Develop strong skills and a passion for writing cryptography algorithms and security schemes/modules using C++ 20 and its new features. You will find the right methods of writing advanced cryptographic algorithms (such as, elliptic curve cryptography algorithms, lattice-based cryptography, searchable encryption, and homomorphic encryption), examine internal cryptographic mechanisms, and discover common ways in which the algorithms could be implemented and used correctly in practice.
The authors avoid the complexities of the mathematical background by explaining its mathematical basis in terms that a programmer can easily understand. They show how “bad” cryptography creeps in during implementation and what “good” cryptography should look like. They do so by showing and comparing the advantages and disadvantages based on processing time, execution time, and reliability.
What You Will Learn
- Understand where and why cryptography is used and how it gets misused
- Discover what modern cryptography algorithms and methods are used for
- Design and implement advanced cryptographic mechanisms
- See how C++20 and its new features are impacting the future of implementing cryptographic algorithms
- Practice the basics of public key cryptography, including ECDSA signatures and more
- Find out how most of the algorithms can be broken
Who This Book Is For
Professional programmers, developers, and software engineers who are developing cryptography algorithms and security schemes/modules in C++. Prior C++ programming and IDE experience and some basic experience of cryptography concepts (symmetric and asymmetric) highly recommended.
Author(s): Marius Iulian Mihailescu, Stefania Loredana Nita
Edition: 1
Publisher: Apress
Year: 2021
Language: English
Commentary: Publisher PDF - This version includes a chapter with ERRATA found in previous printing
Pages: 492
City: New York, NY
Tags: Cryptography; Cryptanalysis; Secure Coding Guidelines; C++; C++20; Elliptic-Curve Cryptography; Lattice-Based Cryptography; Searchable Encryption; Homomorphic Encryption; Ring Cryptography; Chaos-Based Cryptography; Big Data Cryptography; Cloud Computing Cryptography; Cryptanalysis; Linear Cryptanalysis; Differential Cryptanalysis; Integral Cryptanalysis; Brute Force Attacks; Buffer Overflows Attacks; Text Characterization
Table of Contents
About the Authors
About the Technical Reviewer
Acknowledgments
Part I: Foundations
Chapter 1: Getting Started in Cryptography and Cryptanalysis
Cryptography and Cryptanalysis
Book Structure
Internet Resources
Forums and Newsgroups
Standards
Conclusion
References
Chapter 2: Cryptography Fundamentals
Information Security and Cryptography
Cryptography Goals
Cryptographic Primitives
Background of Mathematical Functions
Functions: One-to-One, One-Way, Trapdoor One-Way
One-to-One Functions
One-Way Functions
Trapdoor One-Way Functions
Permutations
Involutions
Concepts and Basic Terminology
Domains and Codomains Used for Encryption
Encryption and Decryption Transformations
The Participants in the Communication Process
Digital Signatures
Signing Process
Verification Process
Public-Key Cryptography
Hash Functions
Case Studies
Caesar Cipher Implementation in C++20
Vigenére Cipher Implementation in C++20
Conclusions
References
Chapter 3: Mathematical Background and Its Applicability
Preliminaries
Conditional Probability
Random Variables
Birthday Problem
Information Theory
Entropy
Number Theory
Integers
Algorithms in ℤ
The Integer Modulo n
Algorithms ℤm
The Legendre and Jacobi Symbols
Finite Fields
Basic Notions
Polynomials and the Euclidean Algorithm
Case Study 1: Computing the Probability of an Event Taking Place
Case Study 2: Computing the Probability Distribution
Case Study 3: Computing the Mean of the Probability Distribution
Case Study 4: Computing the Variance
Case Study 5: Computing the Standard Deviation
Case Study 6: Birthday Paradox
Case Study 7: (Extended) Euclidean Algorithm
Case Study 8: Computing the Multiplicative Inverse Under Modulo q
Case Study 9: Chinese Remainder Theorem
Case Study 10: The Legendre Symbol
Conclusion
References
Chapter 4: Large Integer Arithmetic
Big Integers
Big Integer Libraries
Conclusion
References
Chapter 5: Floating-Point Arithmetic
Why Floating-Point Arithmetic?
Displaying Floating Point Numbers
The Range of Floating Point Numbers
Floating Point Precision
Next Level for Floating-Point Arithmetic
Conclusions
References
Chapter 6: New Features in C++20
Feature Testing
carries_dependency
no_unique_address
New Headers in C++20
Header
Core Language Concepts
std::floating_point
std::destructible
std::integral, std::signed_integral, std::unsigned_integral
Comparison Concepts
Object Concepts
Callable Concepts
Header
Header
Conclusion
References
Chapter 7: Secure Coding Guidelines
Secure Coding Checklist
CERT Coding Standards
Identifiers
Noncompliant Code Examples and Compliant Solutions
Exceptions
Risk Assessment
Automated Detection
Related Guidelines
Rules
Rule 1 - Declarations and Initializations (DCL)
Rule 2 - Expressions (EXP)
Rule 3 - Integers (INT)
Rule 5 - Characters and Strings (STR)
Rule 6 - Memory Management (MEM)
Rule 7 - Input/Output (FIO)
Conclusion
References
Chapter 8: Cryptography Libraries in C/C++20
Overview of Cryptography Libraries
Hash Functions
MD5 Hash Function Overview
Public Key Cryptography
Elliptic-Curve Cryptography (ECC)
Creating ECDH Keys
OpenSSL
Configuration and Installing OpenSSL
Installing OpenSSL on Windows 32/64
Installing OpenSSL on Linux – Ubuntu Flavor
Botan
CrypTool
Conclusion
References
Part II: Pro Cryptography
Chapter 9: Elliptic-Curve Cryptography
Theoretical Fundamentals
Weierstrass Equation
Group Law
Practical Implementation
Conclusion
References
Chapter 10: Lattice-Based Cryptography
Mathematical Background
Example
Conclusion
References
Chapter 11: Searchable Encryption
Components
Entities
Types
Security Characteristics
An Example
Conclusion
References
Chapter 12: Homomorphic Encryption
Fully Homomorphic Encryption
Practical Example of Using FHE
Conclusion
References
Chapter 13: Ring Learning with Errors Cryptography
Mathematical Background
Learning with Errors
Ring Learning With Errors
Practical Implementation
Conclusion
References
Chapter 14: Chaos-Based Cryptography
Security Analysis
Chaotic Maps for Plaintexts and Images Encryption
Rössler Attractor
Complex Numbers – Short Overview
Practical Implementation
Secure Random Number Generator Using a Chaos Rössler Attractor
Cipher Using Chaos and Fractals
Conclusion
References
Chapter 15: Big Data Cryptography
Verifiable Computation
Conclusion
References
Chapter 16: Cloud Computing Cryptography
A Practical Example
Conclusion
References
Part III: Pro Cryptanalysis
Chapter 17: Getting Started with Cryptanalysis
Third Part Structure
Cryptanalysis Terms
A Little Bit of Cryptanalysis History
Penetration Tools and Frameworks
Conclusion
References
Chapter 18: Cryptanalysis Attacks and Techniques
Standards
FIPS 140-2, FIPS 140-3, and ISO 15408
Validation of Cryptographic Systems
Cryptanalysis Operations
Classification of Cryptanalytics Attacks
Attacks on Cipher Algorithms
Attacks on Cryptographic Keys
Attacks on Authentication Protocols
Conclusion
References
Chapter 19: Linear and Differential Cryptanalysis
Differential Cryptanalysis
Linear Cryptanalysis
Performing Linear Cryptanalysis
S-Boxes
Linear Approximation of S-Box
Concatenation of Linear Approximations
Assembling Two Variables
Conclusion
References
Chapter 20: Integral Cryptanalysis
Basic Notions
Practical Approach
Conclusion
References
Chapter 21: Brute Force and Buffer Overflow Attacks
Brute Force Attack
Buffer Overflow Attack
Conclusion
References
Chapter 22: Text Characterization
The Chi-Squared Statistic
Cryptanalysis Using Monogram, Bigram, and Trigram Frequency Counts
Counting Monograms
Counting Bigrams
Counting Trigrams
Conclusion
References
Chapter 23: Implementation and Practical Approach of Cryptanalysis Methods
Ciphertext-Only Attack
Known-Plaintext Attack
Chosen-Plaintext Attack
Chosen-Ciphertext Attack
Conclusion
References
Correction to: Pro Cryptography and Cryptanalysis with C++20
Chapter 19
Chapter 20
Index
