O'Reilly logo
live online training icon Live Online training

Applied cryptography with Python

enter image description here

First steps toward understanding and applying cryptography basics

Amirali Sanatinia

Today we use cryptography everywhere, from common tasks like surfing the web over HTTPS to connecting to remote servers over SSH. Despite that, many developers don’t appreciate the subtleties of cryptographic primitives, which can lead to the design and development of vulnerable applications.

Over three hours, Amirali Sanatinia covers the fundamental blocks for cryptography, discussing both basic theory and practical application. Using Python, you'll explore common cryptographic functions, including file hashing (SHA and HMAC), symmetric cryptography (AES), and asymmetric key cryptography concepts (RSA), and you'll leave ready to implement these solutions in your own programs.

What you'll learn-and how you can apply it

By the end of this live online course, you’ll understand:

  • The basic building blocks of modern cryptography
  • Security benefits and end uses of cryptographic primitives
  • Common cryptographic protocols

Participants will be able to:

  • Analyze and understand cryptographic blocks and protocols
  • Design and implement secure cryptographic protocols and applications in Python

This training course is for you because...

  • You're a developer who wants to learn how to use applied cryptography to keep your application’s data secure.
  • You're interested in understanding the mathematical building blocks of modern cryptography.

Prerequisites

  • A working knowledge of Python basics (e.g., string operations, reading/writing to files, loops and functions)
  • Familiarity with mathematical concepts like bitwise operations, exponentiation, logarithms, discrete logarithms, and modular arithmetic

Recommended preparation:

Recommended follow-up:

About your instructor

  • Amirali Sanatinia holds a Computer Science PhD from Northeastern and a BSc from St Andrews University. His research focuses on security, privacy, and applied cryptography. His work has been covered by MIT Technology Review, Scientific American, Wired, and Ars Technica. He is a recipient of RSAC Security Scholar and CCIS Outstanding Research Award. He has presented at different security conferences such as DEF CON, Crypto Village, Virus Bulletin, BSides Boston, PyGotham and PyCon.

Schedule

The timeframes are only estimates and may vary according to how the class is progressing

Introduction (5 minutes)

Hashing (20 minutes)

  • Presentation: Hashing, one-way transformation, SHA family
  • Exercise: Speed and size comparison of hash functions
  • Presentation: HMAC
  • Exercise: HMAC calculation and verification
  • Q&A

Symmetric Cryptography (50 minutes)

  • Presentation: Block cipher, steam cipher, mode of operation, padding, AES
  • Exercise: Implement encryption/decryption with AES
  • Exercise: Implement bit flip attack
  • Presentation: Authenticated encryption
  • Q&A
  • Break (10 min)

Asymmetric Cryptography (55 minutes)

  • Presentation: Public key cryptography, digital signatures, RSA
  • Exercise: Encrypt and sign messages with RSA
  • Exercise: Speed comparison with symmetric cryptography
  • Presentation: Key exchange, forward secrecy, Diffie-Hellman
  • Exercise: Perform DH key exchange
  • Presentation: Elliptical curve cryptography
  • Exercise: Signature creation and verification speed comparison (RSA vs ECC)
  • Q&A
  • Break (5 min)

Full Cryptographic Protocols (30 minutes)

  • Presentation: Overview of SSL/PGP
  • Exercise: Implement PGP-like protocol for file encryption
  • Q&A