Merge branch 'main' of https://github.com/billbuchanan/appliedcrypto

2026-02-21 11:18:02 +00:00 · 2022-04-29 08:17:48 +01:00
parent b2094cc90d b398cb7087
commit fc635e80cd
5 changed files with 80 additions and 51 deletions
--- a/README.md
+++ b/README.md
@@ -27,9 +27,9 @@ The following is the draft timetable:
 | 10 | 25 Mar 2022  | Tunnelling                                     | Lab                      |
 | 11 | 1 Apr 2022   | Blockchain                                                | Lab      |
 | 12 | 8 Apr 2022   | Future Cryptography                                    | Lab                            |
-| 13 | 29 Apr 2022  |                            |                             |
+| 13 | 29 Apr 2022  | Tokens and Services                          |    Lab                          | 
 | 14 | 6 May 2022   |                                                    |                             |
-| 15 | 13 May 2022  | Coursework Hand-in - 60% of overall mark    |     Lab (Tokenization)                           |
+| 15 | 13 May 2022  | Coursework Hand-in - 60% of overall mark (15 May)    |     Lab (Tokenization)                           |



--- a/unit09_future/README.md
+++ b/unit09_future/README.md
@@ -4,9 +4,9 @@

 The key concepts are:

+* Light-weight cryptography.
 * Zero-knowledge proof (ZKP).
-* Homomophic encryption.
-* Tokenization.
+* Homomorphic encryption.
 * Quantum-robust encryption.

 ## What you should know at the end of unit?
@@ -16,15 +16,12 @@ The key concepts are:

 ## Material

-
 * Week 9 Lecture (Video): [here](https://youtu.be/CKZjrCnUrAM).
-* Week 9 Lecture (Video Live): [here](https://www.youtube.com/watch?v=AWMGHAVh_nE).
-* Week 9 Lecture (PDF): [here](https://asecuritysite.com/public/unit09_next_gen.pdf).
-* Week 9 Lab (PDF): [here](https://asecuritysite.com/public/lab09.pdf).
+* Week 9 Lecture (PDF): [here](https://github.com/billbuchanan/appliedcrypto/tree/main/unit09_future/lecture).
+* Week 9 Lab (PDF): [here](https://github.com/billbuchanan/appliedcrypto/tree/main/unit09_future/lab).

 ## A few demos and articles

-* Format Preserving Encryption (FPE): [here](https://asecuritysite.com/encryption/fpe).
-* Light-weight crypto: [here](https://asecuritysite.com/encryption/#light).
-* ZKP: [here](https://asecuritysite.com/subjects/chapter100).
-
+* Light-weight crypto: [here](https://asecuritysite.com/light).
+* ZKP: [here](https://asecuritysite.com/zero).
+* PCQ: [here](https://asecuritysite.com/pqc).
--- a/unit09_future/lecture/README.md
+++ b/unit09_future/lecture/README.md
@@ -17,8 +17,8 @@ The key concepts are:
 ## Material

 * Week 9 Lecture (Video): [here](https://youtu.be/CKZjrCnUrAM).
-* Week 9 Lecture (Video Live): [here](https://www.youtube.com/watch?v=AWMGHAVh_nE).
-* Week 9 Lecture (PDF): [here](https://asecuritysite.com/public/unit09_next_gen.pdf).
+* Week 9 Lecture (PDF): [here](https://github.com/billbuchanan/appliedcrypto/tree/main/unit09_future/lecture).
+* Week 9 Lab (PDF): [here](https://github.com/billbuchanan/appliedcrypto/tree/main/unit09_future/lab).



--- a/unit10_services/lab/README.md
+++ b/unit10_services/lab/README.md
@@ -4,6 +4,7 @@

 To provide a foundation around the usage of tokens for authorization. We will use your Ubuntu instance for this work, and aim to provide an introduction to Docker. Make sure you have created your GitHub account, as we will use the account details later in the lab.

+
 ## A	JWT
 ### A.1	
 The JSON Web Token can be used to grant access rights. It is signed using a secret passphrase. Using node.js, create the following program (you need to use npm install jwt-simple):
@@ -66,26 +67,26 @@ Try each of the hashing methods (HSXXX), and observe how the JWT changes:
 ### A.3	
 Now, match the following parameters to the correct signing secret. For the following the message is “{ isa: 14321}”, and the signing keys used are either "napier", "napier123", "qwerty" or "fox123":

-<pre>
+```
 eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.InsgaXNhOiAxNDMyMX0i.czeOHowkTpZQ2qG5pZneOlnpdBGMCnTLXaPImNmSr9w
-</pre>
+```
 Secret: 
-<pre>
+```
 eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.InsgaXNhOiAxNDMyMX0i.WWR2-Wxw0Nm0Expix600cOltjnjhC7hCjOmHH2cPpJ4
-</pre>
+```
 Secret: 
-<pre>
+```
 eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.InsgaXNhOiAxNDMyMX0i.uSXNmESTf_NUk0QC8IJyPfsm_QMu00UP6eIvOA3Dag4
-</pre>
+```
 Secret: 

 **Repl.it:** https://repl.it/@billbuchanan/jwt2

 ### A.4	
 The following JWT has been signed with the passphrase of “fox123”:
-<pre>
+```
 eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.IntcImlzc1wiOiBcImZyZWRcIixcInN1YmplY3RcIjpcImxvZ2luXCIsXCJkZXBhcnRtZW50XCI6IFwic2FsZXNcIixcImlhdFwiOiBcIjE1MjUxOTMzNzdcIixcImV4cFwiOiBcIjE1MjUyMzY1NzdcIn0i.4QpsBQ5HDbAjzv3EaMp0UQdCG-MnEanW7g8q9AUvOLU
-</pre>
+```

 Can you read the message with the wrong passphrase?

@@ -100,9 +101,9 @@ When was the token issued, and when was its expiry time?

 ### A.5	
 The following JWT was signed with a three-character word [a-z]. Can you determine the secret phrase:
-<pre>
+```
 eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.IntcImlzc1wiOiBcImZyZWRcIixcInN1YmplY3RcIjpcImxvZ2luXCIsXCJkZXBhcnRtZW50XCI6IFwic2FsZXNcIixcImlhdFwiOiBcIjE1MjUxOTMzNzdcIixcImV4cFwiOiBcIjE1MjUyMzY1NzdcIn0i.zyd0cy8p4xgpeoyOQ8G61xnA5Cmg5w095tNH9IWg9Wc
-</pre>
+```

 Don't look here, if you don't one an answer just now:

@@ -110,9 +111,9 @@ Don't look here, if you don't one an answer just now:

 ### A.6	
 The following JWT has a secret phrase of “napier”:
-<pre>
+```
 eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.IntcImlzc1wiOiBcImZyZWRcIixcInN1YmplY3RcIjpcImxvZ2luXCIsXCJkZXBhcnRtZW50XCI6IFwic2FsZXNcIixcImlhdFwiOiBcIjE1MjUxOTMzNzdcIixcImV4cFwiOiBcIjE1MjUyMzY1NzdcIn0i.G-cLzbqrTb_daMusbJTEEi_p-1cGC9_Q2ONtGGXe65Q
-</pre>
+```

 Did you decode it?

@@ -185,14 +186,14 @@ Generate several tokens, and outline the values which change on the token?

 ### B.2	
 The following Fernet token uses a password of “napier”. 
-<pre>
+```
 Cipher: 6741414141414263706c6c645f707a5f2d6158394c3173623566354d366a6a636d575f5436307a737233764d5446484c634f622d6150794447486d55416a7839685a47496a477870367830455066657344725f376b676457584d38565747586e41773d3d

 Version:	67
 Time stamp:	4141414141426370
 IV:		6c6c645f707a5f2d6158394c31736235
 HMAC:		6a477870367830455066657344725f376b676457584d38565747586e41773d3d
-</pre>
+```

 Can you determine the message:

@@ -279,7 +280,7 @@ if __name__ == "__main__":

 ### C.3	
 Now add your Client ID and Client secret to the code, and run it:
-<pre>
+```
 napier@napier-virtual-machine:~/esecurity/unit10_services/src$ python c02.py
 * Serving Flask app "c01" (lazy loading)
 * Environment: production
@@ -290,7 +291,7 @@ napier@napier-virtual-machine:~/esecurity/unit10_services/src$ python c02.py
 * Restarting with stat
 * Debugger is active!
 * Debugger PIN: 118-069-597
-</pre>
+```

 ### C.4	
 Now open up a browser, and connect to http://127.0.0.1. Next you should be faced with the GitHub login (Figure 4).
@@ -321,22 +322,22 @@ Figure 4: GitHub authorization
 ## D	Introduction to Docker
 ### D.1	
 Docker is used to create a light-weight infrastructure for services. First we will install some of the pre-requisites:
-<pre>
+```
 sudo apt install apt-transport-https ca-certificates curl software-properties-common
 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
 sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"
 sudo apt update
 apt-cache policy docker-ce
 sudo apt install docker-ce
-</pre>
+```
 Now we will create a Docker instance for an SSH server.
-<pre>
+```
 mkdir docker_sshd
 cd docker_sshd
-</pre>
+```

 Now create a file name “Dockerfile”, and add the following:
-<pre>
+```
 FROM ubuntu:16.04

 RUN apt-get update && apt-get install -y openssh-server
@@ -352,10 +353,10 @@ RUN echo "export VISIBLE=now" >> /etc/profile

 EXPOSE 22
 CMD ["/usr/sbin/sshd", "-D"]
-</pre>
+```

 Now build the docker file:
-<pre>
+```
 napier@napier-virtual-machine:~/Docker_sshd$  docker build -t docker_sshd .

 Step 10/10 : CMD ["/usr/sbin/sshd", "-D"]
@@ -364,10 +365,10 @@ Removing intermediate container 982e91d7a665
 ---> e90cde8a95d3
 Successfully built e90cde8a95d3
 Successfully tagged docker_sshd:latest
-</pre>
+```

 We can view the images that we have created with the “docker image ls” command:
-<pre>
+```
 napier@napier-virtual-machine:~/Docker_sshd$ docker image ls
 REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
 docker_sshd         latest              e90cde8a95d3        4 minutes ago       196MB
@@ -376,14 +377,14 @@ python              2.7-slim            48e3247f2a19        5 days ago
 ethereum/solc       stable              1b65904c442c        2 weeks ago         6.48MB
 hello-world         latest              fce289e99eb9        3 months ago        1.84kB
 ubuntu              16.04               b0ef3016420a        3 months ago  
-</pre>
+```

 Which instances are installed?



 Now log into your SSH server, and use the password defined in the Dockerfile. Create a new folder on your SSH server, and then create a file and add something to it:
-<pre>
+```
 napier@napier-virtual-machine:~/Docker_sshd$ docker run -d -P --name test_sshd docker_sshd
 2e1ee60deb3f44f2c4a6af5ebd0e32f9882ba4e03042f0eb30285f74e49ced39
 napier@napier-virtual-machine:~/Docker_sshd$ docker port test_sshd 22
@@ -410,23 +411,23 @@ applicable law.
 root@2e1ee60deb3f:~# ls
 root@2e1ee60deb3f:~# mkdir test
 root@2e1ee60deb3f:~#
-</pre>
+```

 There are many options we can use with docker run:
-<pre>
+```
 --rm	Remove container when it exits.
 -d	Runs docker container in the background so there is no output (also --detach)
 --ip 10.10.10.10	Assign an IP address of 10.10.10.10.
 -p 22:3000 	Map port 22 to port 3000 (also --publish).
 --name my_c	Give the container a unique name.
-</pre>
+```

 Now list the running containers:
-<pre>
+```
 napier@napier-virtual-machine:~/docker_sshd$ docker ps
 CONTAINER ID   IMAGE        COMMAND              CREATED     STATUS            PORTS                                                    NAMES
 f0e1674e5c7a   docker_sshd  "/usr/sbin/sshd -D"      3 minutes ago       Up 3 minutes        0.0.0.0:32770->22/tcp                                    test_sshd
-</pre>
+```

 What information can you gain about your container from this listing?

@@ -444,10 +445,10 @@ By running “netstat” can you see the running port?


 Now we will stop the container, and then remove it:
-<pre>
+```
 napier@napier-virtual-machine:~/Docker_sshd$ docker container stop test_sshd
 test_sshd
-</pre>
+```


 Can you now run the SSH container with Port 8888?
@@ -458,11 +459,11 @@ Did it run?

 Finally, we will get rid of the docker container:

-<pre>
+```
 napier@napier-virtual-machine:~/Docker_sshd$ docker container rm test_sshd

 napier@napier-virtual-machine:~/Docker_sshd$ docker image rm docker_sshd
-</pre>
+```


 Can you prove that the container does not exist?
@@ -548,6 +549,37 @@ Can you explain the operation of the policy, and, in this case, that Alice is au

 Can you stop your container, and then run it on Port 8181?

+## F Creating an NFT
+For normal crypto tokens (ERC-20) we use FT (Fungible Tokens) and where there is a finite number of these, and each of these is the same. For example, we could release one million ERC-20 tokens and then trade with them. They will all have the same value, and I cannot mint any more. With NFTs (ERC-721), we can mint any number of cryptography tokens, and each will have an owner. Each of these can have its own value, or be pinned to a physical asset or identity. For example, as a tutor, I could assign each of my students to an NFT, and where we link the NFT to the student. Overall, we create these with a smart contract, and where there is an "owner" of the creation of the tokens. It is this account that will create the tokens as required, and then allocate them to new owners. First open Remix (remix.)
+
+```solidity
+pragma solidity ^0.8.0;
+
+import "@openzeppelin/contracts/token/ERC721/extensions/ERC721URIStorage.sol";
+import "@openzeppelin/contracts/utils/Counters.sol";
+
+contract BillToken is ERC721URIStorage{
+    using Counters for Counters.Counter;
+    Counters.Counter private _tokenIds;
+    mapping(string => uint8) hashes;
+    
+    constructor() ERC721("Bill Token", "BTK") {}
+  
+    function awardItem(address recipient, string memory hash, string memory metadata) public returns (uint256){
+        require(hashes[hash] != 1);
+        hashes[hash] = 1;
+        _tokenIds.increment();
+        uint256 newItemId = _tokenIds.current();
+        _mint(recipient, newItemId);
+        _setTokenURI(newItemId, metadata);
+        
+        return newItemId;
+    }
+}
+```
+
+Now follow the tutorial [here](https://asecuritysite.com/ethereum/ethereum09)
+
 ## References
 [1] https://requests-oauthlib.readthedocs.io/en/latest/examples/real_world_example.html#real-example

--- a/z_assessments/coursework/README.md
+++ b/z_assessments/coursework/README.md
@@ -1,7 +1,7 @@
 ![esecurity](https://raw.githubusercontent.com/billbuchanan/esecurity/master/z_associated/esecurity_graphics.jpg)

 # Analysis of Next Generation Cryptography
-The coursework hand-in date is: **Sunday, 15 May 2022, 11:59pm**. There will be a hand-in in Moodle for your submission. **Note: there is no need to write your own code for the method(s) investigated, as it will typically involve running standard code from GitHub sources.**
+The coursework hand-in date is: **Sunday 15 May 2022, 11:59pm**. There will be a hand-in in Moodle for your submission. **Note: there is no need to write your own code for the method(s) investigated, as it will typically involve running standard code from GitHub sources.**

 ## Requirements