, –8
- installing additional packages,
- installing Cryptography package, –8
- reasons to use, –3
- upgrading packages,
- using AES with, 167–169
- Python 2, as unsupported,
- Q
- quotes
- double quote ("), 11
- single quote ('), 11
- R
- R file operator, 19
- r+ file operator, 19
- RA (notation in cryptographic protocols), 37
- Rabin, Michael, 100
- rainbow table, 67
- RC4, 147
- reflection attack, 211
- relational operators, 13
remove()
method, 25
- reordering attack, 211
- replay attack, 211
requests
module, 27
- reserved words,
- reverse cipher, creating, 29
reverse()
method, 25
reverseCipher
function, 29
- Rivest, Ron, 34, 226
- ROT-13, 76
- RSA algorithm, 104, 226–235, 242
- RSA certificates
- constructing BLOB encryption and decryption with, 232–235
- constructing simple text encryption and decryption with, 231–232
- generating, 229–231
- implementing PKI in application using, 255–261
- S
- Salsa20 cipher, 149–151
- Schneier, Bruce, 162
- school primality test, 98
- Schroeder, Michael, 36
- SEC (Standards of Efficient Cryptography), 241
- secondary resistance, 59
- secret sharing, 33
- secret splitting, 33
- Secure Hash Algorithms (SHAs), 203–204, 205, 209
- securing elections, 33
- security protocols, as another name for cryptographic protocols, 32
- Segmented Integer Counter mode, 162–164
- self-signed certificate, 45–46
- semantics, understanding Python semantics, 20
- sequence types, 20–26
- server
- creating one for constructing plaintext communications application, 248–250
- modifying of for implementing PKI in application using RSA certificates, 256–257
- server file, modifying of in implementing Diffie-Hellman key exchange, 262–264
- server socket, creating, 212–213
- SHA, 203–204
- Shamir, Edi, 34, 226
- Shannon, Claude (father of information theory), 31, 50
- Shannon's theorem, 50–51
- shared key (SK), 34
- side-channel attacks, 48
- SIMD (single instruction, multiple data), 151–152
- single quote ('), 11
- Skipjack, 36
- Smith, J. L., 159
- social engineering, 48
sort()
method, 25
- Spartan scytale, 73
- Standards of Efficient Cryptography (SEC), 241
- Steganographia (Trithemius), 187–188
- steganography
- overview, 187–188
- storing binary file inside image, 192–194
- storing message inside image, 188–191
- working with large images, 195–197
- str sequence type, 20
- stream ciphers
- ARC4, 147–148
- ChaCha cipher, 151–156
- overview, 141–147
- Salsa20 cipher, 149–151
- Vernam cipher, 148–149
- stream modes, 164–165
- stretching (of passwords), 68
- strings
- use of, 11
- using quotes to define, 21
- subtraction - operator, 12
- symmetric algorithms, 36
- symmetric encryption, , 36, 39, 49, 176, 215–218
- symmetric key, 35
- symmetric key confidentiality, for incorporating message hashing, 201
- symmetric key protocol, 36
- symmetric public key confidentiality, for incorporating message hashing, 201
- T
- tA (notation in cryptographic protocols), 37
- Ticket Granting Servers (TGS), 40
- timestamping, 33
- Transmission Control Protocol (TCP), 212, 214–215
- Transport Layer Security (TLS), 33
- Triple DES, 156
- Trithemius, Johannes (author), Steganographia, 187
- Trivium, 145
- trusted third party (TTP), 35
- Tuchman, W. L., 159
tuple()
function, 25
- tuple sequence type, 20, 21, 24, 25
- The Twelve Caesars, 74–76
- U
- Ubuntu, installing Python on,
unhexlify
module, 140
- Unicode sequence type, 20
- User Datagram Protocol (UDP), 212
- V
- validation, formal validation of cryptographic protocols, 46–47
- values, as stored in variables, 10
- variables, use of, 10–11
- Vernam, Gilbert, 148
- Vernam cipher, 148–149
- Vignère cipher, 77–79, 129–137
- W
- W file operator, 19
- W+ file operator, 19
while
loop, 18
- whitespace, as meaningful, 10
- Windows, installing Python on,
- Wireguard, 145
- Wireshark, installing and testing, 253–254
- X
- X.509, 41–42
- XOR, 50–55
- xrange sequence type, 20, 21
- Z
- zero-knowledge proofs, 33
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.