Posts

Showing posts with the label Cryptography

VaultBox: A Forward-Secure C++ Library for Replicated, Rateless Storage

Image
VaultBox Forward-secure, replicated, rateless storage & transmission (C++) Secure Buffer Falcon Encoding Integrity Checker Verifier Key Evolution VaultBox is a header-only C++ library for forward-secure, replicated, randomized, and rate-less storage and transmission of data. It builds on the Crypto++ library and is designed for highly adversarial channels where an attacker may eavesdrop on or delete messages. Compiling g++ -I/usr/local/include -L/usr/local/lib test.cpp lib.cpp -lcryptopp Three levels of protection At rest: the VaultBox buffer is secured with Authenticated Encryption. In transit: data is protected with Falcon (fountain/rate-less) encoding. Hardware (optional): secure chips such as TPM/TEE and secure memory such as ECC-RAM or persistent memory can add an extra layer (hardware API support is not implemented in the library itself). The secure data structure The core is a fixed-size secure buffer (DS) of size T = k x n, holding k replicas of n messages....

Cybersecurity: Theory, Practice, and Ethics - A Free Open Textbook

Image
Cybersecurity: Theory, Practice & Ethics A free, open, executable textbook — 20 chapters Ethical Hacking Network Defense Forensics Malware Analysis Cryptography ICS Security Cybersecurity: Theory, Practice, and Ethics is a free, open, executable textbook for university-level cybersecurity education. It is published as a Jupyter Book, so the examples are runnable cells rather than printed code, and it is openly archived with a citable DOI on Zenodo. You can read it online at book.com.puter.tips . What is inside The book spans 20 chapters covering the foundations of cybersecurity, ethical hacking, network defense, digital forensics, incident response, malware analysis, privacy law, governance, and industrial control system (ICS) security. Each chapter includes learning objectives, worked code examples, 10 review questions, and a lab assignment. Courses it supports Introduction to IT Security Ethical Hacking Computer and Network Security Fundamentals of Cryptography ...

chiku: Efficient Polynomial Function Approximation in Python

Image
chiku Polynomial function approximation in Python — one API, seven methods Taylor Fourier Pade Chebyshev Remez ANN LR chiku is an open-source Python library for efficient polynomial function approximation. It takes an arbitrary continuous function and returns the coefficients of a polynomial that approximates it, using a unified API across seven different methods. It is available on PyPI and is particularly useful for evaluating non-linear functions (such as sigmoid or tanh) under Fully Homomorphic Encryption, where only additions and multiplications are available and functions must be replaced by polynomials. Installation pip install chiku To enable the optional TensorFlow-based ANN approximator (TensorFlow currently needs Python 3.11): pip install chiku[ann] What it does Complex non-linear functions can be approximated by polynomials so they can be computed in restricted settings such as encrypted (FHE) domains. Deterministic methods like Taylor, Pade, Chebyshev, Remez, and...

[How To] Install SEAL-Python In macOS

Image
Run the following commands from the Terminal in the given order: 1. brew install cmake autoconf automake libtool shtool gflags 2. xcode-select --install 3. git clone https://github.com/Huelse/SEAL-Python.git 4. cd SEAL-Python 5. pip3 install numpy pybind11 6. git submodule update --init --recursive 7. cd SEAL 8. cmake -S . -B build -DSEAL_USE_MSGSL=OFF -DSEAL_USE_ZLIB=OFF -DSEAL_THROW_ON_TRANSPARENT_CIPHERTEXT=OFF -DCMAKE_C_COMPILER=/usr/local/Cellar/llvm/16.0.1/bin/clang -DCMAKE_CXX_COMPILER=/usr/local/Cellar/llvm/16.0.1/bin/clang++ 9. cmake --build build 10. cd .. 11. python3 setup.py build_ext -i 12. cp seal.*.so examples 13. cd examples 14. python3 4_bgv_basics.py This guide installs SEAL-Python on macOS, the Python binding for Microsoft SEAL, by installing the build tools, cloning the project with its submodules, and building the wrapper. Microsoft SEAL is a homomorphic encryption library. Homomorphic encryption lets you compute on encrypted data without decrypting it. The buil...

[How To] Install HElib on macOS

Image
HElib is an open-source (Apache License v2.0) software library that implements homomorphic encryption (HE). Currently, available schemes are the implementations of the Brakerski-Gentry-Vaikuntanathan (BGV) scheme and the Approximate Number scheme of Cheon-Kim-Kim-Song (CKKS), along with many optimizations to make homomorphic evaluation runs faster, focusing mostly on effective use of the Smart-Vercauteren ciphertext packing techniques and the Gentry-Halevi-Smart optimizations. To install HElib on macOS , follow these steps: brew update && brew upgrade && brew autoremove && brew cleanup cd Downloads/ git clone https://github.com/homenc/HElib.git Cloning into 'HElib'... remote: Enumerating objects: 14133, done. remote: Counting objects: 100% (292/292), done. remote: Compressing objects: 100% (211/211), done. remote: Total 14133 (delta 127), reused 172 (delta 54), pack-reused 13841 Receiving objects: 100% (14133/14133), 13.04 MiB | 5.81 MiB/s, done....

[How To] Install SEAL Python on a Raspberry Pi

Image
Follow this tutorial to install Microsoft SEAL 4.X for Python on a Raspberry Pi 3 device. You can follow the same commands to install it on any other Linux machine. I have copied the output for each command for your reference. $ uname -a Linux raspberrypi 5.15.76-v7+ #1597 SMP Fri Nov 4 12:13:17 GMT 2022 armv7l GNU/Linux $ sudo apt update -y && sudo apt upgrade -y && sudo apt autoremove Reading package lists... Done Building dependency tree... Done Reading state information... Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. $ sudo apt-get install git build-essential cmake python3 python3-dev python3-pip Reading package lists... Done Building dependency tree... Done Reading state information... Done build-essential is already the newest version (12.9). git is already the newest version (1:2.30.2-1). python3 is already the newest version (3.9.2-3). python3-dev is already the newest version (3.9.2-3). python3-dev set to manually installed. cmake is alre...

[How To] Install Pyfhel in macOS

Image
  Tested on Intel-based (x86_64) MacBook, not tested on M1/M2 (ARM) Apple Clang does not support  -fopenmp  and  -libseal , use GCC or CLANG % git clone --recursive https://github.com/ibarrond/Pyfhel 2.a) create  requirements.txt  file "setuptools<=60.9", "wheel", "cython>=3.0.0a9", "numpy>=1.20", "cmake>=3.15", "toml>=0.10" 2.b)  % pip3 install -r requirements.txt edit  pyproject.toml Line #111 [ Afhel ] extra_compile_args {Darwin = ["-std=c++17","-O3","-fopenmp"]}, extra_link_args {Darwin = ["-fopenmp","-dynamiclib"]}, Repeat the above for [ CYTHON EXTENSIONS ]

[How To] Run MinimaxComp_degrees in macOS

Image
MinimaxComp_degrees This algorithm finds optimized degrees for comparison/max/ReLU algorithms using minimax composite polynomial on the RNS-CKKS scheme, which was proposed in https://ieeexplore.ieee.org/document/9517029 and https://eprint.iacr.org/2021/1215 . How to run on macOS using the Apple Clang compiler: 1. % brew install NTL 2. % export LIBRARY_PATH=/usr/local/lib 3. % git clone  https://github.com/eslee3209/MinimaxComp_degrees 4. % cd MinimaxComp_degrees 5. % cmake -S . -B build 6. % cd build 7. % make 8. % ./degrees Output: ------------------------------------ alpha: 20 epsilon: 0.2002716064453125e-4 mintime: 162 depth: 22 0.39825903512705770933e-4 7 13 15 15 59   This guide runs MinimaxComp_degrees on macOS, an algorithm that finds optimized polynomial degrees for comparison, max, and ReLU operations under the RNS-CKKS homomorphic encryption scheme, based on the referenced research. CKKS can only evaluate polynomials on encrypted data, so non-polyn...

[How To] Install CRC RevEng on macOS

Image
CRC RevEng CRC RevEng is a portable, arbitrary-precision CRC calculator and algorithm finder. It calculates CRCs using any 111 preset algorithms or a user-specified algorithm to any width. It calculates reversed CRCs to give the bit pattern that produces a desired forward CRC. CRC RevEng also reverse-engineers any CRC algorithm from good, correctly formatted message-CRC pairs and optional known parameters. It comprises powerful input interpretation options. Installation instructions for macOS: 1. Download reveng from SourceForge:  https://sourceforge.net/projects/reveng/files/ 2. Unzip the downloaded reveng zip file 3. % cd Downloads/reveng-3.0.3 4. % make gcc -O3 -Wall -ansi -fomit-frame-pointer -DPRESETS -DBMPTST -o bmptst bmpbit.c ( ./bmptst && touch bmptst ) || ( rm bmptst bmptst.exe && false ) reveng: configuration fault.   Update config.h with these definitions and recompile: #define BMP_BIT   64 #define BMP_SUB   32 rm: bmptst.exe: No suc...

[How To] Run HELR (Homomorphic Encryption Logistic Regression) in macOS

Image
HELR is a software project for performing a logistic regression training on encrypted data (Secure Logistic Regression based on Homomorphic Encryption: Design and Evaluation ( https://medinform.jmir.org/2018/2/e19/ )). Step 1: brew install GMP Step 2: brew install NTL Step 3: git clone  https://github.com/K-miran/HELR.git Step 4: cd HELR

[How To] Calculate hash of a vector in C++

Image
This is a sample code to generate SHA256 in C++ using CryptoPP. For the first string in a vector: std::vector<std::string> stringVector{"abcde", "fghij", "klmno", "pqrst", "uvwxyz"}; byte digest[SHA256::DIGESTSIZE]; SHA256().CalculateDigest(digest, (const byte*)stringVector.data(), stringVector.size()); For an entire vector of string: std::vector<std::string> stringVector{"abcde", "fghij", "klmno", "pqrst", "uvwxyz"}; HexEncoder encoder(new FileSink(std::cout)); std::string digest; SHA256 hash; for(auto str: stringVector) {  hash.Update((const byte*)str.data(), str.size());  }  digest.resize(hash.DigestSize());  hash.Final((byte*)&digest[0]); std::cout << "Digest: "; StringSource(digest, true, new Redirector(encoder)); std::cout << std::endl; This sample computes a SHA-256 hash in C++ with the Crypto++ library, applied to data held in a vector of s...

[How To] Use Cryptopp in Kali Linux

Image
 Crypto++ is a popular C++ library for cryptography. Instruction in this article can be used to install Cryptopp for all operating systems similar to Kali Linux. Check out this article if you want to use it with Xcode in macOS. Step 1: Download Crypto++ using this link Step 2: Extract Crypto++ and switch to that directory from the terminal or shell. Step 3: $ make Step 4: $ make test Step 5: $ sudo make install Step 6: Compile your program using g++ -I/usr/local/include -L/usr/local/lib yourCode.cpp -lcryptopp

[How To] Generate KEY and IV for CryptoPP in C++

Image
In this tutorial, I will share strategies to generate random keys and initialization vector in C++ using CryptoPP library. Approach 1: SecByteBlock key(32), iv(24); AutoSeededRandomPool prng; prng.GenerateBlock(key, key.size()); prng.GenerateBlock(iv, iv.size()); Approach 2: SecByteBlock key(16), iv(16); std::string password = "Super secret password"; DeriveKeyAndIV(password, "encryption example", 100, key, key.size(), iv, iv.size());

[Solved] 'cryptopp/aes.h' file not found; Expected namespace name

Image
If you are facing errors like " 'cryptopp/aes.h' file not found " or getting "Expected namespace name" error for " using namespace CryptoPP; " or similar compilation errors, refer to the following settings: Add "/usr/local/include" in Header search paths Add "/usr/local/lib" in Library search paths Add -lcryptopp as a Linker flag Refer to this article for more information:  https://com.puter.tips/2021/02/how-to-use-cryptopp-in-xcode.html These C++ build errors mean the compiler cannot find the Crypto++ headers or library, so the CryptoPP namespace looks undefined. The include and library search paths are not set. Adding /usr/local/include to the header search paths and the matching library path to the linker settings points the build at Crypto++ and clears both errors at once.

[Solved] code signature not valid for use in process using Library Validation

Image
So I was working on a C++ project on Xcode, and I updated to the latest version of Xcode with recommended default settings; then I started having the following errors: dyld: Library not loaded: /usr/local/lib/libcryptopp.dylib    Referenced from: /Users/devharsh/Library/Developer/Xcode/DerivedData/server-bohvcuztzndrrzhcoglrvuijfasj/Build/Products/Debug/server    Reason: no suitable image found.    Did find: /usr/local/lib/libcryptopp.dylib: code signature in (/usr/local/lib/libcryptopp.dylib) not valid for use in process using Library Validation: mapped file has no cdhash, completely unsigned? Code has to be at least ad-hoc signed. /usr/local/lib/libcryptopp.dylib: code signature in (/usr/local/lib/libcryptopp.dylib) not valid for use in process using Library Validation: mapped file has no cdhash, completely unsigned? Code has to be at least ad-hoc signed. /usr/local/lib/libcryptopp.dylib: code signature in (/usr/local/lib/libcryptopp.dylib) not vali...

NTRU in python3

Image
NTRU: NTRU – Nth Degree Truncated Polynomial Ring Units (or R = Z[X] / ( X^N-1 )) NTRU is the first public-key cryptosystem not based on factorization or discrete logarithmic problems. NTRU is a lattice-based alternative to RSA and ECC and is based on the shortest vector problem in a lattice. NTRU is an open-source public-key cryptosystem that uses lattice-based cryptography to encrypt and decrypt data. It consists of two algorithms: NTRUEncrypt, which is used for encryption, and NTRUSign, which is used for digital signatures. Unlike other popular public-key cryptosystems, it is resistant to attacks using Shor's algorithm. NTRUEncrypt was patented, but it was placed in the public domain in 2017. NTRUSign is patented, but it can be used by software under the GPL. Example in Python3: % python3 --version Python 3.9.1 % pip3 install --user sympy % pip3 install --user numpy % pip3 install --user docopt

[How To] Install Free SSL Certificate for WordPress

Image
In this tutorial, I have installed a free SSL certificate from Let's Encrypt using the Certbot tool on Google Cloud Platform VM running Debian OS that hosts a WordPress site using Apache server. You can follow similar steps for other Cloud providers / OS distributions / CMS vendors / Web servers . Part-1: Configure Virtual Host for your domain on Apache cd /var/www/html wp option update home 'https://example.com' wp option update siteurl 'https://example.com' sudo nano /etc/apache2/sites-available/example.com.conf sudo apache2ctl configtest sudo a2ensite example.com sudo systemctl reload apache2

Random Number Generation in C++

Image
Code: // //   main.cpp //   VaultBox // //   Created by Devharsh Trivedi on 3/11/21. // #include <iostream> #include <iomanip> #include <string> #include <map> #include <random> #include <cmath> #include <vector> int main ( int argc, const char * argv[]) {     std :: random_device ranDev;     unsigned int num_ranDev = ranDev();     std :: cout << num_ranDev << std :: endl ;     std :: mt19937 mtGen(num_ranDev);     std :: vector < unsigned long > indexes( 10 );          iota (indexes. begin (), indexes. end (), 0 );     for ( int i= 0 ; i< 10 ; i++) {         std :: cout << indexes[i] << "\t" ;     }     std :: cout << std :: endl ;

[How To] Use Cryptopp in Xcode

Image
Crypto++ Library is a free C++ class library of cryptographic schemes. Currently the library contains the following algorithms: algorithm type name authenticated encryption schemes GCM, CCM, EAX, ChaCha20Poly1305 and XChaCha20Poly1305 high speed stream ciphers ChaCha (8/12/20), ChaCha (IETF), Panama, Salsa20, Sosemanuk, XSalsa20, XChaCha20 AES and AES candidates AES (Rijndael), RC6, MARS, Twofish, Serpent, CAST-256 ARIA, Blowfish, Camellia, CHAM, HIGHT, IDEA, Kalyna (128/256/512), LEA, SEED, RC5, SHACAL-2, other block ciphers SIMON (64/128), Skipjack, SPECK (64/128), Simeck, SM4, Threefish (256/512/1024), Triple-DES (DES-EDE2 and DES-EDE3), TEA, XTEA block cipher modes of operati...

[How To] check if Intel SGX is enabled

Image
Steps to check if Intel SGX is enabled on your system: 1. Download test-sgx.c from  https://github.com/ayeks/SGX-hardware 2. % gcc test-sgx.c -o test-sgx 3.  % ./test-sgx eax: 806ea ebx: 4100800 ecx: 7ffafbbf edx: bfebfbff stepping 10 model 14 family 6 processor type 0 extended model 8 extended family 0 smx: 0 Extended feature bits (EAX=07H, ECX=0H) eax: 0 ebx: 29c67af ecx: 0 edx: 9c002600 sgx available: 1 sgx launch control: 0 CPUID Leaf 12H, Sub-Leaf 0 of Intel SGX Capabilities (EAX=12H,ECX=0) eax: 0 ebx: 0 ecx: 0 edx: 0 sgx 1 supported: 0 sgx 2 supported: 0 MaxEnclaveSize_Not64: 0 MaxEnclaveSize_64: 0 CPUID Leaf 12H, Sub-Leaf 1 of Intel SGX Capabilities (EAX=12H,ECX=1) eax: 0 ebx: 0 ecx: 0 edx: 0 CPUID Leaf 12H, Sub-Leaf 2 of Intel SGX Capabilities (EAX=12H,ECX=2) eax: 0 ebx: 0 ecx: 0 edx: 0 CPUID Leaf 12H, Sub-Leaf 3 of Intel SGX Capabilities (EAX=12H,ECX=3) eax: 0 ebx: 0 ecx: 0 edx: 0 CPUID Leaf 12H, Sub-Leaf 4 of Intel SGX Capabilities (EAX=12H,ECX=4) eax: 0 ebx: 0 ...