SlideShare une entreprise Scribd logo

Cryptography Crash Course

UTD Computer Security Group
UTD Computer Security Group

This presentation gives an overview of many different encryption and encoding schemes. The content ranges from simple encodings, such as ASCII text represented as decimals to classical ciphers, such as Caesar and Vigenere ciphers to modern encryption standards, such as the Data Encryption Standard (DES) and Advanced Encryption Standard (AES). For modern encryption, there are many different implementation flaws that are discussed in the presentation as well as a few ideas for how to correct those flaws. At the end of the presentation, some thought questions are provided.

Technologie
1  sur  59
Télécharger pour lire hors ligne
Cryptography Crash Course Matthew Stephen www.utdcsg.org
 Overview  Encryption ◦ Classical Ciphers ◦ Modern Ciphers  Hash Functions  Encodings  Steganography  Questions and Sample Challenges  CTF Outline
 The enciphering and deciphering of messages in secret code or cipher; also : the computerized encoding and decoding of information – Merriam Webster What is Cryptography?
 Plaintext – the original message to encrypt  Ciphertext – an encrypted message  Cipher – an algorithm to convert plaintext to ciphertext and vice versa  Key – A word/phrase or string of bits that modifies the enciphering/deciphering process Basic Terminology
Cryptography Process
 Substitution Ciphers ◦ Characters or groups of characters are replaced by other characters  Transposition Ciphers ◦ Position of plaintext characters is shifted ◦ Ciphertext is simply a permutation of plaintext Classical Ciphers
 Replace each letter with a fixed different letter  Plaintext – send reinforcements  Ciphertext – ktdp jtfdoejytbtdlk  Key – CRYPTOISFUN Simple Substitution Cipher A B C D E F G H I J K L M N O P Q R S T U V W X Y Z C R Y P T O I S F U N A B D E G H J K L M Q V W X Z
 Shift/Caesar Cipher – Rotate the letters by a fixed amount  ROT13 – Special case (rotate by 13)  Plaintext – send reinforcements  Ciphertext – fraq ervasbeprzragf Shift/Caesar/ROT13 Cipher A B C D E F G H I J K L M N O P Q R S T U V W X Y Z N O P Q R S T U V W X Y Z A B C D E F G H I J K L M
 Uses a set of Caesar ciphers based on a keyword  Plaintext – send reinforcements  Key – somesecret  Ciphertext - kszh jikejhjqqqwrvj Vigenère Cipher S E N D R E I N F O R C E M E N T S S O M E S E C R E T S O M E S E C R
Opk jvvjx rmrp qstyhmtxrh uinkxmcxzsi wl e csccvtvlnfvxdk imclvv riy jbvdygiziq fp Pzwt Fnxkmnbg Eyfvvoq gvbyeh 1467 vvj yfiu e hmzey gztcmx hvwt xj acmggy fzbcirr tmkpkv npglvjkxf. Ecfzzzm'f wpwoms sapp wrqzguiu egxneoikw vnzie wvzzzgp jsihn, ith fazxxpkw jiii dvjmpekiy je aemkmio zlr pvxomx ss xyi xwxvrwgsilort ectcihig me xcm imclvvomdx. Yekim, qt 1508, Nblrrimy Xemklzuoyf, me lda cseo Gsgqmvntymv, qtzrrkiy bni gesygi xipxr, e xzoxvgrp xwstbrvro wl xui Mmbmtèvr gztcmx. Xui Kvdbnizmlw xqvlrv, ysrmbie, sept xxsimuiy i vvbkiinaozr, vzkdl grq tiiyqixnfci ngyxrq wsm acmggymio higavii kotuii egxneoikw.[xqzegmfr imkhrh] Nlvb ow asn oiwcr nw klz Dokrrèii xqvlrv nen wxmtmeegte hrwtvdjkh oc Xmjdgr Oekxdaze Oicpvau ma lzw 1553 wwuo Ye tmazg hrp. Jmb. Oosiee Fvbzmfxr Fztrefs. Yi wcopg ygsi bni gesygi xipxr sa Bxmglvqdcy, fhx rhymj e eigivbort "gfyibkvfmxr" (v skc) gs jadbil pmglzz gpclrfzby iiiic gmzxrv. Nlzzkef Ecfzzzm nru Xmqzlrqzyn cyiq e wmsmj tnxkimv uj fyswoqzygmfrn, Jkpyejs'n ailrqv qzitx glv tvbzier fj nchwgmkyoqurf gfygl hi rejc xpgrtiu wduvpl fp wztkggmek v vka xip. Ozgy arvv xtxognpcc nqtkyi nsmly se wysmb vleejin, stsjr ks wwzl ceixdmy ma euzvvii, bv kvvvyqvxkiy "wax bj seil" gpbrx adbn xui dinagkr. Fvpgiys'f qvxcwj xuyj vzyameiu wozurt wvgpzoxl jfv jvrc glv ozg. Gw vx zw mmregmmigg kefc ks nmiyei r wcwxx xip tczgwr, wrc wg g teimmjcy temmeom isazvvnizmbr, Sigtgwb'w jcnbkq jej gjvymqiiewte qbvv wzkavr.[gzxvbosa rviymj] Fyezwz lk Zvkvrèmm vyopzwcmj lvw uinkxmcxzsi wl e fmdmgix fhx jxmwtkrv ryowqil gztcmx frjfvz bni pslvo wl Lrric DQO ss Jieikk, ma 1586. Prxzz, or glv 19xc kkrgyic, opk mazvroqur bj Sigtgwb'w tmkpkv jej qdagxgvzfpbkh gs Mmbmtèvr. Hrzdl Qeur zr cqy fbsb Xcm Isqisvziqiew cehmtxrh klz uownxkvdjaxvse ft agcvrx xciz lvwksmg neq "mxrjzkh glzw duvsexrro kurgvzfpbosa eeh dvyxreu rvukh n vvkmmywvzv eil kprqvroixc pmglzz lse lzq [Qqmiaèvv] xcwaku lv lvl tsglzrb bu hb azxc qz".[4] Xui Mmbmtèvr gztcmx knmeiy i xicykeoqur ssi fzqtk rbtikbosaecpt azvbrx. Rjbkh nykljz grq qrxcmsegmtmvv Ilnvcin Taxjmukz Luhtwfr (Gmcmf Grvmwrp) pecpzl zlr Zzkzvèxi pmglzz arovvefihpr me lda 1868 vmrgv "Xcm Gpclrfzb Imclvv" dv g gumchmmt'w zexeuqti. Vr 1917, Jgdmtxvjzg Vukvvgrr ymygemsiy bni Imxiièzk gvtyim iy "mztfwnqhpr sw xmitwyekmjv".[5] Zlvw iikczegmfr riy rbx uinmxzrh. Tlvzrif Frfwimi jej oiwcr gs yeqm hvbovr v dgvveex jn zlr gztcmx ef irvgg gw 1854; usniqmx, lr hzhi'b vyopzwc pow jsio.[6] Fiymfoz iibovrpp fmwqi glv gdxnie eeh kchpvwyiy bni gitliqwyr me xcm 19zl piexpze. Iiie fznuvr xymn, bnshky, wjuk wxmcpzl ivltkeiircfxj gjcrh bgtenqurnpcc wzkex xyi xqvlrv zr opk 16xu gvrocxc.[4] Sample Challenge
 Copy paste the text into CrypTool  Choose Analysis > Classic > Ciphertext Only > Vigenere Cipher  The text is decrypted with the key “vigenere” Solution
Frequency Analysis for Substitutions
 Plaintext written downwards on “rails” of an imaginary fence, then moving up when the bottom is reached  Plaintext: we are discovered flee at once  Ciphertext: WECRLTEERDSOEEFEAOCAIVDEN Rail Fence Cipher *Example from Wikipedia
 Plaintext written on a grid of given dimensions and read off in a patter given in the key  “Spiral inwards, clockwise, starting from the top right”  Ciphertext: EJXCTEDECDAEWRIORFEONALEVSE Route Cipher *Example from Wikipedia
 Symmetric Key Encryption ◦ Uses the same key to encrypt and decrypt  Asymmetric Key Encryption ◦ Also known as public key encryption ◦ Uses two keys: one to encrypt and one to decrypt Modern Ciphers
 Share a secret key among two or more parties  DES – Data Encryption Standard ◦ Uses a 56-bit key ◦ Standard from 1979 to 1990s  AES – Advanced Encryption Standard ◦ Uses 128, 192, or 256-bit key ◦ Standard from early 2000s to present ◦ Must use correct block cipher mode Symmetric Key Encryption
 ECB – Electronic Codebook  CBC – Cipher Block Chaining  CFB – Cipher Feedback  OFB – Output Feedback  CTR – Counter  CCM – Counter with Cipher-block Chaining Block Cipher Modes
 Given a sequence x1x2 … xn of plaintext blocks  Ciphertext: yi = ℯk(xi)  Advantage: computation done in parallel  Disadvantage: same plaintext block yields same ciphertext blocks ECB Mode
Why Not to Use ECB Mode *From
 CTF Problem – CSAW 2010, Crypto Bonus  Users allowed to log into system with only their username ◦ Root and Admin are not allowed!  Upon authentication, they are presented with an authentication token (an encryption of the timestamp, username, and puzzle name)  Each auth-token only lasts 5 minutes!  Goal: Construct a correct authentication token for root Why Not to Use ECB Mode cont.
 Submit “AAAAAAAA”  Submit “AAAAAAAA” again  Only difference is the highlighed portion (perhaps a [part of] the timestamp) Why Not to Use ECB Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
 Submit “AAAAAAAAAAAAAAAAAA”  The 3rd cipher block is repeated  Submit “AAAAAAAAAAAAAAAAAAAAAAAAadmin”  The correct token for “admin”  The above decrypts to “  1285874686664|admin| CSAW_CHALLENGE#4x02x02” Why Not to Use ECB Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
 Given a sequence x1x2 … xn of plaintext blocks  Each ciphertext block yi is XOR’d with the next plaintext block xi+1 before encryption  Define y0 = IV (initialization vector)  Ciphertext: yi = ℯk(yi-1 ⊕ xi), i ≥ 1 CBC Mode
 CTF Problem – CSAW 2010, Crypto 2  Users are presented with an auth token  Token is AES encryption of (Username, Team name, Puzzle name, Access level)  The access level is set to 5 and teams need to access level 0 Bit Flipping in CBC Mode
 Bit-flipping propagation  A change in a ciphertext block leads to a change in each succeeding plaintext block Bit flipping in CBC Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
 Hex dump of the URL-base64 decoded information  Decrypted to  Need to manipulate a byte in the 3rd ciphertext block that, when decrypted, lines up with the 5 in “role=5” Bit Flipping in CBC Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
 XOR 0x05 with 0xa8 and get 0xad  Replace 0xa8 with 0xad  Decrypted to  Success! Bit Flipping in CBC Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
 Initialization vector: y0 = IV  Keystream element: zi = ℯk(yi-1), i ≥ 1  Ciphertext: yi = xi ⊕ zi, i ≥ 1 CFB Mode
 Initialization vector: z0 = IV  Keystream: z1z2 … zn  Keystream element: zi = ℯk(zi-1), i ≥ 1  Ciphertext: yi = xi ⊕ zi, i ≥ 1 OFB Mode
 Similar to OFB but with a different keystream  Plaintext block size = m bits  Counter, denoted ctr, bitstring of length m  Construct a sequence of bitstrings of length m, denoted T1,T2,… ,Tn as follows:  Ti = ctr + i - 1 mod 2m , i ≥ 1  Ciphertext: yi = xi ⊕ ℯk(Ti), i ≥ 1 CTR Mode
CTR Mode cont.
 Based on mathematical relationships (integer factorization and discrete logarithm) that have no efficient solution  Public key, K, is published for everyone to see  Private key, K-1 , is held by an individual  Two main uses: ◦ Public key encryption – anyone can send a message to a particular individual – enck(message) ◦ Digital signatures – anyone can verify a message is sent by a particular individual – enck-1(message) Asymmetric Key Encryption
Diffie-Hellman Key Exchange
Diffie-Hellman cont. This implementation is not secure due to the values of g and n. In practice, n = prime number, g = generator (primitive root mod n)
 Attacks on cryptographic algorithms  Known plaintext – attacker has access to a plaintext and the corresponding ciphertext  Ciphertext-only – attack has access to only a ciphertext and not the plaintext  Chosen Plaintext/Ciphertext – attacker gets to pick (encrypt/decrypt) a text of his choosing  Adaptive Chosen Plaintext/Ciphertext – attacker chooses text based on prior results Cryptographic Attack Methods
 Attacks on physical implementation of a cryptosystem  Timing attack  Power monitoring attack  Acoustic cryptanalysis  Differential fault analysis  Data remanence  Padding oracle attack Side Channel Attacks
 Walkthrough of padding oracle attack ◦ http://blog.gdssecurity.com/labs/2010/9/14/automated-pad ding-oracle-attacks-with-padbuster.html Padding Oracle Attack
 Timing attack ◦ Add random delays in processing  Data remanence ◦ Overwrite locations where sensitive data is stored  Padding Oracle attack ◦ Don’t let the user know there was a padding error ◦ Use Message Authentication Code (MAC) to protect integrity of the ciphertext How to Avoid Certain Attacks
Message Authentication Code
 Used to provide assurance of data integrity  Given a bitstring of any length, produce a bitstring of length n (n depends on algorithm)  Desired properties of a hash function: ◦ Easy to compute a hash given a message ◦ Hard to reverse a hash to a message ◦ Hard to modify a message and not the hash ◦ Hard to find to messages with the same hash Hash Functions
 Message Digest: ◦ MD2, MD4, MD5, MD6  Secure Hash Algorithm: ◦ SHA-0, SHA-1, SHA-2, SHA-3 (coming soon)  Most commonly used: ◦ MD5 – 128 bit hash ◦ SHA-1 – 160 bit hash ◦ SHA-2 – 224, 256, 384, or 512 bit hash  Longer hash = better Hash Functions cont.
 Used to discover collisions in hashing algorithms  There is more than a 50% chance that 2 people in a room of 23 will share a birthday  P[No common birthday] = ◦ n = number of people Birthday Attack     1 0 365 365 n i i
 CodeGate 2010 Challenge 15  A web based challenge vulnerable to padding/length extension attack in its SHA1 based authentication scheme  The page asks for a username and then sets a cookie  Username “aaaa”  Cookie “web1_auth = YWFhYXwx| 8f5c14cc7c1cd461f35b190af57927d1c377997e”  The first part “YWFhYXwx” is the base64 encoded string of “aaaa|1” (username|role)  The second part “8f5c14cc7c1cd461f35b190af57927d1c377997e” is the sha1(secret_key + username + role) Length Extension Attack Write up from http://www.vnsecurity.net/t/length-extension-attack/
 The cookie is checked at the next visit  Displays “Welcome back, aaaa! You are not the administrator.”  We guess that 1 is the role for normal and 0 for administrator  Modify the first part to base64_encode(“aaaa|0”), the script will return an error that the data has the wrong signature  The new cookie is “YWFhYXwxgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4fDA=| 70f8bf57aa6d7faaa70ef17e763ef2578cb8d839”  “Welcome back, aaaa! Congratulations! You did it! Here is your flag: CryptoNinjaCertified!!!!!” Length Extension Attack cont. Write up from http://www.vnsecurity.net/t/length-extension-attack/
Python Hash Functions
 Simple encodings of text (not encryption)  ASCII to decimal, hex, binary, or base64 ◦ Plaintext: hello ◦ Decimal: 104 101 108 108 111 ◦ Hex: x68x65x6cx6cx6f ◦ Binary: 0000011010001100101110110011011001101111 ◦ Base64: aGVsbG8=  Many other more clever encodings Encodings
Python Encodings
Python Encodings cont.
 Hide messages in such a way that no one suspects the existence of such a message  Usually hidden in images (but not necessarily) ◦ Least significant bit ◦ Alpha byte in RGBA Steganography
Steganography Sample
 Google - everything  Foremost – recover files from other files  Cryptool - cryptanalysis Useful Tools
 How can you simultaneously ensure secrecy and integrity with public key encryption? ◦ A sends a message to B. ◦ A has keys Ka/Ka -1 and B has keys Kb/Kb -1 ◦ Encrypt function enck(m) ◦ Decrypt function deck(m) ◦ A sends message m as enckb (encKa-1(m))  What if we reverse the encryption functions? ◦ A sends message as encKa-1(enckb (m)) ◦ Anyone can switch A’s integrity check with theirs Question #1
 One Time Pad – proven to be impossible to crack  Plaintext of length n (bitstring or character string)  Key is also of length n  Plaintext: hello  Key: abcde  Ciphertext ((Plaintext + Key) mod 26):  (h+a)=(7+0)=7=h; (e+b)=(4+1)=5=f; (l+c)=(11+2)=13=n; (l+d)=(11+3)=14=o; (o+e)=(14+4)=18=s  Ciphertext: = hfnos Question #2
 If it’s been proven to be impossible to crack, why doesn’t everyone use it? ◦ Only reveals maximum possible length (possibly padded)  Fine for short messages, but the key length must increase linearly with the plaintext length ◦ Requires perfectly random one-time pads (new OTP for each message) ◦ How to exchange keys that are as long as the messages themselves? Question #2 cont.
 Plaintexts P1 and P2 were encrypted with the same one-time pad key. We know P1, how do we find P2?  P1 = x64x69x73x63x6fx76x65x72x79 (discovery)  P2 = ?  C1 = x17x0cx10x11x0ax02x0ex17x00  C2 = x03x09x02x1bx0bx00x0ex1dx0d Question #3
 Consider OTP operations: ◦ P1 ⊕ Key = C1 ◦ P2 ⊕ Key = C2 ◦ P1 ⊕ Key ⊕ P1 = C1 ⊕ P1 = Key ◦ C2 ⊕ Key = P2  P1 = x64x69x73x63x6fx76x65x72x79  C1 = x17x0cx10x11x0ax02x0ex17x00  Key = x73x65x63x72x65x74x6bx65x79 (secretkey)  P2 = x70x6cx61x69x6ex74x65x78x74 (plaintext)  Know ciphertext and plaintext = know key  Know key = decrypt any other ciphertext using that key Question #3 cont.
 Connection details will be provided at the crash course CTF
 Cryptography: Theory and Practice, 3rd Edition by Douglas R. Stinson  Wikipedia.org for many images  Cryptography 101, Parts 1-3: utdcsg.org  Write-ups from ◦ http://blog.gdssecurity.com/labs/tag/ctf ◦ http://blog.gdssecurity.com/labs/2010/9/14/automated- padding-oracle-attacks-with-padbuster.html ◦ http://www.vnsecurity.net/t/length-extension-attack/ References

Recommandé

Secret Sharing Cs416
Secret Sharing Cs416Secret Sharing Cs416
Secret Sharing Cs416Akash Chandrayan
 
Applied Cryptography
Applied CryptographyApplied Cryptography
Applied CryptographyMarcelo Martins
 
A Brief History of Cryptography
A Brief History of CryptographyA Brief History of Cryptography
A Brief History of Cryptographyguest9006ab
 
One Time Pad Encryption Technique
One Time Pad Encryption TechniqueOne Time Pad Encryption Technique
One Time Pad Encryption TechniqueJohn Adams
 
Elliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge ProofElliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge ProofArunanand Ta
 
Evolution of MATLAB
Evolution of MATLABEvolution of MATLAB
Evolution of MATLABinside-BigData.com
 
Discrete Logarithmic Problem- Basis of Elliptic Curve Cryptosystems
Discrete Logarithmic Problem- Basis of Elliptic Curve CryptosystemsDiscrete Logarithmic Problem- Basis of Elliptic Curve Cryptosystems
Discrete Logarithmic Problem- Basis of Elliptic Curve CryptosystemsNIT Sikkim
 
Emily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyEmily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyCSNP
 

Recommandé

Secret Sharing Cs416
Secret Sharing Cs416Secret Sharing Cs416
Secret Sharing Cs416Akash Chandrayan
 
Applied Cryptography
Applied CryptographyApplied Cryptography
Applied CryptographyMarcelo Martins
 
A Brief History of Cryptography
A Brief History of CryptographyA Brief History of Cryptography
A Brief History of Cryptographyguest9006ab
 
One Time Pad Encryption Technique
One Time Pad Encryption TechniqueOne Time Pad Encryption Technique
One Time Pad Encryption TechniqueJohn Adams
 
Elliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge ProofElliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge ProofArunanand Ta
 
Evolution of MATLAB
Evolution of MATLABEvolution of MATLAB
Evolution of MATLABinside-BigData.com
 
Discrete Logarithmic Problem- Basis of Elliptic Curve Cryptosystems
Discrete Logarithmic Problem- Basis of Elliptic Curve CryptosystemsDiscrete Logarithmic Problem- Basis of Elliptic Curve Cryptosystems
Discrete Logarithmic Problem- Basis of Elliptic Curve CryptosystemsNIT Sikkim
 
Emily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyEmily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyCSNP
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key ExchangeSAURABHDHAGE6
 
Cryptography
CryptographyCryptography
CryptographyIGZ Software house
 
Fast Multiparty Threshold ECDSA with Fast TrustlessSetup
Fast Multiparty Threshold ECDSA with Fast TrustlessSetupFast Multiparty Threshold ECDSA with Fast TrustlessSetup
Fast Multiparty Threshold ECDSA with Fast TrustlessSetupNational Chengchi University
 
Explain in detail about a model for network security
Explain in detail about a model for network securityExplain in detail about a model for network security
Explain in detail about a model for network securityPVSaiGanesh
 
02 asymptotic notations
02 asymptotic notations02 asymptotic notations
02 asymptotic notationsTarikuDabala1
 
Minterm and maxterm
Minterm and maxtermMinterm and maxterm
Minterm and maxtermparsa.khan64
 
HTTPS
HTTPSHTTPS
HTTPSJustin Denton
 
Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)Sandeep Gupta
 
One time Pad Encryption
One time Pad EncryptionOne time Pad Encryption
One time Pad EncryptionAbdullah Mubashar
 
HMAC - HASH FUNCTION AND DIGITAL SIGNATURES
HMAC - HASH FUNCTION AND DIGITAL SIGNATURESHMAC - HASH FUNCTION AND DIGITAL SIGNATURES
HMAC - HASH FUNCTION AND DIGITAL SIGNATURESPACHIYAPPAN PACHIYAPPAS
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesJanani S
 
Elliptic curve cryptography
Elliptic curve cryptographyElliptic curve cryptography
Elliptic curve cryptographyCysinfo Cyber Security Community
 
Encryption.ppt
Encryption.pptEncryption.ppt
Encryption.pptreshmy12
 
Homomorphic encryption on Blockchain Principles
Homomorphic encryption on Blockchain PrinciplesHomomorphic encryption on Blockchain Principles
Homomorphic encryption on Blockchain PrinciplesJohann Höchtl
 
Elliptical curve cryptography
Elliptical curve cryptographyElliptical curve cryptography
Elliptical curve cryptographyBarani Tharan
 
Complex varible
Complex varibleComplex varible
Complex varibleNaveen Sihag
 
Free space QKD
Free space QKDFree space QKD
Free space QKDBen Catchpole
 
Hypergraphs
HypergraphsHypergraphs
HypergraphsDanOrganisciak
 
Ecc2
Ecc2Ecc2
Ecc2manikandan varadharaju
 
Rsa cryptosystem
Rsa cryptosystemRsa cryptosystem
Rsa cryptosystemAbhishek Gautam
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...JAINAM KAPADIYA
 
Day5
Day5Day5
Day5Jai4uk
 

Contenu connexe

Tendances

Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key ExchangeSAURABHDHAGE6
 
Fast Multiparty Threshold ECDSA with Fast TrustlessSetup
Fast Multiparty Threshold ECDSA with Fast TrustlessSetupFast Multiparty Threshold ECDSA with Fast TrustlessSetup
Fast Multiparty Threshold ECDSA with Fast TrustlessSetupNational Chengchi University
 
Explain in detail about a model for network security
Explain in detail about a model for network securityExplain in detail about a model for network security
Explain in detail about a model for network securityPVSaiGanesh
 
02 asymptotic notations
02 asymptotic notations02 asymptotic notations
02 asymptotic notationsTarikuDabala1
 
Minterm and maxterm
Minterm and maxtermMinterm and maxterm
Minterm and maxtermparsa.khan64
 
Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)Sandeep Gupta
 
HMAC - HASH FUNCTION AND DIGITAL SIGNATURES
HMAC - HASH FUNCTION AND DIGITAL SIGNATURESHMAC - HASH FUNCTION AND DIGITAL SIGNATURES
HMAC - HASH FUNCTION AND DIGITAL SIGNATURESPACHIYAPPAN PACHIYAPPAS
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesJanani S
 
Encryption.ppt
Encryption.pptEncryption.ppt
Encryption.pptreshmy12
 
Homomorphic encryption on Blockchain Principles
Homomorphic encryption on Blockchain PrinciplesHomomorphic encryption on Blockchain Principles
Homomorphic encryption on Blockchain PrinciplesJohann Höchtl
 
Elliptical curve cryptography
Elliptical curve cryptographyElliptical curve cryptography
Elliptical curve cryptographyBarani Tharan
 

Tendances (20)

Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key Exchange
 
Cryptography
CryptographyCryptography
Cryptography
 
Fast Multiparty Threshold ECDSA with Fast TrustlessSetup
Fast Multiparty Threshold ECDSA with Fast TrustlessSetupFast Multiparty Threshold ECDSA with Fast TrustlessSetup
Fast Multiparty Threshold ECDSA with Fast TrustlessSetup
 
Explain in detail about a model for network security
Explain in detail about a model for network securityExplain in detail about a model for network security
Explain in detail about a model for network security
 
02 asymptotic notations
02 asymptotic notations02 asymptotic notations
02 asymptotic notations
 
Minterm and maxterm
Minterm and maxtermMinterm and maxterm
Minterm and maxterm
 
HTTPS
HTTPSHTTPS
HTTPS
 
Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)
 
One time Pad Encryption
One time Pad EncryptionOne time Pad Encryption
One time Pad Encryption
 
HMAC - HASH FUNCTION AND DIGITAL SIGNATURES
HMAC - HASH FUNCTION AND DIGITAL SIGNATURESHMAC - HASH FUNCTION AND DIGITAL SIGNATURES
HMAC - HASH FUNCTION AND DIGITAL SIGNATURES
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
Elliptic curve cryptography
Elliptic curve cryptographyElliptic curve cryptography
Elliptic curve cryptography
 
Encryption.ppt
Encryption.pptEncryption.ppt
Encryption.ppt
 
Homomorphic encryption on Blockchain Principles
Homomorphic encryption on Blockchain PrinciplesHomomorphic encryption on Blockchain Principles
Homomorphic encryption on Blockchain Principles
 
Elliptical curve cryptography
Elliptical curve cryptographyElliptical curve cryptography
Elliptical curve cryptography
 
Complex varible
Complex varibleComplex varible
Complex varible
 
Free space QKD
Free space QKDFree space QKD
Free space QKD
 
Hypergraphs
HypergraphsHypergraphs
Hypergraphs
 
Ecc2
Ecc2Ecc2
Ecc2
 
Rsa cryptosystem
Rsa cryptosystemRsa cryptosystem
Rsa cryptosystem
 

Similaire à Cryptography Crash Course

Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...JAINAM KAPADIYA
 
classicalencryptiontechniques.ppt
classicalencryptiontechniques.pptclassicalencryptiontechniques.ppt
classicalencryptiontechniques.pptutsavkakkad1
 
Cns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption TechniquesCns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption Techniquesbabak danyal
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Securitybabak danyal
 
Classical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structureClassical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structureAdri Jovin
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesramya marichamy
 
02 Information System Security
02 Information System Security02 Information System Security
02 Information System SecurityShu Shin
 
CryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxCryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxBhavikaGianey
 
Substitution cipher and Its Cryptanalysis
Substitution cipher and Its CryptanalysisSubstitution cipher and Its Cryptanalysis
Substitution cipher and Its CryptanalysisSunil Meena
 
Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - OverviewMohammed Adam
 

Similaire à Cryptography Crash Course (20)

Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
 
Day5
Day5Day5
Day5
 
classicalencryptiontechniques.ppt
classicalencryptiontechniques.pptclassicalencryptiontechniques.ppt
classicalencryptiontechniques.ppt
 
Ch02...1
Ch02...1Ch02...1
Ch02...1
 
Cns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption TechniquesCns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption Techniques
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Security
 
Classical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structureClassical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structure
 
Module 1.pptx
Module 1.pptxModule 1.pptx
Module 1.pptx
 
Unit 1
Unit 1Unit 1
Unit 1
 
Cyber security
Cyber securityCyber security
Cyber security
 
unit 2.ppt
unit 2.pptunit 2.ppt
unit 2.ppt
 
Cryptography using python
Cryptography using pythonCryptography using python
Cryptography using python
 
Cryptography
CryptographyCryptography
Cryptography
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
Ch02
Ch02Ch02
Ch02
 
Encryption
EncryptionEncryption
Encryption
 
02 Information System Security
02 Information System Security02 Information System Security
02 Information System Security
 
CryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxCryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptx
 
Substitution cipher and Its Cryptanalysis
Substitution cipher and Its CryptanalysisSubstitution cipher and Its Cryptanalysis
Substitution cipher and Its Cryptanalysis
 
Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - Overview
 

Plus de UTD Computer Security Group

UTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group
 

Plus de UTD Computer Security Group (20)

Py jail talk
Py jail talkPy jail talk
Py jail talk
 
22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)
 
Cloud talk
Cloud talkCloud talk
Cloud talk
 
UTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domain
 
Forensics audio and video
Forensics audio and videoForensics audio and video
Forensics audio and video
 
Computer networks and network security
Computer networks and network securityComputer networks and network security
Computer networks and network security
 
Intro to python
Intro to pythonIntro to python
Intro to python
 
Powershell crash course
Powershell crash coursePowershell crash course
Powershell crash course
 
Intro to cybersecurity
Intro to cybersecurityIntro to cybersecurity
Intro to cybersecurity
 
Intro to Bash
Intro to BashIntro to Bash
Intro to Bash
 
Web Exploitation
Web ExploitationWeb Exploitation
Web Exploitation
 
Network Exploitation
Network ExploitationNetwork Exploitation
Network Exploitation
 
Penetration Testing: Celestial
Penetration Testing: CelestialPenetration Testing: Celestial
Penetration Testing: Celestial
 
Introduction to Exploitation
Introduction to ExploitationIntroduction to Exploitation
Introduction to Exploitation
 
Fuzzing - Part 2
Fuzzing - Part 2Fuzzing - Part 2
Fuzzing - Part 2
 
Exploitation Crash Course
Exploitation Crash CourseExploitation Crash Course
Exploitation Crash Course
 
Fuzzing - Part 1
Fuzzing - Part 1Fuzzing - Part 1
Fuzzing - Part 1
 
Protostar VM - Heap3
Protostar VM - Heap3Protostar VM - Heap3
Protostar VM - Heap3
 
Heap Base Exploitation
Heap Base ExploitationHeap Base Exploitation
Heap Base Exploitation
 
Return Oriented Programming
Return Oriented ProgrammingReturn Oriented Programming
Return Oriented Programming
 

Dernier

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Dernier (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Cryptography Crash Course

  • 2.  Overview  Encryption ◦ Classical Ciphers ◦ Modern Ciphers  Hash Functions  Encodings  Steganography  Questions and Sample Challenges  CTF Outline
  • 3.  The enciphering and deciphering of messages in secret code or cipher; also : the computerized encoding and decoding of information – Merriam Webster What is Cryptography?
  • 4.  Plaintext – the original message to encrypt  Ciphertext – an encrypted message  Cipher – an algorithm to convert plaintext to ciphertext and vice versa  Key – A word/phrase or string of bits that modifies the enciphering/deciphering process Basic Terminology
  • 6.  Substitution Ciphers ◦ Characters or groups of characters are replaced by other characters  Transposition Ciphers ◦ Position of plaintext characters is shifted ◦ Ciphertext is simply a permutation of plaintext Classical Ciphers
  • 7.  Replace each letter with a fixed different letter  Plaintext – send reinforcements  Ciphertext – ktdp jtfdoejytbtdlk  Key – CRYPTOISFUN Simple Substitution Cipher A B C D E F G H I J K L M N O P Q R S T U V W X Y Z C R Y P T O I S F U N A B D E G H J K L M Q V W X Z
  • 8.  Shift/Caesar Cipher – Rotate the letters by a fixed amount  ROT13 – Special case (rotate by 13)  Plaintext – send reinforcements  Ciphertext – fraq ervasbeprzragf Shift/Caesar/ROT13 Cipher A B C D E F G H I J K L M N O P Q R S T U V W X Y Z N O P Q R S T U V W X Y Z A B C D E F G H I J K L M
  • 9.  Uses a set of Caesar ciphers based on a keyword  Plaintext – send reinforcements  Key – somesecret  Ciphertext - kszh jikejhjqqqwrvj Vigenère Cipher S E N D R E I N F O R C E M E N T S S O M E S E C R E T S O M E S E C R
  • 10.
  • 11. Opk jvvjx rmrp qstyhmtxrh uinkxmcxzsi wl e csccvtvlnfvxdk imclvv riy jbvdygiziq fp Pzwt Fnxkmnbg Eyfvvoq gvbyeh 1467 vvj yfiu e hmzey gztcmx hvwt xj acmggy fzbcirr tmkpkv npglvjkxf. Ecfzzzm'f wpwoms sapp wrqzguiu egxneoikw vnzie wvzzzgp jsihn, ith fazxxpkw jiii dvjmpekiy je aemkmio zlr pvxomx ss xyi xwxvrwgsilort ectcihig me xcm imclvvomdx. Yekim, qt 1508, Nblrrimy Xemklzuoyf, me lda cseo Gsgqmvntymv, qtzrrkiy bni gesygi xipxr, e xzoxvgrp xwstbrvro wl xui Mmbmtèvr gztcmx. Xui Kvdbnizmlw xqvlrv, ysrmbie, sept xxsimuiy i vvbkiinaozr, vzkdl grq tiiyqixnfci ngyxrq wsm acmggymio higavii kotuii egxneoikw.[xqzegmfr imkhrh] Nlvb ow asn oiwcr nw klz Dokrrèii xqvlrv nen wxmtmeegte hrwtvdjkh oc Xmjdgr Oekxdaze Oicpvau ma lzw 1553 wwuo Ye tmazg hrp. Jmb. Oosiee Fvbzmfxr Fztrefs. Yi wcopg ygsi bni gesygi xipxr sa Bxmglvqdcy, fhx rhymj e eigivbort "gfyibkvfmxr" (v skc) gs jadbil pmglzz gpclrfzby iiiic gmzxrv. Nlzzkef Ecfzzzm nru Xmqzlrqzyn cyiq e wmsmj tnxkimv uj fyswoqzygmfrn, Jkpyejs'n ailrqv qzitx glv tvbzier fj nchwgmkyoqurf gfygl hi rejc xpgrtiu wduvpl fp wztkggmek v vka xip. Ozgy arvv xtxognpcc nqtkyi nsmly se wysmb vleejin, stsjr ks wwzl ceixdmy ma euzvvii, bv kvvvyqvxkiy "wax bj seil" gpbrx adbn xui dinagkr. Fvpgiys'f qvxcwj xuyj vzyameiu wozurt wvgpzoxl jfv jvrc glv ozg. Gw vx zw mmregmmigg kefc ks nmiyei r wcwxx xip tczgwr, wrc wg g teimmjcy temmeom isazvvnizmbr, Sigtgwb'w jcnbkq jej gjvymqiiewte qbvv wzkavr.[gzxvbosa rviymj] Fyezwz lk Zvkvrèmm vyopzwcmj lvw uinkxmcxzsi wl e fmdmgix fhx jxmwtkrv ryowqil gztcmx frjfvz bni pslvo wl Lrric DQO ss Jieikk, ma 1586. Prxzz, or glv 19xc kkrgyic, opk mazvroqur bj Sigtgwb'w tmkpkv jej qdagxgvzfpbkh gs Mmbmtèvr. Hrzdl Qeur zr cqy fbsb Xcm Isqisvziqiew cehmtxrh klz uownxkvdjaxvse ft agcvrx xciz lvwksmg neq "mxrjzkh glzw duvsexrro kurgvzfpbosa eeh dvyxreu rvukh n vvkmmywvzv eil kprqvroixc pmglzz lse lzq [Qqmiaèvv] xcwaku lv lvl tsglzrb bu hb azxc qz".[4] Xui Mmbmtèvr gztcmx knmeiy i xicykeoqur ssi fzqtk rbtikbosaecpt azvbrx. Rjbkh nykljz grq qrxcmsegmtmvv Ilnvcin Taxjmukz Luhtwfr (Gmcmf Grvmwrp) pecpzl zlr Zzkzvèxi pmglzz arovvefihpr me lda 1868 vmrgv "Xcm Gpclrfzb Imclvv" dv g gumchmmt'w zexeuqti. Vr 1917, Jgdmtxvjzg Vukvvgrr ymygemsiy bni Imxiièzk gvtyim iy "mztfwnqhpr sw xmitwyekmjv".[5] Zlvw iikczegmfr riy rbx uinmxzrh. Tlvzrif Frfwimi jej oiwcr gs yeqm hvbovr v dgvveex jn zlr gztcmx ef irvgg gw 1854; usniqmx, lr hzhi'b vyopzwc pow jsio.[6] Fiymfoz iibovrpp fmwqi glv gdxnie eeh kchpvwyiy bni gitliqwyr me xcm 19zl piexpze. Iiie fznuvr xymn, bnshky, wjuk wxmcpzl ivltkeiircfxj gjcrh bgtenqurnpcc wzkex xyi xqvlrv zr opk 16xu gvrocxc.[4] Sample Challenge
  • 12.  Copy paste the text into CrypTool  Choose Analysis > Classic > Ciphertext Only > Vigenere Cipher  The text is decrypted with the key “vigenere” Solution
  • 14.  Plaintext written downwards on “rails” of an imaginary fence, then moving up when the bottom is reached  Plaintext: we are discovered flee at once  Ciphertext: WECRLTEERDSOEEFEAOCAIVDEN Rail Fence Cipher *Example from Wikipedia
  • 15.  Plaintext written on a grid of given dimensions and read off in a patter given in the key  “Spiral inwards, clockwise, starting from the top right”  Ciphertext: EJXCTEDECDAEWRIORFEONALEVSE Route Cipher *Example from Wikipedia
  • 16.  Symmetric Key Encryption ◦ Uses the same key to encrypt and decrypt  Asymmetric Key Encryption ◦ Also known as public key encryption ◦ Uses two keys: one to encrypt and one to decrypt Modern Ciphers
  • 17.  Share a secret key among two or more parties  DES – Data Encryption Standard ◦ Uses a 56-bit key ◦ Standard from 1979 to 1990s  AES – Advanced Encryption Standard ◦ Uses 128, 192, or 256-bit key ◦ Standard from early 2000s to present ◦ Must use correct block cipher mode Symmetric Key Encryption
  • 18.  ECB – Electronic Codebook  CBC – Cipher Block Chaining  CFB – Cipher Feedback  OFB – Output Feedback  CTR – Counter  CCM – Counter with Cipher-block Chaining Block Cipher Modes
  • 19.  Given a sequence x1x2 … xn of plaintext blocks  Ciphertext: yi = ℯk(xi)  Advantage: computation done in parallel  Disadvantage: same plaintext block yields same ciphertext blocks ECB Mode
  • 20. Why Not to Use ECB Mode *From
  • 21.  CTF Problem – CSAW 2010, Crypto Bonus  Users allowed to log into system with only their username ◦ Root and Admin are not allowed!  Upon authentication, they are presented with an authentication token (an encryption of the timestamp, username, and puzzle name)  Each auth-token only lasts 5 minutes!  Goal: Construct a correct authentication token for root Why Not to Use ECB Mode cont.
  • 22.  Submit “AAAAAAAA”  Submit “AAAAAAAA” again  Only difference is the highlighed portion (perhaps a [part of] the timestamp) Why Not to Use ECB Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
  • 23.  Submit “AAAAAAAAAAAAAAAAAA”  The 3rd cipher block is repeated  Submit “AAAAAAAAAAAAAAAAAAAAAAAAadmin”  The correct token for “admin”  The above decrypts to “  1285874686664|admin| CSAW_CHALLENGE#4x02x02” Why Not to Use ECB Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
  • 24.  Given a sequence x1x2 … xn of plaintext blocks  Each ciphertext block yi is XOR’d with the next plaintext block xi+1 before encryption  Define y0 = IV (initialization vector)  Ciphertext: yi = ℯk(yi-1 ⊕ xi), i ≥ 1 CBC Mode
  • 25.  CTF Problem – CSAW 2010, Crypto 2  Users are presented with an auth token  Token is AES encryption of (Username, Team name, Puzzle name, Access level)  The access level is set to 5 and teams need to access level 0 Bit Flipping in CBC Mode
  • 26.  Bit-flipping propagation  A change in a ciphertext block leads to a change in each succeeding plaintext block Bit flipping in CBC Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
  • 27.  Hex dump of the URL-base64 decoded information  Decrypted to  Need to manipulate a byte in the 3rd ciphertext block that, when decrypted, lines up with the 5 in “role=5” Bit Flipping in CBC Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
  • 28.  XOR 0x05 with 0xa8 and get 0xad  Replace 0xa8 with 0xad  Decrypted to  Success! Bit Flipping in CBC Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
  • 29.  Initialization vector: y0 = IV  Keystream element: zi = ℯk(yi-1), i ≥ 1  Ciphertext: yi = xi ⊕ zi, i ≥ 1 CFB Mode
  • 30.  Initialization vector: z0 = IV  Keystream: z1z2 … zn  Keystream element: zi = ℯk(zi-1), i ≥ 1  Ciphertext: yi = xi ⊕ zi, i ≥ 1 OFB Mode
  • 31.  Similar to OFB but with a different keystream  Plaintext block size = m bits  Counter, denoted ctr, bitstring of length m  Construct a sequence of bitstrings of length m, denoted T1,T2,… ,Tn as follows:  Ti = ctr + i - 1 mod 2m , i ≥ 1  Ciphertext: yi = xi ⊕ ℯk(Ti), i ≥ 1 CTR Mode
  • 33.  Based on mathematical relationships (integer factorization and discrete logarithm) that have no efficient solution  Public key, K, is published for everyone to see  Private key, K-1 , is held by an individual  Two main uses: ◦ Public key encryption – anyone can send a message to a particular individual – enck(message) ◦ Digital signatures – anyone can verify a message is sent by a particular individual – enck-1(message) Asymmetric Key Encryption
  • 35. Diffie-Hellman cont. This implementation is not secure due to the values of g and n. In practice, n = prime number, g = generator (primitive root mod n)
  • 36.  Attacks on cryptographic algorithms  Known plaintext – attacker has access to a plaintext and the corresponding ciphertext  Ciphertext-only – attack has access to only a ciphertext and not the plaintext  Chosen Plaintext/Ciphertext – attacker gets to pick (encrypt/decrypt) a text of his choosing  Adaptive Chosen Plaintext/Ciphertext – attacker chooses text based on prior results Cryptographic Attack Methods
  • 37.  Attacks on physical implementation of a cryptosystem  Timing attack  Power monitoring attack  Acoustic cryptanalysis  Differential fault analysis  Data remanence  Padding oracle attack Side Channel Attacks
  • 38.  Walkthrough of padding oracle attack ◦ http://blog.gdssecurity.com/labs/2010/9/14/automated-pad ding-oracle-attacks-with-padbuster.html Padding Oracle Attack
  • 39.  Timing attack ◦ Add random delays in processing  Data remanence ◦ Overwrite locations where sensitive data is stored  Padding Oracle attack ◦ Don’t let the user know there was a padding error ◦ Use Message Authentication Code (MAC) to protect integrity of the ciphertext How to Avoid Certain Attacks
  • 41.  Used to provide assurance of data integrity  Given a bitstring of any length, produce a bitstring of length n (n depends on algorithm)  Desired properties of a hash function: ◦ Easy to compute a hash given a message ◦ Hard to reverse a hash to a message ◦ Hard to modify a message and not the hash ◦ Hard to find to messages with the same hash Hash Functions
  • 42.  Message Digest: ◦ MD2, MD4, MD5, MD6  Secure Hash Algorithm: ◦ SHA-0, SHA-1, SHA-2, SHA-3 (coming soon)  Most commonly used: ◦ MD5 – 128 bit hash ◦ SHA-1 – 160 bit hash ◦ SHA-2 – 224, 256, 384, or 512 bit hash  Longer hash = better Hash Functions cont.
  • 43.  Used to discover collisions in hashing algorithms  There is more than a 50% chance that 2 people in a room of 23 will share a birthday  P[No common birthday] = ◦ n = number of people Birthday Attack     1 0 365 365 n i i
  • 44.  CodeGate 2010 Challenge 15  A web based challenge vulnerable to padding/length extension attack in its SHA1 based authentication scheme  The page asks for a username and then sets a cookie  Username “aaaa”  Cookie “web1_auth = YWFhYXwx| 8f5c14cc7c1cd461f35b190af57927d1c377997e”  The first part “YWFhYXwx” is the base64 encoded string of “aaaa|1” (username|role)  The second part “8f5c14cc7c1cd461f35b190af57927d1c377997e” is the sha1(secret_key + username + role) Length Extension Attack Write up from http://www.vnsecurity.net/t/length-extension-attack/
  • 45.  The cookie is checked at the next visit  Displays “Welcome back, aaaa! You are not the administrator.”  We guess that 1 is the role for normal and 0 for administrator  Modify the first part to base64_encode(“aaaa|0”), the script will return an error that the data has the wrong signature  The new cookie is “YWFhYXwxgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4fDA=| 70f8bf57aa6d7faaa70ef17e763ef2578cb8d839”  “Welcome back, aaaa! Congratulations! You did it! Here is your flag: CryptoNinjaCertified!!!!!” Length Extension Attack cont. Write up from http://www.vnsecurity.net/t/length-extension-attack/
  • 47.  Simple encodings of text (not encryption)  ASCII to decimal, hex, binary, or base64 ◦ Plaintext: hello ◦ Decimal: 104 101 108 108 111 ◦ Hex: x68x65x6cx6cx6f ◦ Binary: 0000011010001100101110110011011001101111 ◦ Base64: aGVsbG8=  Many other more clever encodings Encodings
  • 50.  Hide messages in such a way that no one suspects the existence of such a message  Usually hidden in images (but not necessarily) ◦ Least significant bit ◦ Alpha byte in RGBA Steganography
  • 52.  Google - everything  Foremost – recover files from other files  Cryptool - cryptanalysis Useful Tools
  • 53.  How can you simultaneously ensure secrecy and integrity with public key encryption? ◦ A sends a message to B. ◦ A has keys Ka/Ka -1 and B has keys Kb/Kb -1 ◦ Encrypt function enck(m) ◦ Decrypt function deck(m) ◦ A sends message m as enckb (encKa-1(m))  What if we reverse the encryption functions? ◦ A sends message as encKa-1(enckb (m)) ◦ Anyone can switch A’s integrity check with theirs Question #1
  • 54.  One Time Pad – proven to be impossible to crack  Plaintext of length n (bitstring or character string)  Key is also of length n  Plaintext: hello  Key: abcde  Ciphertext ((Plaintext + Key) mod 26):  (h+a)=(7+0)=7=h; (e+b)=(4+1)=5=f; (l+c)=(11+2)=13=n; (l+d)=(11+3)=14=o; (o+e)=(14+4)=18=s  Ciphertext: = hfnos Question #2
  • 55.  If it’s been proven to be impossible to crack, why doesn’t everyone use it? ◦ Only reveals maximum possible length (possibly padded)  Fine for short messages, but the key length must increase linearly with the plaintext length ◦ Requires perfectly random one-time pads (new OTP for each message) ◦ How to exchange keys that are as long as the messages themselves? Question #2 cont.
  • 56.  Plaintexts P1 and P2 were encrypted with the same one-time pad key. We know P1, how do we find P2?  P1 = x64x69x73x63x6fx76x65x72x79 (discovery)  P2 = ?  C1 = x17x0cx10x11x0ax02x0ex17x00  C2 = x03x09x02x1bx0bx00x0ex1dx0d Question #3
  • 57.  Consider OTP operations: ◦ P1 ⊕ Key = C1 ◦ P2 ⊕ Key = C2 ◦ P1 ⊕ Key ⊕ P1 = C1 ⊕ P1 = Key ◦ C2 ⊕ Key = P2  P1 = x64x69x73x63x6fx76x65x72x79  C1 = x17x0cx10x11x0ax02x0ex17x00  Key = x73x65x63x72x65x74x6bx65x79 (secretkey)  P2 = x70x6cx61x69x6ex74x65x78x74 (plaintext)  Know ciphertext and plaintext = know key  Know key = decrypt any other ciphertext using that key Question #3 cont.
  • 58.  Connection details will be provided at the crash course CTF
  • 59.  Cryptography: Theory and Practice, 3rd Edition by Douglas R. Stinson  Wikipedia.org for many images  Cryptography 101, Parts 1-3: utdcsg.org  Write-ups from ◦ http://blog.gdssecurity.com/labs/tag/ctf ◦ http://blog.gdssecurity.com/labs/2010/9/14/automated- padding-oracle-attacks-with-padbuster.html ◦ http://www.vnsecurity.net/t/length-extension-attack/ References