Encryption - Crypto 101

Types of Encryption

The two main categories of Encryption are symmetric and asymmetric. Symmetric encryption uses the same key to encrypt and decrypt the data, e.g. AES, DES. Use smaller keys (128 or 256-bit keys are common for AES, DES keys are 56 bits long).

Asymmetric encryption uses a pair of keys, one to encrypt and the other in the pair to decrypt. e.g. RSA, ECC. These keys are referred to as a public key and a private key. Data encrypted with the private key can be decrypted with the public key, and vice versa. Your private key needs to be kept private, hence the name. Asymmetric encryption tends to be slower and uses larger keys, for example RSA typically uses 2048 to 4096-bit keys.

RSA - Rivest Shamir and AdleMan

RSA is based on the mathematically difficult problem of working out the factors of a large number. It’s very quick to multiply two prime numbers together, say 17*23 = 391, but it’s quite difficult to work out what two prime numbers multiply together to make 14351 (113x127 for reference).

There are some excellent tools for defeating RSA challenges in CTFs, and my personal favourite is which has worked very well for me. I’ve also had some success with .

The key variables that you need to know about for RSA in CTFs are p, q, m, n, e, d, and c.

“p” and “q” are large prime numbers, “n” is the product of p and q.

The public key is n and e, the private key is n and d.

’'m” is used to represent the message (in plaintext) and “c” represents the ciphertext (encrypted text).

Link RSA calculator to perform calculations | e.g p = 4391, q = 6659. What is n?

Digital Signature

Digital signatures are a way to prove the authenticity of files, to prove who created or modified them.

Certificates

Certificates are also a key use of public key cryptography, linked to digital signatures. A common place where they’re used is for HTTPS. How does your web browser know that the server you’re talking to is the real tryhackme.com? The answer is certificates.

You can get your own HTTPS certificates for domains you own using Let’s Encrypt for free. If you run a website, it’s worth setting it up.

Encryption and SSH authentication

By default, SSH is authenticated using usernames and passwords in the same way that you would log in to the physical machine.

ssh-keygen is the program used to generate pairs of keys most of the time.

The ~/.ssh folder is the default place to store these keys for OpenSSH.

ssh -i keyNameGoesHere user@host is how you specify a key for the standard Linux OpenSSH client

Example:

Crack the password for /root/idrsa.id_rsa with John The Ripper and rockyou, what's the passphrase for the key?

s1: python /opt/john/ssh2john.py '/root/idrsa.id_rsa' > id_rsa.txt

s2: john --w='/usr/share/wordlists/rockyou.txt' '/root/id_rsa.txt'

result = delicious

Diffie Hellman Key Exchange

Key exchange allows 2 people/parties to establish a set of common cryptographic keys without an observer being able to get these keys. Generally, to establish common symmetric keys.

DH Key Exchange is often used alongside RSA public key cryptography, to prove the identity of the person you’re talking to with digital signing.

PGP, GPG and AES

PGP stands for Pretty Good Privacy. It’s a software that implements encryption for encrypting files, performing digital signing and more.

AES, sometimes called Rijndael after its creators, stands for Advanced Encryption Standard. It was a replacement for DES, which had short keys and other cryptographic flaws.

AES and DES both operate on blocks of data (a block is a fixed size series of bits).

Solution

s1: run gpg --help

s2: unzip files | files > message.gpg and tryhackme.key

s3: run gpg -d (decrypt) message.gpg

result: You decrypted the file! The secret word is Pineapple.

PreviousJohn the Ripper NextWindows Fundamentals 1

Last updated 5 months ago