Applied cryptography with Python
First steps toward understanding and applying cryptography basics
Today we use cryptography everywhere, from common tasks like surfing the web over HTTPS to connecting to remote servers over SSH. Despite that, many developers don’t appreciate the subtleties of cryptographic primitives, which can lead to the design and development of vulnerable applications.
Over three hours, Amirali Sanatinia covers the fundamental blocks for cryptography, discussing both basic theory and practical application. Using Python, you'll explore common cryptographic functions, including file hashing (SHA and HMAC), symmetric cryptography (AES), and asymmetric key cryptography concepts (RSA), and you'll leave ready to implement these solutions in your own programs.
What you'll learn-and how you can apply it
By the end of this live online course, you’ll understand:
- The basic building blocks of modern cryptography
- Security benefits and end uses of cryptographic primitives
- Common cryptographic protocols
Participants will be able to:
- Analyze and understand cryptographic blocks and protocols
- Design and implement secure cryptographic protocols and applications in Python
This training course is for you because...
- You're a developer who wants to learn how to use applied cryptography to keep your application’s data secure.
- You're interested in understanding the mathematical building blocks of modern cryptography.
- A working knowledge of Python basics (e.g., string operations, reading/writing to files, loops and functions)
- Familiarity with mathematical concepts like bitwise operations, exponentiation, logarithms, discrete logarithms, and modular arithmetic
- Read "Strings and Writing Programs" (chapter 3 in Cracking Codes with Python)
- Review the course math primer
About your instructor
Amirali Sanatinia holds a Computer Science PhD from Northeastern and a BSc from St Andrews University. His research focuses on security, privacy, and applied cryptography. His work has been covered by MIT Technology Review, Scientific American, Wired, and Ars Technica. He is a recipient of RSAC Security Scholar and CCIS Outstanding Research Award. He has presented at different security conferences such as DEF CON, Crypto Village, Virus Bulletin, BSides Boston, PyGotham and PyCon.
The timeframes are only estimates and may vary according to how the class is progressing
Introduction (5 minutes)
Hashing (20 minutes)
- Presentation: Hashing, one-way transformation, SHA family
- Exercise: Speed and size comparison of hash functions
- Presentation: HMAC
- Exercise: HMAC calculation and verification
Symmetric Cryptography (50 minutes)
- Presentation: Block cipher, steam cipher, mode of operation, padding, AES
- Exercise: Implement encryption/decryption with AES
- Exercise: Implement bit flip attack
- Presentation: Authenticated encryption
- Break (10 min)
Asymmetric Cryptography (55 minutes)
- Presentation: Public key cryptography, digital signatures, RSA
- Exercise: Encrypt and sign messages with RSA
- Exercise: Speed comparison with symmetric cryptography
- Presentation: Key exchange, forward secrecy, Diffie-Hellman
- Exercise: Perform DH key exchange
- Presentation: Elliptical curve cryptography
- Exercise: Signature creation and verification speed comparison (RSA vs ECC)
- Break (5 min)
Full Cryptographic Protocols (30 minutes)
- Presentation: Overview of SSL/PGP
- Exercise: Implement PGP-like protocol for file encryption