Introduction to cryptography <Cybertrace Club>

Table of Contents

1 1000 feet view on cryptography

1.png

2 Symmetric cryptography

2.1 DONE General idea behind symmetric algorithms

5.png

2.2 DONE ROT13

Challenge copied from pwnerrank

Decrypt this: cjareenax{ebg13_1fag_f3pher3}

Hint: use the tr command

You can also do this by hand if you want, just work out the hash table.

2.3 DONE Stream ciphers

2.3.1 One time pads

2.png

3.png

  1. Crubing: Example attack

    Hey hackers, you are to are to recover this two images:

    img1.png

    img2.png

    This is the code used to encrypt the two images using a 255(3002) key so don't bruteforce, it will probably take you a couple of billion years.

    from PIL import Image
    import os
    import sys
    
    im1 = Image.open(sys.argv[1])
    im2 = Image.open(sys.argv[3])
    
    assert im1.size == im2.size
    
    v = os.urandom(im1.size[0] * im1.size[1])
    
    def dostuff(im, out):
        pix = im.load()
        size = im.size
        k = iter(v)
        for x in range(size[0]):
            for y in range(size[1]):
                c = pix[x, y]
                ki = int(next(k).encode('hex'), 16)
                pix[x, y] = c ^ ki
        im.save(out)
    
    dostuff(im1, sys.argv[2])
    dostuff(im2, sys.argv[4])
    

    and using this command

    python imxor.py  ~/im1.png ~/img1.png ~/im2.png ~/img2.png
    

    you are to recover the original images to reveal a secret text.

    Hint: Look at the random data generation process and think about reused xor key.

2.3.2 Multi time pads

Challenge copied from pwnerranank

Guess the key and decrypt the picture ! it contains a secret.

Decrypt this file

This uses a xor cipher against a cycled key.

Hint: This are the first bytes (in hexadecimal) of an image

format size
PNG 0x89, 0x50 ,0x4e, 0x47 ,0x0d, 0x0a ,0x1a
BMP 0x42, 0x4d
JPG 0xff,0xd8, 0xff,0xe0

I suggest using the xortool-xor (it's < 100 lines of code) by hellman1908@gmail.com

2.4 DONE Block ciphers

Encryption function:

Sorry, your browser does not support SVG.

Decryption function:

Sorry, your browser does not support SVG.

2.4.1 DONE Cipher examples

  1. AES in ECB mode

    Encryption:

    601px-ECB_encryption.svg.png

    Decryption:

    601px-ECB_decryption.svg.png

  2. AES in CBC mode

    Encryption:

    601px-CBC_encryption.svg.png

    Decryption:

    601px-CBC_decryption.svg.png

  3. Exercise:

    Encrypt this image using AES, in both ECB and CBC modes and compare the results:

    tux.bmp

    We use openssl to encrypt:

    openssl enc -aes-128-ecb -e -in tux.bmp -out tux1.bmp -K 123
    dd conv=notrunc if=tux.bmp of=tux1.bmp bs=1 count=54
    

    and in cbc mode

    openssl enc -aes-128-cbc -e -in tux.bmp -out tux2.bmp -K 123 -iv 00000
    dd conv=notrunc if=tux.bmp of=tux2.bmp bs=1 count=54
    

    plAuvFE.jpg

2.4.2 DONE AES ECB attack example

Can you solve this?

We encrypted a flag with AES-ECB encryption using a secret key,
and got the hash: e220eb994c8fc16388dbd60a969d4953f042fc0bce25dbef573cf522636a1ba3fafa1a7c21ff824a5824c5dc4a376e75
However, we lost our plaintext flag and also lost our key and we can't seem to decrypt the hash back :(.
Luckily we encrypted a bunch of other flags with the same key. Can you recover the lost flag using this?

[HINT] There has to be some way to work backwards, right?

You can just use a text editor.

aes.txt

2.4.3 DONE A Practical example

Encrypt messages to each other using openssl

echo "your secret message" > message.txt
openssl enc -aes-128-cbc -e -in message.txt -out secret.txt -k yourkey

to decrypt

openssl enc -aes-128-cbc -d -in secret.txt -out original.txt -k yourkey

Problem: How to share the key secretly?

3 Asymmetric cryptography

3.1 DONE General idea behind asymmetric algorithms

4.png

3.2 TODO RSA

3.3 TODO Discrete logarithm problem

3.3.1 TODO Diffie hellman

3.4 TODO Elliptic curves

3.5 TODO A practical example

Author: Knani Mohamed Aziz

Email: medazizknani@gmail.com

Created: 2018-02-13 Tue 18:35

Validate