Cryptography

Cryptography is the reason we can use banking apps, transmit sensitive

information over the web, and in general protect our privacy.

The word “cryptography” technically means the art of writing codes.

WHAT IS CRYPTOGRAPHY?

Cryptography is the science of encrypting and decrypting data to prevent

unauthorized access. Encryption is the process of making the plaintext
unreadable to any third party, which generates the ciphertext. Decryption
is the process of reversing the encrypted text to its original readable
format, i.e., plaintext.

There are two types of encryption in cryptography:

1. Symmetric Encryption
2. Asymmetric Encryption
 WHAT IS SYMMETRIC ENCRYPTION?

Symmetric Encryption algorithm relies on a single key for encryption and

decryption of information. Both the sender and receiver of the message
need to have a pre-shared secret key that they will use to convert the
plaintext into ciphertext and vice versa.

As shown below in the figure, the key which is being used for encrypting
the original message is decrypting the ciphertext. The key must be kept
private and be known only to the sender and the receiver.

For example, if Paul wants to send a simple message to Jane, they need
to have a single encryption key that both of them must keep secret to
prevent snooping by malicious actors. If the message “I am ready” is
converted to ciphertext using a specific substitution cipher by Paul, Jane
must be aware of the substitution shift to decrypt the ciphertext once it
reaches her.

To sum it up, the entire process will be as shown below:

• Step 1: Paul and Jane decide on a common key to be used

• Step 2: Paul sends the secret encryption key to Jane or vice

versa

• Step 3: Paul uses the private key to encrypt the original

message

• Step 4: Paul sends the encrypted message to Jane

• Step 5: Jane uses the secret key to decrypt the message that
was already present with her
Following the above process, Paul and Jane communicate privately
without the fear of anyone lurking on the route. Since only both of them
have the secret key needed to encrypt and decrypt the message, no third
party who can intercept the encrypted message can break into it.

Now that you have a foundation, it’s time to walk you through its
applications.

WHERE IS SYMMETRIC KEY CRYPTOGRAPHY USED?

Symmetric encryption is essential for many day-to-day activities on the

internet, ranging from safe online browsing to banking applications.
Some of these applications are as follows-
 • Payment Applications:

Many online banking and payment applications require the verification of

personally identifiable information before proceeding with their
transactions. It helps in predicting the correct information to prevent
fraudulent activities and cybercrime.

• Securing Data at Rest:

When a website or organization stores personal information regarding

their users or the company itself, it is protected using Symmetric
encryption. This is done to prevent all kinds of snooping from either
outside hackers or disgruntled employees inside the office, looking to
steal crucial information.

• SSL/TLS Handshake:

Symmetric encryption plays a significant role in verifying website server

authenticity, exchanging the necessary encryption keys required, and
generating a session using those keys to ensure maximum security,
instead of the rather insecure HTTP website format.
 WHAT ARE THE ADVANTAGES OF USING SYMMETRIC KEY
CRYPTOGRAPHY?

Symmetric encryption has a few advantages over its counterpart,

asymmetric encryption, which uses two different keys to encrypt and
decrypt data. Some of these advantages are -

WHAT IS THE NEED FOR ASYMMETRIC KEY CRYPTOGRAPHY?

Joe is a journalist who needs to communicate with Ryan over long-

distance messaging, Joe uses symmetric encryption while sending his
messages to prevent them from falling into the wrong hands.

However, the tricky part comes when Ryan needs to receive the
decryption key for the encrypted data.
You face a critical problem here when it comes to the key exchange. The
encrypted messages in transit are not a risk to either sender or receiver
since unauthorized people can’t read the contents. But the decryption
key, on the other hand, if intercepted, exposes all the information Joe
has to disclose to Ryan.

This is the dilemma asymmetric encryption has fixed because of its multi-
key architecture.
 WHAT IS ASYMMETRIC ENCRYPTION?

Asymmetric encryption algorithms use two different keys for encryption

and decryption. The key used for encryption is the public key, and the
key used for decryption is the private key. Both the keys must belong to
the receiver.

As you can see in the above image, using different keys for encryption
and decryption has helped avoid the problem of key exchange, as seen
in the case of symmetric encryption.

For example, if Alice needs to send a message to Bob, both the keys,
private and public, must belong to Bob.
The process for the above image is as follows:

• Step 1: Alice uses Bob’s public key to encrypt the message

• Step 2: The encrypted message is sent to Bob

• Step 3: Bob uses his private key to decrypt the message

To understand the asymmetric key cryptography architecture clearly,
consider the process of sending and receiving letters via physical
mailboxes.

As shown below, anyone who has the postal address of the receiver
(public key in our case) can send any message they want.

However, only the receiver can read all his/her messages thanks to the
mailbox key that no other person can have.
This eliminates the need to exchange any secret key between sender
and receiver, thereby reducing the window of exploitation.

Now that you understand the base terminology and process behind
asymmetric key cryptography.

WHERE IS ASYMMETRIC KEY CRYPTOGRAPHY USED?

Asymmetric key cryptography has found use in many authentication

domains thanks to its thorough identity verification process. Some
applications are as follows:

• Digital signatures: Verification of document origin and signature

authenticity is possible today thanks to asymmetric key
cryptography.

• TLS/SSL handshake: Asymmetric key cryptography plays a

significant role in verifying website server authenticity,
exchanging the necessary encryption keys required, and
generating a session using those keys to ensure maximum
security. Instead of the rather insecure HTTP website format.

• Crypto-currency: Asymmetric key cryptography uses blockchain

technology to authorize cryptocurrency transactions and
maintain the integrity of its decentralized architecture.

• Key sharing: This cryptography category can also be used to

exchange secret keys for symmetric encryption since keeping
such keys private is of utmost importance in its system.
XOR BASICS

An XOR or eXclusive OR is a bitwise operation indicated by ^ and shown

by the following truth table:

WHAT DOES THIS HAVE TO DO WITH CTF?

XOR is a cheap way to encrypt data with a password. Any data can be
encrypted using XOR as shown in this Python example:
 EXPLOITING XOR ENCRYPTION
Single Byte XOR Encryption

Single Byte XOR Encryption is trivial to bruteforce as there are only 255
key combinations to try.

Multibyte XOR Encryption

Multibyte XOR gets exponentially harder the longer the key, but if the
encrypted text is long enough, character frequency analysis is a viable
method to find the key. Character Frequency Analysis means that we
split the cipher text into groups based on the number of characters in the
key. These groups then are bruteforced using the idea that some letters
appear more frequently in the english alphabet than others.

CAESAR CIPHER/ROT 13

The Caesar Cipher or Caesar Shift is a cipher which uses the alphabet in
order to encode texts.

CAESAR encoded with a shift of 8

is KIMAIZ so ABCDEFGHIJKLMNOPQRSTUVWXYZ becomes IJKLMN
OPQRSTUVWXYZABCDEFGH

ROT13 is the same thing but a fixed shift of 13, this is a trivial cipher to
bruteforce because there are only 25 shifts.
 VIGENERE CIPHER

A Vigenere Cipher is an extended Caesar Cipher where a message is

encrypted using various Caesar shifted alphabets.

The following table can be used to encode a message:

 ENCRYPTION

For example, encrypting the text SUPERSECRET with CODE would

follow this process:

1. CODE gets padded to the length of SUPERSECRET so the key

becomes CODECODECOD
2. For each letter in SUPERSECRET we use the table to get the
Alphabet to use, in this instance row C and column S
3. The ciphertext's first letter then becomes U
4. We eventually get UISITGHGTSW

DECRYPTION

1. Go to the row of the key, in this case C

2. Find the letter of the cipher text in this row, in this case U
3. The column is the first letter of the decrypted ciphertext, so we
get S
4. After repeating this process we get back to SUPERSECRET
5.
HASHING FUNCTIONS

Hashing functions are one way functions which theoretically provide a

unique output for every input. MD5, SHA-1, and other hashes which
were considered secure are now found to have collisions or two different
pieces of data which produce the same supposed unique output.

STRING HASHING

A string hash is a number or string generated using an algorithm that

runs on text or data.

The idea is that each hash should be unique to the text or data (although
sometimes it isn’t). For example, the hash for “dog” should be different
from other hashes.

You can use command line tools or online resources such as this one.
Example:

$ echo -n password | md5 5f4dcc3b5aa765d61d8327deb882cf99 Here,

“password” is hashed with different hashing algorithms:
 • SHA-1: 5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8
• SHA-2:
5E884898DA28047151D0E56F8DC6292773603D0D6AABBD
D62A11EF721D1542D8
• MD5: 5F4DCC3B5AA765D61D8327DEB882CF99
• CRC32: BBEDA74F

Generally, when verifying a hash visually, you can simply look at the first
and last four characters of the string.

FILE HASHING

A file hash is a number or string generated using an algorithm that is run

on text or data. The premise is that it should be unique to the text or
data. If the file or text changes in any way, the hash will change.

What is it used for?

- File and data identification

– Password/certificate storage comparison

How can we determine the hash of a file? You can use the md5sum
command (or similar).

$ md5sum samplefile.txt

3b85ec9ab2984b91070128be6aae25eb samplefile.txt

HASH COLLISIONS

A collision is when two pieces of data or text have the same

cryptographic hash. This is very rare.

What’s significant about collisions is that they can be used to crack

password hashes. Passwords are usually stored as hashes on a
computer, since it’s hard to get the passwords from hashes.