# Encryption - Crypto 101

**Date:** 14, May, 2021

**Author:** Dhilip Sanjay S

Click Here to go to the TryHackMe room.

## Key Terms

**Ciphertext**- The result of encrypting a plaintext, encrypted data**Cipher**- A method of encrypting or decrypting data. Modern ciphers are cryptographic, but there are many non cryptographic ciphers like Caesar.**Plaintext**- Data before encryption, often text but not always. Could be a photograph or other file**Encryption**- Transforming data into ciphertext, using a cipher.**Encoding**- NOT a form of encryption, just a form of data representation like base64. Immediately reversible.**Key**- Some information that is needed to correctly decrypt the ciphertext and obtain the plaintext.**Passphrase**- Separate to the key, a passphrase is similar to a password and used to protect a key.**Asymmetric encryption**- Uses different keys to encrypt and decrypt.**Symmetric encryption -**Uses the same key to encrypt and decrypt**Brute force**- Attacking cryptography by trying every different password or every different key**Cryptanalysis**- Attacking cryptography by finding a weakness in the underlying maths

### Are SSH keys protected with a passphrase or a password?

**Answer:**Passphrase

## Why is Encryption important?

Whenever sensitive user data needs to be stored, it should be encrypted.

DO NOT encrypt passwords unless you’re doing something like a password manager. Passwords should not be stored in plaintext, and you should use hashing to manage them safely.

### What does SSH stand for?

**Answer:**Secure Shell

### How do webservers prove their identity?

**Answer:**certificates

### What is the main set of standards you need to comply with if you store or process payment card details?

**Answer:**PCI-DSS (Payment Card Industry Data Security Standard)

## Crucial Crypto Maths

There's a little bit of math(s) that comes up relatively often in cryptography. The Modulo operator.

### What's 30 % 5?

**Answer:**0

### What's 25 % 7

**Answer:**4

### What's 118613842 % 9091

**Answer:**3565

### Types of Encryption

**Symmetric encryption**uses the same key to encrypt and decrypt the data.**Examples:**DES (Broken) and AES (128 or 256 bit keys are common for AES, DES keys are 56 bits long).

**Asymmetric encryption**uses a pair of keys, one to encrypt and the other in the pair to decrypt. These keys are referred to as a public key and a private key.**Examples:**RSA and Elliptic Curve Cryptography (RSA typically uses 2048 to 4096 bit keys.) RSA and Elliptic Curve cryptography are based around different**mathematically difficult (intractable)**problems, which give them their strength.

### Should you trust DES? Yea/Nay

**Answer:**NayListen to Darknet Diaries - Ep: 12 Crypto Wars

### What was the result of the attempt to make DES more secure so that it could be used for longer?

**Answer:**Triple DES

### Is it ok to share your public key? Yea/Nay

**Answer:**Yea

## RSA - Rivest Shamir Adleman

RSA is based on the mathematically difficult problem of working out the factors of a large number. It’s very quick to multiply two prime numbers together, say 17*23 = 391, but it’s quite difficult to work out what two prime numbers multiply together to make 14351 (113x127 for reference).

**CTFs involving RSA**- Crypto CTF challenges often present you with a set of these values, and you need to break the encryption and decrypt a message to retrieve the flag.

### p = 4391, q = 6659. What is n?

**Answer:**29239669

## Establishing Keys Using Asymmetric Cryptography

A very common use of asymmetric cryptography is exchanging keys for symmetric encryption.

Asymmetric encryption tends to be slower, so for things like HTTPS symmetric encryption is better.

**Metaphor time**In reality, you need a little more cryptography to verify the person you’re talking to is who they say they are, which is done using digital signatures and certificates

## Digital signatures and Certificates

**Digital signatures**are a way to prove the authenticity of files, to prove who created or modified them. Using asymmetric cryptography, you produce a signature with your private key and it can be verified using your public key.The simplest form of digital signature would be encrypting the document with your private key, and then if someone wanted to verify this signature they would decrypt it with your public key and check if the files match.

**Certificates**are also a key use of public key cryptography, linked to digital signatures.The certificates have a chain of trust, starting with a root CA (certificate authority). Root CAs are automatically trusted by your device, OS, or browser from install.

### What company is TryHackMe's certificate issued to?

**Answer:**Cloudflare**Steps to Reproduce:**On visiting

**tryhackme.com**, click the lock symbol in the search box.And then click on

**Certificates**to view them.

## SSH Authentication

By default, SSH is authenticated using usernames and passwords in the same way that you would log in to the physical machine.

SSH configured with public and private key authentication. (SSH keys are RSA keys)

**SSH Private Keys**Using tools like

**John the Ripper**, you can attack an encrypted SSH key to attempt to find the passphrase, which highlights the importance of using a**secure passphrase**and keeping your private key private.

The

`authorized_keys`

(note the US English spelling) file in**~/.ssh**directory holds public keys that are allowed to access the server if key authentication is enabled.For key based authentication, use

`ssh -i keyName user@host`

**Using SSH keys to get a better shell**SSH keys are an excellent way to “upgrade” a reverse shell, assuming the user has login enabled

You can add your own public keys to the

`~/.ssh/authorized_keys`

file.Leaving an SSH key in authorized_keys on a box can be a useful backdoor, and you don't need to deal with any of the issues of unstabilised reverse shells like Control-C or lack of tab completion.

### What algorithm does the key use?

**Answer:**RSA

### Crack the password with John The Ripper and rockyou, what's the passphrase for the key?

**Answer:**delicious**Steps to Reproduce:**

## Explaining Diffie Hellman Key Exchange

**Key exchange**allows 2 people/parties to establish a set of common cryptographic keys without an observer being able to get these keys. Generally, to establish common symmetric keys.**Diffie Hellman Key Exchange**- Computerphile Video - DH Key ExchangeDH Key Exchange is often used alongside RSA public key cryptography, to prove the identity of the person you’re talking to with digital signing. This prevents someone from attacking the connection with a man-in-the-middle attack.

## PGP, GPG and AES

PGP stands for

**Pretty Good Privacy**. It’s a software that implements encryption for encrypting files, performing digital signing and more.**GnuPG or GPG**is an Open Source implementation of PGP from the GNU project. You may need to use GPG to decrypt files in CTFs. Sometimes, PGP/GPG keys can be protected with passphrases. Check out gpg manpage.AES, sometimes called

**Rijndael**after its creators, stands for**Advanced Encryption Standard**. It was a replacement for DES which had short keys and other cryptographic flaws. - Computerphile Video AES. AES and DES both operate on blocks of data (a block is a fixed size series of bits).

### You have the private key, and a file encrypted with the public key. Decrypt the file. What's the secret word?

**Answer:**Pineapple**Steps to Reproduce:**Unzip the zip file:

Import the GPG key using

`gpg --import keyFile`

:Decrypt the message using

`gpg -d messageFile`

:

## The Future - Quantum Computers and Encryption

Quantum computers will soon be a problem for many types of encryption.

**Asymmetric and Quantum**- While it’s unlikely we’ll have sufficiently powerful quantum computers until around 2030, once these exist encryption that uses RSA or Elliptical Curve Cryptography will be very fast to break. This is because quantum computers can very efficiently solve the mathematical problems that these algorithms rely on for their strength.**AES/Triple DES and Quantum**- AES with 128 bit keys is also likely to be broken by quantum computers in the near future, but 256 bit AES can’t be broken as easily.**Triple DES**is also vulnerable to attacks from quantum computers.**Current Recommendations**The NSA recommends using

**RSA-3072**or better for asymmetric encryption and**AES-256**or better for symmetric encryption.It’s likely that we will have a new encryption standard before quantum computers become a threat to RSA and AES.

## References

"Cryptography Apocalypse" By Roger A. Grimes

Last updated