Tools to practice cryptanalysis and cryptography techniques - encryption

I am looking for tools (preferably free) to practice various cryptoanalysis and cryptography techniques. Something along the lines of following two online tools but with more techniques.
http://www.cryptool-online.org/index.php?option=com_content&view=article&id=55&Itemid=53&lang=en
http://www.simonsingh.net/The_Black_Chamber/letterfrequencies.html
Any suggestions would be very welcome.
Thanks,
Ambi.

The Matasano Crypto Challenges are an excellent learning resource for cryptography.
We've built a collection of 48 exercises that demonstrate attacks on
real-world crypto.
This is a different way to learn about crypto than taking a class or
reading a book. We give you problems to solve. They're derived from
weaknesses in real-world systems and modern cryptographic
constructions. We give you enough info to learn about the underlying
crypto concepts yourself. When you're finished, you'll not only have
learned a good deal about how cryptosystems are built, but you'll also
understand how they're attacked.
The first couple of sets may seem a bit too easy for someone acquainted with cryptography, but the challenges quickly get more tricky and advanced.

Related

NTRU Key Exchange example implementation

Are there any open-source implementations of NTRU-KE (Preferably in Java or C#) out there that I can use as a reference for implementing it in a different language?
The implementations listed on the Wikipedia page for NTRUEncrypt don't have it included, and there's a paper covering the algorithm here but the language is a bit too technical for me to be able to understand it fully.
Future readers, please prove me wrong (and post your own answer).
Given it is pretty new (November 2013) there probably aren't any implementations at all. Even the authors of the paper might not have implemented it themselves (you could ask them though). But as far as I can tell the protocol only uses operations that would have to be included in NTRUEncrypt implementations anyway. So it shouldn't be to difficult to write one yourself on top of an existing NTRU library. You can ask specific questions on the protocol here or on https://crypto.stackexchange.com. Probably you should try to understand the basics of NTRUEncrypt first, though.

Distribution in Ada

I'm searching for some good books/tutorials/guides on how to develop distributed applications using Ada.
I already have some books on Ada programming, but all of them don't talk about distribution or they only mention it very briefly.
The ideal thing would be a book/guide that focus on the practical side of things (implementation) but any resource, either free or commercial, is appreciated.
The "Burns & Welling" book covers concurrency in depth, but doesn't have as much to say about distributed systems as I would expect. Nevertheless it is probably essential reading if you're going to be doing a lot of this stuff.
I'm still reading Professor McCormick's book "Building Parallel, Real-time and embedded Applications with Ada" and it does an excellent job of getting a reader started with a wide range of application-oriented aspects of Ada - sadly missing in other books which focus o the base language - and that includes both the DSA (pure Ada) and PolyOrb (for mixed languages) approaches to distributed systems, including very readable code examples.
Start with this latter book (IMO). (and its lead author has been seen around these parts, so this is a good place to ask questions! :-)
Section 8 in the "PolyORB User's Guide" is a small tutorial on how to develop a distributed application in Ada using the Distributed Systems Annex (DSA).
The "PolyORB User's Guide" also contains examples of developing distributed applications using other constructs than the DSA, which might be of interest, but using the DSA is likely to give you the most elegant application if all the components primarily are in Ada.

What's the easiest way to explain What is Hadoop and Map/Reduce?

It's very easy to explain NoSQL from high level view - it is basically "key-value" storage. Of course with thousand minor and important things, but in general it's just key value storage.
What's the best way to explain Hadoop and Map/Reduce?
May be some "real world" example which can be easy to give an compare for even newbies? Thanks!
I recently found this great article describing Map Reduce :
I’ve been planning on writing about
the Google’s MapReduce algorithm for
some time but I couldn’t find a good
practical example. Then we had a
Northwest C++ Users Group presentation
by Steve Yegge and a followup
discussion and beers, and I had a
little epiphany. Steve was talking
about, among other things, the build
process. And that’s just a bunch of
algorithms that are perfect for
explaining MapReduce.
The code examples are in C++, but the content is really language agnostic.
Here's a great tutorial on map/reduce in general, explaining the background, basics and data flow. I'm finding it useful to explain Google's App Engine implementation as well.
http://developer.yahoo.com/hadoop/tutorial/module4.html

Network Security and Encryption explained in laymen terms

Although I might pretend very well that I know a thing about networks or security and it might help me pass an interview or fix a bug, I don't really feel I'm fooling anyone.
I'm looking for laymen explanation of current network security concepts and solutions. The information is scattered around and I didn't find a resource for "dummies" like me (e.g experienced Java developers that can speak the jargon but have no real clue what it means).
Topics I have a weak notion about and want to understand better as a Java developer:
PGP
Public / Private keys
RSA / DES
SSL and 2 way SSL (keystore / trustore)
Protecting against Man in the middle fraud
Digital Signature and Certificates
Is there a resource out there that really explains it in a way that doesn't require a Cisco certificate / Linux lingo / know what is subnet masking or other plumbing skills?
The book Cryptography Engineering by Ferguson, Schneier, and Kohno might be something that would get you a decent way down the road to understanding the topics you listed. I read the first version of this book (Practical Cryptography) and found it to be quite good. For example, I thought the descriptions of public key/private key cryptography to be reasonably straightforward to understand.
It might not explicitly describe the specific terms in all cases that you are asking about. For example, I just looked in the index of my copy of Practical Cryptography and do not see the terms "keystore" and "truststore", but the first google hit I clicked on for those provided a definition in language I understood (largely because I read the book).
I also own Applied Cryptography mentioned by Aidan Cully, and I think it is also a very good book and certainly worth owning. However I tend to think of it more as a reference book (although somewhat dated - the copyright is 1996). In terms of real-word advice, though, I think the original title of the newer book Practical Cryptography was right on. The book seems, well, practical.
Schneier's Applied Cryptography is how I learned most of what I know. I haven't read it, but expect Ross Anderson's Security Engineering would also be a good resource.
Priactical UNIX and Internet Security will cover a lot of that stuff and give you a basic UNIX background. Also, if you have extra time Academic Earth has free video lectures from top universities.

Structure and Interpretation of Computer Programs, what level of maths ability is required?

I regrettably haven't studied mathematics since I was 16 (GCSE level), I'm now a 27 year old C# developer.
Would it be a fruitless exercise trying to work through Structure and Interpretation of Computer Programs (SICP)?
What kind of mathematics standard is expected of the reader?
Having worked through all of SICP, I can tell you with confidence that you don't need a lot of math background to understand it. SICP is (used to be?) a first or second semester course in MIT, for students with practically no college/university level math. Whenever it discusses mathematical topics, it provides sufficient background for any intelligent reader to understand.
From the little you tell about yourself, it's great time to work through SICP. Reading the book and solving (at least some of) the exercises, and playing with the code of the projects, can teach you a lot about programming. Don't worry about math - you'll handle it without any problems. What's really needed is a true, deep curiosity about programming, and some patience.
It's never too late to start SICP. And it doesn't really require any higher maths at all, except perhaps in the signal processing with infinite streams parts. That can be skipped without losing too much though.
The most important thing while reading SICP is solving the problems, IMO. Some of the tougher ones can be mind-expanding and force you to really understand the topic. If you are confident about some solution you can skip it though. And the solutions can be found at - http://eli.thegreenplace.net/category/programming/lisp/sicp/
The danger in reading SICP is that after completing it, you will not like using any programming language other than Scheme. :)
I had a ganders at this book. My maths knowledge is not great ... but there is a key:
For understanding things like this, providing you have a creative mind and a good grasp of the abstract nature of structures and mathematical principles you should be fine. My mental arithmatic is pretty poor by anyones standards, but I love reading about discrete mathematics because of it's abstract nature.
I wouldn't consider myself a very good mathematician in the numeric sense, but as a software developer I like to think I have a mathematics (or mechanical) mind.
I wouldn't worry too much about your numeric strength but more about the nature of mathematics and the personality of the concepts underpinning computer science. If you have a good programming mind, maybe try and enhance that with combinatorics/discrete/concrete mathematics (which, besides counting theory, in many cases avoids dry numbers).
I found my love for things like set-theory studying compilers, and I wouldn't want to sit my maths A-level without alot of cramming!
Give it a go, what have you got to lose?
(im 22 and in a similar situation to you)
Good luck
PS: I also found the video lectures interesting. You can torrent them from
http://groups.csail.mit.edu/mac/classes/6.001/abelson-sussman-lectures/
It definitely wouldn't be a fruitless exercise, it's an excellent book. On the other hand, it would be kind of tough going, as they do expect you to have some mathematical sophistication, if not tons of advanced math.
You might find How to Design Programs, by Felleisen et al, a bit of an easier start while giving you much the same approach, using Scheme and all.
From what I can remember from this book, it talks about some matrix calculations, which might be hard to understand at first. But it is just list of lists, or array of arrays... so you will need to deal with that sooner or later in programming.
If there was any difficult math, I think you can skip it. This book was (and probably still is) used in Berkeley's first year computer science class (many students take it in the first semester), without any need of understanding calculus at all, so I think general understanding of math is good enough to understand the book.
The book talks about a function being a black box... and after reading the book, I think it helps a person's understanding of math in general as well.
The Numerical Programming section might require some higher math, but you should be able to digest the rest of the book with high-school math.

Resources