Here is a brief presentation Jonathan Rajewski gave on March 15, 2012 in my FOR270 Anti-Forensics and Network Forensics course. The lecture was a mini lecture on Cryptanalysis and explored the encryption and decryption of the ROT13, Columnar Transposition Cipher and Vigenère Square.

1. Cryptanalysis
Jonathan Rajewski
© 2012 Jonathan T Rajewski 1

2. Overview
• Thirty Five Slides of Lecture
• Review Cryptology
• Attacking Applications
• Attacking the cyphers we discussed
• FOR270 Crypto Challenge
– Until we have a winner!
© 2012 Jonathan T Rajewski 2

3. The 3 Siezs
© 2012 Jonathan T Rajewski 3

4. The Three C’s
• Cryptography
• Cryptanalysis
• Cryptology
3 C’s
Crypto
© 2012 Jonathan T Rajewski 4

5. Basic Cryptanalysis
© 2012 Jonathan T Rajewski 5

6. Quick Case Study
© 2012 Jonathan T Rajewski 6

7. Case Study
When you enter your username and password
what happens?
© 2012 Jonathan T Rajewski 7

8. Case Study
Authentication
Username + Password = Success
© 2012 Jonathan T Rajewski 8

9. © 2012 Jonathan T Rajewski 9

10. © 2012 Jonathan T Rajewski 10

11. Attacking Applications
Learn how the application creates passwords!
© 2012 Jonathan T Rajewski 11

12. FTP
Filezilla Graphical User
Interface
*Hypothetical Situation © 2012 Jonathan T Rajewski 12

13. FTP
In our FTP client, user credentials are stored in an INI file.
Boris is the target of the investigation. We currently have no
idea how the application stores user credentials.
We create a new profile named dummy with a password 1111.
The PWD value appears similar to one byte per character in
the password and, further, appears to look like the ASCII
representation. What we find:
Password: 1 1 1 1
ASCII: 0x31 0x31 0x31 0x31
PWD value: 0x31 0x32 0x33 0x34
There is an obvious pattern!!!!
Let's derive the other password....
PWD value: 0x42 0x70 0x74 0x6C 0x77 0x4E
ASCII: 0x42 0x6F 0x72 0x69 0x73 0x49
Password: B o r i s I
© 2012 Jonathan T Rajewski 13

14. Let’s try it!
Password.ini file contains the following data.
Decrypt the password
PWD value: 0x70 0x62 0x75 0x76 0x7B 0x75 0x79 0x45
ASCII: 0x 0x 0x 0x 0x 0x 0x 0x
Password:
© 2012 Jonathan T Rajewski 14

15. Let’s try it!
Password.ini file contains the following data.
Decrypt the password
PWD value: 0x70 0x62 0x75 0x76 0x7B 0x75 0x79 0x45
ASCII: 0x70 0x61 0x73 0x73 0x77 0x70 0x73 0x4C
Password: P A S S W O R D
© 2012 Jonathan T Rajewski 15

16. Basic Cryptosystems
• Basic Ciphers
– Substitution
• Replacing one character with another “X”
– Transposition
• Rearranging the message
© 2012 Jonathan T Rajewski 16

17. Substitution Ciphers
• Most famous: Caesar's Cipher
– Shift each letter to the right by 3
• ROT 13
1 2 3 4 5 6 7 8 9 10 11 12 13 1 2 3 4 5 6 7 8 9 10 11 12 13
Plaintext a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher n o p q r s t u v w x y z a b c d e f g h i j k l m
• Substitute letters for others
– A is T
– B is R
– C is B
© 2012 Jonathan T Rajewski 17

18. Where are we seeing ROT13?
NTUSER.datSoftwareMicrosoftWindows
CurrentVersionExplorerUserAssist
© 2012 Jonathan T Rajewski 18

19. Where are we seeing ROT13?
http://www.csoonline.com/article/570813/data-exfiltration-how-data-gets-out
© 2012 Jonathan T Rajewski 19

20. Tools to parse ROT13
• Volatility Plugin (Levy)
– http://gleeda.blogspot.com/2011/04/volatility-14-
userassist-plugin.html
• RegRipper (Carvy)
– http://regripper.wordpress.com/
• ROT13.com
© 2012 Jonathan T Rajewski 20

21. How to parse ROT13 by hand
1 2 3 4 5 6 7 8 9 10 11 12 13 1 2 3 4 5 6 7 8 9 10 11 12 13
Plaintext a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher n o p q r s t u v w x y z a b c d e f g h i j k l m
CipherText PlainText
N A
C P
C P
Y L
R E
© 2012 Jonathan T Rajewski 21

22. Breaking Basic Ciphers
• Simple (monoalphabetic) substitution ciphers
easily broken with Frequency Analysis
Letters: E T O A N I R S H D L C W U M F Y G P B V K X Q J Z
Digraphs: TH HE IN ER ED AN ND AR RE EN ED TO NT EA OU NG ST AS
Trigraphs: THE AND ING HER NTH ENT THA INT ERE DTH EAR HAT OFT
• More complex (polyalphabetic) substitution
ciphers use multiple alphabets!
© 2012 Jonathan T Rajewski 22

23. Columnar Transposition Cipher
• Disguising the message by rearranging the letters
– Plaintext:
• FOR270 IS SO MUCH FUN DONTCA THINK
FOR270ISSOMU
CHFUNDONTCHA
THINKQWERTYU
• cipher: fct ohh rfi 2un 7nk 0dq iow snr str oct mhy uau
• cipher enhanced: fctohhrfi2un7nk0dqiowsnrstroctmhyuau
© 2012 Jonathan T Rajewski 23

24. Breaking the Columnar Transposition
Cipher
For all intensive purposes for this “cryptanalysis by hand in a
quick timeframe” we are going to attempt to guess the rows
and columns
cipher: dygi ioet dutx
cipher enhanced: dygiioetdutx
didyougetit
© 2012 Jonathan T Rajewski 24

25. Vigenère Square
Ciphertext is intersection of key column and plaintext row.
Plaintext: DFIRISGREAT (Side)
Key: NTFSNTFSNTF (Top)
Ct: QYNJVLLYRTY (Intersect)
© 2012 Jonathan T Rajewski 25

26. Vigenère Square Decryption
Ct: STYXMYYEGYRR (Intersect)
Key: FATFATFATFAT (Side)
Plaintext: NTFSMFTENTRY (Top)
© 2012 Jonathan T Rajewski 26

27. © 2012 Jonathan T Rajewski 27

28. Crypto Challenge
• Scenario
– You work for the “SUPER SECRET 5 LETTER
AGENCY”
– An ultra sophisticated ciphertext was located on
an internal server
– Our team of cryptographers are actively working
on breaking the code but we need your help!!!
© 2012 Jonathan T Rajewski 28

29. Phase 1
The following ciphertext was found by the
cryptographers. They believe it could have
something to do with the userassist key.
ovg_qbg_yl_fynfu_m7mKvx
1 2 3 4 5 6 7 8 9 10 11 12 13 1 2 3 4 5 6 7 8 9 10 11 12 13
Plaintext a b c d e f g h i j k l m n o p q r s t u v w x y z
Cipher n o p q r s t u v w x y z a b c d e f g h i j k l m
© 2012 Jonathan T Rajewski 29

30. Phase 1 Review
Did you get it?
– ROT13 encryption.
CT: ovg_qbg_yl_fynfu_m7mKvx
PT: bit_dot_ly_slash_z7zXik
PT Decoded: bit.ly/z7zXik
© 2012 Jonathan T Rajewski 30

31. Phase 2
We just learned from the cryptographers that
more this code may indicated a hidden key for
the next aspect of the cryptanalysis….
Visit this link and try to decode the data
http://bit.ly/x2qppi
© 2012 Jonathan T Rajewski 31

32. Phase 2 Review
F O R E N S I C
A T O R
Forensicator
© 2012 Jonathan T Rajewski 32

33. Phase 3
We identified the final encrypted string of
ciphertext by analyzing ram using Volatility.
Yay for open source tools!
Agency cryptologists believe that you will “crack
the case” and reveal the cyber villain.
Please analyze:
CT: ICLKGZMRUZ
Key: FORENSICATOR (you wont need the entire key)
© 2012 Jonathan T Rajewski 33

34. Phase 3
Please analyze:
CT: ICLKGZMRUZ (Intersect)
Key: FORENSICATOR (Side)
PT: (Top)
Hint – you wont need the entire Key
© 2012 Jonathan T Rajewski 34

35. Phase 3 Review
Ct: ICLKGZMRUZ(Intersect)
Key: FORENSICAT(Side)
Plaintext: DOUGTHEPUG(Top)
© 2012 Jonathan T Rajewski 35

36. Phase 4
The end is here. This is the most complicated
ciphertext yet. Doug the Pug “cracked” during
interrogation and revealed his secret partner in
crime.
Next class we will look at the ADFGVX
© 2012 Jonathan T Rajewski 36