# PyGame

[PyGame](https://www.pygame.org/) is a Python library for making games.

Recall the following:
* Images consist of a grid of pixels.
* Each pixel has a red, green and blue component.

In [None]:
!pip3 install pygame

In [None]:
import math

math.sin(600)

Can we create "Flappy Frankie", a UNSW themed version of Flappy Bird?

See `flappy_frankie.py`.

# Cybersecurity

What actually is cybersecurity?

> Hacking, Viruses, Spyware, Cyberterrorism, Phishing, Information Security, Operational Security, Penetration Testing, Malware, Botnets...

## Encryption and Decryption

Key terms:
* Encryption: Encoding information to hide its true meaning.
* Decryption: Converting information from an encoded representation back to its original.
* Plaintext: The original representation of information.
* Ciphertext: The encrypted representation of information.

### ROT13

The simplest form of encryption: rotate each letter 13 positions in the alphabet. CAR becomes PNE.

Can we write a function to ROT13 strings?

In [None]:
ord('C')
chr(67)

In [None]:
def rot13(text):
    result = ""
    for c in text:
        if c.isalpha():
            if ord('a') <= ord(c.lower()) <= ord('m'):
                result += chr(ord(c) + 13)
            else:
                result += chr(ord(c) - 13)
        else:
            result += c
    return result

rot13('CAP')
rot13('Top secret message')

Can we "crack" ROT13 encryption?

In [None]:
rot13('Gbc frperg zrffntr')

### Caeser cipher

Rotate each letter N alphabet positions

Can we implement a Caeser cipher function?

In [None]:
def rotN(text, n):
    result = ""
    for c in text:
        if c.isalpha():
            if ord('a') <= ord(c.lower()) <= ord('z') - n:
                result += chr(ord(c) + n)
            else:
                result += chr(ord(c) - 26 + n)
        else:
            result += c
    return result

rotN("A second top secret message. A nice long message so we can see how well it works for long messages.", 7)

In [None]:
rotN('H zljvuk avw zljyla tlzzhnl. H upjl svun tlzzhnl zv dl jhu zll ovd dlss pa dvyrz mvy svun tlzzhnlz.', 26 - 7)

Can we "crack" a Caeser cipher?

In [None]:
encrypted_message = 'H zljvuk avw zljyla tlzzhnl. H upjl svun tlzzhnl zv dl jhu zll ovd dlss pa dvyrz mvy svun tlzzhnlz.'

for i in range(0, 26):
    print(i)
    print(rotN(encrypted_message, i))

In [43]:
original_message = "A second top secret message. A nice long message so we can see how well it works for long messages."

import random

encrypted_message = rotN(original_message, random.randint(1,25))

for i in range(0, 26):
    decrypted_message = rotN(encrypted_message, i)
    vowel_count = decrypted_message.count('a') + decrypted_message.count('e') + decrypted_message.count('i') + decrypted_message.count('o') + decrypted_message.count('u')
    total_characters = len(decrypted_message.replace(' ', '').replace('.', ''))
    vowel_percentage = vowel_count / total_characters
    if 0.35 <= vowel_percentage <= 0.40:
        print(i)
        print(decrypted_message)

3
W oaykjz pkl oaynap iaoowca. W jeya hkjc iaoowca ok sa ywj oaa dks sahh ep skngo bkn hkjc iaoowcao.
7
A second top secret message. A nice long message so we can see how well it works for long messages.
15
I amkwvl bwx amkzmb umaaiom. I vqkm twvo umaaiom aw em kiv amm pwe emtt qb ewzsa nwz twvo umaaioma.
19
M eqoazp fab eqodqf yqeemsq. M zuoq xazs yqeemsq ea iq omz eqq tai iqxx uf iadwe rad xazs yqeemsqe.


### One time pad

Rotate each letter by the number in the corresponding position on a "pad".

Can we implement a one-time pad function?

In [45]:
example_pad = [4,6,2,17,25,3,16,12,11,9,7]

def otp(text, pad):
    result = ""
    for c in text:
        n = pad[0]
        pad = pad[1:]
        if c.isalpha():
            if ord('a') <= ord(c.lower()) <= ord('z') - n:
                result += chr(ord(c) + n)
            else:
                result += chr(ord(c) - 26 + n)
        else:
            result += c
    return result

otp("CAR", [13,2,24])
otp("PCP", [26-13, 26-2, 26-24])

'CAR'

Can we "crack" a one-time pad?

In [None]:
# No, it's impossible

### Practical encryption

Using the [cryptography](https://cryptography.io) library in python we can encrypt and decrypt data with 'Frenet'.

In [None]:
# AES - Advanced Encryption Scheme

Can we encrypt this string?

In [52]:
secret_message = "Starting your assessments early always results in higher marks"

from cryptography.fernet import Fernet

key = Fernet.generate_key()
f = Fernet(key)

encrypted_message = f.encrypt(secret_message.encode())
encrypted_message

b'gAAAAABgbq_f4B3yNbOFpsjgZxMQwqLl4ghSZ2teB-LQhW5m0991e0IrpopYWDIo4O1zaVzJaO7LJhAG2-Iy6i5KwMZSdUAFABQ0705z-4uB1PwBPtgpnKpa0uPeIpLMl6JUXZ4PqSZGRndY6fgCV2-4-rg4swicnQ=='

In [54]:
f.decrypt(encrypted_message)
key

b'SqBLX_MRj-aJzWHuQfJezGxucyoG5iXDxuv9sxgEfj4='

In [58]:
f = Fernet(key)
f.decrypt(encrypted_message)

b'Starting your assessments early always results in higher marks'

Can we "crack" Fernet?

In [None]:
# Not practically

### Asymmetric Encryption

* Symmetric Encryption: One key is used for both encrypting and decrypting
* Asymmetric Encryption: Two keys are generated. Information encrypted with one key can be decrypted with the other key and vice versa

Can we generate an RSA keypair?

In [63]:
from cryptography.hazmat.primitives.asymmetric import rsa, padding

private_key = rsa.generate_private_key(65537, 2048)

private_key.public_key().public_numbers()

<RSAPublicNumbers(e=65537, n=26477305172154486136214494643209943295798987012456436779851317825667841364223186666356466431155210986740001502439149684965106079270564848476838586625161143439987460572715216237704428459045685280963844995089232866694273535195190777655600672032999584398049200610554204891125775926510169587008947681951280929041579608495749120097724280449930148771427966014498542555906025406801634829412638679672222488812526901151574971085848704829774294861505788285469484729321376885235935253463122577843461931450889522077515116575559093885473946338889832821633024433681134204579590610201749713147544977317256749272970110722721937728497)>

In [65]:
public_key = private_key.public_key()

Can we encrypt this string with our *private* key?

In [71]:
secret_message = "In 5 years, no one will care about your WAM"

encrypted_message = public_key.encrypt(secret_message.encode(), padding.PKCS1v15())

In [72]:
private_key.decrypt(encrypted_message, padding.PKCS1v15())

b'In 5 years, no one will care about your WAM'

### The reality of encryption

![security](https://imgs.xkcd.com/comics/security.png)

## Cryptographic Hashing

Key terms:
* Hashing: Transforming data of any size into a fixed-size representation (a hash). Typically:
  * If the input data is changed even slightly, the hash is completely different.
  * If you have the hash, you can't determine the exact input that was used, but you may be able to determine a *possible* input.
* Cryptographic Hashing: Hashing where it's computationally difficult to determine a possible input.

Can we write a simple hash function?

Can we create a cryptographic hash for this string?

In [None]:
important_message = "The exam is on the 12th of May"

## Digital Signing

By combining hashing and asymmetric encryption, we have a way of "signing" digital documents.

Can we digitally sign the following string?

In [None]:
verified_message = "Don't forget to double-check your answers in an exam"

## Authentication

#### Authentication

Checking whether someone is who they claim to be.

Types of authentication:
 * Something you know (e.g. a password)
 * Something you have (e.g. a keycard)
 * Something you are (e.g. a fingerprint)
 * Someone you know (e.g. a friend verifies it's you)

Two-factor authentication is when at least two of the above types of authentication are used.

## Social Engineering

Social Engineering is the practice of exploiting the human components in systems, rather than the technological components.

Examples:
 * Phishing
 * Baiting
 * Spearphishing
 * [Poor spelling in emails](https://academic.microsoft.com/paper/2169270715/citedby/search?q=Web%20Spam%20Taxonomy&qe=RId%253D2169270715&f=&orderBy=0)