Implementing Cryptography Using Python E-Book

Table of Contents

Cover

Introduction

What This Book Covers

What You Need to Know

What You Need to Have

How to Use This Book

What's on the Website

CHAPTER 1: Introduction to Cryptography and Python

Exploring Algorithms

Why Use Python?

Downloading and Installing Python

Testing Your Install

Diving into Python Basics

Creating a Reverse Cipher

Summary

CHAPTER 2: Cryptographic Protocols and Perfect Secrecy

The Study of Cryptology

Attack Models

Shannon's Theorem

One-Time Pad

One-Way Hashes

Perfect Forward Secrecy

Published and Proprietary Encryption Algorithms

Summary

References

CHAPTER 3: Classical Cryptography

Password Best Practices

Obfuscating Data

Historical Ciphers

Summary

CHAPTER 4: Cryptographic Math and Frequency Analysis

Modular Arithmetic and the Greatest Common Devisor

Prime Numbers

Basic Group Theory

Modular Inverses

Extending the GCD

Euler's Theorem

Pseudorandomness

Solving Systems of Linear Equations

Frequency Analysis

Cryptanalysis with Python

Summary

CHAPTER 5: Stream Ciphers and Block Ciphers

Convert between Hexdigest and Plaintext

Use Stream Ciphers

Use Block Ciphers

Summary

CHAPTER 6: Using Cryptography with Images

Simple Image Cryptography

Images and Cryptography Libraries

Image Cryptography

Steganography

Summary

CHAPTER 7: Message Integrity

Message Authentication Codes

Setting Up a Secure Channel

Summary

References

CHAPTER 8: Cryptographic Applications and PKI

The Public-Key Transformation

The El-Gamal Cryptosystem

Elliptic Curve Cryptography

Diffie-Hellman Key Exchange

Summary

CHAPTER 9: Mastering Cryptography Using Python

Constructing a Plaintext Communications Application

Installing and Testing Wireshark

Implementing PKI in the Application Using RSA Certificates

Implementing Diffie-Hellman Key Exchange

Wrapping Up

Index

End User License Agreement

List of Tables

Chapter 1

Table 1.1: Arithmetic Operators

Table 1.2: Arithmetic Operator Examples

Table 1.3: Comparison Operators

Table 1.4: Logical Operators

Table 1.5: Assignment Operators

Table 1.6: Bitwise Operators

Table 1.7: Membership Operators

Table 1.8: Identity Operators

Table 1.9: File Operations

Chapter 2

Table 2.1: Notation of Cryptographic Protocols

Table 2.2: Bitwise Operators

List of Illustrations

Chapter 1

Figure 1.1: Upgrading packages

Figure 1.2: Matplot.py test

Figure 1.3: Python installed successfully

Figure 1.4: Module methods

Chapter 2

Figure 2.1: Alice and Bob

Chapter 3

Figure 3.1: Column transposition table

Chapter 4

Figure 4.1:

Miller.py

test

Figure 4.2:

Generate_large_primes.py

Figure 4.3:

Euler.py

test

Figure 4.4:

EulerPlot.py

test

Figure 4.5:

FA.py

Figure 4.6:

Frequency.py

Figure 4.7:

declaration_freq.py

Figure 4.8:

Cearsar_FA.py

Figure 4.9:

online_example_fa.py

Figure 4.10:

Vigenere_break.py

Figure 4.11:

Vigenere_crypto.py

Chapter 5

Figure 5.1: Three-register representation of Trivium

Figure 5.2: ARC4 stream cipher

Figure 5.3: Python implementation of ChaCha20

Figure 5.4: ChaCha20Poly1305

Figure 5.5: ECB mode encryption

Figure 5.6: ECB mode decryption

Figure 5.7: Cipher Block Chaining (CBC) mode encryption

Figure 5.8: Cipher Block Chaining (CBC) mode decryption

Figure 5.9: Cipher Feedback (CFB) mode encryption

Figure 5.10: CFB mode decryption

Figure 5.11: Output Feedback (OFB) mode encryption

Figure 5.12: Output Feedback (OFB) mode decryption

Figure 5.13: Counter (CTR) mode encryption

Figure 5.14:

Counter (CTR) mode decryption

Figure 5.15: Feistel Network encryption

Figure 5.16: Feistel Network decryption

Chapter 6

Figure 6.1: Original

ch6_secret_image.jpg

file

Figure 6.2: Error message for

e_ch6_secret_image.jpg

Figure 6.3: Side by side of

ch6_secret_image.jpg

and

d_ch6_secret_image.jpg

...

Figure 6.4: Cryptography library test

Figure 6.5: Python output for Fernet

Figure 6.6: Image encryption modes

Figure 6.7: Plane image in BMP format

Figure 6.8: ECB encrypted plane

Figure 6.9: ECB decrypted plane

Figure 6.10: ECB security issue

Figure 6.11: CBC encrypted plane

Figure 6.12: Steganography example

Figure 6.13: High-definition photo of dogs

Figure 6.14: Steganography with media

Figure 6.15: FITS Files

Chapter 7

Figure 7.1: Binary digests

Figure 7.2: CBC-MAC example

Figure 7.3: Output of

Server.py

Figure 7.4: Messages entered here will be sent unencrypted to the server.

Figure 7.5:

server.py

Figure 7.6:

client.py

Figure 7.7: Secured communications

Figure 7.8: Message and MAC server

Figure 7.9: Message and MAC client

Chapter 8

Figure 8.1: Understanding RSA

Figure 8.2: Generating RSA certs

Figure 8.3: RSA decrypt

Figure 8.4: Output for the RSA BLOB program

Figure 8.5: ElGamal key

Figure 8.6: An elliptic curve

Figure 8.7: Point intersection of ECC curve

Figure 8.8: Diffie-Hellman exchange example

Chapter 9

Figure 9.1: Plaintext messaging

Figure 9.2: Wireshark overview

Figure 9.3: Wireshark traffic

Figure 9.4: PKI overview

Figure 9.5: PKI Encryption enabled

Figure 9.6: Wireshark output

Figure 9.7:

json

module

Figure 9.8: Final version

Figure 9.9: Diffie-Hellman Exchange chat

Figure 9.10: Shared key not passed

Guide

Cover

Table of Contents

Begin Reading

Pages

i

xvii

xviii

xix

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

ii

iii

v

vi

vii

285

Implementing Cryptography Using Python®

Introduction

I initiated my journey into cryptography while studying for my undergrad. Most of the cryptography concepts I learned were based on what one would need for their CISSP or Security+ exams. Most of my understanding was at a high level, and it was difficult to remember the more intricate aspects until cryptography became a primary focus.

It wasn't until I started my master's in cybersecurity that I began applying cryptographic features within a scripting environment. The concepts in this book will help you advance your knowledge and experience as you dig deeper into understanding the use of cryptography in Python.

Over the past few years, several governments have discussed legislation that will ensure that any form of communication, whether it's an email, text message, or video chat, can always be read by the police or intelligence services if they have a warrant. Governments are putting pressure on technology companies to give them backdoor access or the keys to the kingdom so that they can keep the country safe.

The fight between lawmakers and encrypted messaging platforms has entered new territory. Imagine a world where the government has seized the opportunity to scan every electronic message by government-approved scanning software. The privacy and security of all users will suffer if law enforcement agencies achieve their dream of breaking cryptosystems. Proponents of end-to-end encryption, like Microsoft, Facebook, and Google, may lose their campaign to maintain user security as a priority.

We have all heard of times when it would be beneficial for encrypted data to magically become readable; this is often related to criminal cases. Should criminals be allowed to plot their plans in secret? Where does the right to our privacy start? In reality, there are technical and legal issues with allowing governments to do this; this of course will be strongly opposed by technology and privacy advocates. The world is at war on what can be encrypted, what should be encrypted, and who should have the keys to unlock someone else's encryption.

Whether you agree or disagree with what powers a nation-state should have over encrypted communications in their country, you should understand what encryption is, how to apply it when needed, and how to ensure that the data you are receiving is authentic and confidential. Over the course of this book, you will get a basic understanding of how to cryptographically secure your messages, files, or Internet traffic using easy-to-understand Python recipes that have been created or updated to support Python 3.

What This Book Covers

This book focuses on helping you pick the right Python environment for your needs so that you can hit the ground running. You will get an understanding of what algorithms are and explore the basics of Python.

Once you have an idea of where you are starting from, you will get an overview of what cryptography is, what perfect secrecy means, and the history of cryptography and how its use changed our world.

To get a full understanding of some of the cryptographic concepts, a little math is needed. You will get an understanding of how prime numbers, basic group theory, and pseudorandom number generators help build cryptographic solutions. This will build the foundation for understanding various stream and block ciphers and highlight some of their encryption modes and weaknesses.

Every cryptographic discussion is better with pictures, so we will spend a chapter focusing on how image cryptography and steganography work. We'll also highlight a few issues that you will need to be aware of while dealing with images.

Message integrity is just as important as message secrecy. Knowing who sent the message to you directly relates to whether the message is credible. You will learn how to generate message authentication codes to ensure integrity during transit.

The strength of encryption will be shown at the end of the book when you will learn about PKI schemes and explore how to implement elliptic curve cryptography in an application. The application you build will exchange data in a highly secure format over an unsecure channel, thus ensuring that you are able to control your own end-to-end encryption scheme that no one will be able to decrypt without the keys you create. I hope you find the journey as fun as I did.

What You Need to Know

This book assumes that you are fairly new to cryptography. While there is a brief introduction to how to set up and use Python, you will get the most out of the book if you have experience in another programming or scripting language.

What You Need to Have

The concepts presented in this book can be executed on Microsoft Windows, Linux, Chromebook, or iOS. Your choice of editor will most likely depend on the underlying operating system, although most of the Python recipes presented here will execute in online editors as well as most shells that are using a Python interpreter that is 3.0 or greater.

How to Use This Book

The topics in this book get more advanced as you progress through it, so you can work through the material from front to back and build your skills as you go. You can also use this book as a reference that you can consult when you need help with the following situations:

You're stuck while trying to figure out how to secure your data.

You need to do something using cryptography that you've never done before.

You have some time on your hands, and you're interested in learning something new about Python and cryptography.

The index is comprehensive, and each chapter typically focuses on a single broad topic. Don't be discouraged if some of the material is over your head. As you work through the coding samples and build out the final solution, the concepts should become easier to understand.

What's on the Website

Nearly everything discussed in this book has examples with it. You can (and should) download the many useful examples included with this book. We have verified that each file will run in environments that are Python version 3.0 and higher.

The files are located at github.com/braycrypto/cryptography, as well as at www.wiley.com/go/cryptographywithpython.