Cryptography Tutorial Table of content Cryptography Tutorial Why to Learn Cryptography? Cryptography Applications Who Should Learn Cryptography? Prerequisites to Learn Cryptography FAQs about Cryptography PDF Version Quick Guide Job Search Discussion Cryptography Tutorial The most common method for securing data transmissions in web applications or computer science projects is modern Cryptography. It is like a secret code language that helps to keep information safe. This tutorial covers the basics of the Cryptography. It explains how programmers and network professionals can use cryptography to maintain the privacy of computer data. Starting with the origins of cryptography, it moves on to explain cryptosystems, various traditional and modern ciphers, public key encryption, data integration, message authentication, digital signatures and many more. After finishing this course, you will be able to apply the fundamental principles of Cryptography to practical situations. Why to Learn Cryptography? Imagine that you have got a secret message, and you only want certain people to crack the code. Cryptography comes to the rescue in the digital realm. It is like keeping your message into an unseen envelope that only the designated receiver can open. Learning cryptography makes it fun and hands-on. You can create your own secret codes and understand how to decode others. And, it is a cool skill to have in today”s digital age. Cryptography Applications Cryptography has many practical applications which can be a valuable skill − We can use cryptography for securing communication by encrypting the messages and emails. Secondly we can use it for protecting our data in the applications by securing user data, like passwords and personal information. Also you can secure file storage by securing confidential files and documents. Next we can also use cryptography to secure our E-commerce platforms by securing online transactions and payment information. We can also build blockchain technology by ensuring the security and integrity of transactions in blockchain-based systems. Cryptography can also be used for password protection for storing and managing passwords securely. And the most important thing is digital signatures for verifying the authenticity of digital messages or documents. Who Should Learn Cryptography? Learning about cryptography is useful because you can use it in real life to keep information safe. There are lots of tools and help available for cryptography. If you learn it, you might find good jobs in cybersecurity because many companies need people who know how to keep data safe. This tutorial is meant for students of computer science who aspire to learn the basics of cryptography. It will be helpful for networking professionals as well who would like to incorporate various cryptographic algorithms to ensure secure data communication over their networks. Prerequisites to Learn Cryptography This tutorial has been prepared with the view to make it useful for almost anyone who is curious about cryptography. A basic knowledge of computer science and a secondary level of mathematics knowledge is sufficient to make the most of this tutorial. Throughout this tutorial, you will learn the basics of cryptographic algorithms and its implementation in different languages. This tutorial is designed with an assumption that the user has an understanding of the basics of cryptography algorithms and basic programming knowledge. Cryptography also involves solving problems logically. Develop your logical thinking skills to understand and create secure codes. FAQs about Cryptography Now we will see some frequently asked questions (FAQ) about Cryptography in the below section − What is Cryptography? Cryptography is the technique of concealing or encoding(changing its original form) the information in such a way that only the authenticated person can decode(get the original form) it. This technique of cryptography plays an important role in keeping our data safe. The data or information can be bank cards, computer passwords or online transactions and other private data. Cryptography is very important in this modern world because it helps to protect your digital stuff from hackers by turning information into secret language or code. Which are the commonly used symmetric key algorithms? Mathematicians and cryptographers create symmetric key encryption methods, like AES, with the goal that the ciphertext should be impossible to decrypt without the encryption key. This is true for current secure symmetric encryption algorithms (such as AES and ChaCha20), but it might not be true for other methods (such as DES and RC4), which are regarded as insecure symmetric encryption. RC5, RC6, Camellia, ARIA, IDEA, Serpent, AES, ChaCha20, CAST, Twofish, and CAST are a few popular symmetric encryption algorithms. All of these methods are considered as secure when properly configured and applied. How does asymmetric key cryptography work? Asymmetric-key cryptography is also called Public key cryptography. It is the cryptographic algorithm which uses pairs or related keys; the keys are known as public and private keys. Public key is used to encrypt the data and private key is used to decrypt the data. And both the key pairs are generated using cryptographic algorithms. And the security of public key cryptography depends on keeping the private key secret and the public key can be shared and distributed publicly. How long does it take to learn Cryptography? Although becoming a cryptographer usually requires a lengthy process, the field can pay more than average. An analytical problem-solver with good mathematical and computing abilities could find incredible fulfilment in cryptography. Cryptographers have to keep up with the ever-evolving world of cyberthreats, thus they must regularly refresh their knowledge. The responsibilities of their profession can also vary daily, adding to its dynamic nature. The job can be difficult at times due to the significance of protecting sensitive digital data, as errors can result in breaches of privacy. To help you make a smart decision regarding this career, consider the benefits and drawbacks of being a cryptographer. What are the four purposes of Cryptography? There are form main purpose of cryptography and they are given below − Confidentiality Integrity Authentication Non-repudiation What are the Applications of Cryptography? Here are some applications where we can use cryptography − Authentication Internet of Things Card Payments PC and different passwords
Category: cryptography
Cryptography – Playfair Cipher ”; Previous Next The Playfair cipher, also known as the Playfair square or the Wheatstone-Playfair cipher, is a manual symmetric encryption scheme that was the first that used literal digram substitution. Charles Wheatstone created the technique in 1854, but it is named after Lord Playfair to promote the use of it. The approach encrypts pairs of letters rather than single letters, as is the case with the simple substitution cipher and the more complex Vigen ere cIpher systems that were previously used. The Playfair cipher is thus substantially more difficult to break because the frequency analysis used for basic substitution ciphers does not apply to it. Frequency analysis of bigrams is possible, but extremely complex. With 600 possible bigrams rather than 26 possible monograms (single symbols, often letters in this context), a far bigger cipher text is necessary to be functional. History The Playfair Cipher is the first and best-known digraph substitution cipher that uses symmetry encryption. Charles Wheatstone created the cipher in 1854, and Lord Playfair, who advocated its use, gave it its name. Unlike a conventional substitution cipher, which only encrypts single letters, the Playfair Cipher approach encodes digraphs or sections of letters. The Playfair Cipher is fast and requires no additional tools to operate. British and Australian forces used it tactically during World War I, the Second Boer War, and World War II. The primary purpose of the encryption was to protect non-critical yet important data during actual battle. By the time the opposition”s cryptanalysts decrypted it, the information was useless. Understanding the Playfair Cipher The Playfair Cipher comprises a 5 by 5 matrix of letters (the key table), with no duplicates. The letters I and J are considered the same letter. We create the key table by arranging the unique letters of a keyword in sequence, followed by the remaining letters of the alphabet. Consider the word SECURITY as an example. First, we record the letters of that phrase in the first squares of a 5 x 5 matrix − The remaining squares of the matrix are then filled with the remaining alphabet letters, in alphabetical sequence. However, since there are 26 letters and only 25 squares available, we allocate both I and J to the same square. When choosing a term, make sure that no letter is duplicated, and especially that the letters I and J do not appear together. Keywords like INJURE, JUICE, and JIGSAW, for example, would be disqualified since they feature both I and J at the same time, which violates this criteria. Encryption Process The encryption process of the Playfair cipher consists of a number of steps that convert a message into its encrypted the same. Create the Key Square To begin, we will create a key square with a specified keyword. In this example, we will utilise the term SECURITY − Prepare the Message Before we can encrypt the message, we must first process it. We treat J as I, so eliminating J from the process of encryption. We also delete any non-alphabetic letters, like spaces and punctuation marks. For example, processing the string HELLOWORLD gives HELOWORLD. Pair the Letters We proceed by breaking the created message into pairs of letters (digraphs). If two successive letters in a digraph are identical, an X is inserted between them. Also, if the plaintext is of odd length, we append X at the end to create a full digraph. For example, while dealing with the word “HELLO WORLD,” we will divide it into pairs of letters − HE LL OW OR LD The digraph LL has identical consecutive letters, so we insert X between them − HE LX LO WO RL D The message has an unusual length after insertion, therefore we append X at the end of it to make it even − HE LX LO WO RL DX Encryption Rules There are mainly three criterias for encrypting letters within the same pair. If the two letters in the pair are in the same row of the key square, we replace them with the letter to their right. If both letters in the pair are found in the same column of the key square, we will replace each letter with the letter below it. If the letters are in different rows and columns, we form a rectangle with them and change each letter with the letter in the opposite corner. Using the matrix with the keyword SECURITY, let us find the row and column of every pair and implement the encryption rules to HELLOWORLD whose pairs are − HE LX LO WO RL DX After applying the encryption rules to all of the letter pairings, we will obtain FUOQMPXNSPHQ. Decryption Process When decrypting a message encrypted with the Playfair Cipher, the method requires reversing the actions used during encryption. Key Square Building The decryption method, like the encryption process, begins by creating the key square with the keyword SECURITY. The key square is a key reference grid that helps decrypt the encoded message. This key square provides the foundation for understanding the encrypted text during decryption. Ecryption Rules Decryption rules are just the reverse encryption rules. When both letters in a pair are in the same row of the key square, we replace them with the letter from the left. Similarly, suppose both letters in the pair are located in the same column of the key square. In that scenario, we replace each letter with the letter immediately above it. When the letters are in separate rows and columns, we use the letter pairs to create a rectangle and replace each letter with the letter in the opposite corner. Process Let us decrypt the message FUOQMPXNSPHQ with the help of the above decryption rules. So, we will process them one by one. F and U are in distinct rows and columns, resulting in a rectangle with corners E, U, F, and H. Exchanging F with its opposite
Cryptography – Modern Age
Cryptography – Modern Age ”; Previous Next Cryptography and encryption are very useful for data security. In today”s world, it is very important in protecting cyber data. The Internet allows computers to communicate with each other anywhere. But with that, a lot of intruders come in and try to make us care about what we do. People or companies whose job it is to keep data secure. Encryption is the primary way we do that. In this chapter we will discuss the various ways in which we use cryptography today for security purposes. Modern cryptography uses complex mathematical techniques to encode information so that only the intended recipient can understand it. There are two main types of cryptography: symmetric and asymmetric cryptography. As the technology is evolving around, so does cryptography and researchers are constantly developing new ways to get ahead of potential threats. Classic Cryptography vs. Modern Cryptography Classic and modern cryptography are both methods used to keep information secure but they are different in many ways let us discuss these one by one − Technology Classic cryptography is based on manual methods and mechanical devices like pen and paper, mechanical cipher machines (like Enigma), or simple electronic circuits. While Modern cryptography uses advanced computing technologies like digital computers, specialized cryptographic hardware, and software algorithms. Security Strength Classic cryptography mostly relies on simple substitution or transposition techniques. This can be very easy for modern computers to crack mainly with the help of brute force attacks. Modern cryptography uses more complex algorithms. This makes it more secure against attacks. It uses mathematical principles like prime number theory, discrete logarithms, and elliptic curves to create best encryption schemes. Time Period Classic cryptography used before the 20th century. And techniques like Caesar ciphers and the Enigma machine used in that time. Modern cryptography is developed in the 20th and 21st centuries which uses advanced mathematical algorithms and computer technology. Key Management In the Classic cryptography the key management was very challenging because keys need to be shared securely between two parties without interception. This feature can make classic cryptographic systems vulnerable to attacks. Modern cryptography uses asymmetric encryption in which each user has a pair of keys. A public key for encryption and A private key for decryption. This feature removes the need for key distribution and gives stronger security. Applications Classic cryptography was mainly used for military and diplomatic applications, as well as to get important information in ancient times and history. Modern cryptography is everywhere in today”s digital world, being used for online transactions, financial transactions, data storage, and authentication methods such as protecting digital signatures and biometrics. Overall, while classical cryptography laid the foundation for modern cryptographic principles, modern cryptography offers much stronger security and broader applications through advances in mathematics, computer technology, and cryptographic analysis. Context of Cryptography Cryptology, the study of cryptosystems, can be subdivided into two branches − Cryptography Cryptanalysis What is Cryptography? Cryptography is the science of making a cryptosystem with the ability to provide data security. Cryptography deals with the actual security of digital data. It describes the design of devices based on accounting systems that provide basic information security services. You can think of cryptography as a giant tool set with methods for security operations. What is Cryptanalysis? Cryptanalysis is the art and science of breaking cipher text. It is also the branch of cryptography. The cryptographic system generates cipher text that is transmitted or stored. It involves studying the cryptographic devices with a view to breaking them. Cryptanalysis is also used to test the security properties of new cryptographic techniques as they are developed. Note − Cryptography deals with the design of cryptosystems and the cryptanalysis studies the breaking of cryptosystems. Cryptography Primitives Cryptography primitives are nothing more than tools and techniques in cryptography that can be selectively used to provide desired security services − Encryption Hash functions Message Authentication codes (MAC) Digital Signatures The below table shows the primitives that can be achieved a particular security service on their own. Primitives Services Encryption Hash Function MAC Digital Signature Confidentiality Yes No No No Integrity No Sometimes Yes Yes Authentication No No Yes Yes Non Repudiation No No Sometimes Yes Note − To obtain a set of necessary security services from a cryptosystem, cryptographic primitives are commonly connected and have complex relationships with one another. Print Page Previous Next Advertisements ”;
Cryptography – XOR Encryption ”; Previous Next XOR functions are extensively used in cryptography, digital logic circuits, network protection, and programming languages like Python, Java, and C++. The XOR operation is also known as Exclusive OR. The logical function XOR (exclusive OR) compares two binary digits and returns 1 if they differ. The XOR function returns 0 if the two bits are exactly equal. In other words, XOR gives 1 if one of the binary digits is 1, but not both. So as we have discussed above, XOR can be used for encryption in cryptography. So with the help of XOR encryption we can encrypt data that is impossible to crack using brute-force. For example, creating random encryption keys to match the right key. Implementation Using Python We can implement the XOR Encryption using below methods in Python − Using a For Loop and a Fixed Key Using Random Key Generation Using the base64 module In the next sections, we will try to explain each of these ways in brief so that you can gain a better understanding of XOR Encryption using Python. Approach 1: Using a for loop and a fixed key XOR encryption is a simple symmetric encryption algorithm wherein each individual inside the input message is combined with a key with the help of the XOR operation. So we are able to encrypt our input message character by person the use of XOR operation and right here we are able to use a hard and fast key for every man or woman.In our case the key is ”T”. And then the outcome of the XOR operation is converted back to a character. The process of XOR-ing every character with the key hides the original message, which makes it difficult to read without the encryption key. Here is an example of performing XOR encryption on a plaintext − Example #Our XOR encryption function def xorEncrypt(inpString): my_xor_key = ”T” length = len(inpString) encrypted_msg = “” for i in range(length): encrypted_msg += chr(ord(inpString[i]) ^ ord(my_xor_key)) return encrypted_msg demoMsg = “This is Tutorialspoint” # Encrypt the string print(“Original Message: “, demoMsg) encrypted_message = xorEncrypt(demoMsg) print(“Our Encrypted Message: “, encrypted_message) Following is the output of the above example − Input/Output Original Message: This is Tutorialspoint Our Encrypted Message: <=”t=”t! ;&=58”$;=: Approach 2: Using Random Key Generation In this approach we are going to use random key generation using the random module of Python to create a key of the same length as the message for XOR encryption. It uses the random.choice() method to randomly select ASCII characters from the string module. In the xorEncrypt function, the generated key and the message are passed as arguments. The zip function is used to iterate over corresponding characters of the message and the key simultaneously. This process adds randomness and security to the encryption process. Below is the Python implementation for the XOR Encryption using random key generation − Example import random import string #Generate random key def generate_key(length): return ””.join(random.choice(string.printable) for _ in range(length)) # XOR Encryption function def xorEncrypt(message, key): encrypted = ””.join(chr(ord(char) ^ ord(key_char)) for char, key_char in zip(message, key)) return encrypted #Function execution and input message message = “Hello, Everyone!” key = generate_key(len(message)) encrypted_msg = xorEncrypt(message, key) print(“Encrypted Message:”, encrypted_msg) decrypted_msg = xorEncrypt(encrypted_msg, key) print(“Decrypted Message:”, decrypted_msg) Following is the output of the above example − Input/Output Encrypted Message: e-2( vH#R29 Decrypted Message: Hello, Everyone! Approach 3: Using the base64 module The base64 module in Python offers functions to encode and decode information the use of Base64 encoding. So we will carry out XOR encryption on the input message with the help of a consumer-described key. After encrypting the message, we will encode it using base64 to create an encrypted message. Here is an implementation that shows XOR encryption with a user-defined key and then encodes the encrypted message using base64 − Example import base64 def xorEncrypt(message, key): encrypted = ””.join(chr(ord(char) ^ ord(key[i % len(key)])) for i, char in enumerate(message)) return encrypted def main(): try: message = “Hello my name is Azaad” key = “T” print(“Our Original Message is:”, message) # Encrypt the message using XOR encryption encrypted_message = xorEncrypt(message, key) # Encode the encrypted message using base64 encoded_message = base64.b64encode(encrypted_message.encode()).decode() print(“Encrypted and encoded message:”, encoded_message) except Exception as e: print(“An error occurred:”, str(e)) if __name__ == “__main__”: main() Following is the output of the above example − Input/Output Our Original Message is: Hello my name is Azaad Encrypted and encoded message: HDE4ODt0OS10OjU5MXQ9J3QVLjU1MA== Implementation using Java In this implementation we will use Java”s Base64 class to implement the Base64 encoding and decoding functionality. This class contains only static methods for getting encoders and decoders for the Base64 encoding method. The implementation of this class supports the Base64 types specified in RFC 4648 and RFC 2045. Example So below is the implementation of Base64 encoding and decoding using Java”s Base64 class: import java.util.Base64; public class Base64Class { public static void main(String[] args) { // Encoding process String plaintext = “Hello, Tutorialspoint!”; String encoded_message = Base64.getEncoder().encodeToString(plaintext.getBytes()); System.out.println(“The Encoded string: ” + encoded_message); // Decoding process byte[] decodedBytes = Base64.getDecoder().decode(encoded_message); String decodedString = new String(decodedBytes); System.out.println(“The Decoded string: ” + decodedString); } } Following is the output of the above example − Input/Output The Encoded string: SGVsbG8sIFR1dG9yaWFsc3BvaW50IQ== The Decoded string: Hello, Tutorialspoint! Implementation using C++ The C++ code implements a function to encode a string to Base64. Here we will basically use vector and iomanip library to implement Base64. Vector library contains definitions and implementations of useful data structures and functions and iomanip is a library which is basically used to manipulate the output of C++ program. This code basically converts every character to its corresponding Base64 cost and appends it to the output string. Similarly, the deciphering feature converts each Base64 character back to its unique value and appends it to the output string. This way, the authentic string is reconstructed. Example Following is the implementation using C++ #include <iostream> #include
Cryptosystems – Brute Force Attack ”; Previous Next What is the Brute Force Attack? Brute force attacks are hacking strategies that use trial and mistakes to crack passwords, login credentials and encryption keys. It is a easy but dependable way to benefit unauthorized get entry to non-public accounts and organizations systems and networks. The hacker tries multiple usernames and passwords, often using a computer to try multiple connections, until he finds the correct login information. The name “brute force” comes from attackers who use extreme force to try to gain access to users” accounts. Despite older methods of cyber-attack, phishing attacks are tried and tested, and remain a favorite method for hackers. How does a brute force attack work? The process of brute force attacks includes an automated or manual trial and error technique, wherein the attacker uses a combinations of letters, numbers and logos to guess accurate authentication information. Target selection − The attacker selects the target system or account he wants to gain access to. This could be a website, email account, network server, or other system that requires authentication. Password generation − The attacker generates passwords in an attempt to counter the target. This can be done manually by setting up the passwords that can be entered, or automatically using software tools that can generate passwords and test them at high speed. Password testing − The attacker begins testing each created password against the target system. This can be accomplished via the system”s login page or authentication method. If the password is wrong, the attacker proceeds to the next phase. If everything is right, you will be granted access to the system or account. Iterations − The process continues until the attacker determines the proper password or has exhausted all available possibilities. Depending on the complexity of the password and the speed of the attacker”s equipment, this system can take seconds to days or even longer. Access − If an attacker well guesses the password, they may gain unauthorized get admission to to the targeted gadget or account.They can then execute hostile behaviors to steal resources or undermine system security by stealing important information. Brute force attacks are often used as a last resort when other methods of gaining access, such as exploiting vulnerabilities or social engineering, fail and are often automated to accelerate the process there to win is the big one. But because of the number of possible combinations, force attacks can be time-consuming and resource-intensive, especially for systems with strict security measures in place. Types of Brute Force Attacks Brute force attacks can take different forms depending on the target and the specific security mechanisms in place. Here are some common brute force attacks. Password Brute Force − This is the weakest form of brute force attack. the attacker systematically tries every possible combination of characters until a valid password is found. This can be done manually, but it”s limited to software tools that can run fast and test thousands or millions of passwords per second. Password brute force attacks are often used against login pages on websites, email accounts, or other systems that require authentication. Credential stuffing − In this type of attack, the attacker uses a listing of username and password pairs acquired from previous information breaches or leaks. They then attempt those combinations in opposition to various on-line services or web sites, hoping that some customers have reused their credentials across more than one money owed. Since many human beings use the identical password for one of a kind money owed, credential stuffing can be quite successful in gaining unauthorized access to numerous bills. Dictionary attacks − Instead of testing every combination of characters, dictionary attacks rely on a random list of common words, phrases, or phrases . Using a dictionary enables an attacker to significantly reduce the number of attempts needed to guess a password, since only the entries in a list have to be looked up. Dictionary attacks tend to be more efficient than they are used aggressively, especially when users choose a word that is easy or easy to guess. Reverse brute force attack − In a reverse brute force attack, the attacker already has a specific password in mind and tries to find out a username or account associated with it This is in contrast to traditional brute force attacks, where in which the attacker tries passwords starting with the username. Reverse brute-force attacks are rare but can be used in situations where the attacker has obtained the password through other means, such as social engineering or a data breach, and wants to know what accounts he has on it. Hybrid brute force attack − A combination of a dictionary attack and a simple brute force attack. an attacker uses two methods to identify a login account, starting with a known username. Using a list of possible words to test combinations of letters, letters, and numbers. Each brute force attack has its own advantages and limitations, attackers can choose the most appropriate strategy based on their target system and security policy but all brute force attacks have the same goal of gaining unauthorized access through a system that they will speculate or try combinations until they succeed. Notable Brute Force Attacks There have been many notable threat attacks over the years, targeting systems and organizations. Here are a few examples − LinkedIn − Hackers breached the famous commercial enterprise networking online website LinkedIn and stole 6 million person passwords in 2012. Attackers used a combination of brute force and dictionary attacks to crack passwords. As a result, LinkedIn needed to reset affected user passwords and implement robust secrutiy features to prevent brute force attacks. Sony PlayStation Network (PSN) − A security breach on the Sony PlayStation Network peaked in 2011 affecting more than 77 million users with personal information, including usernames and a use including passwords. The breach resulted in massive outages for PSN and significant damage to Sony”s reputation. WordPress − Over
Cryptosystem – Rainbow table Attack ”; Previous Next What is the Rainbow table Attack? Rainbow table attack is a technique used to decipher passwords that uses a table known as a “rainbow table”. Passwords are not kept in simple text, they are encrypted into hashes instead. When a user attempts to log in by keying in a password, it”s transformed into hashes. they are then linked to the server”s table of stored hashes to verify a match. A match signifies that the user”s identity has been confirmed, granting them access to the software. the rainbow table itself displays a pre-calculated table of password hash values in whatever plain characters are used in the authentication process. Hackers can easily crack every password using the rainbow table if they have access to the password hash list. A tool called “salting” has drastically decreased the rainbow table attacks. Salt is a modern way of preventing rainbow table attacks. this needs adding a new random value to each hash password to create a unique hash value. Most modern password authentication systems contain salts, to greatly reduce the number of successful rainbow table attacks. Most programmers use salting, but there are still some who do not and this makes them more vulnerable to rainbow tables. Here is a simple diagram of how the rainbow table attack works − Explanation the user enters a password. the password is converted to a hash (a special code). the hash is compared with the hashes stored on the server. If a match is found, access is granted. Otherwise, the user can try again. Rainbow table attacks occur when hackers gain access to stored hashes and use a pre-computed table to quickly find the original passwords associated with those hashes. How actually Rainbow table attack work? to attack the rainbow table, hackers must first gain access to the leaking hash. Sometimes the password database itself is not well secured, or perhaps they have access to Active Directory. Users who need to gain access to the password database gain access through phishing techniques. In all these ways, there are already millions and millions of leaked password hashes on the Dark Web available to hackers. Once the password hash is obtained, the rainbow table is used to help decrypt the password hash. As long as there is no “salt” in the password hash, (defined above), encrypted passwords can be translated into plain text. the whole rainbow table attack process has four steps − Creation − The rainbow table generates a hash list by first taking a list of potential passwords and applying a hash function to each one. A rainbow table is used to store the hashes that are produced along with the plaintext passwords that correspond with them. Finding − A hacker can use the rainbow table to find passwords in plaintext that match a collection of hashes they have. In order to find a match to the target hash, the hashes in the rainbow table are verified backwards, beginning with the final hash in each chain. Cracking − When the matching hash value is found, it indicates that the target hash”s original password is the matching plaintext password. Now a hacker can use the authentication process to gain access to someone else”s account. Reduction − the hashes in the rainbow table are reprocessed by a reduction function to generate a new hash set. the reduction function maps each hash to a new value, and the new value is used as the starting point for the next step. this step is repeated several times to create a hash chain. Rainbow table Attack Examples Below we list two real world examples of how rainbow table attacks can happen − the attacker discovers a web application with outdated password hashing techniques and very poor security. By obtaining the password hashes, the attacker can utilise the rainbow table to decrypt each user”s password for the application. the hacker is able to gain access to the password hash by searching for vulnerabilities in the company”s Active Directory. A rainbow table attack is used to decrypt the hashes into plain text passwords after you get a list of them. Protect Against a Rainbow table Attack! Defending yourself against rainbow table attacks is fairly straightforward if you follow these guidelines − Eliminate passwords − the only way to ensure that password-based attacks are prevented is to resolve passwords. there is no way to do a rainbow gate attack without having a password hash list to steal. Learn more about passwordless authentication today and keep your important applications running smoothly. Using salt − Hash passwords should never be stored without salting. this makes it more difficult to decrypt the password. However, it is recommended removing the alphanumeric term altogether. Use biometrics − It is very difficult, if not impossible, for an attacker to conduct a rainbow table attack successfully when using a biometric authentication mechanism against a biometric password. Monitor your servers − Most modern server security software monitors attempts to access sensitive information and can work to minimize and catch attackers before they discover the password database. Avoid using outdated hashing algorithms − Hackers target applications and servers that use outdated password hashing algorithms MD5 and SHA1. If your application uses an outdated algorithm, the chances of rainbow table attacks may increases dramatically. Rainbow table Attack vs. Dictionary Attack Both rainbow table attacks and dictionary attacks are password cracking techniques used by hackers to obtain passwords. An attacker uses a pre-computed hash table in a rainbow table attack to determine the hash password”s plaintext version.. Unlike a dictionary attack, where an attacker tries each word in a dictionary until a match is found, a rainbow table attack allows an attacker to quickly find a plaintext word that contains a preceding table that has been calculated. But they take a lot of time to create and use a lot of space. In a dictionary attack, the hacker uses a pre-compiled list of common passwords
Cryptography Hash functions
Cryptography – Hash functions ”; Previous Next A hash function in cryptography is like a mathematical function that takes various inputs, like messages or data, and transforms them into fixed-length strings of characters. Means the input to the hash function is of any length but output is always of fixed length. This is like compressing a large balloon into a compact ball. The importance of this process lies in its generation of a unique “fingerprint” for each input. Any minor alteration in the input results in a substantially different fingerprint, a quality known as “collision resistance.” Hash functions play a crucial role in various security applications, including password storage (hash values instead of passwords), digital signatures, and data integrity checks. Hash values, or message digests, are values that a hash function returns. The hash function is shown in the image below − Key Points of Hash Functions Hash functions are mathematical operations that “map” or change a given collection of data into a fixed-length bit string that is referred to as the “hash value.” Hash functions have a variety of complexity and difficulty levels and are used in cryptography. Cryptocurrency, password security, and communication security all use hash functions. Operation of Cryptographic Hash Functions In computing systems, hash functions are frequently used data structures for tasks like information authentication and message integrity checks. They are not easily decipherable, but because they can be solved in polynomial time, they are regarded as cryptographically “weak”. Typical hash functions have been improved with security characteristics by cryptographic hash functions, which make it more challenging to decipher message contents or recipient and sender information. Specifically, cryptographic hash functions display the following three characteristics − The hash function are called as “collision-free.” As a result, no two input hashes should be equal to the same output hash. They are hidden. A hash function”s output should make it difficult to figure out the input value from it. They should to be friendly to puzzles. The selection of an input that generates a predetermined result needs to be difficult. As such, the input needs to be taken from as wide as possible. Properties of hash functions To be a reliable cryptographic tool, the hash function should have the following properties − Pre-Image Resistance According to this feature, reversing a hash function should be computationally difficult. In other words, if a hash function h generates a hash value z, it should be difficult to identify an input value x that hashes to z. This feature defends against an attacker attempting to locate the input with just the hash value. Second Pre-Image Resistance This property says that given an input and its hash, it should be difficult to find another input with the same hash. In other words, it should be challenging to find another input value y such that h(y) equals h(x) if a hash function h for an input x returns the hash value h(x). This feature of the hash function protects against an attacker who wants to replace a new value for the original input value and hash, but only holds the input value and its hash. Collision Resistance This feature says that it should be difficult to identify two different inputs of any length that produce the same hash. This characteristic is also known as a collision-free hash function. In other words, for a hash function h, it is difficult to identify two distinct inputs x and y such that h(x)=h(y). A hash function cannot be free of collisions because it is a compression function with a set hash length. The collision-free condition simply indicates that these collisions should be difficult to locate. This characteristic makes it very hard for an attacker to identify two input values that have the same hash. Furthermore, a hash function is second pre-image resistant if it is collision-resistant. Efficiency of Operation Computation of h(x) for any hash function h given input x can be an easy process. Hash functions are computationally considerably faster than symmetric encryption. Fixed Output Size Hashing generates an output of a specific length, regardless of the input size, and helps to make an output of the same size from different input sizes. Deterministic For a given input, the hash function consistently produces the same output, like a recipe that always yields the same dish when followed precisely. Fast Computation Hashing operations occur rapidly, even for large amounts of data sets. Design of Hashing Algorithms Hashing essentially involves a mathematical function that takes two data blocks of fixed size and converts them into a hash code. The function is a key part of the hashing algorithm. The length of these data blocks differ according to the algorithm used. Usually, they range from 128 bits to 512 bits. Below is an example of a hash function − Hashing algorithms use a sequence of rounds, similar to a block cipher, to process a message. In each round, a fixed-size input is used, which usually combines the current message block and the result from the previous round. This process continues for multiple rounds until the entire message is hashed. A visual representation of this process is provided in the illustration below. Due to the interconnected nature of hashing, where the output of one operation affects the input of the next, even a minor change (a single bit difference) in the original message can drastically alter the final hash value. This phenomenon is known as the avalanche effect. Additionally, it”s crucial to distinguish between a hash function and a hashing algorithm. The hash function itself takes two fixed-length binary blocks of data and generates a hash code. A hashing algorithm, on the other hand, establishes how the message is divided into blocks and how the outcomes of multiple hash operations are combined. Popular Hash Functions Hash functions play an important role in computing, providing versatile capabilities like: Quick retrieval of data, Secure protection of information (cryptography), Ensuring data remains unaltered (integrity verification). Some commonly used hash
Cryptography – Caesar Cipher
Cryptography – Caesar Cipher ”; Previous Next So the next cryptographic algorithm is Caesar Cipher. In this chapter we will see what exactly Caesar Cipher is, how it works and also its implementations with different techniques. So let us deep dive into it. What is a Caesar Cipher ? The Caesar Cipher algorithm is the simple and easy approach of encryption technique. It is a simple type of substitution cipher in which the alphabets are moved by using a selected number of areas to create the encoded message. An A can be encoded as a C, M as an O, a Z as an B, and so on with the usage of a Caesar cipher with a shift of 2. This technique is named after Roman leader Julius Caesar. It is used in his private correspondence. It is one of the simplest and oldest methods to encrypt messages. Algorithm Here”s the algorithm for the Caesar Cipher for encryption and decryption both − Encryption Algorithm For encryption algorithm the steps are as follows − Choose a number to be your “shift” value. This number decides how much each letter will move in the alphabet. Start with your message. Look at each letter in your message. Move each letter forward in the alphabet by the chosen shift value. For example, if the shift value is 3, then “A” will become “D”, “M” will become “P”, and so on. Save the new letter instead of the old one. Continue this for every letter in the message. Decryption Algorithm For the decryption algorithm see the steps below − Start with the encrypted message. Know the shift value used for encryption. Look at each letter in the encrypted message. Move each letter back in the alphabet by the shift value to decrypt it. For example, if the shift value is 3, then “D” will become “A”, “P” will become “M”, and so on. Save the decrypted letter instead of the encrypted one. Continue this for all the letters in the encrypted message. Implementation Using Python So, using various Python modules and methods, we can implement this algorithm in multiple ways. In the sections below, let us explore each of these methods individually − Using the String Module Using the List Comprehension Using the String Module In this approach we are going to use the string module of Python. This module is used to work with strings. This module has some constants, utility functions, and classes for string manipulation. As it is a built-in module so we will have to import it before using any of its constants and classes. So the string module is used to access the lowercase alphabet and perform string manipulation operations necessary for creating the Caesar Cipher algorithm. Encryption Example Below is the implementation of Caesar Cipher using string module of Python − import string def caesar_cipher(text, shift): letters = string.ascii_lowercase shifted_letters = letters[shift:] + letters[:shift] table = str.maketrans(letters, shifted_letters) return text.translate(table) # function execution message = “hello” shift_value = 3 encrypted_msg = caesar_cipher(message, shift_value) print(“Encrypted message:”, encrypted_msg) Following is the output of the above example − Input/Output I/P -> Plain text : hello O/P -> Encrypted message: khoor Decryption Example To decrypt the above text message we can use the below code in Python − def caesar_decipher(text, shift): # Decryption is just like encryption but with a negative shift return caesar_cipher(text, -shift) # Decryption encrypted_msg = khoor decrypted_msg = caesar_decipher(encrypted_msg, shift_value) print(“Decrypted message:”, decrypted_msg) Following is the output of the above example − Input/Output I/P -> Cipher Text: khoor O/P -> Decrypted message: hello Using the List Comprehension Now we are going to use list comprehension to create a new string via iterating over each person within the input text. Inside the listing, there is a conditional expression that checks if each letter is uppercase, lowercase, or non-alphabetical. We will basically encrypt every alphabetical letter within the input text and leave away the non-alphabetical characters as it is. Encryption Example Here is the implementation of the Caesar Cipher algorithm using list comprehension in Python − def caesar_cipher(text, shift): encrypted_text = ”” for char in text: if ”A” <= char <= ”Z”: encrypted_text += chr((ord(char) – 65 + shift) % 26 + 65) elif ”a” <= char <= ”z”: encrypted_text += chr((ord(char) – 97 + shift) % 26 + 97) else: encrypted_text += char return encrypted_text # function execution message = “hello everyone” shift_value = 3 encrypted_msg = caesar_cipher(message, shift_value) print(“Encrypted message:”, encrypted_msg) Following is the output of the above example − Input/Output I/P -> Plain text: hello everyone O/P -> Encrypted message: khoor hyhubrqh Decryption Example To create the decryption program for the Caesar Cipher encrypted message, we can reverse the encryption process. Here”s the decryption code for the above Caesar Cipher encryption function using list comprehension − def caesar_decipher(text, shift): decrypted_text = ”” for char in text: if ”A” <= char <= ”Z”: decrypted_text += chr((ord(char) – 65 – shift) % 26 + 65) elif ”a” <= char <= ”z”: decrypted_text += chr((ord(char) – 97 – shift) % 26 + 97) else: decrypted_text += char return decrypted_text # Function execution encrypted_msg = “khoor hyhubrqh” shift_value = 3 # Decryption decrypted_msg = caesar_decipher(encrypted_msg, shift_value) print(“Decrypted message:”, decrypted_msg) Following is the output of the above example − Input/Output I/P -> Cipher text: khoor hyhubrqh O/P -> Decrypted message: hello everyone Implementation using C++ This approach takes a message and a shift value as an input. It then iterates over each character inside the message and shifts it over the given amount to create Caesar Cipher algorithm. It returns the encrypted message as a string. So below is the implementation of Caesar Cipher using C++ programming langugage − Example #include <iostream> #include <string> using namespace std; // Function to encrypt a message string encrypt(string message, int shift) { string encrypted = “”; for (char& c : message) { // Shift each character by the given spaces if (isalpha(c)) { if (isupper(c)) { encrypted
Counter (CTR) Mode
Cryptography – Counter (CTR) Mode ”; Previous Next Counter Mode (CTR) is similar to OFB, with one difference that CTR uses a counter for feedback. This method has the same advantages as OFB (patterns are destroyed and errors are not transmitted), but it also allows for parallel encryption because the feedback can be as simple as an ascending number. A simple example is that the first block is XORed with the number 1, the second with the number 2, and so on. This method allows for the simultaneous completion of any number of rounds. It can be thought of as a counter-based version of CFB mode without the feedback. In this mode, both the sender and receiver must have access to a reliable counter that generates a new shared value each time a ciphertext block is transferred. This shared counter is not always a secret value; though, both parties must keep the counter synchronised. Operation The following image shows encryption and decryption in CTR mode. Steps in operation are as follows − Load the top register with the initial counter value that is the same for both the sender and receiver. It provides the same purpose as the IV in CFB (and CBC) mode. Encrypt the data of the counter with the key and save the result in the bottom register. Take the first plaintext block (P1) and XOR it with the data of the bottom register. The outcome of this is C1. Send C1 to the receiver, then update the counter. The counter update a substitutes the ciphertext feedback in the CFB mode. Continuing in this manner until the final plaintext block is encrypted. Decryption is an opposite process. The ciphertext block is XORed with the encrypted data of the counter value. Each ciphertext block counter is updated after decryption, exactly as it was when encrypted. Analysis of CTR Mode It has no message dependency, hence a ciphertext block is not dependent on preceding plaintext blocks. Just like CFB mode, CTR mode does not include block cipher decoding. This is because the CTR mode generates a key-stream with the block cipher and then encrypts it with the XOR function. In other words, CTR mode changes a block cipher into a stream cipher. The major disadvantage of CTR mode is that it needs the use of synchronous counters at both the transmitter and receiver. Loss of synchronisation causes insufficient plaintext recovery. However, CTR mode offers practically all of the same advantages as CFB mode. Also, no transmission errors are propagated. Formula for CTR Mode CTR is similar to OFB in that it XORs a series of pad vectors with plaintext and ciphertext blocks. The primary difference is how these pad vectors are created. In the CTR mode, we begin with a random seed, s, and then compute pad vectors using the formula − Vi = EK(s+i-1) where EK is the block encryption technique with key K, Vi is a pad vector, and i is the vector”s offset from 1. Once the vectors have been constructed, encryption comparable to the OFB mode can be performed using the following formula − Ci = Vi ⊕ Bi Decryption works in a similar way − Bi = Vi ⊕ Ci CTR uses the same encryption algorithm for both encryption and decryption just like CFB and OFB modes. Bit-Width of CTR Mode The Counter (CTR) mode is a typical block cipher mode of operation that uses the block cipher algorithm.In this version, we offer Advanced Encryption Standard (AES) processing; the cipherkey length for AES is 128/192/256 bits. Another constraint is that our working mode operates on units of a set size (128 bits per block), but text in the actual world has a variety of lengths. As a result, the final block of text provided to this primitive must be padded to 128 bits before it can be encrypted or decrypted. The following table show the bit-width of the interfaces that CTR mode offer − Advantages of CTR Mode So below are some advantages of counter (CTR) mode − Hardware efficiency − Unlike the three chaining modes, CTR mode allows encryption (or decryption) to be performed in parallel on many blocks of plain-text or ciphertext. For chaining modes, the algorithm has to complete the computation on one block before proceeding to the next. This limits the algorithm”s maximum throughput to the reciprocal of the time required for a single execution of block encryption or decryption. In CTR mode, throughput is just limited by the amount of parallelism obtained. Software efficiency − Additionally, while CTR mode supports parallel execution, processors with parallel capabilities like aggressive pipelining, multiple instruction dispatch per clock cycle, a high number of registers, and SIMD instructions can be properly used. Preprocessing − The underlying encryption technique is executed regardless of whether the plaintext or ciphertext is given. As a result, considering enough memory is available and security is maintained, preprocessing can be utilised to prepare the output of the encryption boxes, which feed into the XOR functions. When the plaintext or ciphertext input is given, the only operation performed is a series of XORs. As an approach significantly increases throughput. Random access − The ith block of plaintext or ciphertext is possible to handled using random access. With the chaining modes, block Ci cannot be computed before the i – 1 preceding block is computed. There are applications where a ciphertext is kept and just one block needs to be decrypted; in these applications, the random access functionality is useful. Simplicity − CTR mode is simpler than ECB and CBC modes since it only requires the encryption algorithm to be implemented, not the decryption algorithm. This is especially important when the decryption algorithm differs significantly from the encryption algorithm, as is the case with AES. Also, there is no requirement to create decryption key scheduling. Disadvantages of CTR Mode The main drawback of the CTR is that a synchronised counter must be maintained at both the receiving and
Cryptosystems – Cryptanalysis Techniques ”; Previous Next Before deep dive into cryptanalysis techniques let us first discuss what exactly cryptanalysis is, who are cryptanalysts and what are their roles and responsibilities. The study of decrypting and examining encrypted text and messages without the need for a key is known as cryptanalysis. It”s a combination of study and exercise. It is based on the assumption that experts in mathematics, physics and cryptanalysis are unaware of the process and miss the necessary keys for encryption and decryption It is also a way to easily view the content of a transaction when you don”t have access to a decryption key. Who are Cryptanalysts? The codes are interpreted by cryptanalysts. The term “cryptoanalysis” is derived from the Greek words kryptós (means “hidden”) and analein (means “analysis”). As a cryptanalyst, you are in charge of decoding or decrypting data to understand cryptic signals, even if you do not have the encryption key. Role and Responsibilities of Cryptanalysts In order to access data that would otherwise be difficult to read, a cryptoanalyst will examine ciphers, codes, and encryption systems to learn how they operate. Your specific responsibilities as a crypto analyst will vary depending on the company and organization you work for. The following are some real-world cryptoanalyst positions and responsibilities − Gathering, analysing, and processing data Analyse scrambled intercepts Make use of encrypted resources Debugging software programmes Find the cryptography algorithms” flaws. Create new cryptanalysis tools. Develop strategies to exploit vulnerabilities in computer networks. How is Cryptanalysis performed? While the aim of cryptanalysis is to find weaknesses in cryptographic algorithms or find alternative ways around them, cryptographers use cryptanalysts” knowledge to improve, replace, or enhance weak techniques. The term “cryptology,” which is defined as the mathematical study of codes, ciphers, and related algorithms, includes both cryptography, which focuses on developing and improving encryption ciphers and other procedures, and cryptanalysis focuses on decoding encrypted data. Researchers may create attack strategies that fully overcome an encryption method, making it possible to decrypt ciphertext that has been encrypted using that algorithm without requiring the encryption key. Sometimes, cryptanalysis”s findings identify problems with the design or application of the technique, which reduces the quantity of keys that need to be tried on the target ciphertext. The methods for cryptanalysis differ based on the kind of cipher used. This previously stated, one way to break into simple substitution ciphers is to figure out which letters are most commoon in the message and then compare the result to a list of the most common letters in the English language. Another encryption technique is called a transposition cipher, which reorders the message”s characters without altering them. These ciphers are vulnerable to “anagramming” approaches, which involve experimenting with different letter combinations and looking for patterns or words that are simple to identify in the results. Cryptanalysis Techniques & Attacks A cryptographic system must be attacked in order to identify its vulnerabilities. We refer to them as cryptanalytic attacks. The nature of the algorithm and an understanding of the general characteristics of the plaintext which may be Java code or a conventional English document are prerequisites for the attacks. Therefore, before attempting to take advantage of the attacks, one should be aware of the nature of the plaintext. There are a wide variety of cryptanalysis attack techniques. However, the two most widely used methods are − Ciphertext-Only Attack A potential attacker does not know the encryption algorithm being used, the plaintext data, or any cryptographic key data other than the at least one encrypted message that they have access to. When intelligence agencies try to decipher encrypted messages from a target, they frequently encounter this challenge. However, because there is not much target data, this attack is difficult to execute. Known Plaintext Attack(KPA) When it comes to implementation, this attack is simpler than the ciphertext-only attack. The analyst probably has access to some or all of the plaintext of the ciphertext when they use a known plaintext attack. Finding the key that the target used to encrypt the communication and using it to decrypt it are the cryptanalyst”s goals. The attacker can decrypt any message encrypted with that particular key once they have found it. Attackers using known plaintext techniques must be able to decipher all or part of an encrypted message, or even only the format of the original plaintext. Here are some additional techniques and types that cybersecurity professionals may need to be aware of − Differential Cryptanalysis Attack(DCA) This particular variant of the plaintext attack targets block ciphers that examine plaintext in pairs instead of the one at a time. Using this method enables the analyst to figure out how the algorithm in problem works when it encounters various data types. Man-in-the-Middle Attack(MITM) When an intruder manages to get into a normally secure channel used by two parties to exchange keys, an attack takes place. The key exchange is carried out by the cryptanalyst with each end-user, who thinks they are carrying it out with each other. As a result, the people concerned are utilising a key that the attacker is aware of without realising it. Differential Cryptanalysis A cryptanalyst using differential cryptanalysis can access pairs of messages that are closely related, differing only by a single letter or bit, along with their encrypted versions. This enables the attacker to investigate how modifications made to the source text affect the ciphertext produced by the algorithm. Chosen Plaintext Attack(CPA) When an analyst uses a selected plaintext attacks, they can either use the encryption device or already know the encryption. The selected plaintext can then be encrypted using the intended algorithm by the cryptanalyst in order to obtain information about the key. Side-Channel Attack(SCA) Side-channel attacks depend on data obtained from the actual system used for encryption and decryption. Rather than using the plaintext that is going to be encrypted or the ciphertext that is produced during the encryption process, this attack makes use of data related to the target