Encryption - Crypto 101
Date: 14, May, 2021
Author: Dhilip Sanjay S
Click Here to go to the TryHackMe room.
Key Terms
Ciphertext - The result of encrypting a plaintext, encrypted data
Cipher - A method of encrypting or decrypting data. Modern ciphers are cryptographic, but there are many non cryptographic ciphers like Caesar.
Plaintext - Data before encryption, often text but not always. Could be a photograph or other file
Encryption - Transforming data into ciphertext, using a cipher.
Encoding - NOT a form of encryption, just a form of data representation like base64. Immediately reversible.
Key - Some information that is needed to correctly decrypt the ciphertext and obtain the plaintext.
Passphrase - Separate to the key, a passphrase is similar to a password and used to protect a key.
Asymmetric encryption - Uses different keys to encrypt and decrypt.
Symmetric encryption - Uses the same key to encrypt and decrypt
Brute force - Attacking cryptography by trying every different password or every different key
Cryptanalysis - Attacking cryptography by finding a weakness in the underlying maths
Are SSH keys protected with a passphrase or a password?
Answer: Passphrase
Why is Encryption important?
Whenever sensitive user data needs to be stored, it should be encrypted.
DO NOT encrypt passwords unless you’re doing something like a password manager. Passwords should not be stored in plaintext, and you should use hashing to manage them safely.
What does SSH stand for?
Answer: Secure Shell
How do webservers prove their identity?
Answer: certificates
What is the main set of standards you need to comply with if you store or process payment card details?
Answer: PCI-DSS (Payment Card Industry Data Security Standard)
Crucial Crypto Maths
There's a little bit of math(s) that comes up relatively often in cryptography. The Modulo operator.
What's 30 % 5?
Answer: 0
What's 25 % 7
Answer: 4
What's 118613842 % 9091
Answer: 3565
Types of Encryption
Symmetric encryption uses the same key to encrypt and decrypt the data.
Examples: DES (Broken) and AES (128 or 256 bit keys are common for AES, DES keys are 56 bits long).
Asymmetric encryption uses a pair of keys, one to encrypt and the other in the pair to decrypt. These keys are referred to as a public key and a private key.
Examples: RSA and Elliptic Curve Cryptography (RSA typically uses 2048 to 4096 bit keys.) RSA and Elliptic Curve cryptography are based around different mathematically difficult (intractable) problems, which give them their strength.
Should you trust DES? Yea/Nay
Answer: Nay
Listen to Darknet Diaries - Ep: 12 Crypto Wars
What was the result of the attempt to make DES more secure so that it could be used for longer?
Answer: Triple DES
Is it ok to share your public key? Yea/Nay
Answer: Yea
RSA - Rivest Shamir Adleman
RSA is based on the mathematically difficult problem of working out the factors of a large number. It’s very quick to multiply two prime numbers together, say 17*23 = 391, but it’s quite difficult to work out what two prime numbers multiply together to make 14351 (113x127 for reference).
CTFs involving RSA - Crypto CTF challenges often present you with a set of these values, and you need to break the encryption and decrypt a message to retrieve the flag.
p = 4391, q = 6659. What is n?
Answer: 29239669
Establishing Keys Using Asymmetric Cryptography
A very common use of asymmetric cryptography is exchanging keys for symmetric encryption.
Asymmetric encryption tends to be slower, so for things like HTTPS symmetric encryption is better.
Metaphor time
In reality, you need a little more cryptography to verify the person you’re talking to is who they say they are, which is done using digital signatures and certificates
Digital signatures and Certificates
Digital signatures are a way to prove the authenticity of files, to prove who created or modified them. Using asymmetric cryptography, you produce a signature with your private key and it can be verified using your public key.
The simplest form of digital signature would be encrypting the document with your private key, and then if someone wanted to verify this signature they would decrypt it with your public key and check if the files match.
Certificates are also a key use of public key cryptography, linked to digital signatures.
The certificates have a chain of trust, starting with a root CA (certificate authority). Root CAs are automatically trusted by your device, OS, or browser from install.
What company is TryHackMe's certificate issued to?
Answer: Cloudflare
Steps to Reproduce:
On visiting tryhackme.com, click the lock symbol in the search box.
And then click on Certificates to view them.
SSH Authentication
By default, SSH is authenticated using usernames and passwords in the same way that you would log in to the physical machine.
SSH configured with public and private key authentication. (SSH keys are RSA keys)
SSH Private Keys
Using tools like John the Ripper, you can attack an encrypted SSH key to attempt to find the passphrase, which highlights the importance of using a secure passphrase and keeping your private key private.
The
authorized_keys
(note the US English spelling) file in ~/.ssh directory holds public keys that are allowed to access the server if key authentication is enabled.For key based authentication, use
ssh -i keyName user@host
Using SSH keys to get a better shell
SSH keys are an excellent way to “upgrade” a reverse shell, assuming the user has login enabled
You can add your own public keys to the
~/.ssh/authorized_keys
file.Leaving an SSH key in authorized_keys on a box can be a useful backdoor, and you don't need to deal with any of the issues of unstabilised reverse shells like Control-C or lack of tab completion.
What algorithm does the key use?
Answer: RSA
Crack the password with John The Ripper and rockyou, what's the passphrase for the key?
Answer: delicious
Steps to Reproduce:
Explaining Diffie Hellman Key Exchange
Key exchange allows 2 people/parties to establish a set of common cryptographic keys without an observer being able to get these keys. Generally, to establish common symmetric keys.
Diffie Hellman Key Exchange - Computerphile Video - DH Key Exchange
DH Key Exchange is often used alongside RSA public key cryptography, to prove the identity of the person you’re talking to with digital signing. This prevents someone from attacking the connection with a man-in-the-middle attack.
PGP, GPG and AES
PGP stands for Pretty Good Privacy. It’s a software that implements encryption for encrypting files, performing digital signing and more.
GnuPG or GPG is an Open Source implementation of PGP from the GNU project. You may need to use GPG to decrypt files in CTFs. Sometimes, PGP/GPG keys can be protected with passphrases. Check out gpg manpage.
AES, sometimes called Rijndael after its creators, stands for Advanced Encryption Standard. It was a replacement for DES which had short keys and other cryptographic flaws. - Computerphile Video AES. AES and DES both operate on blocks of data (a block is a fixed size series of bits).
You have the private key, and a file encrypted with the public key. Decrypt the file. What's the secret word?
Answer: Pineapple
Steps to Reproduce:
Unzip the zip file:
Import the GPG key using
gpg --import keyFile
:Decrypt the message using
gpg -d messageFile
:
The Future - Quantum Computers and Encryption
Quantum computers will soon be a problem for many types of encryption.
Asymmetric and Quantum - While it’s unlikely we’ll have sufficiently powerful quantum computers until around 2030, once these exist encryption that uses RSA or Elliptical Curve Cryptography will be very fast to break. This is because quantum computers can very efficiently solve the mathematical problems that these algorithms rely on for their strength.
AES/Triple DES and Quantum - AES with 128 bit keys is also likely to be broken by quantum computers in the near future, but 256 bit AES can’t be broken as easily. Triple DES is also vulnerable to attacks from quantum computers.
Current Recommendations
The NSA recommends using RSA-3072 or better for asymmetric encryption and AES-256 or better for symmetric encryption.
It’s likely that we will have a new encryption standard before quantum computers become a threat to RSA and AES.
References
"Cryptography Apocalypse" By Roger A. Grimes
Last updated