Implementing-cryptography-using-python

Recommendations

Info

Chapter 2 ■ Cryptographic Protocols and Perfect Secrecy 35a one-way cryptographic function. With message integrity being critical to messagesecurity, cryptographic protocols often provide data origin authenticationservices as a building block of the protocols.Entity AuthenticationEntity authentication is a security service that is used between peer entitiesto verify the identity of each party involved. Each application that containssensitive information should be built around entity authentication and verifythe entity; authentication is typically performed using various means, such as:■■Something you know (e.g., passwords)■■Something you have (e.g., physical keys, cards, or tokens)■■Something you are (e.g., biometric properties such as fingerprint or retinalscans)■■Someplace you are (e.g., geolocation)Entity authentication is more than an exchange of messages. It must also providetimeliness. One cannot guarantee that any party involved in the messageexchange is actively participating at the specific moment the message is received.Most authentication protocols establish a secret session key for security of thesession following the authentication exchange. Two main categories of protocolsare used for entity authentication:■■Arbitrated authentication: A trusted third party (TTP), also known asan arbiter, is directly involved in every authentication exchange. The primaryadvantage is that it allows two parties (Alice and Bob) to authenticateto each other without knowing any pre-established secret. Even if Aliceand Bob do not know each other, the same cryptographic key can be used.This type of key is known as a symmetric key. One disadvantage of arbitratedauthentication is that the TTP can become a bottleneck to the process,therefore violating the availability of the CIA Triad. Anotherdisadvantage is that the TTP can monitor all authentication activity.■■Direct authentication: Alice and Bob directly authenticate to each other.The primary advantage is that no online participation of a third party isrequired; therefore, the two drawbacks mentioned in arbitrated authenticationdo not apply. The major drawback is that it requires asymmetriccryptography or pre-established secret keys.NOTE The CIA Triad is the implementation of confidentiality, integrity, and availability,which are important aspects to how we view the security of our solutions.The security model is designed to guide policies for information within our systems,
36 Chapter 2 ■ Cryptographic Protocols and Perfect Secrecysolutions, and applications. You may also see the model referred to as the AIC Triad(availability, integrity, and confidentiality) to avoid confusion with the United StatesCentral Intelligence Agency. The three elements of the triad are considered the mostcrucial components of security, although you may see other elements introduced. TheCIA Triad, in this context, defines confidentiality as a set of rules that limit who hasaccess to information, integrity as the assurance that the information is accurate andtrustworthy, and availability as the guarantee that the data can be reliably accessedwhen needed by authorized personnel or systems.Symmetric AlgorithmsSymmetric algorithms are the simplest and fastest way to encrypt and decryptmessages. They typically involve two parties, with each member having anidentical key. As a memory mnemonic, think of the “S” in symmetric as theword same.We will be diving into many of the symmetric key algorithms such as DES,3DES, IDEA, Blowfish, Skipjack, and AES in Chapter 6, but we mention themnow to help prepare you for our discussion on historical ciphers later in thischapter. Other examples of symmetric algorithms include IPSec, Kerberos, andPoint to Point.Asymmetric AlgorithmsAsymmetric algorithms are more complex and typically slower. In fact, manysystems use asymmetric algorithms simply to swap symmetric keys and thenuse symmetric algorithms for the rest of the encryption operation. The key pointto take away for now is that the asymmetric algorithm requires the use of twodifferent keys: one public and one private. Messages that are encrypted withone key can only be decrypted with the other. This offers many advantages,such as nonrepudiation and the use of digital certificates.We will explore asymmetric algorithms and the use of public and private keysusing Python in Chapter 7. An example of an asymmetric encryption algorithmis ElGamal, which is used in OpenPGP. Other examples include Elliptic curvecryptography, RSA, Diffie-Hellman key exchange, and DSA.The Needham-Schroeder ProtocolsIn 1978, Roger Needham and Michael Schroeder invented two protocols. The firstis their symmetric key protocol, which later formed the basis for the Kerberosprotocol invented by MIT. This protocol aims to establish a session key betweentwo parties on a network to protect communications.The second protocol was their public-key protocol, which is based on publickeycryptography. The goal of the second Needham-Schroeder protocol is to
Page 2 and 3: ImplementingCryptography UsingPytho
Page 4 and 5: To Stephanie, Eden, Hayden, and Ken
Page 6 and 7: viAbout the Authorbook, Shannon is
Page 8 and 9: Contents at a GlanceIntroductionxvi
Page 10 and 11: xiiContentsUsing Conditionals 16Usi
Page 12 and 13: xivContentsPseudorandomness115Break
Page 14 and 15: xviContentsInstalling and Testing W
Page 16 and 17: xviiiIntroductionprivacy advocates.
Page 18 and 19: CHAPTER1Introduction to Cryptograph
Page 20 and 21: Chapter 1 ■ Introduction to Crypt
Page 48 and 49: CHAPTER2Cryptographic Protocolsand
Page 50 and 51: Chapter 2 ■ Cryptographic Protoco
Page 82 and 83: 66 Chapter 3 ■ Classical Cryptogr
Page 102 and 103:
86 Chapter 3 ■ Classical Cryptogr
Page 104 and 105:
Page 106 and 107:
Page 108 and 109:
Page 110 and 111:
CHAPTER4Cryptographic Mathand Frequ
Page 112 and 113:
Chapter 4 ■ Cryptographic Math an
Page 114 and 115:
Page 116 and 117:
Page 118 and 119:
Page 120 and 121:
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Page 128 and 129:
Page 130 and 131:
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 138 and 139:
Page 140 and 141:
Page 142 and 143:
Page 144 and 145:
Page 146 and 147:
Page 148 and 149:
Page 150 and 151:
Page 152 and 153:
Page 154 and 155:
CHAPTER5Stream Ciphers and Block Ci
Page 156 and 157:
Chapter 5 ■ Stream Ciphers and Bl
Page 158 and 159:
Page 160 and 161:
Page 162 and 163:
Page 164 and 165:
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Page 184 and 185:
Page 186 and 187:
CHAPTER6Using Cryptography with Ima
Page 188 and 189:
Chapter 6 ■ Using Cryptography wi
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Page 202 and 203:
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210 and 211:
Page 212 and 213:
Page 214 and 215:
200 Chapter 7 ■ Message Integrity
Page 216 and 217:
Page 218 and 219:
Page 220 and 221:
Page 222 and 223:
Page 224 and 225:
Page 226 and 227:
Page 228 and 229:
Page 230 and 231:
Page 232 and 233:
Page 234 and 235:
Page 236 and 237:
Page 238 and 239:
224 Chapter 8 ■ Cryptographic App
Page 240 and 241:
Page 242 and 243:
Page 244 and 245:
Page 246 and 247:
Page 248 and 249:
Page 250 and 251:
Page 252 and 253:
Page 254 and 255:
Page 256 and 257:
Page 258 and 259:
Page 260 and 261:
CHAPTER9Mastering CryptographyUsing
Page 262 and 263:
Chapter 9 ■ Mastering Cryptograph
Page 264 and 265:
Page 266 and 267:
Page 268 and 269:
Page 270 and 271:
Page 272 and 273:
Page 274 and 275:
Page 276 and 277:
Page 278 and 279:
Page 280 and 281:
Page 282 and 283:
Page 284 and 285:
Page 286 and 287:
Page 288 and 289:
Page 290 and 291:
IndexSYMBOLS\ (backslash), 10- oper
Page 292 and 293:
Index ■ D-D 279CIA Triad, 35-36ci
Page 294 and 295:
Index ■ I-M 281hashlib module, 28
Page 296 and 297:
Index ■ Q-S 283Preneel, Bart, 145
show all

Implementing-cryptography-using-python

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?