Scribd
Upload
8 views

Cryptography

Cryptography details are here

Uploaded by

www.abinaya5002
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
8 views

Cryptography

Cryptography details are here

Uploaded by

www.abinaya5002
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Cryptography

Encryption is used on the Internet to transmit data, such as payment information, e-mails, or
personal data, confidentially and protected against manipulation. Data is encrypted using
various cryptographic algorithms based on mathematical operations. With the help of
encryption, data can be transformed into a form that unauthorized persons can no longer read.
Digital keys in symmetric or asymmetric encryption processes are used for encryption.
We can distinguish between symmetric and asymmetric encryption techniques

Symmetric Encryption:
Symmetric encryption, also known as secret key encryption, is a method that uses the same key
to encrypt and decrypt the data. This means the sender and the receiver must have the same key
to decrypt the data correctly.
If the secret key is shared or lost, the security of the data is no longer guaranteed. Critical
actions for symmetric encryption methods represent the distribution, storage, and exchange of
the keys. Advanced Encryption Standard (AES) and Data Encryption Standard (DES) are
examples of symmetric encryption algorithms.

Asymmetric Encryption:
Asymmetric encryption, also known as public-key encryption, is a method of encryption that
uses two different keys:
• a public key
• a private key
The public key is used to encrypt the data, while the private key is used to decrypt the data.
This means anyone can use a public key to encrypt data for someone, but only the recipient
with the associated private key can decrypt the data.
Asymmetric encryption methods include Rivest–Shamir–Adleman (RSA), Pretty Good
Privacy (PGP), and Elliptic Curve Cryptography (ECC).

Public-Key Encryption
One advantage of asymmetric encryption is its security. Since the security is based on very
hard-to-solve mathematical problems, simple attacks cannot crack it. Furthermore, the issue of
key exchange is bypassed. This is a significant problem with symmetric encryption methods.
However, since the public key can be accessible to everyone, there is no need to exchange keys
secretly. In addition, the asymmetric methods open up the possibility of authentication with
digital signatures.

Cipher Modes
A cipher mode refers to how a block cipher algorithm encrypts a plaintext message. A block
cipher algorithm encrypts data, each using fixed-size blocks of data (usually 64 or 128 bits). A
cipher mode defines how these blocks are processed and combined to encrypt a message of any
length.
Example:

Symmetric Encryption:
There are many programs available for symmetric encryption. We will focus on two, which are
widely used for asymmetric encryption as well:
• GNU Privacy Guard
• OpenSSL Project
GNU Privacy Guard:
The GNU Privacy Guard, also known as GnuPG or GPG, implements the OpenPGP standard.
We can encrypt a file using GnuPG (GPG) using the following command:
gpg --symmetric --cipher-algo CIPHER message.txt, where CIPHER is the name of the
encryption algorithm. You can check supported ciphers using the command gpg --version. The
encrypted file will be saved as message.txt.gpg.
The default output is in the binary OpenPGP format; however, if you prefer to create an ASCII
armoured output, which can be opened in any text editor, you should add the option --armor.
For example, gpg --armor --symmetric --cipher-algo CIPHER message.txt.
You can decrypt using the following command:
gpg --output original_message.txt --decrypt message.gpg
OpenSSL Project:
The OpenSSL Project maintains the OpenSSL software.
We can encrypt a file using OpenSSL using the following command:
openssl aes-256-cbc -e -in message.txt -out encrypted_message
We can decrypt the resulting file using the following command:
openssl aes-256-cbc -d -in encrypted_message -out original_message.txt
To make the encryption more secure and resilient against brute-force attacks, we can add -
pbkdf2 to use the Password-Based Key Derivation Function 2 (PBKDF2); moreover, we can
specify the number of iterations on the password to derive the encryption key using -iter
NUMBER. To iterate 10,000 times, the previous command would become:
openssl aes-256-cbc -pbkdf2 -iter 10000 -e -in message.txt -out encrypted_message
Consequently, the decryption command becomes:
openssl aes-256-cbc -pbkdf2 -iter 10000 -d -in encrypted_message -out
original_message.txt
In the following questions, we will use gpg and openssl on the AttackBox to carry out
symmetric encryption.
The necessary files for this task are located
under /root/Rooms/cryptographyintro/task02. The zip file attached to this task can be
used to tackle the questions of tasks 2, 3, 4, 5, and 6.

Decrypt the file quote01 encrypted (using AES256) with the


key s!kR3T55 using gpg. What is the third word in the file?
Decrypt the file quote02 encrypted (using AES256-CBC) with the
key s!kR3T55 using openssl. What is the third word in the file?
Asymmetric Encryption:
• openssl genrsa -out private-key.pem 2048: With openssl, we used genrsa to generate an
RSA private key. Using -out, we specified that the resulting private key is saved
as private-key.pem. We added 2048 to specify a key size of 2048 bits.
• openssl rsa -in private-key.pem -pubout -out public-key.pem: Using openssl, we
specified that we are using the RSA algorithm with the rsa option. We specified that we
wanted to get the public key using -pubout. Finally, we set the private key as input
using -in private-key.pem and saved the output using -out public-key.pem.
• openssl rsa -in private-key.pem -text -noout: We are curious to see real RSA variables,
so we used -text -noout. The values of p, q, N, e,
and d are prime1, prime2, modulus, publicExponent, and privateExponent,
respectively.
If we already have the recipient’s public key, we can encrypt it with the command openssl
pkeyutl -encrypt -in plaintext.txt -out ciphertext -inkey public-key.pem -pubin
The recipient can decrypt it using the command openssl pkeyutl -decrypt -in ciphertext -inkey
private-key.pem -out decrypted.txt

Bob has received the file ciphertext_message sent to him from Alice. You can
find the key you need in the same folder. What is the first word of the original
plaintext?

You might also like