We covered basics of Encryption and Cryptography by answering the questions in TryHackMe Encryption – Crypto 101 under complete beginner pathway.
The Complete Practical Web Application Penetration Testing Course
Cryptography is used to protect confidentiality, ensure integrity, ensure authenticity. You use cryptography every day most likely, and you’re almost certainly reading this now over an encrypted connection.
When logging into TryHackMe, your credentials were sent to the server. These were encrypted, otherwise someone would be able to capture them by snooping on your connection.
When you connect to SSH, your client and the server establish an encrypted tunnel so that no one can snoop on your session.
When you connect to your bank, there’s a certificate that uses cryptography to prove that it is actually your bank rather than a hacker.
When you download a file, how do you check if it downloaded right? You can use cryptography here to verify a checksum of the data.
You rarely have to interact directly with cryptography, but it silently protects almost everything you do digitally.
Whenever sensitive user data needs to be stored, it should be encrypted. Standards like PCI-DSS state that the data should be encrypted both at rest (in storage) AND while being transmitted. If you’re handling payment card details, you need to comply with these PCI regulations. Medical data has similar standards. With legislation like GDPR and California’s data protection, data breaches are extremely costly and dangerous to you as either a consumer or a business.
Ciphertext – The result of encrypting a plaintext, encrypted data
Cipher – A method of encrypting or decrypting data. Modern ciphers are cryptographic, but there are many non cryptographic ciphers like Caesar.
Plaintext – Data before encryption, often text but not always. Could be a photograph or other file
Encryption – Transforming data into ciphertext, using a cipher.
Encoding – NOT a form of encryption, just a form of data representation like base64. Immediately reversible.
Key – Some information that is needed to correctly decrypt the ciphertext and obtain the plaintext.
Passphrase – Separate to the key, a passphrase is similar to a password and used to protect a key.
Asymmetric encryption – Uses different keys to encrypt and decrypt.
Symmetric encryption – Uses the same key to encrypt and decrypt
Brute force – Attacking cryptography by trying every different password or every different key
Cryptanalysis – Attacking cryptography by finding a weakness in the underlying maths
Alice and Bob – Used to represent 2 people who generally want to communicate. They’re named Alice and Bob because this gives them the initials A and B. https://en.wikipedia.org/wiki/Alice_and_Bob for more information, as these extend through the alphabet to represent many different people involved in communication.
The two main categories of Encryption are symmetric and asymmetric.
Symmetric encryption uses the same key to encrypt and decrypt the data. Examples of Symmetric encryption are DES (Broken) and AES. These algorithms tend to be faster than asymmetric cryptography, and use smaller keys (128 or 256 bit keys are common for AES, DES keys are 56 bits long).
Asymmetric encryption uses a pair of keys, one to encrypt and the other in the pair to decrypt. Examples are RSA and Elliptic Curve Cryptography. Normally these keys are referred to as a public key and a private key. Data encrypted with the private key can be decrypted with the public key, and vice versa. Your private key needs to be kept private, hence the name. Asymmetric encryption tends to be slower and uses larger keys, for example RSA typically uses 2048 to 4096 bit keys.
RSA and Elliptic Curve cryptography are based around different mathematically difficult (intractable) problems, which give them their strength. More about RSA later.
What’s a Digital Signature?
Digital signatures are a way to prove the authenticity of files, to prove who created or modified them. Using asymmetric cryptography, you produce a signature with your private key and it can be verified using your public key. As only you should have access to your private key, this proves you signed the file. Digital signatures and physical signatures have the same value in the UK, legally.
The simplest form of digital signature would be encrypting the document with your private key, and then if someone wanted to verify this signature they would decrypt it with your public key and check if the files match.
Room Answers
I agree not to complain too much about how theory heavy this room is.
Are SSH keys protected with a passphrase or a password?
How do webservers prove their identity?
What is the main set of standards you need to comply with if you store or process payment card details?
What’s 25 % 7
What’s 118613842 % 9091
What was the result of the attempt to make DES more secure so that it could be used for longer?
Is it ok to share your public key? Yea/Nay
I understand enough about RSA to move on, and I know where to look to learn more if I want to.
I recommend giving this a go yourself. Deploy a VM, like Linux Fundamentals 2 and try to add an SSH key and log in with the private key.
Download the SSH Private Key attached to this room.
What algorithm does the key use?
Crack the password with John The Ripper and rockyou, what’s the passphrase for the key?
You have the private key, and a file encrypted with the public key. Decrypt the file. What’s the secret word?
Video Walkthrough