I Hate Her Less When She's Naked: An Enemies To Lovers Sapphic Romance
معرفی کتاب «I Hate Her Less When She's Naked: An Enemies To Lovers Sapphic Romance» نوشتهٔ Wenliang Du و A. Goswami، منتشرشده توسط نشر 2024 در سال 2024. این کتاب در فرمت epub، زبان انگلیسی ارائه شده است.
Teaching computer and network security principles via hands-on activities Unique among computer security texts, the Second Edition of the Computer & Internet Security: A Hands-on Approach builds on the author’s long tradition of teaching this complex subject through a hands-on approach. For each security principle, the book uses a series of hands-on activities to help explain the principle; readers can "touch", play with, and experiment with the principle, instead of just reading about it. The hands-on activities are based on the author's widely adopted SEED Labs, which have been used by over 1000 institutes in more than 65 countries. Topics covered in the book - Software security: attacks and countermeasures - Web security: attacks and countermeasures - Network security: attacks on TCP/IP and DNS - Packet sniffing and spoofing - Firewall and Virtual Private Network (VPN) - Newly discovered attacks, including Meltdown and Spectre attacks on CPUs, Dirty COW, Shellshock, Heartbleed, Hash collision, etc. - Common hacking and defense techniques - Cryptography, PKI, and TLS programming - Bitcoin and Blockchain Main Table of Contents......Page 6 Preface......Page 22 About the Author......Page 28 Acknowledgments......Page 30 Part I Software Security......Page 32 Part I Table of Contents......Page 34 Chapter 1 Set-UID Privileged Programs and Attacks on Them......Page 36 1.1.1 The Password Dilemma......Page 37 1.1.2 Different Types of Privileged Programs......Page 38 1.2.2 How It Works......Page 39 1.2.3 An Example of Set-UID Program......Page 40 1.2.5 The Set-GID Mechanism......Page 41 1.3 What Can Go Wrong: What Happened to Superman......Page 42 1.4.1 User Inputs: Explicit Inputs......Page 43 1.4.3 Environment Variables: Hidden Inputs......Page 44 1.4.4 Capability Leaking......Page 45 1.5.1 Unsafe Approach: Using system()......Page 47 1.5.2 Safe Approach: Using execve()......Page 50 1.5.3 Invoking External Commands in Other Languages......Page 51 1.6 Principle of Least Privilege......Page 52 1.7 Summary......Page 53 Chapter 2 Attacks Through Environment Variables......Page 56 2.1.1 How to Access Environment Variables......Page 57 2.1.2 How a Process Gets Its Environment Variables......Page 58 2.1.3 Memory Location for Environment Variables......Page 59 2.1.4 Shell Variables and Environment Variables......Page 60 2.2 Attack Surface Caused by Environment Variables......Page 63 2.3 Attacks via Dynamic Linker......Page 64 2.3.1 Static and Dynamic Linking......Page 65 2.3.2 Case Study: LD_PRELOAD and LD_LIBRARY_PATH......Page 66 2.4 Attack via External Program......Page 69 2.4.2 Case Study: the PATH environment variable......Page 70 2.4.3 Reduce Attack Surface......Page 71 2.5.1 Case Study - Locale in UNIX......Page 72 2.6.1 Case Study - Using getenv() in Application Code......Page 73 2.7 Set-UID Approach versus Service Approach......Page 74 2.8 Summary......Page 75 Chapter 3 Shellshock Attack......Page 78 3.1 Background: Shell Functions......Page 79 3.2.2 The Shellshock Bug......Page 81 3.2.3 Mistake in the Bash Source CodeThe She......Page 82 3.3 Shellshock Attack on Set-UID Programs......Page 83 3.4.2 How Web Server Invokes CGI Programs......Page 85 3.4.4 Launching the Shellshock Attack......Page 87 3.4.5 Creating Reverse Shell......Page 89 3.5 Remote Attack on PHP......Page 91 3.6 Summary......Page 92 Chapter 4 Buffer Overflow Attack......Page 94 4.1 Program Memory Layout......Page 95 4.2.1 Stack Memory Layout......Page 96 4.2.2 Frame Pointer......Page 97 4.3 Stack Buffer-Overflow Attack......Page 98 4.3.1 Copy Data to Buffer......Page 99 4.3.2 Buffer Overflow......Page 100 4.3.3 Exploiting a Buffer Overflow Vulnerability......Page 101 4.4 Setup for Our Experiment......Page 102 4.4.2 Vulnerable Program......Page 103 4.5.1 Finding the Address of the Injected Code......Page 104 4.5.2 Improving Chances of Guessing......Page 105 4.5.3 Finding the Address Without Guessing......Page 106 4.5.4 Constructing the Input File......Page 107 4.6.2 Knowing the Range of the Buffer Address......Page 110 4.6.3 A General Solution......Page 111 4.7.1 Writing Malicious Code Using C......Page 113 4.7.3 Explanation of a Shellcode Example......Page 114 4.8 Countermeasures: Overview......Page 117 4.9 Address Randomization......Page 119 4.9.1 Address Randomization on Linux......Page 120 4.9.2 Effectiveness of Address Randomization......Page 121 4.10 StackGuard......Page 122 4.10.2 Manually Adding Code to Function......Page 123 4.10.3 StackGuard Implementation in gcc......Page 125 4.11 Defeating the Countermeasure in bash and dash......Page 127 4.12 Summary......Page 129 Chapter 5 Return-to-libc Attack and Return-Oriented Programming......Page 132 5.1 Introduction: Non-Executable Stack......Page 133 5.2 The Attack Experiment: Setup......Page 134 5.3.1 Task A: Find the Address of the system() Function......Page 136 5.3.2 Task B: Find the Address of the String "/bin/sh"......Page 137 5.4 Launch the Return-to-libc Attack: Part II......Page 138 5.4.1 Function Prologue......Page 139 5.4.2 Function Epilogue......Page 140 5.4.3 Function Prologue and Epilogue Example......Page 141 5.4.4 Perform Task C......Page 142 5.4.5 Construct Malicious Input......Page 143 5.4.6 Launch the Attack......Page 144 5.5.1 Experiment Setup......Page 145 5.5.2 Tracking the values of the esp and ebp registers......Page 147 5.5.3 Chaining Function Calls Without Arguments......Page 148 5.5.4 Chaining Function Calls With Arguments: Skipping Prologue......Page 150 5.5.5 Chaining Function Calls With Arguments: via leave and ret......Page 153 5.5.6 Chaining Function Calls With Zero in the Argument......Page 157 5.5.7 Use the Chaining Technique to Get Root Shell......Page 158 5.5.8 Further Generalization: Return-Oriented Programming......Page 160 5.6 Summary......Page 161 Chapter 6 Format String Vulnerability......Page 162 6.1.1 How to Access Optional Arguments......Page 163 6.1.2 How printf() Accesses Optional Arguments......Page 165 6.2 Format String with Missing Optional Arguments......Page 166 6.3 Vulnerable Program and Experiment Setup......Page 168 6.4.1 Attack 1: Crash Program......Page 169 6.4.3 Attack 3: Change the Program's Data in the Memory......Page 170 6.4.4 Attack 4: Change the Program's Data to a Specific Value......Page 172 6.4.5 Attack 4 (Continuation): A Much Faster Approach......Page 173 6.5.1 The Revised Vulnerable Program......Page 175 6.5.2 The Attack Strategy......Page 177 6.5.3 The Attack Program......Page 178 6.5.4 Reducing the Size of Format String......Page 180 6.6.2 Compiler......Page 182 6.7 Relationship with the Buffer-Overflow Attack......Page 183 6.8 Summary......Page 184 Chapter 7 Race Condition Vulnerability......Page 186 7.1 The General Race Condition Problem......Page 187 7.2 Race Condition Vulnerability......Page 188 7.3 Experiment Setup......Page 190 7.4.1 Choose a Target File......Page 191 7.4.2 Launch Attack......Page 192 7.4.3 Monitor the Result......Page 193 7.4.4 Running the Exploit......Page 194 7.5.1 Atomic Operation......Page 195 7.5.2 Repeating Check and Use......Page 196 7.5.3 Sticky Symlink Protection......Page 197 7.5.4 Principle of Least Privilege......Page 198 7.6 Summary......Page 200 Chapter 8 The Dirty COW Race Condition Attack......Page 202 8.1 Memory Mapping using mmap()......Page 203 8.2 MAP_SHARED, MAP_PRIVATE and Copy On Write......Page 204 8.4 Mapping Read-Only Files......Page 206 8.5 The Dirty COW Vulnerability......Page 208 8.6 Exploiting the Dirty COW Vulnerability......Page 209 8.6.2 Set Up the Memory Mapping and Threads......Page 210 8.6.3 The write Thread......Page 211 8.6.5 The Attack Result......Page 212 8.7 Summary......Page 213 Chapter 9 Reverse Shell......Page 214 9.2.1 File Descriptor......Page 215 9.2.2 Standard IO Devices......Page 217 9.2.3 Redirection......Page 218 9.2.4 How To Implement Redirection......Page 219 9.3.1 Redirecting Output to a TCP Connection......Page 220 9.3.2 Redirecting Input to a TCP Connection......Page 221 9.3.3 Redirecting to TCP Connection From Shell......Page 222 9.4.2 Redirecting the Standard Input......Page 223 9.4.4 Code Injection......Page 225 9.5 Summary......Page 226 Part II Web Security......Page 228 Part II Table of Contents......Page 230 Chapter 10 Cross Site Request Forgery......Page 232 10.1 Cross-Site Requests and Its Problems......Page 233 10.2 Cross-Site Request Forgery Attack......Page 234 10.3.1 HTTP GET and POST Services......Page 235 10.3.3 Attack on Elgg's Add-friend Service......Page 236 10.4.1 Constructing a POST Request Using JavaScript......Page 238 10.4.2 Attack on Elgg's Edit-Profile Service......Page 239 10.5 Countermeasures......Page 241 10.5.3 Secret Token......Page 242 10.6 Summary......Page 243 Chapter 11 Cross-Site Scripting Attack......Page 246 11.1 The Cross-Site Scripting Attack......Page 247 11.1.1 Non-persistent (Reflected) XSS Attack......Page 248 11.1.3 What damage can XSS cause?......Page 249 11.2.1 Prelude: Injecting JavaScript Code......Page 250 11.2.2 Use XSS Attacks to Befriend with Others......Page 251 11.2.3 Use XSS Attacks to Change Other People's Profiles......Page 254 11.3 Achieving Self-Propagation......Page 256 11.3.1 Creating a Self-Propagating XSS Worm: the DOM Approach......Page 257 11.3.2 Create a Self-Propagating Worm: the Link Approach......Page 259 11.4.1 Getting Rid of Code from User Inputs......Page 260 11.4.2 Defeating XSS Attacks using Content Security Policy......Page 261 11.4.3 Experimenting with Content Security Policy......Page 263 11.5 Summary......Page 265 Chapter 12 SQL Injection Attack......Page 268 12.1.3 CREATE a Table......Page 269 12.1.5 The SELECT Statement......Page 270 12.1.6 WHERE Clause......Page 271 12.1.8 Comments in SQL Statements......Page 272 12.2.1 Getting Data from User......Page 273 12.2.2 Getting Data From Database......Page 274 12.3 Launching SQL Injection Attacks......Page 276 12.3.2 Modify Database......Page 277 12.3.3 Multiple SQL Statements......Page 278 12.4 The Fundamental Cause......Page 279 12.5.2 Prepared Statement......Page 282 12.6 Summary......Page 284 Part III Hardware Security......Page 286 Part III Table of Contents......Page 288 Chapter 13 Meltdown Attack......Page 290 13.1.1 Analogy: The Microsoft Brainteaser Question......Page 291 13.1.3 Side Channels......Page 292 13.2.1 Time Difference When Accessing Cache v.s Memory......Page 293 13.2.2 Using CPU Cache as a Side Channel......Page 295 13.3.1 Secret Data in Kernel Space......Page 298 13.3.3 Avoid Getting Killed: Handling Error/Exceptions in C......Page 300 13.4 Passing the Guard: Out-of-Order Execution by CPU......Page 302 13.5.1 A Naive Approach......Page 305 13.5.3 Improve the Attack Using Assembly Code......Page 306 13.5.4 Improve the Attack Using Statistic Approach......Page 307 13.6 Countermeasures......Page 309 13. 7 Summary......Page 310 Chapter 14 Spectre Attack......Page 312 14.2 Out-of-Order Execution and Branch Prediction......Page 313 14.2.1 An Experiment......Page 314 14.3 The Spectre Attack......Page 316 14.3.1 The Setup for the Experiment......Page 317 14.3.2 The Program Used in the Experiment......Page 318 14.4 Improve the Attack Using Statistic Approach......Page 320 14.6 Summary......Page 323 Part IV Network Security......Page 324 Part IV Table of Contents......Page 326 Chapter 15 Packet Sniffing and Spoofing......Page 328 15.1.1 Network Interface Card (NIC)......Page 329 15.1.2 BSD Packet Filter (BPF)......Page 330 15.2.1 Receiving Packets Using Sockets......Page 331 15.2.2 Packet Sniffing using Raw Sockets......Page 332 15.2.3 Packet Sniffing Using the pcap API......Page 334 15.2.4 Processing Captured Packet......Page 335 15.3 Packet Spoofing......Page 338 15.3.1 Sending Normal Packets Using Socket......Page 339 15.3.2 Sending Spoofed Packets Using Raw Sockets......Page 340 15.3.3 Constructing ICMP Packets......Page 342 15.3.4 Constructing UDP Packets......Page 343 15.4 Sniffing and Then Spoofing......Page 345 15.5.2 A Simple Example......Page 347 15.5.3 Packet Sniffing......Page 348 15.5.5 Spoofing UDP Packets......Page 349 15.5. 7 Sending and Receiving Packets......Page 350 15.6.1 A Hybrid Approach......Page 351 15.6.3 Modifying and Sending Packets Using C......Page 352 15. 7 Endianness......Page 354 15.8 Calculating Checksum......Page 355 15.9 Summary......Page 357 Chapter 16 Attacks on the TCP Protocol......Page 358 16.1.1 TCP Client Program......Page 359 16.1.2 TCP Server Program......Page 360 16.1.3 Data Transmission: Under the Hood......Page 363 16.1.4 TCP Header......Page 364 16.2.1 TCP Three-Way Handshake Protocol......Page 365 16.2.2 The SYN Flooding Attack......Page 366 16.2.3 Launching the SYN Flooding Attack......Page 367 16.2.4 Launching SYN Flooding Attacks Using C Code......Page 369 16.2.5 Countermeasure......Page 371 16.3.1 Closing TCP Connections......Page 372 16.3.3 Launching the TCP Reset Attack: Setup......Page 373 16.3.4 TCP Reset Attack on Telnet connections......Page 374 16.3.5 TCP Reset Attack on SSH connections......Page 375 16.3.6 TCP Reset Attack on Video-Streaming Connections......Page 376 16.4.1 TCP Session and Session Hijacking......Page 378 16.4.2 Launching TCP Session Hijacking Attack......Page 379 16.4.4 Causing More Damage......Page 382 16.4.5 Creating Reverse Shell......Page 383 16.5 Summary......Page 385 Chapter 17 Firewall......Page 386 17.1 Introduction......Page 387 17.2.1 Packet Filter......Page 388 17.3 Building a Simple Firewall using Netfilter......Page 389 17.3.1 Writing Loadable Kernel Modules......Page 390 17 .3.3 Installing Kernel Modules......Page 391 17.4 Netfilter......Page 392 17.4.2 Implementing a Simple Packet Filter Firewall......Page 393 17.5.1 The structure of the iptables Firewall......Page 396 17.5.2 Traversing Chains and Rule Matching......Page 397 17.5.3 iptables Extensions......Page 398 17.5.4 Building a Simple Firewall......Page 399 17.6.1 Stateful Firewall......Page 402 17.6.3 Example: Set up a Stateful Firewall......Page 403 17.7 Application/Proxy Firewall and Web Proxy......Page 404 17.8.1 Using SSH Tunneling to Evade Firewalls......Page 405 17.8.2 Dynamic Port Forwarding......Page 406 17.9 Summary......Page 408 Chapter 18 Domain Name System (DNS) and Attacks......Page 410 18.1.1 DNS Domain Hierarchy......Page 411 18.1.2 DNS Zone......Page 412 18.1.4 The Organization of Zones on the Internet......Page 413 18.2.1 Local DNS Files......Page 415 18.2.2 Local DNS Server and the Iterative Query Process......Page 416 18.3 Set Up DNS Server and Experiment Environment......Page 418 18.3.2 Configure the Local DNS server......Page 419 18.3.3 Set Up Zones in the Local DNS Server......Page 421 18.4.1 DNS Header......Page 423 18.4.2 DNS Records......Page 424 18.4.3 Example 1: Sending a DNS Query......Page 425 18.4.4 Example 2: Implement a Simple DNS Server......Page 426 18.5 DNS Attacks: Overview......Page 428 18.6 Local DNS Cache Poisoning Attack......Page 429 18.6.1 Launch DNS Cache Poisoning Attack......Page 430 18.6.2 Targeting the Authority Section......Page 432 18.7 Remote DNS Cache Poisoning Attack......Page 433 18.7.1 The Kaminsky Attack......Page 434 18.7.2 Construct the IP and UDP headers of DNS reply......Page 436 18.7.3 Construct the DNS Header and Payload......Page 437 18.7.4 Result Verification......Page 439 18.8.1 Fake Data in the Additional Section......Page 440 18.8.2 Fake Data in the Authority Section......Page 442 18.8.3 Fake Data in Both Authority and Additional Sections......Page 443 18.8.5 Fake Answer in Reverse DNS Lookup......Page 444 18.9.1 How DNS Rebinding Attack Works......Page 446 18.9.2 Attack Environment Setup......Page 448 18.9.4 Emulating a Vulnerable loT Device's Web Server......Page 449 18.9.5 Set Up the Web Server on Attacker Computer......Page 450 18.9.6 Setting Up the Malicious DNS Server......Page 452 18.9.7 Launching the Attack......Page 453 18.10.1 DNSSEC......Page 455 18.10.2 TLS/SSL Solution......Page 456 18.11.1 Attacks on the Root and TLD Servers......Page 457 18.11.2 Attacks on Nameservers of a Particular Domain......Page 458 18.12 Summary......Page 459 Chapter 19 Virtual Private Network......Page 460 19.1.1 Virtual Private Network......Page 461 19.1.2 How a Virtual Private Network Works......Page 463 19.2 An Overview of How TLS/SSL VPN Works......Page 464 19.2.2 Forwarding IP packets......Page 465 19.2.3 Releasing IP Packets......Page 466 19.3.1 Virtual Network Interfaces......Page 467 19.3.2 Creating a TUN Interface......Page 468 19.3.3 Routing Packets to a TUN Interface......Page 470 19.3.4 Reading and Writing Operations on the TUN Interface......Page 471 19.4 Building a VPN......Page 472 19.4.1 Establish the Tunnel......Page 473 19.4.3 From TUN To Tunnel......Page 475 19.4.5 Bring Everything Together......Page 476 19.5.1 Network Configuration......Page 477 19.5.4 Configure Host V......Page 479 19.6.1 Ping Test......Page 480 19.6.2 Telnet Test......Page 481 19.7.1 Network Setup......Page 482 19.7.2 Setting Up VPN to Bypass Firewall......Page 483 19.8 Summary......Page 484 Chapter 20 The Heartbleed Bug and Attack......Page 486 20.1 Background: the Heartbeat Protocol......Page 487 20.2.1 Attack Environment and Setup......Page 489 20.2.2 Launch an Attack......Page 490 20.4 Summary......Page 492 Part V Cryptography......Page 494 Part V Table of Contents......Page 496 Chapter 21 Secret-Key Encryption......Page 498 21.2.1 Monoalphabetic Substitution Cipher......Page 499 21.2.2 Breaking Monoalphabetic Substitution Cipher......Page 500 21.2.3 Polyalphabetic Substitution Cipher......Page 503 21.2.4 The Enigma Machine......Page 504 21.3.1 DES: Data Encryption Standard......Page 506 21.4 Encryption Modes......Page 507 21.4.1 Encryption Modes......Page 508 21.4.3 Cipher Block Chaining (CBC) Mode......Page 509 21.4.4 Cipher Feedback (CFB) Mode......Page 511 21.4.5 Output Feedback (OFB) Mode......Page 512 21.4.6 Counter (CTR) Mode......Page 513 21.4.7 Modes for Authenticated Encryption......Page 514 21.4.8 Padding......Page 515 21.5.1 Common Mistake: Use the Same IV......Page 516 21.5.2 Common Mistake: Use a Predictable IV......Page 519 21.6 Programming using Cryptography APis......Page 522 21. 7 Authenticated Encryption and the GCM Mode......Page 524 21.7.1 The GCM Mode......Page 525 21.7.2 Programming using the GCM Mode......Page 526 21.8 Summary......Page 527 Chapter 22 One-Way Hash Function......Page 528 22.2.1 Cryptographic Properties......Page 529 22.3 Algorithms and Programs......Page 530 22.3.2 The SHA (Secure Hash Algorithm) Series......Page 531 22.3.4 One-Way Hash Commands......Page 532 22.3.5 Computing One-Way Hash in Programs......Page 533 22.4 Applications of One-Way Hash Functions......Page 535 22.4.2 Committing a Secret Without Telling It......Page 536 22.4.3 Password Verification......Page 537 22.4.4 Trusted Timestamping......Page 539 22.5 Message Authentication Code (MAC)......Page 540 22.5.1 Constructing MAC and Potential Attacks......Page 541 22.5.2 Launching the Length Extension Attack......Page 542 22.5.4 The Keyed-Hash MAC (HMAC) Algorithm......Page 545 22.6.1 Hash Chain and Blockchain......Page 546 22.6.2 Make Chaining Difficult......Page 547 22.6.3 Adding Incentives and Bitcoin......Page 549 22.7.1 Security Impact of Collision Attacks......Page 550 22.7.2 Generating Two Different Files with the Same MD5 Hash......Page 551 22.7.3 Generating Two Programs with the Same MD5 Hash......Page 553 22.7.4 Making the Two Programs Behave Differently......Page 556 22.7.5 Hash-Colliding X.509 Certificates......Page 558 22.8 Summary......Page 559 Chapter 23 Public Key Cryptography......Page 560 23.2 Diffie-Hellman Key Exchange......Page 561 23.2.1 Diffie-Hellman Key Exchange......Page 562 23.2.2 Turn DH Key Exchange into a Public-Key Encryption Algorithm......Page 563 23.3 The RSA Algorithm......Page 564 23.3.2 Math Background: Euler's Theorem......Page 565 23.3.3 Math Background: Extended Euclidean Algorithm......Page 566 23.3.4 The RSA Algorithm......Page 567 23.3.5 Exercise: Small Number......Page 568 23.3.6 Exercise: Large Number......Page 569 23.3. 7 Performance......Page 571 23.3.9 Other Public-Key Encryption Algorithms......Page 572 23.4.1 Generating RSA keys......Page 573 23.4.2 Extracting the public key......Page 574 23.5 Paddings for RSA......Page 575 23.5.2 Paddings: PKCS#1 v1.5 and OAEP......Page 576 23.6 Digital Signature......Page 577 23.6.1 Digital Signature using RSA......Page 578 23.7 Programming using Public-Key Cryptography APis......Page 580 23.7.2 Encryption and Decryption......Page 581 23.7.3 Digital Signature......Page 583 23.8.1 Authentication......Page 585 23.8.3 Chip Technology Used in Credit Cards......Page 587 23.10 Summary and Further Learning......Page 589 Chapter 24 Public Key Infrastructure......Page 592 24.1.1 Man-in-the-Middle (MITM) Attack......Page 593 24.1.3 Public Key Infrastructure......Page 594 24.2.1 X.509 Digital Certificate......Page 595 24.2.2 Get Certificate from a Real Server......Page 596 24.3 Certificate Authority (CA)......Page 597 24.3.1 Being a CA......Page 598 24.3.2 Getting X.509 Certificate from CA......Page 599 24.3.3 Deploying Public Key Certificate in Web Server......Page 602 24.3.4 Apache Setup for HTTPS......Page 603 24.4.1 Root CAs and Self-Signed Certificate......Page 604 24.4.2 Intermediate CAs and Chain of Trust......Page 605 24.4.3 Creating Certificates for Intermediate CA......Page 606 24.4.5 Trusted CAs in the Real World......Page 607 24.5.2 Attacker Creates a Fake Certificate......Page 608 24.5.3 Attackers Send Their Own Certificates......Page 609 24.5.4 The Man-In-The-Middle Proxy......Page 610 24.6 Attacks on the Public-Key Infrastructure......Page 611 24.6.2 Attack on CA's Signing Process......Page 612 24.6.3 Attacks on the Algorithms......Page 613 24.7 Types of Digital Certificates......Page 614 24.7.2 Organizational Validated Certificates (OV)......Page 615 24.8 Summary......Page 616 Chapter 25 Transport Layer Security......Page 618 25.1 Overview of TLS......Page 619 25.2.1 Overview of the TLS Handshake Protocol......Page 620 25.2.3 Key Generation and Exchange......Page 622 25.3.1 Sending Data with TLS Record Protocol......Page 624 25.3.2 Receiving Data with TLS Record Protocol......Page 625 25.4 TLS Programming: A Client Program......Page 626 25.4.2 TLS Initialization......Page 627 25.4.4 TLS Handshake......Page 629 25.4.5 Application Data Transmission......Page 630 25.4.6 Set Up the Certificate Folder......Page 631 25.4.7 The Complete Client Code......Page 632 25.5.1 Modified Client Code......Page 633 25.5.2 An Experiment: Man-In-The-Middle Attack......Page 635 25.5.3 Hostname Checking......Page 636 25.6.1 TLS Setup......Page 638 25.6.3 TLS Handshake......Page 640 25.6.5 Testing......Page 642 25.7 Summary......Page 643 Chapter 26 Bitcoin and Blockchain......Page 646 26.1 History......Page 647 26.2.1 Generating Private and Public Keys......Page 648 26.2.2 Turning Hash Value Into Bitcoin Address......Page 650 26.3 Transactions......Page 653 26.3.1 The "Safe" Analogy......Page 654 26.3.2 An Example......Page 655 26.3.3 Input......Page 656 26.3.4 Output......Page 657 26.4 Unlocking the Output of a Transaction......Page 658 26.4.1 Some Fun but Non-standard Locks......Page 659 26.4.2 Pay-to-Pubkey-Hash Type (P2PH)......Page 661 26.4.3 Pay-to-Multisig (P2MS)......Page 662 26.4.4 Pay-to-ScriptHash (P2SH)......Page 663 26.4.5 P2SH Example: Multi-Signature......Page 664 26.4.6 Case Study: A Real Transaction......Page 665 26.5.1 Generating Blocks......Page 667 26.5.2 Rewarding......Page 668 26.5.3 Transaction and Merkle Tree......Page 669 26.5.4 Branching and Reaching Consensus......Page 670 26.5.5 Double Spending and Majority of Hash Power......Page 672 26.5.6 Case Study: Users with Majority of Hash Power......Page 673 26.6 Summary......Page 674 Bibliography......Page 676
دانلود کتاب I Hate Her Less When She's Naked: An Enemies To Lovers Sapphic Romance