Day 071 #FromZeroToHacker – Encryption – Crypto 101

Cryptography is used to protect confidentiality, ensure integrity and authenticity. Even if we don’t notice, we use encryption when we connect to SSH, our back or even download a file.

Let’s learn more about this topic in our daily #FromZeroToHacker challenge.

Table of contents
Introduction
What have I learnt today?
Stats
Resources

Introduction to Encryption – Crypto 101

Today we are going to learn about:

  • Why cryptography matters for security and CTFs
  • The two main classes of cryptography and their uses
  • RSA, and some of the uses of RSA
  • 2 methods of Key Exchange
  • Notes about the future of encryption with the rise of Quantum Computing
Encryption vs Hashing

What have I learnt today?

Key terms

Some of these key terms are shared with Hashing Crypto 101:

  • Ciphertext: The result of encrypting a plaintext.
  • Cipher: A method of encrypting data.
  • Plaintext: Data before encryption. It may be a text, but also a photo or other file.
  • Encryption: Transforming data into ciphertext.
  • Key: Some information that is needed to decrypt the ciphertext into plaintext.
  • Passphrase: Separate from the key, is similar to a password.
  • Asymmetric encryption: Uses different keys to encrypt and decrypt.
  • Symmetric encryption: Uses the same key to encrypt and decrypt.
  • Brute force: Attacking cryptography by trying every different password or key.
  • Cryptanalysis: Attacking cryptography.

Crucial crypto maths

We need to understand a bit of basic maths when it comes to learning cryptography. The modulo operator is pretty important and every language implements this operator.

When we divide something, we get an integer number as the result of the division, and sometimes there is a remainder. The modulo operator divides two numbers, keeping only the remainder.

Examples:

25 % 5 = 0 (As 25 can be divided by 5)
25 % 6 = 5 (As 25 can be divided up to 3 times 6 (18), leaving a remainder of 5)

Types of encryption

There are two main categories of encryption:

  • Symmetric encryption: Uses the same key to encrypt and decrypt the data. Faster than asymmetric cryptography and uses smaller keys. Examples of this are AES and DES, which is currently busted and insecure.
  • Asymmetric encryption: Uses a pair of keys, one to encrypt and the other to decrypt. Examples are RSA (used in SSH) and Elliptic Curve Cryptography. Data encrypted with the private key can be decrypted only with the public key and vice-versa.

RSA – Rivest Shamir Adleman

The math(s) side

RSA is based on the mathematically difficult problem of working out the factors of a large number. It is easy to multiply two prime numbers together (17 * 23 = 391), but it is difficult to work out what two primer numbers multiplied together make 14351 (113 * 127).

Establishing keys using asymmetric cryptography

Asymmetric encryption is slower than symmetric, so for things like HTTP symmetric encryption is better.

But…how do you agree to a key with the server without transmitting the key for people snooping to see?

Metaphor time!

Imagine that you have a secret code and instructions for how to use the secret code. But how do you send this instructions while keeping privacy?

You ask your friend for a box with a lock.

Only your friend has the key for this lock, and only they can unlock it once it reaches them.

After this transaction is done, you can communicate in the secret code with your friend without risking people snooping over.

The secret code is the (faster) symmetric encryption key, the lock represents the server’s public key, and the key represents the server’s private key.

We use asymmetric cryptography for the exchange of the secret code (the symmetric encryption key), and then we communicate privately with the symmetric encryption.

Digital signatures and certificates

What’s a digital signature

Digital signatures are a way to prove the authenticity of files, to prove who created and modified them.

Using asymmetric cryptography, you produce a signature with your private key that can be verified with your public key. Digital signatures and physical signatures have legally the same value in countries such as the UK.

The simplest form of digital signature is encrypting the document with your private key, and to verify this signature, they would decrypt it with your public key, and then check if the files match.

Certificates

A common place to use certificates, similar to digital signatures, is when they are used for HTTPS.

How does our browser know that the server you’re talking to is the real Google.com?

Certificates.

The web server has a certificate that says it is the real Google.com (or any other trusted website). The certificates have a chain of trust, starting with a root CA (Certificate Authority). Root CAs are automatically trusted by your device, OS or browser. Certs below that, are trusted because the Root CA trusts that organisation. The certificates below are trusted because the organisation trusted by the CA, trust them.

And so on and so on.

These are called long chains of trust.

SSH authentication

Encryption and SSH authentication

By default, SSH is authenticated using usernames and passwords, but it can be configured to use a key authentication instead. This uses public and private keys to prove that the client is a valid and authorised user.

By default, SSH keys are RSA keys. You can generate them with ssh-keygen.

SSH private keys

Treat private SSH keys as passwords. They are called private for a reason, right?

If someone has your private key, they can log in to servers that will accept it.

The passphrase to decrypt the key isn’t used to identify you to the server but to decrypt the SSH key. This passphrase is also never transmitted and never leaves your system. Never.

When generating an SSH key to log in to a remote machine, generate the keys on your machine and copy the public key over, as this means the private key never exists on the target machine.

How do I use these keys?

The ~/.ssh folder is the default place to store these keys for OpenSSH. The authorized_keys file in this directory holds public keys that are allowed to access the server if key authentication is enabled.

To use a private key, the permissions should be set up, or it will ignore the file. Use ssh -i <PATH_TO_KEY> <USERNAME>@<TARGET_IP>.

Using SSH keys to get a better shell

SSH keys are an excellent way to upgrade a reverse shell, if the user has login enabled. Leaving an SSH key authorized_keys on a box can be a useful backdoor.

Explaining Diffie Hellman

What is key exchange?

Key exchange allows 2 parties to establish a set of common cryptographic keys without a third party.

How does Diffie Hellman key exchange work?

Alice and Bob want to talk privately. They want to establish a common key, to use symmetric cryptography, but they don’t want to use a key exchange with asymmetric cryptography. Here is where DH key exchange works.

Alice and Bob generate their secrets, called A and B. They also have some common material that’s public, let’s call it C.

Alice and Bob combine their own secrets with the common material, forming AC and AB. Then, they will send these to each other, and combine that with their private secrets to form two identical keys: ABC.

(The order in which they are combined doesn’t matter and the combined secrets are very very difficult to separate)

Check this video for a better and more detailed explanation of how Diffie Hellman key exchange works.

PGP, GPG, and AES

What is PGP?

PGP stands for Pretty Good Privacy (Yeah, I know…). It is a software that implements encryption for encrypting files, performing digital signing and more.

What is GPG?

GPG is an open-source implementation of PGP from the GNU project. Click on the link to read the man page for GPG.

What about AES?

AES, or Advanced Encryption Standard, was a replacement for DES, which had shorter keys and cryptographic flaws.

AES and DES both operate on blocks of data (a block of a fixed-size series of bits).

Summary

Today we have learnt about:

  • Key terms related to encryption.
  • Why it is encryption so important.
  • Basic crypto maths.
  • Types of encryption
  • Establishing keys using asymmetric cryptography.
  • Digital signatures and certificates.
  • SSH authentication.
  • Diffie Hellman Key exchange
  • PGP, GPG, and AES

Stats

From 62.378th to 61.103th.

Here is also the Skill Matrix:

Skills Matrix

Resources

Module: Cryptography

TryHackMe: Encryption – Crypto 101

Other resources

Hashing Crypto 101
Video: Diffie Hellman key exchange explanation
man page for GPG