Table of Contents for
Python for Secret Agents

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Python for Secret Agents by Steven F. Lott Published by Packt Publishing, 2014
  1. Cover
  2. Table of Contents
  3. Python for Secret Agents
  4. Python for Secret Agents
  5. Credits
  6. About the Author
  7. About the Reviewers
  8. www.PacktPub.com
  9. Preface
  10. What you need for this book
  11. Who this book is for
  12. Conventions
  13. Reader feedback
  14. Customer support
  15. 1. Our Espionage Toolkit
  16. Getting more tools – a text editor
  17. Confirming our tools
  18. Background briefing – math and numbers
  19. Handling text and strings
  20. Organizing our software
  21. Working with files and folders
  22. Solving problems – recovering a lost password
  23. Summary
  24. 2. Acquiring Intelligence Data
  25. Using a REST API in Python
  26. Organizing collections of data
  27. Solving problems – currency conversion rates
  28. Summary
  29. 3. Encoding Secret Messages with Steganography
  30. Using the Pillow library
  31. Some approaches to steganography
  32. Detecting and preventing tampering
  33. Solving problems – encrypting a message
  34. Summary
  35. 4. Drops, Hideouts, Meetups, and Lairs
  36. Finding out where we are with geocoding services
  37. How close? What direction?
  38. Compressing data to make grid codes
  39. Decoding a GeoRef code
  40. Creating natural area codes
  41. Solving problems – closest good restaurant
  42. Summary
  43. 5. A Spymaster's More Sensitive Analyses
  44. Creating Python modules and applications
  45. Creating our own classes of objects
  46. Comparisons and correlations
  47. Writing high-quality software
  48. Solving problems – analyzing some interesting datasets
  49. Summary
  50. Index

Detecting and preventing tampering

We can use steganography to assure that our message isn't tampered with. If we can't find our digital watermark properly encoded, we know that our picture was touched. This is one way to detect tampering. A more robust technique to detect tampering is to use hash totals. There are a number of hash algorithms used to produce a summary or signature of a sequence of bytes. We send both the message and the hash code separately. If the received message doesn't match the hash code, we know something went wrong. One common use case for hashes is to confirm a proper download of a file. After downloading a file, we should compare the hash of the file we got with a separately published hash value; if the hash values don't match, something's wrong with the file. We can delete it before opening it.

While it seems like encryption would prevent tampering, it requires careful management of the encryption keys. Encryption is no panacea. It's possible to employ a good encryption algorithm but lose control of the keys, rendering the encryption useless. Someone with unauthorized access to the key can rewrite the file and no one would know.

Using hash totals to validate a file

Python has a number of hash algorithms available in the hashlib module. Software downloads are often provided with MD5 hashes of the software package. We can compute an MD5 digest of a file using hashlib, as shown in the following code:

import hashlib
md5 = hashlib.new("md5")
with open( "LHD_warship.jpg", "rb" ) as some_file:
    md5.update( some_file.read() )
print( md5.hexdigest() )

We've created an MD5 digest object using the hashlib.new() function; we named the algorithm to be used. We opened the file in bytes mode. We provided the entire file to the digest object's update() method. For really large files, we might want to read the file in blocks rather than read the entire file into memory in one swoop. Finally, we printed the hex version of the digest.

This will provide a hexadecimal string version of the MD5 digest, as follows:

0032e5b0d9dd6e3a878a611b49807d24

Having this secure hash allows us to confirm that the file has not been tampered with in its journey through the Internet from sender to receiver.

Using a key with a digest

We can provide considerably more security by adding a key to a message digest. This doesn't encrypt the message; it encrypts the digest to be sure that the digest is not touched during transmission.

The hmac module in the Python standard library handles this for us, as shown in the following code:

import hmac
with open( "LHD_warship.jpg", "rb" ) as some_file:
    keyed= hmac.new( b"Agent Garbo", some_file.read() )
print( keyed.hexdigest() )

In this example, we've created an HMAC digest object and also passed the message content to that digest object. The hmac.new() function can accept both the key (as a string of bytes) and the body of a message.

The hex digest from this HMAC digest object includes both the original message and a key we provided. Here's the output:

42212d077cc5232f3f2da007d35a726c

As HQ knows our key, they can confirm that a message comes from us.

Similarly, HQ must use our key when sending us a message. We can then use our key when we read the message to confirm that it was sent to us by HQ.