Cryptography

IIT(BHU)CyberSec
What is cryptography?

Plaintext Encryption Ciphertext Decryption Plaintext

Readable format - It is the process of It is the data that you Decryption is the It’s the original text
non encrypted data. converting the get after encryption process of converting that we sent which
E.g - A message plaintext through which can’t be simply the ciphertext back to reached us in a safe
saying - “Hello various techniques like read. E.g our message plain text and it may manner - “Hello
Everyone” ROT13,vigenere cipher after ROT13 encryption sometimes require a Everyone”.
etc to a form that is gets converted to special key.
not readable by “Uryyb Rirelbar”
humans
Different types of Encryptions
● Symmetric Encryption:- Encryption and Decryption uses same key

Plaintext Ciphertext Plaintext

● Asymmetric Encryption:- Encryption and Decryption use different keys(public and private)

Plaintext Ciphertext Plaintext

● Hash Functions:- No key and is a direct conversion to ciphertext which cannot be

converted back

Hash function
Plaintext Ciphertext
Different Data types

● Binary
● Decimal
● Octal
● Hexadecimal
Decimal Representation
● Decimal representation is simply how we study numbers in our number system where each place holds
a value of some power of 10.
● Unit place hold the value of 10^0 ,ten’s place holds the value 10^1 and so on
● So a number lets say 12345 can be represented as -

12345 = 10^4 x 1 + 10^3 x 2+ 10^2 x 3 + 10^1 x 4 + 10^0 x 5

● This is how we generally understand numbers and data and this representation is the most convenient
for us.
 Binary Representation
● Binary is the representation of data using just 1’s and 0’s.
● Each 0 or 1 is called a bit and 8 bits are called as a byte.
● Just like in decimal where each place holds some value here also each place holds a value of some
power of 2.

Say we have a byte 01010011 this can be converted to decimal like this -
decimal(01010011)2 = 2^7 x 0 + 2^6 x 1 + 2^5 x 0 + 2^4 x1 + 2^3 x 0 + 2^2 x 0 + 2^1 x1 + 2^0 x 1 =
83
Here’s another example -

In a byte you can

represent numbers
ranging from 0-255.
Octal Representation
● Similar to the other representations here we use numbers from 0-7 to represent data.
● Like other representations each place holds a value of some power of 8.

Say we have an octal - (2754)8

decimal(2754)8 = 8^3 x 2 + 8^2 x 7 + 8^1 x 5 + 8^0 x 4 = (1516) 10
Hexadecimal Representation
Here to represent data only numbers aren’t enough so we also use alphabets in the following way-

0 1 2 3 4 5 6 7 8 9 A B C D E F

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

● Just like the others here also each place has a value of some power of 16. The
only addition here being the alphabets and their corresponding values.

Say we have (2A5)16 = 16^2 x 2 + 16^1 x 10 + 16^0 x 5 (A represents 10)

= (677)10
-You might have seen hex representation of colours like #FF00A6 they are RGB
notations where the first 2 digits represent R value then the next 2 represent G value
and the last 2 represent the B value.
-A byte can be represented by 2 hexadecimals
-We usually represent hex in the form 0x2A5
ROT13 Cipher
● It’s a simple symmetric encryption.
● It was used in ancient rome and is known as caesar cipher.
● In this each letter is given a position number i.e A = 1, B = 2,C = 3 etc.
● While encrypting we replace each character with the character that has value 13 more than it.
● If the value increases more than 26 we start counting again from A.
Vigenere Cipher
● It’s a complex version of the caesar cipher in which we need a key to encrypt/decrypt.
● Each letter of the key represents by what amount should we do the rot cipher on the plaintext.E.g
it a letter of the key is A the corresponding letter of the plaintext will undergo ROT0 cipher.
● For this to work the length of plaintext should be the same as the key.
● If the key is not of the same length we repeat the key. E.g if plain text is ‘helloverybody’ and key is
‘good’ then we convert the key to ‘goodgoodgoodg’.

Let’s take a look at an example for better understanding.

● We use this table to make our process easier. We
match each message character with the
corresponding letter of the key to get the
decrypted/encrypted text.
● We use the same key to decrypt/encrypt as shown
in the example.
ASCII encoding
● ASCII is a character encoding that uses numerics to represent characters

As you can see decimals from 65 to

90 represent capital letters and from
96 to 122 represent small letters in
ASCII
Let’s take an example!!
● This example is from www.cryptohack.org which is an excellent place to practice cryptography.

Our objective is to convert the message ‘HELLO’ to base-10

● Message: “HELLO”
● ASCII bytes: [72, 69, 76, 76, 79]
● HEX bytes: [0x48, 0x45, 0x4c, 0x4c, 0x4f]
● Base-16: 0x48454c4c4f
● Base-10: 310400273487
Base 64
● Just like ASCII base64 has a separate index list which maps letters to numbers
● The difference here is that instead of 8 bits we use only 6 bits to represent characters and the
encryption is based on converting 3 bytes(24 bits) to 24 bits made up of four characters from
base64 index list.

3 octets are converted to 4 sextets and then converted into characters.

XOR
● Just like ‘and’ and ‘or’, xor is a bitwise operator which returns 0 if the bits are same and 1 otherwise. It
is usually denoted by the symbol ^.

A B OUTPUT

1 0 1

0 0 0

1 1 0

0 1 1
Application
● Let’s take an example plaintext = “label”
● Key = 13
● We know from ASCII ‘label’ can be represented as decimal numbers
● l = 108 a = 97 b = 98 e = 101
● If we represent it in binary l = 01101100,a = 01100001,b = 01100010,e = 01100101,13 = 00001101
● If we take the xor of each letter with 13 in binary form we get :-
● 01100001 , 01101100 , 01101111 , 01101000 , 0110001
● If we convert them back to decimal :- 97 108 111 104 97
● Using ASCII encoding we convert them back to letters to get :- ‘aloha’ (Our encrypted text)

XOR has some properties like e.g it’s commutative,associative and A^A gives 0 always and A^0 gives A
Hashing
Hashing is like a one-way algorithm in which a plain text is converted into cipher text of a fixed length
and the plain text cannot be recovered easily. The only way to get the plaintext would be to guess
something and put it into the hash function and see if we get the same ciphertext as before.E.g SHA -
256,MD5

But this is not the end there are sites like www.crackstation.net which go through common inputs in
common hash functions and match the output upto some extent. E.g the hash of a simple password like
1234 can be easily cracked using this website.
IIT(BHU)CYBERSEC
Steganography
WHAT IS
STEGANOGRAPHY?
• Steganography is a Greek word meaning "Secret Writing" or
"Hidden Writing".
• Steganography is the technique of hiding secret data within
an ordinary file or message in order to avoid detection.
• Steganography can be used to conceal almost any type of
digital content, including text, image, video, audio or
documents, then the hidden data will be extracted at
destination.
• Thus we can see that its hard to detect, so if you download
a malicious file and open it in your computer, the malware
can get activated.
TYPES OF STEGANOGRAPHY?

Steganography

Text Audio Image Video Documents

Steganography techniques can be applied

on almost any type of file.
 IMAGE STEGANOGRAPHY?

Image steganography is
the method of hiding data or text embedded
inside an image file.
One of the popular
technique used is
Least significant Bit(LSB)
LEAST SIGNIFICANT BIT

In this technique,
attacker identifies the
least significant bit of
the file and replaces it
with malicious code.
HOW DATA CAN BE HIDDEN IN
IMAGE FILE?

Some common ways of hiding data :

 In form of text.
 In its metadata.
 Embedded inside it (most commonly in zip
format).
And there are numerous other ways as well.
LINUX COMMANDS
For implementation of steganography we'll be using linux machine,

So, some basic linux commands, they are:

• Pwd: shows present working directory.
• Ls: list files and directories.
• Cd: change directory
• Cat: create, v iew and concatenate files within terminal.
• Grep: search for/within files.
• Strings: search for strings inside file.
• File: Tells type of file(s) present.

And other as well.

TOOLS FOR IMAGE
STEGANOGRAPHY

Some popular tools are:

 Stegsolve
 Steghide
 Binwalk
 Exiftool

There are other numerous tools also waiting for

you to try out.
 STEGSOLVE

It is used to analyze images in different planes by

taking off bits of the image or by combining
images.

Install using:
wget http://www.caesum.com/handbook/Stegsolve.jar -O stegsolve.jar
STEGHIDE

Steghide is a steganography program that can

hide data in various kinds of image and audio-
files. It can also encrypt data.

Install using:
sudo apt install steghide
Binwalk is a tool for searching a given binary
image for embedded files and executable code.
Specifically, it is designed for identifying files and
code embedded inside of firmware images.

BINWALK
Install using:
Sudo apt install binwalk
EXIFTOOL

ExifTool is a free and open-source software

program for reading, writing, and manipulating
image, audio, video, and PDF metadata.

Install using:
Sudo apt install exiftool
AUDIO STEGANOGRAPHY

Audio steganography is the technique used to

transmit message inside audio signals.
One of the popular technique is spectrogram
analysis.
SPECTROGRAM
A spectrogram is a visual
representation of the spectrum of
frequencies of a signal as it varies
with time.
Common tools used are:
 Sonic-visualizer
 Audacity
RESOURCES

Resources for practising steganography are:

 picoCTF
Reverse
Engineering
Reverse Engineering is typically the process of
taking a compiled program and extracting
information from it.
Compilation

The process of compiling a C/C++ program involves various steps

1. Compiler generates assembly code (.s files)

2. Assembler Translates .s files to object files (.o)
3. Linker uses object files, precompiled library files, and other files to generate
executables.

Linux uses the ELF (Executable and Linkable Format)

Windows uses PE (Portable Executable)

How CPU works?

Register: fixed size memory storage inside CPU on which it performs

operations.

CPU simply loops through the following steps

1. Read instruction from memory

2. Loads data to and from registers.
3. Perform arithmetic.
4. Move to next instruction.
Little and Big endian
Registers
There are various registers used by the processor and following are the most common used

Instruction pointer: stores the pointer to next instruction in memory. (EIP, RIP)

Stack Pointer: stores the current top of the stack (ESP, RSP)

Base Pointer: stores the starting point of current frame on stack. (EBP, RBP)

Data Registers: for working with arithmetic and other pointers - EAX, EBX, ECX, EDX, EDI,
ESI.
 Call Stack

● The stack data structure is used for keeping

track of the functions called in the program
running.
● The call stack also provides storage for local
variables.
● Each call to a function pushes a new frame
to the stack containing the new function’s
local vars and previous functions return
address and also stores the values of some
registers.
● Unlike how stack is visualized it grows
downwards in memory from highest
memory address.
ELF structure

● The header stores the locations of further sections and other

info.
● The executable is divided into different sections according to the
purpose.
● .text: containing the binary code to be executed.
● .data: initialized global variables
● .rodata: read-only data such as strings of the program used.
● .bss: contains the program’s uninitialized global data.
Tools for reversing

● GDB
● RADARE2
● IDA
● GHIDRA
Static and Dynamic Linking

● Linking is the process of bringing external programs together required

by a program.
● This can be done in two ways
○ Static Linking: The linking is performed at the compile time.
○ Dynamic LInking: Linking is performed at runtime that is the required
libraries are loaded when the OS loads the executable in the memory.
Stripped/Unstripped binaries

● In Unstripped Binaries the debugging information is retained (like

variable names, function names, etc) this helps a lot when debugging.
These are bigger in size as more data is stored.
● In Stripped binaries debugging information is removed and hard to
debug and smaller in size the final software are made in this format
for optimizing space.
Where to Learn and Practice

● wiki.skullsecurity.org/Assembly
● Crackmes.one
● picoCTF
● Microcorruption.com
● ctflearn.com/
● backdoor.sdslabs.co/beginner
● Participate in CTFs
Web Exploitation
 Chall 1
https://jupiter.challenges.picoctf.org/problem/9670/
Web Crawlers
 Robots.txt

Chall 2
https://jupiter.challenges.picoctf.org/problem/56830/
Cookies

Chall 3
https://jupiter.challenges.picoctf.org/problem/44573/