Ethical Hacking &

Penetration Testing Course

Chapter#4 – Cryptographic Concepts
OWASP Top-10 (2021)
Content

1. What is Cryptography? 7. TLS Handshake

2. Cryptographic Keys 8. Stream and Block Ciphers

3. Symmetric and Asymmetric Cryptography 9. Steganography

4. Hashing 10. Encoding and Decoding

5. Digital Signature 11. Cryptography Use Cases

6. Digital Certificate 12. Practical – THM Lab

1. What is Cryptography? Cryptography = kryptos (hidden) + grapho (writing) [Greek]

Definition:
Cryptography is the science and art of securing
communication and information through the use of
mathematical techniques and algorithms to transform data
into a form that is unintelligible to unauthorized entities.

Purpose: Ensure confidentiality, integrity, authenticity and

non-repudiation

• Confidentiality: Protecting data from unauthorized access.

• Integrity: Ensuring data is not altered during transmission.

• Authenticity: Verifying the origin of the data.

• Non-repudiation: Preventing denial of actions.

1. What is Cryptography? • Basic concepts: Encryption & Decryption

1. Encryption is the process of converting, readable data (plaintext) into an unreadable format
(ciphertext) using an algorithm and a key.

The primary purpose of encryption is to secure information by making it difficult for unauthorized
individuals or entities to comprehend the original data without the corresponding decryption key.
1. What is Cryptography? • Basic concepts: Encryption & Decryption

2. Decryption is the process of converting encrypted or ciphertext data back into its original, readable
form, known as plaintext. Decryption requires the use of a specific decryption key, which complements
the key used in the encryption process.

The decryption key allows authorized users to transform the ciphertext back into its original, meaningful
content, restoring the information to its original state.

An Example of Data Decryption

Decryption Key
2. Cryptographic Keys

Key in cryptography is a piece of information used in conjunction with an algorithm to transform

plaintext into ciphertext (encryption) or to reverse the process, transforming ciphertext back into
plaintext (decryption).

Keys are essential components in cryptographic systems, providing a means to control access to the
protected information.

There are two primary types of keys in cryptography:

1. Symmetric Key (Secret Key) Key Example:

04 CE D7 61 49 49 FD 4B 35 8B 1B 86 BC A3 C5 BC D8
2. Asymmetric Key (Public – Private Key) 20 6E 31 17 2D 92 8A B7 34 F4 DB 11 70 4E 49 16 61 FC
AE FA 7F BA 6F 0C 05 53 74 C6 79 7F 81 12 8A F7 E2 5E
6C F5 FA 10 69 6B 67 D9 D5 96 51 B0 (Copied in 2019 from the
cloudflare.com SSL certificate)

Demo: Caesar Cipher

Encryption and Decryption Tool
https://www.devglan.com/online-tools/text-encryption-decryption
3. Symmetric and Asymmetric Cryptography
Symmetric cryptography, also known as secret key cryptography, is a cryptographic approach where the
same key is used for both the encryption and decryption of data. In this system, communicating parties
share a secret key, and this key is kept confidential to ensure secure communication.

Symmetric cryptography is generally faster and less computationally intensive than its counterpart,
asymmetric cryptography.
Common symmetric key algorithms:

Data Encryption Standard (DES) (Insecure for many applications

due to its small key size.)

Triple DES (3DES): A more secure variant of DES that applies the
algorithm three times with different keys.

Advanced Encryption Standard (AES): A widely used

symmetric key algorithm with key sizes of 128, 192, or 256 bits.

*Challenge:
Key Distribution: One of the challenges in symmetric cryptography is secure key distribution. If two parties want to
communicate securely, they need to share the secret key without it being intercepted by unauthorized entities.
 3. Symmetric Key Cryptography - Applications

Data Encryption:
File and Disk Encryption: Symmetric key algorithms are commonly employed to encrypt entire files or disks. Tools like BitLocker (Windows) and FileVault
(macOS) use symmetric key cryptography to protect the contents of hard drives.

Secure Messaging:
Messaging Apps: Some messaging applications use symmetric key cryptography for end-to-end encryption. The same key is used by both the sender and
the recipient to encrypt and decrypt messages.

Payment Transactions:
Point of Sale (POS) Systems: Symmetric key cryptography is used to secure payment transactions in POS systems. The same key encrypts the transaction
data during transmission and decrypts it on the receiving end.

Smart Cards:
Credit Cards and Access Cards: Smart cards often use symmetric key cryptography to secure transactions. The card and the card reader share the same
key for encryption and decryption.
3. Asymmetric Key Cryptography
Asymmetric cryptography, also known as public key cryptography, is a cryptographic approach that uses
a pair of mathematically related keys for secure communication: a public key and a private key. Each key
performs a specific function—data encrypted with one key can only be decrypted by the other key in the
pair.

Common symmetric key algorithms:

RSA (Rivest-Shamir-Adleman): One of the first

widely used asymmetric key algorithms.

Elliptic Curve Cryptography (ECC): A more

recent and efficient asymmetric key algorithm.

*Challenge:
Computationally Intensive: Asymmetric cryptography addresses some of the challenges of key distribution faced by
symmetric cryptography. However, it is computationally more intensive, and for this reason, it is often used in
combination with symmetric cryptography in hybrid systems that leverage the strengths of both approaches..
 3. Asymmetric Key Cryptography - Applications
Email Encryption (PGP/GPG):
Pretty Good Privacy (PGP) and its open-source counterpart, GnuPG (GPG), employ asymmetric key cryptography for securing email communications. Users
have a pair of keys (public and private), and the public key can be shared to receive encrypted emails, while the private key is kept secret for decrypting
received messages.

Blockchain and Cryptocurrencies:

Asymmetric cryptography is a fundamental component of blockchain technology. In cryptocurrencies like Bitcoin, public and private key pairs are used for
wallet addresses, and transactions are secured through digital signatures.

Secure File Transfer (SFTP):

Secure File Transfer Protocol (SFTP) relies on asymmetric key cryptography for secure file transfers. Users can use public and private key pairs for
authentication, ensuring secure and authenticated access to files.

Code Signing:
Developers use digital signatures based on asymmetric keys to sign their software or code. This ensures that the code has not been altered or tampered
with during distribution.
4. Hashing
Hashing is a process in cryptography where a mathematical function, called a hash function, takes input
data (often of variable size) and produces a fixed-size string of characters, which is typically a hash value or
hash code. The output, known as the hash, is a unique representation of the input data.

Important properties:

Deterministic: The same input will always produce the same hash
value.

Fixed Output Size: Regardless of the input size, the hash function
produces a fixed-size output.

Collision Resistance: It should be computationally infeasible for two

different inputs to produce the same hash value.

Commonly used hash functions:

SHA-256 (Secure Hash Algorithm 256-bit)
MD5 (Message Digest Algorithm 5)
SHA-1 (Secure Hash Algorithm 1).
 4. Hashing - Applications
Password Storage:
Hash functions are widely used to store passwords securely. Instead of storing actual passwords, systems store their hash values.
During authentication, the entered password's hash is compared with the stored hash for verification.

Data Integrity Verification:

Hashing is used to ensure the integrity of data during transmission. Hash values (checksums) of files are generated before and after
transmission, and the recipient can verify the integrity by comparing the received hash with the original.

Digital Signatures:
Digital signatures often involve the use of hash functions. A hash of the data is created, and the hash value is then encrypted with
the sender's private key. The recipient can verify the signature using the sender's public key.

File Deduplication:
Hashing is employed to identify duplicate files efficiently. By comparing hash values of files, systems can quickly determine if a file
already exists and avoid storing redundant copies.

Fingerprint Verification:
Biometric systems often use hash functions to represent and compare fingerprints. The unique features of a fingerprint are
transformed into a hash, allowing for efficient and secure matching.

Checksums for Data Transmission:

In addition to file integrity, hash functions are used to generate checksums for data packets during transmission. This ensures that
the received data matches the sender's intended content.
 5. Digital Signatures
Digital signatures are a cryptographic technique used to ensure the authenticity, integrity, and non-
repudiation of digital messages or documents. They provide a way for the sender of a message to prove
that they are the true originator of the content and that the content has not been altered during
transmission.
Applications:

Email Security: Verifying the sender's identity and ensuring the integrity
of email content.

Document Signing: Authenticating the origin and content of digital

documents.

Transaction Security: Ensuring the integrity and authenticity of online

transactions.

Legal Agreements: Providing a secure and verifiable method for signing

digital contracts and agreements.
 6. Digital Certificate
A digital certificate is a cryptographic document that verifies the identity of the holder
and binds a public key to that individual or entity. It serves as a digital form of
identification, enabling secure communication and transactions over the internet.
Digital certificates are a key component of public key infrastructure (PKI) systems,
providing a way to establish trust in the authenticity of public keys.

The process of obtaining a digital certificate typically involves the following steps:

Request:
The certificate holder generates a key pair (public key and private key) and sends a certificate request to the
CA.

Verification:
The CA verifies the identity of the certificate requester through various means, such as physical documents,
legal agreements, or other authentication processes.

Issuance:
If the verification is successful, the CA issues a digital certificate, associating the public key with the verified
identity.

Distribution:
The digital certificate is distributed to the certificate holder, who can then use it to prove their identity in
digital communications.
Digital Signature Vs Digital Certificate
Features Digital Signature Digital Certificate
It is similar to a fingerprint or an attachment to a digital It is a file that verifies the identity of the holder and offers
Definition
document that verifies its validity and integrity. security.
Security It offers non-repudiation, authentication, and integrity. It offers security and authentication.

A certificate is issued by a trusted agency known which is

Asymmetric keys are used to encrypt the document at
Process known as a CA. It follows some specific procedures such as
the transmitting end and decode it at the receiving end.
key generation, verification, registration, and creation.
Its working is based on the Digital Signature Standard Its working is based on encryption securities and
Works on
(DSS). cryptographic keys.
These signatures are used to verify the validity of These certificates are installed on websites to verify the
usability
documents. owner's identity.
These ensure that the signer cannot repudiate their These ensure that the client and the browser communication
Ensure
signature from the paper on which they have signed. are encrypted and secure.
Use of
It utilizes the hashing function. It utilizes cryptographic keys.
Security
The primary function of digital signatures is to ensure
The primary function of digital certificates is to increase trust
Purpose that the document sent between the sender and the
between the client and the site owner.
receiver has not been altered.
7. Stream and Block Ciphers
7. Stream Cipher - Applications

Wireless Communication:
Stream ciphers are commonly used in wireless communication protocols, such as Wi-Fi (WEP, WPA, WPA2). They enable the secure
transmission of data between devices, ensuring privacy and preventing unauthorized access to the communication channel.

Bluetooth Communication:
Bluetooth technology employs stream ciphers for securing the communication between devices. This is crucial for maintaining the privacy
and integrity of data exchanged between devices like smartphones, headphones, and other Bluetooth-enabled devices.

Secure Messaging Apps:

Many secure messaging applications use stream ciphers to encrypt real-time communication. This ensures that text messages, voice calls,
and multimedia files exchanged between users are protected from eavesdropping and interception.

Satellite Communication:
Stream ciphers are employed in the secure communication of satellites. This ensures that data transmitted between ground stations and
satellites remains confidential and cannot be easily intercepted or tampered with.

Secure Remote Desktop Connections:

Stream ciphers are used in securing remote desktop connections, allowing users to access and control their computers securely from a
remote location. This is commonly used in enterprise environments for remote work and IT support.
7. Block Cipher - Applications

Database Encryption:
Block ciphers are utilized for encrypting sensitive data stored in databases. Database encryption helps protect sensitive information,
ensuring that even if unauthorized access occurs, the data remains confidential.

Mobile Device Encryption:

Many mobile devices use block ciphers to encrypt data stored on the device, including apps, settings, and user data. This adds an extra
layer of security, especially in the case of lost or stolen devices.

Electronic Payments and Transactions:

Block ciphers are used to secure electronic payments and financial transactions. Encryption ensures the confidentiality and integrity of
sensitive financial information during the transfer of funds.

Smart Cards and Contactless Payments:

Block ciphers are employed in the security mechanisms of smart cards and contactless payment systems. This ensures that transactions
and personal information stored on the cards remain secure.
 8. TLS Handshake
The TLS (Transport Layer Security) handshake is a protocol
that occurs at the beginning of a secure communication session
between a client and a server. It is a crucial part of establishing
a secure connection, ensuring the confidentiality and integrity
of the data exchanged during the communication.

The TLS handshake involves several steps:

1.ClientHello
2.ServerHello
3.Certificate
4.Key Exchange
5.Finished
The TLS handshake is designed to provide a secure and authenticated
method for setting up a communication channel. It ensures that both
parties agree on the encryption parameters and establishes a shared
secret without exposing sensitive information to potential attackers.
 9. Encoding and Decoding
Encoding refers to the process of converting data from one form to another, usually for the purpose of
maintaining data integrity, transmission efficiency, or compatibility between different systems.

It is essential to distinguish encoding from encryption, as encoding is not intended to provide security or
confidentiality; rather, it focuses on representing data in a different format.
9. Encoding and Decoding
Decoding in cryptography refers to the process of reversing the encoding or transformation of data back to
its original form. While encoding involves transforming data into a different representation, decoding is the
process of reverting that transformed data back to its original state.
Decoding

• Base64 Encoding:
•Description: Base64 is a widely used encoding scheme that represents binary data in an ASCII string format
using a set of 64 characters (A-Z, a-z, 0-9, '+' and '/').
•Example:
•Original Binary Data: 01001000 01000101 01001100 01001100 01001111
•Base64 Encoded String: SGVsbG8=

• URL Encoding (Percent Encoding):

•Description: URL encoding is used to encode special characters in a URL. It replaces reserved characters with '%'
followed by their ASCII hexadecimal representation.
•Example:
•Original String: Hello, World!
•URL Encoded String: Hello%2C%20World%21
10. Cryptography Use Cases
Applications in Cybersecurity:

• Secure Communication
• SSL/TLS protocols
• Data Encryption
• File encryption, disk encryption
• Digital Signatures
• Authenticating messages and documents
• Virtual Private Networks (VPNs)
• Secure data transmission over networks
• Steganography
 11. Steganography
Steganography is the practice of concealing information within other non-secret data in a way that does not
raise suspicion. Unlike cryptography, which focuses on making the content of a message unintelligible,
steganography aims to hide the existence of the message itself.

In cybersecurity, steganography is used to covertly embed data within various types of digital media, such as images, audio
files, video files, or even text.

Types of Steganography:
•Image Steganography: Embedding data within digital images.
•Audio Steganography: Concealing information within audio files.
•Video Steganography: Hiding data within video files.
•Text Steganography: Concealing information within text documents.

Applications:
•Covert Communication: Steganography can be used to hide communication between parties, without drawing attention.
•Digital Watermarking: Embedding information within digital media to verify authenticity or ownership.
•Concealing Malware: Cyber attackers may use steganography to hide malicious code within harmless files to evade detection.
11. Steganography
12. Practical – THM Lab

https://www.youtube.com/watch?v=N_nkG86OMzQ&ab_channel=TheAB – sslscan tool

https://medium.com/@careertechnologymiraroad/burpsuite-extension-ssl-scanner-a16aa8e5
d509
- Burp Extension SSL Scanner