Missing Semester

Security&Hash

Cryptography in Computer Science

Entropy

1
entropy = math.log(len(all_possible) , 2)
1
2
3
4
5
6
7
8
from math import log
entropy = lambda x : log(x, 2)
coin = entropy(2)
dize = entropy(6)
>>> coin
1.0
>>> dize
2.584962500721156

Hash function

1
2
3
4
$ echo -n "hello" | sha1sum
aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d  -
$ sha1sum myfile
c22b5f9178342609428d6f51b2c5af4c0bde6a42  myfile

Key Derivation Functions(KDFs)

functions used to generate secret key from a human-friendly password

  • works like hash

  • slow (validation only compute once, brute force compute lots of times, so it can slow down the attacker)

Symmetric Encryption

1
2
$ openssl aes-256-cbc -salt -in myfile -out myencfile
$ openssl aes-256-cbc -d -in myencfile -out decrypted

What is salt?

against rainbowtable

1
2
3
4
5
salt = random()
store(salt , KDF(salt + password) )

# The hacker cannot use his pre-build rainbow table
# He must re-compute hash with the salt