SlideShare a Scribd company logo
Cryptography Crash
Course
Matthew Stephen
www.utdcsg.org
 Overview
 Encryption
◦ Classical Ciphers
◦ Modern Ciphers
 Hash Functions
 Encodings
 Steganography
 Questions and Sample Challenges
 CTF
Outline
 The enciphering and deciphering of
messages in secret code or
cipher; also : the computerized encoding
and decoding of information – Merriam
Webster
What is Cryptography?
 Plaintext – the original message to encrypt
 Ciphertext – an encrypted message
 Cipher – an algorithm to convert plaintext
to ciphertext and vice versa
 Key – A word/phrase or string of bits that
modifies the enciphering/deciphering
process
Basic Terminology
Cryptography Process
 Substitution Ciphers
◦ Characters or groups of characters are replaced
by other characters
 Transposition Ciphers
◦ Position of plaintext characters is shifted
◦ Ciphertext is simply a permutation of plaintext
Classical Ciphers
 Replace each letter with a fixed different
letter
 Plaintext – send reinforcements
 Ciphertext – ktdp jtfdoejytbtdlk
 Key – CRYPTOISFUN
Simple Substitution Cipher
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
C R Y P T O I S F U N A B D E G H J K L M Q V W X Z
 Shift/Caesar Cipher – Rotate the letters by a
fixed amount
 ROT13 – Special case (rotate by 13)
 Plaintext – send reinforcements
 Ciphertext – fraq ervasbeprzragf
Shift/Caesar/ROT13 Cipher
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
N O P Q R S T U V W X Y Z A B C D E F G H I J K L M
 Uses a set of Caesar ciphers based on a
keyword
 Plaintext – send reinforcements
 Key – somesecret
 Ciphertext - kszh jikejhjqqqwrvj
Vigenère Cipher
S E N D R E I N F O R C E M E N T S
S O M E S E C R E T S O M E S E C R
Opk jvvjx rmrp qstyhmtxrh uinkxmcxzsi wl e csccvtvlnfvxdk imclvv riy jbvdygiziq fp Pzwt Fnxkmnbg Eyfvvoq
gvbyeh 1467 vvj yfiu e hmzey gztcmx hvwt xj acmggy fzbcirr tmkpkv npglvjkxf. Ecfzzzm'f wpwoms sapp
wrqzguiu egxneoikw vnzie wvzzzgp jsihn, ith fazxxpkw jiii dvjmpekiy je aemkmio zlr pvxomx ss xyi xwxvrwgsilort
ectcihig me xcm imclvvomdx. Yekim, qt 1508, Nblrrimy Xemklzuoyf, me lda cseo Gsgqmvntymv, qtzrrkiy bni
gesygi xipxr, e xzoxvgrp xwstbrvro wl xui Mmbmtèvr gztcmx. Xui Kvdbnizmlw xqvlrv, ysrmbie, sept xxsimuiy i
vvbkiinaozr, vzkdl grq tiiyqixnfci ngyxrq wsm acmggymio higavii kotuii egxneoikw.[xqzegmfr imkhrh]
Nlvb ow asn oiwcr nw klz Dokrrèii xqvlrv nen wxmtmeegte hrwtvdjkh oc Xmjdgr Oekxdaze Oicpvau ma lzw 1553
wwuo Ye tmazg hrp. Jmb. Oosiee Fvbzmfxr Fztrefs. Yi wcopg ygsi bni gesygi xipxr sa Bxmglvqdcy, fhx rhymj e
eigivbort "gfyibkvfmxr" (v skc) gs jadbil pmglzz gpclrfzby iiiic gmzxrv. Nlzzkef Ecfzzzm nru Xmqzlrqzyn cyiq e
wmsmj tnxkimv uj fyswoqzygmfrn, Jkpyejs'n ailrqv qzitx glv tvbzier fj nchwgmkyoqurf gfygl hi rejc xpgrtiu wduvpl
fp wztkggmek v vka xip. Ozgy arvv xtxognpcc nqtkyi nsmly se wysmb vleejin, stsjr ks wwzl ceixdmy ma euzvvii,
bv kvvvyqvxkiy "wax bj seil" gpbrx adbn xui dinagkr. Fvpgiys'f qvxcwj xuyj vzyameiu wozurt wvgpzoxl jfv jvrc glv
ozg. Gw vx zw mmregmmigg kefc ks nmiyei r wcwxx xip tczgwr, wrc wg g teimmjcy temmeom isazvvnizmbr,
Sigtgwb'w jcnbkq jej gjvymqiiewte qbvv wzkavr.[gzxvbosa rviymj]
Fyezwz lk Zvkvrèmm vyopzwcmj lvw uinkxmcxzsi wl e fmdmgix fhx jxmwtkrv ryowqil gztcmx frjfvz bni pslvo wl
Lrric DQO ss Jieikk, ma 1586. Prxzz, or glv 19xc kkrgyic, opk mazvroqur bj Sigtgwb'w tmkpkv jej qdagxgvzfpbkh
gs Mmbmtèvr. Hrzdl Qeur zr cqy fbsb Xcm Isqisvziqiew cehmtxrh klz uownxkvdjaxvse ft agcvrx xciz lvwksmg neq
"mxrjzkh glzw duvsexrro kurgvzfpbosa eeh dvyxreu rvukh n vvkmmywvzv eil kprqvroixc pmglzz lse lzq
[Qqmiaèvv] xcwaku lv lvl tsglzrb bu hb azxc qz".[4]
Xui Mmbmtèvr gztcmx knmeiy i xicykeoqur ssi fzqtk rbtikbosaecpt azvbrx. Rjbkh nykljz grq qrxcmsegmtmvv
Ilnvcin Taxjmukz Luhtwfr (Gmcmf Grvmwrp) pecpzl zlr Zzkzvèxi pmglzz arovvefihpr me lda 1868 vmrgv "Xcm
Gpclrfzb Imclvv" dv g gumchmmt'w zexeuqti. Vr 1917, Jgdmtxvjzg Vukvvgrr ymygemsiy bni Imxiièzk gvtyim iy
"mztfwnqhpr sw xmitwyekmjv".[5] Zlvw iikczegmfr riy rbx uinmxzrh. Tlvzrif Frfwimi jej oiwcr gs yeqm hvbovr v
dgvveex jn zlr gztcmx ef irvgg gw 1854; usniqmx, lr hzhi'b vyopzwc pow jsio.[6] Fiymfoz iibovrpp fmwqi glv
gdxnie eeh kchpvwyiy bni gitliqwyr me xcm 19zl piexpze. Iiie fznuvr xymn, bnshky, wjuk wxmcpzl ivltkeiircfxj
gjcrh bgtenqurnpcc wzkex xyi xqvlrv zr opk 16xu gvrocxc.[4]
Sample Challenge
 Copy paste the text into CrypTool
 Choose Analysis > Classic > Ciphertext
Only > Vigenere Cipher
 The text is decrypted with the key
“vigenere”
Solution
Frequency Analysis for
Substitutions
 Plaintext written downwards on “rails” of an
imaginary fence, then moving up when the
bottom is reached
 Plaintext: we are discovered flee at once
 Ciphertext:
WECRLTEERDSOEEFEAOCAIVDEN
Rail Fence Cipher
*Example from Wikipedia
 Plaintext written on a grid of given
dimensions and read off in a patter given in
the key
 “Spiral inwards, clockwise, starting from the
top right”
 Ciphertext:
EJXCTEDECDAEWRIORFEONALEVSE
Route Cipher
*Example from Wikipedia
 Symmetric Key Encryption
◦ Uses the same key to encrypt and decrypt
 Asymmetric Key Encryption
◦ Also known as public key encryption
◦ Uses two keys: one to encrypt and one to decrypt
Modern Ciphers
 Share a secret key among two or more
parties
 DES – Data Encryption Standard
◦ Uses a 56-bit key
◦ Standard from 1979 to 1990s
 AES – Advanced Encryption Standard
◦ Uses 128, 192, or 256-bit key
◦ Standard from early 2000s to present
◦ Must use correct block cipher mode
Symmetric Key Encryption
 ECB – Electronic Codebook
 CBC – Cipher Block Chaining
 CFB – Cipher Feedback
 OFB – Output Feedback
 CTR – Counter
 CCM – Counter with Cipher-block Chaining
Block Cipher Modes
 Given a sequence x1x2
…
xn of plaintext blocks
 Ciphertext: yi = ℯk(xi)
 Advantage: computation done in parallel
 Disadvantage: same plaintext block yields
same ciphertext blocks
ECB Mode
Why Not to Use ECB Mode
*From
 CTF Problem – CSAW 2010, Crypto Bonus
 Users allowed to log into system with only their
username
◦ Root and Admin are not allowed!
 Upon authentication, they are presented with an
authentication token (an encryption of the timestamp,
username, and puzzle name)
 Each auth-token only lasts 5 minutes!
 Goal: Construct a correct authentication token for root
Why Not to Use ECB Mode
cont.
 Submit “AAAAAAAA”
 Submit “AAAAAAAA” again
 Only difference is the highlighed portion (perhaps a [part
of] the timestamp)
Why Not to Use ECB Mode
cont.
Write up from http://blog.gdssecurity.com/labs/tag/ctf
 Submit “AAAAAAAAAAAAAAAAAA”
 The 3rd cipher block is repeated
 Submit “AAAAAAAAAAAAAAAAAAAAAAAAadmin”
 The correct token for “admin”
 The above decrypts to “  1285874686664|admin|
CSAW_CHALLENGE#4x02x02”
Why Not to Use ECB Mode
cont.
Write up from http://blog.gdssecurity.com/labs/tag/ctf
 Given a sequence x1x2
…
xn of plaintext blocks
 Each ciphertext block yi is XOR’d with the
next plaintext block xi+1 before encryption
 Define y0 = IV (initialization vector)
 Ciphertext: yi = ℯk(yi-1 ⊕ xi), i ≥ 1
CBC Mode
 CTF Problem – CSAW 2010, Crypto 2
 Users are presented with an auth token
 Token is AES encryption of (Username, Team name, Puzzle
name, Access level)
 The access level is set to 5 and teams need to access level
0
Bit Flipping in CBC Mode
 Bit-flipping propagation
 A change in a ciphertext block leads to a change in each
succeeding plaintext block
Bit flipping in CBC Mode
cont.
Write up from http://blog.gdssecurity.com/labs/tag/ctf
 Hex dump of the URL-base64 decoded information
 Decrypted to
 Need to manipulate a byte in the 3rd ciphertext block that,
when decrypted, lines up with the 5 in “role=5”
Bit Flipping in CBC Mode
cont.
Write up from http://blog.gdssecurity.com/labs/tag/ctf
 XOR 0x05 with 0xa8 and get 0xad
 Replace 0xa8 with 0xad
 Decrypted to
 Success!
Bit Flipping in CBC Mode
cont.
Write up from http://blog.gdssecurity.com/labs/tag/ctf
 Initialization vector: y0 = IV
 Keystream element: zi = ℯk(yi-1), i ≥ 1
 Ciphertext: yi = xi ⊕ zi, i ≥ 1
CFB Mode
 Initialization vector: z0 = IV
 Keystream: z1z2
…
zn
 Keystream element: zi = ℯk(zi-1), i ≥ 1
 Ciphertext: yi = xi ⊕ zi, i ≥ 1
OFB Mode
 Similar to OFB but with a different
keystream
 Plaintext block size = m bits
 Counter, denoted ctr, bitstring of length m
 Construct a sequence of bitstrings of length
m, denoted T1,T2,…
,Tn as follows:
 Ti = ctr + i - 1 mod 2m
, i ≥ 1
 Ciphertext: yi = xi ⊕ ℯk(Ti), i ≥ 1
CTR Mode
CTR Mode cont.
 Based on mathematical relationships
(integer factorization and discrete
logarithm) that have no efficient solution
 Public key, K, is published for everyone to
see
 Private key, K-1
, is held by an individual
 Two main uses:
◦ Public key encryption – anyone can send a
message to a particular individual –
enck(message)
◦ Digital signatures – anyone can verify a message
is sent by a particular individual – enck-1(message)
Asymmetric Key
Encryption
Diffie-Hellman Key
Exchange
Diffie-Hellman cont.
This implementation is not secure due to the values of g and n.
In practice, n = prime number, g = generator (primitive root mod
n)
 Attacks on cryptographic algorithms
 Known plaintext – attacker has access to a
plaintext and the corresponding ciphertext
 Ciphertext-only – attack has access to only a
ciphertext and not the plaintext
 Chosen Plaintext/Ciphertext – attacker gets to
pick (encrypt/decrypt) a text of his choosing
 Adaptive Chosen Plaintext/Ciphertext –
attacker chooses text based on prior results
Cryptographic Attack
Methods
 Attacks on physical implementation of a
cryptosystem
 Timing attack
 Power monitoring attack
 Acoustic cryptanalysis
 Differential fault analysis
 Data remanence
 Padding oracle attack
Side Channel Attacks
 Walkthrough of padding oracle attack
◦ http://blog.gdssecurity.com/labs/2010/9/14/automated-pad
ding-oracle-attacks-with-padbuster.html
Padding Oracle Attack
 Timing attack
◦ Add random delays in processing
 Data remanence
◦ Overwrite locations where sensitive data is stored
 Padding Oracle attack
◦ Don’t let the user know there was a padding error
◦ Use Message Authentication Code (MAC) to
protect integrity of the ciphertext
How to Avoid Certain
Attacks
Message Authentication
Code
 Used to provide assurance of data integrity
 Given a bitstring of any length, produce a
bitstring of length n (n depends on
algorithm)
 Desired properties of a hash function:
◦ Easy to compute a hash given a message
◦ Hard to reverse a hash to a message
◦ Hard to modify a message and not the hash
◦ Hard to find to messages with the same hash
Hash Functions
 Message Digest:
◦ MD2, MD4, MD5, MD6
 Secure Hash Algorithm:
◦ SHA-0, SHA-1, SHA-2, SHA-3 (coming soon)
 Most commonly used:
◦ MD5 – 128 bit hash
◦ SHA-1 – 160 bit hash
◦ SHA-2 – 224, 256, 384, or 512 bit hash
 Longer hash = better
Hash Functions cont.
 Used to discover collisions in hashing
algorithms
 There is more than a 50% chance that 2
people in a room of 23 will share a birthday
 P[No common birthday] =
◦ n = number of people
Birthday Attack




1
0
365
365
n
i
i
 CodeGate 2010 Challenge 15
 A web based challenge vulnerable to padding/length
extension attack in its SHA1 based authentication scheme
 The page asks for a username and then sets a cookie
 Username “aaaa”
 Cookie “web1_auth = YWFhYXwx|
8f5c14cc7c1cd461f35b190af57927d1c377997e”
 The first part “YWFhYXwx” is the base64 encoded string of
“aaaa|1” (username|role)
 The second part “8f5c14cc7c1cd461f35b190af57927d1c377997e” is the
sha1(secret_key + username + role)
Length Extension Attack
Write up from http://www.vnsecurity.net/t/length-extension-attack/
 The cookie is checked at the next visit
 Displays “Welcome back, aaaa! You are not the administrator.”
 We guess that 1 is the role for normal and 0 for administrator
 Modify the first part to base64_encode(“aaaa|0”), the script
will return an error that the data has the wrong signature
 The new cookie is “YWFhYXwxgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4fDA=|
70f8bf57aa6d7faaa70ef17e763ef2578cb8d839”
 “Welcome back, aaaa! Congratulations! You did it! Here is your
flag: CryptoNinjaCertified!!!!!”
Length Extension Attack
cont.
Write up from http://www.vnsecurity.net/t/length-extension-attack/
Python Hash Functions
 Simple encodings of text (not encryption)
 ASCII to decimal, hex, binary, or base64
◦ Plaintext: hello
◦ Decimal: 104 101 108 108 111
◦ Hex: x68x65x6cx6cx6f
◦ Binary:
0000011010001100101110110011011001101111
◦ Base64: aGVsbG8=
 Many other more clever encodings
Encodings
Python Encodings
Python Encodings cont.
 Hide messages in such a way that no one
suspects the existence of such a message
 Usually hidden in images (but not
necessarily)
◦ Least significant bit
◦ Alpha byte in RGBA
Steganography
Steganography Sample
 Google - everything
 Foremost – recover files from other files
 Cryptool - cryptanalysis
Useful Tools
 How can you simultaneously ensure secrecy
and integrity with public key encryption?
◦ A sends a message to B.
◦ A has keys Ka/Ka
-1
and B has keys Kb/Kb
-1
◦ Encrypt function enck(m)
◦ Decrypt function deck(m)
◦ A sends message m as enckb
(encKa-1(m))
 What if we reverse the encryption
functions?
◦ A sends message as encKa-1(enckb
(m))
◦ Anyone can switch A’s integrity check with theirs
Question #1
 One Time Pad – proven to be impossible to crack
 Plaintext of length n (bitstring or character string)
 Key is also of length n
 Plaintext: hello
 Key: abcde
 Ciphertext ((Plaintext + Key) mod 26):
 (h+a)=(7+0)=7=h; (e+b)=(4+1)=5=f;
(l+c)=(11+2)=13=n; (l+d)=(11+3)=14=o;
(o+e)=(14+4)=18=s
 Ciphertext: = hfnos
Question #2
 If it’s been proven to be impossible to crack, why
doesn’t everyone use it?
◦ Only reveals maximum possible length (possibly padded)
 Fine for short messages, but the key length must
increase linearly with the plaintext length
◦ Requires perfectly random one-time pads (new
OTP for each message)
◦ How to exchange keys that are as long as the
messages themselves?
Question #2 cont.
 Plaintexts P1 and P2 were encrypted with the same
one-time pad key. We know P1, how do we find P2?
 P1 = x64x69x73x63x6fx76x65x72x79 (discovery)
 P2 = ?
 C1 = x17x0cx10x11x0ax02x0ex17x00
 C2 = x03x09x02x1bx0bx00x0ex1dx0d
Question #3
 Consider OTP operations:
◦ P1 ⊕ Key = C1
◦ P2 ⊕ Key = C2
◦ P1 ⊕ Key ⊕ P1 = C1 ⊕ P1 = Key
◦ C2 ⊕ Key = P2
 P1 = x64x69x73x63x6fx76x65x72x79
 C1 = x17x0cx10x11x0ax02x0ex17x00
 Key = x73x65x63x72x65x74x6bx65x79 (secretkey)
 P2 = x70x6cx61x69x6ex74x65x78x74 (plaintext)
 Know ciphertext and plaintext = know key
 Know key = decrypt any other ciphertext using that key
Question #3 cont.
 Connection details will be provided at the
crash course
CTF
 Cryptography: Theory and Practice, 3rd
Edition by Douglas R. Stinson
 Wikipedia.org for many images
 Cryptography 101, Parts 1-3: utdcsg.org
 Write-ups from
◦ http://blog.gdssecurity.com/labs/tag/ctf
◦ http://blog.gdssecurity.com/labs/2010/9/14/automated-
padding-oracle-attacks-with-padbuster.html
◦ http://www.vnsecurity.net/t/length-extension-attack/
References

More Related Content

What's hot

Monoalphabetic Substitution Cipher
Monoalphabetic Substitution  CipherMonoalphabetic Substitution  Cipher
Monoalphabetic Substitution Cipher
SHUBHA CHATURVEDI
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & Cryptography
Arun ACE
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
Overview on Cryptography and Network Security
Overview on Cryptography and Network SecurityOverview on Cryptography and Network Security
Overview on Cryptography and Network Security
Dr. Rupa Ch
 
OAuth 2.0による認可の流れ
OAuth 2.0による認可の流れOAuth 2.0による認可の流れ
OAuth 2.0による認可の流れ
Takeshi Mikami
 
Cryptography and network security
 Cryptography and network security Cryptography and network security
Cryptography and network security
Mahipesh Satija
 
Cryptography
CryptographyCryptography
Cryptography
subodh pawar
 
Traditional symmetric-key cipher
Traditional symmetric-key cipherTraditional symmetric-key cipher
Traditional symmetric-key cipher
Vasuki Ramasamy
 
Transposition cipher
Transposition cipherTransposition cipher
Transposition cipher
Antony Alex
 
Data encryption, Description, DES
Data encryption, Description, DESData encryption, Description, DES
Data encryption, Description, DES
Huawei Technologies
 
Open Policy Agent (OPA) 入門
Open Policy Agent (OPA) 入門Open Policy Agent (OPA) 入門
Open Policy Agent (OPA) 入門
Motonori Shindo
 
Caesar cipher
Caesar cipherCaesar cipher
Caesar cipher
Ramadhi Irawan
 
Caesar cipher
Caesar cipherCaesar cipher
Caesar cipher
Hossain Md Shakhawat
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key Infrastructure
Theo Gravity
 
computer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentationcomputer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentation
Alex Punnen
 
Spring Boot + Netflix Eureka
Spring Boot + Netflix EurekaSpring Boot + Netflix Eureka
Spring Boot + Netflix Eureka
心 谷本
 
Cypher technique
Cypher techniqueCypher technique
Cypher technique
Zubair CH
 
Using Cipher Key to Generate Dynamic S-Box in AES Cipher System
Using Cipher Key to Generate Dynamic S-Box in AES Cipher SystemUsing Cipher Key to Generate Dynamic S-Box in AES Cipher System
Using Cipher Key to Generate Dynamic S-Box in AES Cipher System
CSCJournals
 
The rsa algorithm JooSeok Song
The rsa algorithm JooSeok SongThe rsa algorithm JooSeok Song
The rsa algorithm JooSeok Song
Information Security Awareness Group
 
3D PASSWORD
3D PASSWORD3D PASSWORD
3D PASSWORD
Akhi Balakrishnan
 

What's hot (20)

Monoalphabetic Substitution Cipher
Monoalphabetic Substitution  CipherMonoalphabetic Substitution  Cipher
Monoalphabetic Substitution Cipher
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & Cryptography
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
 
Overview on Cryptography and Network Security
Overview on Cryptography and Network SecurityOverview on Cryptography and Network Security
Overview on Cryptography and Network Security
 
OAuth 2.0による認可の流れ
OAuth 2.0による認可の流れOAuth 2.0による認可の流れ
OAuth 2.0による認可の流れ
 
Cryptography and network security
 Cryptography and network security Cryptography and network security
Cryptography and network security
 
Cryptography
CryptographyCryptography
Cryptography
 
Traditional symmetric-key cipher
Traditional symmetric-key cipherTraditional symmetric-key cipher
Traditional symmetric-key cipher
 
Transposition cipher
Transposition cipherTransposition cipher
Transposition cipher
 
Data encryption, Description, DES
Data encryption, Description, DESData encryption, Description, DES
Data encryption, Description, DES
 
Open Policy Agent (OPA) 入門
Open Policy Agent (OPA) 入門Open Policy Agent (OPA) 入門
Open Policy Agent (OPA) 入門
 
Caesar cipher
Caesar cipherCaesar cipher
Caesar cipher
 
Caesar cipher
Caesar cipherCaesar cipher
Caesar cipher
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key Infrastructure
 
computer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentationcomputer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentation
 
Spring Boot + Netflix Eureka
Spring Boot + Netflix EurekaSpring Boot + Netflix Eureka
Spring Boot + Netflix Eureka
 
Cypher technique
Cypher techniqueCypher technique
Cypher technique
 
Using Cipher Key to Generate Dynamic S-Box in AES Cipher System
Using Cipher Key to Generate Dynamic S-Box in AES Cipher SystemUsing Cipher Key to Generate Dynamic S-Box in AES Cipher System
Using Cipher Key to Generate Dynamic S-Box in AES Cipher System
 
The rsa algorithm JooSeok Song
The rsa algorithm JooSeok SongThe rsa algorithm JooSeok Song
The rsa algorithm JooSeok Song
 
3D PASSWORD
3D PASSWORD3D PASSWORD
3D PASSWORD
 

Similar to Cryptography Crash Course

Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
JAINAM KAPADIYA
 
Day5
Day5Day5
Day5
Jai4uk
 
classicalencryptiontechniques.ppt
classicalencryptiontechniques.pptclassicalencryptiontechniques.ppt
classicalencryptiontechniques.ppt
utsavkakkad1
 
Cns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption TechniquesCns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption Techniques
babak danyal
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Security
babak danyal
 
Classical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structureClassical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structure
Adri Jovin
 
Module 1.pptx
Module 1.pptxModule 1.pptx
Module 1.pptx
ShilpaShettyA1
 
Unit 1
Unit 1Unit 1
Cyber security
Cyber securityCyber security
Cyber security
SAKSHIMAHADIK
 
unit 2.ppt
unit 2.pptunit 2.ppt
unit 2.ppt
HetaDesai13
 
Cryptography using python
Cryptography using pythonCryptography using python
Cryptography using python
KaushikRamabhotla
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
Janani S
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
ramya marichamy
 
Encryption
EncryptionEncryption
Encryption
keith dias
 
02 Information System Security
02  Information System Security02  Information System Security
02 Information System Security
Shu Shin
 
CryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxCryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptx
BhavikaGianey
 
Substitution cipher and Its Cryptanalysis
Substitution cipher and Its CryptanalysisSubstitution cipher and Its Cryptanalysis
Substitution cipher and Its Cryptanalysis
Sunil Meena
 
Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - Overview
Mohammed Adam
 

Similar to Cryptography Crash Course (20)

Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
 
Day5
Day5Day5
Day5
 
classicalencryptiontechniques.ppt
classicalencryptiontechniques.pptclassicalencryptiontechniques.ppt
classicalencryptiontechniques.ppt
 
Ch02...1
Ch02...1Ch02...1
Ch02...1
 
Cns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption TechniquesCns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption Techniques
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Security
 
Classical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structureClassical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structure
 
Module 1.pptx
Module 1.pptxModule 1.pptx
Module 1.pptx
 
Unit 1
Unit 1Unit 1
Unit 1
 
Cyber security
Cyber securityCyber security
Cyber security
 
unit 2.ppt
unit 2.pptunit 2.ppt
unit 2.ppt
 
Cryptography using python
Cryptography using pythonCryptography using python
Cryptography using python
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
Ch02
Ch02Ch02
Ch02
 
Encryption
EncryptionEncryption
Encryption
 
02 Information System Security
02  Information System Security02  Information System Security
02 Information System Security
 
CryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxCryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptx
 
Substitution cipher and Its Cryptanalysis
Substitution cipher and Its CryptanalysisSubstitution cipher and Its Cryptanalysis
Substitution cipher and Its Cryptanalysis
 
Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - Overview
 

More from UTD Computer Security Group

22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)
UTD Computer Security Group
 
Cloud talk
Cloud talkCloud talk
UTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domain
UTD Computer Security Group
 
Forensics audio and video
Forensics   audio and videoForensics   audio and video
Forensics audio and video
UTD Computer Security Group
 
Computer networks and network security
Computer networks and network securityComputer networks and network security
Computer networks and network security
UTD Computer Security Group
 
Intro to python
Intro to pythonIntro to python
Powershell crash course
Powershell crash coursePowershell crash course
Powershell crash course
UTD Computer Security Group
 
Intro to cybersecurity
Intro to cybersecurityIntro to cybersecurity
Intro to cybersecurity
UTD Computer Security Group
 
Intro to Bash
Intro to BashIntro to Bash
Web Exploitation
Web ExploitationWeb Exploitation
Web Exploitation
UTD Computer Security Group
 
Network Exploitation
Network ExploitationNetwork Exploitation
Network Exploitation
UTD Computer Security Group
 
Penetration Testing: Celestial
Penetration Testing: CelestialPenetration Testing: Celestial
Penetration Testing: Celestial
UTD Computer Security Group
 
Introduction to Exploitation
Introduction to ExploitationIntroduction to Exploitation
Introduction to Exploitation
UTD Computer Security Group
 
Fuzzing - Part 2
Fuzzing - Part 2Fuzzing - Part 2
Fuzzing - Part 2
UTD Computer Security Group
 
Exploitation Crash Course
Exploitation Crash CourseExploitation Crash Course
Exploitation Crash Course
UTD Computer Security Group
 
Fuzzing - Part 1
Fuzzing - Part 1Fuzzing - Part 1
Fuzzing - Part 1
UTD Computer Security Group
 
Protostar VM - Heap3
Protostar VM - Heap3Protostar VM - Heap3
Protostar VM - Heap3
UTD Computer Security Group
 
Heap Base Exploitation
Heap Base ExploitationHeap Base Exploitation
Heap Base Exploitation
UTD Computer Security Group
 
Return Oriented Programming
Return Oriented ProgrammingReturn Oriented Programming
Return Oriented Programming
UTD Computer Security Group
 

More from UTD Computer Security Group (20)

Py jail talk
Py jail talkPy jail talk
Py jail talk
 
22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)22S kickoff 2.0 (kickoff + anonymity talk)
22S kickoff 2.0 (kickoff + anonymity talk)
 
Cloud talk
Cloud talkCloud talk
Cloud talk
 
UTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domain
 
Forensics audio and video
Forensics   audio and videoForensics   audio and video
Forensics audio and video
 
Computer networks and network security
Computer networks and network securityComputer networks and network security
Computer networks and network security
 
Intro to python
Intro to pythonIntro to python
Intro to python
 
Powershell crash course
Powershell crash coursePowershell crash course
Powershell crash course
 
Intro to cybersecurity
Intro to cybersecurityIntro to cybersecurity
Intro to cybersecurity
 
Intro to Bash
Intro to BashIntro to Bash
Intro to Bash
 
Web Exploitation
Web ExploitationWeb Exploitation
Web Exploitation
 
Network Exploitation
Network ExploitationNetwork Exploitation
Network Exploitation
 
Penetration Testing: Celestial
Penetration Testing: CelestialPenetration Testing: Celestial
Penetration Testing: Celestial
 
Introduction to Exploitation
Introduction to ExploitationIntroduction to Exploitation
Introduction to Exploitation
 
Fuzzing - Part 2
Fuzzing - Part 2Fuzzing - Part 2
Fuzzing - Part 2
 
Exploitation Crash Course
Exploitation Crash CourseExploitation Crash Course
Exploitation Crash Course
 
Fuzzing - Part 1
Fuzzing - Part 1Fuzzing - Part 1
Fuzzing - Part 1
 
Protostar VM - Heap3
Protostar VM - Heap3Protostar VM - Heap3
Protostar VM - Heap3
 
Heap Base Exploitation
Heap Base ExploitationHeap Base Exploitation
Heap Base Exploitation
 
Return Oriented Programming
Return Oriented ProgrammingReturn Oriented Programming
Return Oriented Programming
 

Recently uploaded

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 

Cryptography Crash Course

  • 2.  Overview  Encryption ◦ Classical Ciphers ◦ Modern Ciphers  Hash Functions  Encodings  Steganography  Questions and Sample Challenges  CTF Outline
  • 3.  The enciphering and deciphering of messages in secret code or cipher; also : the computerized encoding and decoding of information – Merriam Webster What is Cryptography?
  • 4.  Plaintext – the original message to encrypt  Ciphertext – an encrypted message  Cipher – an algorithm to convert plaintext to ciphertext and vice versa  Key – A word/phrase or string of bits that modifies the enciphering/deciphering process Basic Terminology
  • 6.  Substitution Ciphers ◦ Characters or groups of characters are replaced by other characters  Transposition Ciphers ◦ Position of plaintext characters is shifted ◦ Ciphertext is simply a permutation of plaintext Classical Ciphers
  • 7.  Replace each letter with a fixed different letter  Plaintext – send reinforcements  Ciphertext – ktdp jtfdoejytbtdlk  Key – CRYPTOISFUN Simple Substitution Cipher A B C D E F G H I J K L M N O P Q R S T U V W X Y Z C R Y P T O I S F U N A B D E G H J K L M Q V W X Z
  • 8.  Shift/Caesar Cipher – Rotate the letters by a fixed amount  ROT13 – Special case (rotate by 13)  Plaintext – send reinforcements  Ciphertext – fraq ervasbeprzragf Shift/Caesar/ROT13 Cipher A B C D E F G H I J K L M N O P Q R S T U V W X Y Z N O P Q R S T U V W X Y Z A B C D E F G H I J K L M
  • 9.  Uses a set of Caesar ciphers based on a keyword  Plaintext – send reinforcements  Key – somesecret  Ciphertext - kszh jikejhjqqqwrvj Vigenère Cipher S E N D R E I N F O R C E M E N T S S O M E S E C R E T S O M E S E C R
  • 10.
  • 11. Opk jvvjx rmrp qstyhmtxrh uinkxmcxzsi wl e csccvtvlnfvxdk imclvv riy jbvdygiziq fp Pzwt Fnxkmnbg Eyfvvoq gvbyeh 1467 vvj yfiu e hmzey gztcmx hvwt xj acmggy fzbcirr tmkpkv npglvjkxf. Ecfzzzm'f wpwoms sapp wrqzguiu egxneoikw vnzie wvzzzgp jsihn, ith fazxxpkw jiii dvjmpekiy je aemkmio zlr pvxomx ss xyi xwxvrwgsilort ectcihig me xcm imclvvomdx. Yekim, qt 1508, Nblrrimy Xemklzuoyf, me lda cseo Gsgqmvntymv, qtzrrkiy bni gesygi xipxr, e xzoxvgrp xwstbrvro wl xui Mmbmtèvr gztcmx. Xui Kvdbnizmlw xqvlrv, ysrmbie, sept xxsimuiy i vvbkiinaozr, vzkdl grq tiiyqixnfci ngyxrq wsm acmggymio higavii kotuii egxneoikw.[xqzegmfr imkhrh] Nlvb ow asn oiwcr nw klz Dokrrèii xqvlrv nen wxmtmeegte hrwtvdjkh oc Xmjdgr Oekxdaze Oicpvau ma lzw 1553 wwuo Ye tmazg hrp. Jmb. Oosiee Fvbzmfxr Fztrefs. Yi wcopg ygsi bni gesygi xipxr sa Bxmglvqdcy, fhx rhymj e eigivbort "gfyibkvfmxr" (v skc) gs jadbil pmglzz gpclrfzby iiiic gmzxrv. Nlzzkef Ecfzzzm nru Xmqzlrqzyn cyiq e wmsmj tnxkimv uj fyswoqzygmfrn, Jkpyejs'n ailrqv qzitx glv tvbzier fj nchwgmkyoqurf gfygl hi rejc xpgrtiu wduvpl fp wztkggmek v vka xip. Ozgy arvv xtxognpcc nqtkyi nsmly se wysmb vleejin, stsjr ks wwzl ceixdmy ma euzvvii, bv kvvvyqvxkiy "wax bj seil" gpbrx adbn xui dinagkr. Fvpgiys'f qvxcwj xuyj vzyameiu wozurt wvgpzoxl jfv jvrc glv ozg. Gw vx zw mmregmmigg kefc ks nmiyei r wcwxx xip tczgwr, wrc wg g teimmjcy temmeom isazvvnizmbr, Sigtgwb'w jcnbkq jej gjvymqiiewte qbvv wzkavr.[gzxvbosa rviymj] Fyezwz lk Zvkvrèmm vyopzwcmj lvw uinkxmcxzsi wl e fmdmgix fhx jxmwtkrv ryowqil gztcmx frjfvz bni pslvo wl Lrric DQO ss Jieikk, ma 1586. Prxzz, or glv 19xc kkrgyic, opk mazvroqur bj Sigtgwb'w tmkpkv jej qdagxgvzfpbkh gs Mmbmtèvr. Hrzdl Qeur zr cqy fbsb Xcm Isqisvziqiew cehmtxrh klz uownxkvdjaxvse ft agcvrx xciz lvwksmg neq "mxrjzkh glzw duvsexrro kurgvzfpbosa eeh dvyxreu rvukh n vvkmmywvzv eil kprqvroixc pmglzz lse lzq [Qqmiaèvv] xcwaku lv lvl tsglzrb bu hb azxc qz".[4] Xui Mmbmtèvr gztcmx knmeiy i xicykeoqur ssi fzqtk rbtikbosaecpt azvbrx. Rjbkh nykljz grq qrxcmsegmtmvv Ilnvcin Taxjmukz Luhtwfr (Gmcmf Grvmwrp) pecpzl zlr Zzkzvèxi pmglzz arovvefihpr me lda 1868 vmrgv "Xcm Gpclrfzb Imclvv" dv g gumchmmt'w zexeuqti. Vr 1917, Jgdmtxvjzg Vukvvgrr ymygemsiy bni Imxiièzk gvtyim iy "mztfwnqhpr sw xmitwyekmjv".[5] Zlvw iikczegmfr riy rbx uinmxzrh. Tlvzrif Frfwimi jej oiwcr gs yeqm hvbovr v dgvveex jn zlr gztcmx ef irvgg gw 1854; usniqmx, lr hzhi'b vyopzwc pow jsio.[6] Fiymfoz iibovrpp fmwqi glv gdxnie eeh kchpvwyiy bni gitliqwyr me xcm 19zl piexpze. Iiie fznuvr xymn, bnshky, wjuk wxmcpzl ivltkeiircfxj gjcrh bgtenqurnpcc wzkex xyi xqvlrv zr opk 16xu gvrocxc.[4] Sample Challenge
  • 12.  Copy paste the text into CrypTool  Choose Analysis > Classic > Ciphertext Only > Vigenere Cipher  The text is decrypted with the key “vigenere” Solution
  • 14.  Plaintext written downwards on “rails” of an imaginary fence, then moving up when the bottom is reached  Plaintext: we are discovered flee at once  Ciphertext: WECRLTEERDSOEEFEAOCAIVDEN Rail Fence Cipher *Example from Wikipedia
  • 15.  Plaintext written on a grid of given dimensions and read off in a patter given in the key  “Spiral inwards, clockwise, starting from the top right”  Ciphertext: EJXCTEDECDAEWRIORFEONALEVSE Route Cipher *Example from Wikipedia
  • 16.  Symmetric Key Encryption ◦ Uses the same key to encrypt and decrypt  Asymmetric Key Encryption ◦ Also known as public key encryption ◦ Uses two keys: one to encrypt and one to decrypt Modern Ciphers
  • 17.  Share a secret key among two or more parties  DES – Data Encryption Standard ◦ Uses a 56-bit key ◦ Standard from 1979 to 1990s  AES – Advanced Encryption Standard ◦ Uses 128, 192, or 256-bit key ◦ Standard from early 2000s to present ◦ Must use correct block cipher mode Symmetric Key Encryption
  • 18.  ECB – Electronic Codebook  CBC – Cipher Block Chaining  CFB – Cipher Feedback  OFB – Output Feedback  CTR – Counter  CCM – Counter with Cipher-block Chaining Block Cipher Modes
  • 19.  Given a sequence x1x2 … xn of plaintext blocks  Ciphertext: yi = ℯk(xi)  Advantage: computation done in parallel  Disadvantage: same plaintext block yields same ciphertext blocks ECB Mode
  • 20. Why Not to Use ECB Mode *From
  • 21.  CTF Problem – CSAW 2010, Crypto Bonus  Users allowed to log into system with only their username ◦ Root and Admin are not allowed!  Upon authentication, they are presented with an authentication token (an encryption of the timestamp, username, and puzzle name)  Each auth-token only lasts 5 minutes!  Goal: Construct a correct authentication token for root Why Not to Use ECB Mode cont.
  • 22.  Submit “AAAAAAAA”  Submit “AAAAAAAA” again  Only difference is the highlighed portion (perhaps a [part of] the timestamp) Why Not to Use ECB Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
  • 23.  Submit “AAAAAAAAAAAAAAAAAA”  The 3rd cipher block is repeated  Submit “AAAAAAAAAAAAAAAAAAAAAAAAadmin”  The correct token for “admin”  The above decrypts to “  1285874686664|admin| CSAW_CHALLENGE#4x02x02” Why Not to Use ECB Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
  • 24.  Given a sequence x1x2 … xn of plaintext blocks  Each ciphertext block yi is XOR’d with the next plaintext block xi+1 before encryption  Define y0 = IV (initialization vector)  Ciphertext: yi = ℯk(yi-1 ⊕ xi), i ≥ 1 CBC Mode
  • 25.  CTF Problem – CSAW 2010, Crypto 2  Users are presented with an auth token  Token is AES encryption of (Username, Team name, Puzzle name, Access level)  The access level is set to 5 and teams need to access level 0 Bit Flipping in CBC Mode
  • 26.  Bit-flipping propagation  A change in a ciphertext block leads to a change in each succeeding plaintext block Bit flipping in CBC Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
  • 27.  Hex dump of the URL-base64 decoded information  Decrypted to  Need to manipulate a byte in the 3rd ciphertext block that, when decrypted, lines up with the 5 in “role=5” Bit Flipping in CBC Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
  • 28.  XOR 0x05 with 0xa8 and get 0xad  Replace 0xa8 with 0xad  Decrypted to  Success! Bit Flipping in CBC Mode cont. Write up from http://blog.gdssecurity.com/labs/tag/ctf
  • 29.  Initialization vector: y0 = IV  Keystream element: zi = ℯk(yi-1), i ≥ 1  Ciphertext: yi = xi ⊕ zi, i ≥ 1 CFB Mode
  • 30.  Initialization vector: z0 = IV  Keystream: z1z2 … zn  Keystream element: zi = ℯk(zi-1), i ≥ 1  Ciphertext: yi = xi ⊕ zi, i ≥ 1 OFB Mode
  • 31.  Similar to OFB but with a different keystream  Plaintext block size = m bits  Counter, denoted ctr, bitstring of length m  Construct a sequence of bitstrings of length m, denoted T1,T2,… ,Tn as follows:  Ti = ctr + i - 1 mod 2m , i ≥ 1  Ciphertext: yi = xi ⊕ ℯk(Ti), i ≥ 1 CTR Mode
  • 33.  Based on mathematical relationships (integer factorization and discrete logarithm) that have no efficient solution  Public key, K, is published for everyone to see  Private key, K-1 , is held by an individual  Two main uses: ◦ Public key encryption – anyone can send a message to a particular individual – enck(message) ◦ Digital signatures – anyone can verify a message is sent by a particular individual – enck-1(message) Asymmetric Key Encryption
  • 35. Diffie-Hellman cont. This implementation is not secure due to the values of g and n. In practice, n = prime number, g = generator (primitive root mod n)
  • 36.  Attacks on cryptographic algorithms  Known plaintext – attacker has access to a plaintext and the corresponding ciphertext  Ciphertext-only – attack has access to only a ciphertext and not the plaintext  Chosen Plaintext/Ciphertext – attacker gets to pick (encrypt/decrypt) a text of his choosing  Adaptive Chosen Plaintext/Ciphertext – attacker chooses text based on prior results Cryptographic Attack Methods
  • 37.  Attacks on physical implementation of a cryptosystem  Timing attack  Power monitoring attack  Acoustic cryptanalysis  Differential fault analysis  Data remanence  Padding oracle attack Side Channel Attacks
  • 38.  Walkthrough of padding oracle attack ◦ http://blog.gdssecurity.com/labs/2010/9/14/automated-pad ding-oracle-attacks-with-padbuster.html Padding Oracle Attack
  • 39.  Timing attack ◦ Add random delays in processing  Data remanence ◦ Overwrite locations where sensitive data is stored  Padding Oracle attack ◦ Don’t let the user know there was a padding error ◦ Use Message Authentication Code (MAC) to protect integrity of the ciphertext How to Avoid Certain Attacks
  • 41.  Used to provide assurance of data integrity  Given a bitstring of any length, produce a bitstring of length n (n depends on algorithm)  Desired properties of a hash function: ◦ Easy to compute a hash given a message ◦ Hard to reverse a hash to a message ◦ Hard to modify a message and not the hash ◦ Hard to find to messages with the same hash Hash Functions
  • 42.  Message Digest: ◦ MD2, MD4, MD5, MD6  Secure Hash Algorithm: ◦ SHA-0, SHA-1, SHA-2, SHA-3 (coming soon)  Most commonly used: ◦ MD5 – 128 bit hash ◦ SHA-1 – 160 bit hash ◦ SHA-2 – 224, 256, 384, or 512 bit hash  Longer hash = better Hash Functions cont.
  • 43.  Used to discover collisions in hashing algorithms  There is more than a 50% chance that 2 people in a room of 23 will share a birthday  P[No common birthday] = ◦ n = number of people Birthday Attack     1 0 365 365 n i i
  • 44.  CodeGate 2010 Challenge 15  A web based challenge vulnerable to padding/length extension attack in its SHA1 based authentication scheme  The page asks for a username and then sets a cookie  Username “aaaa”  Cookie “web1_auth = YWFhYXwx| 8f5c14cc7c1cd461f35b190af57927d1c377997e”  The first part “YWFhYXwx” is the base64 encoded string of “aaaa|1” (username|role)  The second part “8f5c14cc7c1cd461f35b190af57927d1c377997e” is the sha1(secret_key + username + role) Length Extension Attack Write up from http://www.vnsecurity.net/t/length-extension-attack/
  • 45.  The cookie is checked at the next visit  Displays “Welcome back, aaaa! You are not the administrator.”  We guess that 1 is the role for normal and 0 for administrator  Modify the first part to base64_encode(“aaaa|0”), the script will return an error that the data has the wrong signature  The new cookie is “YWFhYXwxgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4fDA=| 70f8bf57aa6d7faaa70ef17e763ef2578cb8d839”  “Welcome back, aaaa! Congratulations! You did it! Here is your flag: CryptoNinjaCertified!!!!!” Length Extension Attack cont. Write up from http://www.vnsecurity.net/t/length-extension-attack/
  • 47.  Simple encodings of text (not encryption)  ASCII to decimal, hex, binary, or base64 ◦ Plaintext: hello ◦ Decimal: 104 101 108 108 111 ◦ Hex: x68x65x6cx6cx6f ◦ Binary: 0000011010001100101110110011011001101111 ◦ Base64: aGVsbG8=  Many other more clever encodings Encodings
  • 50.  Hide messages in such a way that no one suspects the existence of such a message  Usually hidden in images (but not necessarily) ◦ Least significant bit ◦ Alpha byte in RGBA Steganography
  • 52.  Google - everything  Foremost – recover files from other files  Cryptool - cryptanalysis Useful Tools
  • 53.  How can you simultaneously ensure secrecy and integrity with public key encryption? ◦ A sends a message to B. ◦ A has keys Ka/Ka -1 and B has keys Kb/Kb -1 ◦ Encrypt function enck(m) ◦ Decrypt function deck(m) ◦ A sends message m as enckb (encKa-1(m))  What if we reverse the encryption functions? ◦ A sends message as encKa-1(enckb (m)) ◦ Anyone can switch A’s integrity check with theirs Question #1
  • 54.  One Time Pad – proven to be impossible to crack  Plaintext of length n (bitstring or character string)  Key is also of length n  Plaintext: hello  Key: abcde  Ciphertext ((Plaintext + Key) mod 26):  (h+a)=(7+0)=7=h; (e+b)=(4+1)=5=f; (l+c)=(11+2)=13=n; (l+d)=(11+3)=14=o; (o+e)=(14+4)=18=s  Ciphertext: = hfnos Question #2
  • 55.  If it’s been proven to be impossible to crack, why doesn’t everyone use it? ◦ Only reveals maximum possible length (possibly padded)  Fine for short messages, but the key length must increase linearly with the plaintext length ◦ Requires perfectly random one-time pads (new OTP for each message) ◦ How to exchange keys that are as long as the messages themselves? Question #2 cont.
  • 56.  Plaintexts P1 and P2 were encrypted with the same one-time pad key. We know P1, how do we find P2?  P1 = x64x69x73x63x6fx76x65x72x79 (discovery)  P2 = ?  C1 = x17x0cx10x11x0ax02x0ex17x00  C2 = x03x09x02x1bx0bx00x0ex1dx0d Question #3
  • 57.  Consider OTP operations: ◦ P1 ⊕ Key = C1 ◦ P2 ⊕ Key = C2 ◦ P1 ⊕ Key ⊕ P1 = C1 ⊕ P1 = Key ◦ C2 ⊕ Key = P2  P1 = x64x69x73x63x6fx76x65x72x79  C1 = x17x0cx10x11x0ax02x0ex17x00  Key = x73x65x63x72x65x74x6bx65x79 (secretkey)  P2 = x70x6cx61x69x6ex74x65x78x74 (plaintext)  Know ciphertext and plaintext = know key  Know key = decrypt any other ciphertext using that key Question #3 cont.
  • 58.  Connection details will be provided at the crash course CTF
  • 59.  Cryptography: Theory and Practice, 3rd Edition by Douglas R. Stinson  Wikipedia.org for many images  Cryptography 101, Parts 1-3: utdcsg.org  Write-ups from ◦ http://blog.gdssecurity.com/labs/tag/ctf ◦ http://blog.gdssecurity.com/labs/2010/9/14/automated- padding-oracle-attacks-with-padbuster.html ◦ http://www.vnsecurity.net/t/length-extension-attack/ References