Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
25 views19 pages

Cryptography 201

Free

Uploaded by

Sebastian Bogdan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
25 views19 pages

Cryptography 201

Free

Uploaded by

Sebastian Bogdan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 19

● Review of Cryptography 101

● Warm up challenges
● Symmetric Encryption
○ DES
○ AES
● Asymmetric Encryption
○ RSA
● Wrap up
1. Confidentiality: Ensure that the data can only be seen
by the intended recipients.
2. Integrity: Ensure that the received data has not been
altered or tampered with.
3. Non-repudiation: Ensure that the sender really did send
the data.
4. Authentication: The process of proving one's identity.
Plaintext - Original text, readable by human beings, something that we can
understand

Ciphertext - Text after it has been encrypted

Cipher - An algorithm/technique for performing encryption or decryption

Encryption - The process of converting plaintext into ciphertext

Decryption - The process of converting ciphertext back into plaintext


Keys - A string used in combination with a cipher (encryption algorithm)
to transform plaintext into ciphertext , without knowing the key ciphertext
cannot be converted back to plaintext

Key space - Number of possible keys that can be created from an


algorithm, the larger the key space the more secure the algorithm
Kerckhoffs' Principle states that the security of a cryptosystem must lie in the choice of its keys only;
everything else (including the algorithm itself) should be considered public knowledge.

An encryption algorithm is a mathematical formula used to transform data into meaningless ciphertext.

Use protocols and algorithms that are widely-used, heavily


analyzed, and accepted as secure.
Block Stream
Longer the key size, the harder it is to brute force. However
the larger the key size the more computing power is Cipher Cipher
required. Encryption happens Single bit of data is
on a block of data encrypted at a time

● DES
● RC4
● DES ● 3DES
● SEAL
● AES - 128, 192, 256 bits in key size ● AES
● RSA
Encryption Decryption

Cipher text Plain text





● One key is used to encrypt plaintext and decrypt it as well
● The key is shared among the receiver and sender of data
● Key must be protected
● Ex. Caesar cipher, AES, DES
● Data Encryption Standard

● Created in 1974 by IBM, adopted by NIST

● DES has an effective key length of 56 bits

● Overtime it was discovered that DES was a weak


algorithm because it’s 56-bit key is too short

● "The only solution here is to pick an algorithm with


a longer key; there isn't enough silicon in the galaxy
or enough time before the sun burns out to brute-
force triple-DES" (Crypto-Gram, Counterpane
Systems, August 15, 1998)

● Triple DES systems are significantly more secure


than single DES

● Triple DES applies the DES cipher in triplicate


● Advanced Encryption Standard

● AES encryption has three different block ciphers:


AES-128 (128 bit), AES-192 (192 bit) and AES-256
(256 bit). These block ciphers are named after the
key length they use for encryption and decryption. All
these ciphers encrypt and decrypt the data in 128-bit
blocks but they use different sizes of cryptographic
keys.

● Since the AES algorithm is considered secure, it is in


the worldwide standard.

● There are three options for encryption key lengths:


128-, 192-, or 256-bits.
● Also known as ‘public key cryptography”
● Involves a key pair that are mathematically connected and work in conjunction with each
other
● Private key, public key (Key pair)

● The sender uses the receivers Public key to encrypt


the data and the private key is used by the receiver
to decrypt the message.
● Ex. RSA, ECC, El Gamal
● Asymmetric cryptosystem
● In 1977, Ron Rivest, Adi Shamir, and Leonard Adleman
(Inventors of RSA) publicly described the algorithm.
● A public-key algorithm that is used for key establishment and
the generation and verification of digital signatures. (NIST)
1. Privately select two large prime numbers, P and Q. If someone gains access to these, then you are vulnerable to attack.

2. Multiply the two numbers to create n = P x Q. This is your public key.

3. Calculate Φ(n) such that Φ(n) = (P - 1) x ( Q - 1).

4. Choose a number, e, such that 1 < e < Φ(n).

5. Your total public key is (n, e).

6. Calculate d = (k*Φ(n) + 1)/e for some integer k. d is your private key!

7. Your total private key is (n,d). To send a message m, the other person needs to calculate x = me (mod n) and send x to you. This is the
decrypted message.

Now you encrypt it by calculating x d (mod n). This will give you back the original message m. The best way to use this algorithm is for
the other person to sign the message with your public key and his own public key to ensure Authenticity and Encryption.
RSA public key: Is a pair of numbers (e,n)

RSA private key: Is a pair of numbers (d,n)

Message: m

Ciphertex: c

To encrypt: me mod n = c

To decrypt: cd mod n = m
Public key (e,n) → (11,117)

Private key (d,n) → (35,117)

Message m –> 10

So far, we have a private key which has an e=11, and a public key with a d=35. Our message is 10. To encrypt 10, we do:

1011 mod 117

The result of that is 82. So, we have:

1011 mod 117 = 82

Ciphertext → 82

Now, for decrypting, we do:

8235 mod 117 = 10

Cleartext → 82
Resource Hub available at https://dmz.ryerson.ca/canhack/

PicoCTF primer available at https://picoctf.org

Scripts:
https://en.wikibooks.org/wiki/Algorithm_Implementation/Mathematics/Extended_Euclidean_algorithm

RSA Cryptography: https://www.geeksforgeeks.org/rsa-algorithm-cryptography/

Online Tools for encrypting/decrypting:

https://cryptii.com/

https://gchq.github.io/CyberChef/
Questions?

See you next week for Digital Forensics 201!

You might also like