diff --git a/README.md b/README.md
index 72e9c68..9daa470 100644
--- a/README.md
+++ b/README.md
@@ -27,9 +27,9 @@ The following is the draft timetable:
| 10 | 25 Mar 2022 | Tunnelling | Lab |
| 11 | 1 Apr 2022 | Blockchain | Lab |
| 12 | 8 Apr 2022 | Future Cryptography | Lab |
-| 13 | 29 Apr 2022 | | |
+| 13 | 29 Apr 2022 | Tokens and Services | Lab |
| 14 | 6 May 2022 | | |
-| 15 | 13 May 2022 | Coursework Hand-in - 60% of overall mark | Lab (Tokenization) |
+| 15 | 13 May 2022 | Coursework Hand-in - 60% of overall mark (15 May) | Lab (Tokenization) |
diff --git a/unit09_future/README.md b/unit09_future/README.md
index 6ce73c6..9fe9176 100644
--- a/unit09_future/README.md
+++ b/unit09_future/README.md
@@ -4,9 +4,9 @@
The key concepts are:
+* Light-weight cryptography.
* Zero-knowledge proof (ZKP).
-* Homomophic encryption.
-* Tokenization.
+* Homomorphic encryption.
* Quantum-robust encryption.
## What you should know at the end of unit?
@@ -16,15 +16,12 @@ The key concepts are:
## Material
-
* Week 9 Lecture (Video): [here](https://youtu.be/CKZjrCnUrAM).
-* Week 9 Lecture (Video Live): [here](https://www.youtube.com/watch?v=AWMGHAVh_nE).
-* Week 9 Lecture (PDF): [here](https://asecuritysite.com/public/unit09_next_gen.pdf).
-* Week 9 Lab (PDF): [here](https://asecuritysite.com/public/lab09.pdf).
+* Week 9 Lecture (PDF): [here](https://github.com/billbuchanan/appliedcrypto/tree/main/unit09_future/lecture).
+* Week 9 Lab (PDF): [here](https://github.com/billbuchanan/appliedcrypto/tree/main/unit09_future/lab).
## A few demos and articles
-* Format Preserving Encryption (FPE): [here](https://asecuritysite.com/encryption/fpe).
-* Light-weight crypto: [here](https://asecuritysite.com/encryption/#light).
-* ZKP: [here](https://asecuritysite.com/subjects/chapter100).
-
+* Light-weight crypto: [here](https://asecuritysite.com/light).
+* ZKP: [here](https://asecuritysite.com/zero).
+* PCQ: [here](https://asecuritysite.com/pqc).
diff --git a/unit09_future/lecture/README.md b/unit09_future/lecture/README.md
index 84edbae..bcd7e90 100644
--- a/unit09_future/lecture/README.md
+++ b/unit09_future/lecture/README.md
@@ -17,8 +17,8 @@ The key concepts are:
## Material
* Week 9 Lecture (Video): [here](https://youtu.be/CKZjrCnUrAM).
-* Week 9 Lecture (Video Live): [here](https://www.youtube.com/watch?v=AWMGHAVh_nE).
-* Week 9 Lecture (PDF): [here](https://asecuritysite.com/public/unit09_next_gen.pdf).
+* Week 9 Lecture (PDF): [here](https://github.com/billbuchanan/appliedcrypto/tree/main/unit09_future/lecture).
+* Week 9 Lab (PDF): [here](https://github.com/billbuchanan/appliedcrypto/tree/main/unit09_future/lab).
diff --git a/unit10_services/lab/README.md b/unit10_services/lab/README.md
index 35d7cbf..b87cf4d 100644
--- a/unit10_services/lab/README.md
+++ b/unit10_services/lab/README.md
@@ -4,6 +4,7 @@
To provide a foundation around the usage of tokens for authorization. We will use your Ubuntu instance for this work, and aim to provide an introduction to Docker. Make sure you have created your GitHub account, as we will use the account details later in the lab.
+
## A JWT
### A.1
The JSON Web Token can be used to grant access rights. It is signed using a secret passphrase. Using node.js, create the following program (you need to use npm install jwt-simple):
@@ -66,26 +67,26 @@ Try each of the hashing methods (HSXXX), and observe how the JWT changes:
### A.3
Now, match the following parameters to the correct signing secret. For the following the message is “{ isa: 14321}”, and the signing keys used are either "napier", "napier123", "qwerty" or "fox123":
-
+```
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.InsgaXNhOiAxNDMyMX0i.czeOHowkTpZQ2qG5pZneOlnpdBGMCnTLXaPImNmSr9w
-
+```
Secret:
-
+```
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.InsgaXNhOiAxNDMyMX0i.WWR2-Wxw0Nm0Expix600cOltjnjhC7hCjOmHH2cPpJ4
-
+```
Secret:
-
+```
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.InsgaXNhOiAxNDMyMX0i.uSXNmESTf_NUk0QC8IJyPfsm_QMu00UP6eIvOA3Dag4
-
+```
Secret:
**Repl.it:** https://repl.it/@billbuchanan/jwt2
### A.4
The following JWT has been signed with the passphrase of “fox123”:
-
+```
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.IntcImlzc1wiOiBcImZyZWRcIixcInN1YmplY3RcIjpcImxvZ2luXCIsXCJkZXBhcnRtZW50XCI6IFwic2FsZXNcIixcImlhdFwiOiBcIjE1MjUxOTMzNzdcIixcImV4cFwiOiBcIjE1MjUyMzY1NzdcIn0i.4QpsBQ5HDbAjzv3EaMp0UQdCG-MnEanW7g8q9AUvOLU
-
+```
Can you read the message with the wrong passphrase?
@@ -100,9 +101,9 @@ When was the token issued, and when was its expiry time?
### A.5
The following JWT was signed with a three-character word [a-z]. Can you determine the secret phrase:
-
+```
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.IntcImlzc1wiOiBcImZyZWRcIixcInN1YmplY3RcIjpcImxvZ2luXCIsXCJkZXBhcnRtZW50XCI6IFwic2FsZXNcIixcImlhdFwiOiBcIjE1MjUxOTMzNzdcIixcImV4cFwiOiBcIjE1MjUyMzY1NzdcIn0i.zyd0cy8p4xgpeoyOQ8G61xnA5Cmg5w095tNH9IWg9Wc
-
+```
Don't look here, if you don't one an answer just now:
@@ -110,9 +111,9 @@ Don't look here, if you don't one an answer just now:
### A.6
The following JWT has a secret phrase of “napier”:
-
+```
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.IntcImlzc1wiOiBcImZyZWRcIixcInN1YmplY3RcIjpcImxvZ2luXCIsXCJkZXBhcnRtZW50XCI6IFwic2FsZXNcIixcImlhdFwiOiBcIjE1MjUxOTMzNzdcIixcImV4cFwiOiBcIjE1MjUyMzY1NzdcIn0i.G-cLzbqrTb_daMusbJTEEi_p-1cGC9_Q2ONtGGXe65Q
-
+```
Did you decode it?
@@ -185,14 +186,14 @@ Generate several tokens, and outline the values which change on the token?
### B.2
The following Fernet token uses a password of “napier”.
-
+```
Cipher: 6741414141414263706c6c645f707a5f2d6158394c3173623566354d366a6a636d575f5436307a737233764d5446484c634f622d6150794447486d55416a7839685a47496a477870367830455066657344725f376b676457584d38565747586e41773d3d
Version: 67
Time stamp: 4141414141426370
IV: 6c6c645f707a5f2d6158394c31736235
HMAC: 6a477870367830455066657344725f376b676457584d38565747586e41773d3d
-
+```
Can you determine the message:
@@ -279,7 +280,7 @@ if __name__ == "__main__":
### C.3
Now add your Client ID and Client secret to the code, and run it:
-
+```
napier@napier-virtual-machine:~/esecurity/unit10_services/src$ python c02.py
* Serving Flask app "c01" (lazy loading)
* Environment: production
@@ -290,7 +291,7 @@ napier@napier-virtual-machine:~/esecurity/unit10_services/src$ python c02.py
* Restarting with stat
* Debugger is active!
* Debugger PIN: 118-069-597
-
+```
### C.4
Now open up a browser, and connect to http://127.0.0.1. Next you should be faced with the GitHub login (Figure 4).
@@ -321,22 +322,22 @@ Figure 4: GitHub authorization
## D Introduction to Docker
### D.1
Docker is used to create a light-weight infrastructure for services. First we will install some of the pre-requisites:
-
+```
sudo apt install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"
sudo apt update
apt-cache policy docker-ce
sudo apt install docker-ce
-
+```
Now we will create a Docker instance for an SSH server.
-
+```
mkdir docker_sshd
cd docker_sshd
-
+```
Now create a file name “Dockerfile”, and add the following:
-
+```
FROM ubuntu:16.04
RUN apt-get update && apt-get install -y openssh-server
@@ -352,10 +353,10 @@ RUN echo "export VISIBLE=now" >> /etc/profile
EXPOSE 22
CMD ["/usr/sbin/sshd", "-D"]
-
+```
Now build the docker file:
-
+```
napier@napier-virtual-machine:~/Docker_sshd$ docker build -t docker_sshd .
Step 10/10 : CMD ["/usr/sbin/sshd", "-D"]
@@ -364,10 +365,10 @@ Removing intermediate container 982e91d7a665
---> e90cde8a95d3
Successfully built e90cde8a95d3
Successfully tagged docker_sshd:latest
-
+```
We can view the images that we have created with the “docker image ls” command:
-
+```
napier@napier-virtual-machine:~/Docker_sshd$ docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
docker_sshd latest e90cde8a95d3 4 minutes ago 196MB
@@ -376,14 +377,14 @@ python 2.7-slim 48e3247f2a19 5 days ago
ethereum/solc stable 1b65904c442c 2 weeks ago 6.48MB
hello-world latest fce289e99eb9 3 months ago 1.84kB
ubuntu 16.04 b0ef3016420a 3 months ago
-
+```
Which instances are installed?
Now log into your SSH server, and use the password defined in the Dockerfile. Create a new folder on your SSH server, and then create a file and add something to it:
-
+```
napier@napier-virtual-machine:~/Docker_sshd$ docker run -d -P --name test_sshd docker_sshd
2e1ee60deb3f44f2c4a6af5ebd0e32f9882ba4e03042f0eb30285f74e49ced39
napier@napier-virtual-machine:~/Docker_sshd$ docker port test_sshd 22
@@ -410,23 +411,23 @@ applicable law.
root@2e1ee60deb3f:~# ls
root@2e1ee60deb3f:~# mkdir test
root@2e1ee60deb3f:~#
-
+```
There are many options we can use with docker run:
-
+```
--rm Remove container when it exits.
-d Runs docker container in the background so there is no output (also --detach)
--ip 10.10.10.10 Assign an IP address of 10.10.10.10.
-p 22:3000 Map port 22 to port 3000 (also --publish).
--name my_c Give the container a unique name.
-
+```
Now list the running containers:
-
+```
napier@napier-virtual-machine:~/docker_sshd$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f0e1674e5c7a docker_sshd "/usr/sbin/sshd -D" 3 minutes ago Up 3 minutes 0.0.0.0:32770->22/tcp test_sshd
-
+```
What information can you gain about your container from this listing?
@@ -444,10 +445,10 @@ By running “netstat” can you see the running port?
Now we will stop the container, and then remove it:
-
+```
napier@napier-virtual-machine:~/Docker_sshd$ docker container stop test_sshd
test_sshd
-
+```
Can you now run the SSH container with Port 8888?
@@ -458,11 +459,11 @@ Did it run?
Finally, we will get rid of the docker container:
-
+```
napier@napier-virtual-machine:~/Docker_sshd$ docker container rm test_sshd
napier@napier-virtual-machine:~/Docker_sshd$ docker image rm docker_sshd
-
+```
Can you prove that the container does not exist?
@@ -548,6 +549,37 @@ Can you explain the operation of the policy, and, in this case, that Alice is au
Can you stop your container, and then run it on Port 8181?
+## F Creating an NFT
+For normal crypto tokens (ERC-20) we use FT (Fungible Tokens) and where there is a finite number of these, and each of these is the same. For example, we could release one million ERC-20 tokens and then trade with them. They will all have the same value, and I cannot mint any more. With NFTs (ERC-721), we can mint any number of cryptography tokens, and each will have an owner. Each of these can have its own value, or be pinned to a physical asset or identity. For example, as a tutor, I could assign each of my students to an NFT, and where we link the NFT to the student. Overall, we create these with a smart contract, and where there is an "owner" of the creation of the tokens. It is this account that will create the tokens as required, and then allocate them to new owners. First open Remix (remix.)
+
+```solidity
+pragma solidity ^0.8.0;
+
+import "@openzeppelin/contracts/token/ERC721/extensions/ERC721URIStorage.sol";
+import "@openzeppelin/contracts/utils/Counters.sol";
+
+contract BillToken is ERC721URIStorage{
+ using Counters for Counters.Counter;
+ Counters.Counter private _tokenIds;
+ mapping(string => uint8) hashes;
+
+ constructor() ERC721("Bill Token", "BTK") {}
+
+ function awardItem(address recipient, string memory hash, string memory metadata) public returns (uint256){
+ require(hashes[hash] != 1);
+ hashes[hash] = 1;
+ _tokenIds.increment();
+ uint256 newItemId = _tokenIds.current();
+ _mint(recipient, newItemId);
+ _setTokenURI(newItemId, metadata);
+
+ return newItemId;
+ }
+}
+```
+
+Now follow the tutorial [here](https://asecuritysite.com/ethereum/ethereum09)
+
## References
[1] https://requests-oauthlib.readthedocs.io/en/latest/examples/real_world_example.html#real-example
diff --git a/z_assessments/coursework/README.md b/z_assessments/coursework/README.md
index 7f9f371..caa3551 100644
--- a/z_assessments/coursework/README.md
+++ b/z_assessments/coursework/README.md
@@ -1,7 +1,7 @@
# Analysis of Next Generation Cryptography
-The coursework hand-in date is: **Sunday, 15 May 2022, 11:59pm**. There will be a hand-in in Moodle for your submission. **Note: there is no need to write your own code for the method(s) investigated, as it will typically involve running standard code from GitHub sources.**
+The coursework hand-in date is: **Sunday 15 May 2022, 11:59pm**. There will be a hand-in in Moodle for your submission. **Note: there is no need to write your own code for the method(s) investigated, as it will typically involve running standard code from GitHub sources.**
## Requirements