Encryption - Crypto 101
Types of Encryption
The two main categories of Encryption are symmetric and asymmetric. Symmetric encryption uses the same key to encrypt and decrypt the data, e.g. AES, DES. Use smaller keys (128 or 256-bit keys are common for AES, DES keys are 56 bits long).
Asymmetric encryption uses a pair of keys, one to encrypt and the other in the pair to decrypt. e.g. RSA, ECC. These keys are referred to as a public key and a private key. Data encrypted with the private key can be decrypted with the public key, and vice versa. Your private key needs to be kept private, hence the name. Asymmetric encryption tends to be slower and uses larger keys, for example RSA typically uses 2048 to 4096-bit keys.
RSA - Rivest Shamir and AdleMan
RSA is based on the mathematically difficult problem of working out the factors of a large number. It’s very quick to multiply two prime numbers together, say 17*23 = 391, but it’s quite difficult to work out what two prime numbers multiply together to make 14351 (113x127 for reference).
There are some excellent tools for defeating RSA challenges in CTFs, and my personal favourite is https://github.com/Ganapati/RsaCtfTool which has worked very well for me. I’ve also had some success with https://github.com/ius/rsatool.
The key variables that you need to know about for RSA in CTFs are p, q, m, n, e, d, and c.
“p” and “q” are large prime numbers, “n” is the product of p and q.
The public key is n and e, the private key is n and d.
’'m” is used to represent the message (in plaintext) and “c” represents the ciphertext (encrypted text).
Link RSA calculator to perform calculations | e.g p = 4391, q = 6659. What is n?
https://www.tausquared.net/pages/ctf/rsa.html
Digital Signature
Digital signatures are a way to prove the authenticity of files, to prove who created or modified them.
Certificates
Certificates are also a key use of public key cryptography, linked to digital signatures. A common place where they’re used is for HTTPS. How does your web browser know that the server you’re talking to is the real tryhackme.com? The answer is certificates.
Certificates have a chain of trust, starting with a root CA (certificate authority). Root CAs are automatically trusted by your device, OS, or browser from install. Certs below that are trusted because the Root CAs say they trust that organisation. Certificates below that are trusted because the organisation is trusted by the Root CA and so on. There are long chains of trust. Again, this blog post explains this much better than I can. https://robertheaton.com/2014/03/27/how-does-https-actually-work/
You can get your own HTTPS certificates for domains you own using Let’s Encrypt for free. If you run a website, it’s worth setting it up.
Encryption and SSH authentication
By default, SSH is authenticated using usernames and passwords in the same way that you would log in to the physical machine.
ssh-keygen is the program used to generate pairs of keys most of the time.
The ~/.ssh folder is the default place to store these keys for OpenSSH.
ssh -i keyNameGoesHere user@host is how you specify a key for the standard Linux OpenSSH client
Example:
Crack the password for /root/idrsa.id_rsa with John The Ripper and rockyou, what's the passphrase for the key?
s1: python /opt/john/ssh2john.py '/root/idrsa.id_rsa' > id_rsa.txt
s2: john --w='/usr/share/wordlists/rockyou.txt' '/root/id_rsa.txt'
result = delicious
Diffie Hellman Key Exchange
Key exchange allows 2 people/parties to establish a set of common cryptographic keys without an observer being able to get these keys. Generally, to establish common symmetric keys.
DH Key Exchange is often used alongside RSA public key cryptography, to prove the identity of the person you’re talking to with digital signing.
An excellent video if you want a visual explanation is available here. https://www.youtube.com/watch?v=NmM9HA2MQGI
PGP, GPG and AES
PGP stands for Pretty Good Privacy. It’s a software that implements encryption for encrypting files, performing digital signing and more.
GnuPG or GPG is an Open Source implementation of PGP from the GNU project. You may need to use GPG to decrypt files in CTFs. With PGP/GPG, private keys can be protected with passphrases similarly to SSH private keys.
AES, sometimes called Rijndael after its creators, stands for Advanced Encryption Standard. It was a replacement for DES, which had short keys and other cryptographic flaws.
AES and DES both operate on blocks of data (a block is a fixed size series of bits).
AES is complicated to explain, and doesn’t seem to come up as often. If you’d like to learn how it works, here’s an excellent video from Computerphile https://www.youtube.com/watch?v=O4xNJsjtN6E You have the private key, and a file encrypted with the public key. Decrypt the file. What's the secret word?
Solution
s1: run gpg --help
s2: unzip files | files > message.gpg and tryhackme.key
s3: run gpg -d (decrypt) message.gpg
result: You decrypted the file! The secret word is Pineapple.
Last updated