Skip to main content

Cryptography (Ethical hacking simplified)

Cryptography

This is the process of hiding data from a third party. It is the means of ensuring a secure movement of data by avoiding adversaries to have access to the data even if they lay their hands on it. As a potential Ethical hacker, you will always come across this technology in almost everything you do, since it has become mandatory in every secured environment.
Encryption is the process of encoding the data, while decryption is the opposite. Meaning decryption is the process of getting back the message into its readable format.

Terminologies in cryptography
  • Plaintext/cleartext
  • Chipertext
  • Algorithms Chipers
  • Keys

Plaintext: This refers to the data which cryptography tends to protects. It is the information that is sent across the network. I mean the raw information. Take for example you have a secret to hide which you don't want anyone to know and its written in a language that only you can understand. Even if someone has access to that piece of note he will understand nothing. The information hidden in that format is the plaintext.

Chipertext: This is the opposite of the plaintext. When someone has access to the written document that only you can understand, he has access to the chipertext. Chipertext is the encorded message. Lets take for example I want to write my name i.e. Salim Salisu. Salim Salisu is the plaintext right? So I decided to hide it that who ever sees it will not understand what I wrote, by encoding it to $67!w $67!$n. The $67!w $67!$n is the chipertext.

Algorithms Chipers: This is the steps in which the plaintext is converted to chpertext and vice-versa. It can again be seen as the formula of encoding (encryption) and decoding (decryption) of the plaintext to chipertext and vice-versa.

Keys: Keys in cryptography do the same thing with what normal keys does. They are used to lock and unlocked data. Take for example I am sending my name in $67!w $67!$n format to someone else. The name would definitely be useless for him without giving him the clue on how to unlock it, The secret of decoding the name is the key.
Types of Cryptography (public-key cryptography)
  1. Symmetric Algorithms
  2. Asymmetric Algorithms


Symmetric Algorithms: This is the type of algorithms which the encryption key and the decryption key are all the same. This type of encryption has its advantages and disadvantages respectively.
Advantages of Symmetric encryption
  • Easy to use
  • extremely secured
  • Fast
  • It provide authentication
Disadvantages of symmetric encryption
  • When the key is in the wrong hand it can cause a severe damage
  • If you have the key, you have access. No additional checking.
Commonly used Symmetric encryption.
Data Encryption Standard (DES): This originally used by the US government in 1977, although it is still used today but not for any sensitive encryption. It uses 56bit encryption algorithms. Using such key in the present technological advancement is never best practice so be warned!
Triple DES(3DES): This an upgrade to DES. It is more secured and robust because it uses 3times of the native DES, meaning it is 168bits encryption algorithms.
Blowfish: This is a 448bits key encryption algorithms. It is designed to support the current 32bits and 64nits processor respectively. It is very fast, strong and simple to design. This symmetric encryption is designed in 1993 by name Bruce Schneider.
International Data Encryption Algorithm (IDEA): This was initially called improved proposed encryption standard (IPES). It was designed to replace the DES encryption algorithm. It was designed by James Massey of ETH Zurich and Xuejia Lai. This encryption was released to the public in 1990. It is used in PGP pretty good privacy v2.0 after the encryption in the PGP v1.0 BassOmatic was found insecure. It is presently free to be used since its patent expired in 2012.
MARS: A finalist in the AES (advance encryption standard) august 1999. It was created by IBM. The MARS developers include Don Coppersmith who was part of the creators of the DES in 1970s. This encryption uses 128bits to 256bits. The goal of AES is to secure the government sensitive information for a very long time. The National Institute of Standards and Technology (NIST) organized the AES competition.
RC2: This was originally a trade secret to the RSA labs. It came into the public in in 1996. This encryption is 1 to 2048bits wow! But it was limited to 40bits in the software exported to allow the US government surveillance.
RC4: This almost the same with the RC2. It came to the public via a newsgroup posting 1994.
RC5: The same with RC2 and RC4, the difference here is RC5 allows user to define its key length.
RC6: This is another finalist in the AES competition organized by the NIST. This encrytion supports 128 to 256bits.
Rijndael or AES: since the DES cannot cop with the evolving of the technology, NIST choose this as an encryption standard to replace the DES. Its algorithms is very compact and fast. It supports 128, 192 or 256bits key lengths.
Serpent: This is another AES competition finalist which was created by Ross Anderson, Eli Biham and Lars Knudsen. It supports 128 to 256 bits encryption key.
Twofish: This was developed by Bruce Schneider and supports 128 to 256bits encryption key. It has the previledge to join the AES competition as a candidate.
To be continued


Labels:

Comments

Post a Comment

Popular posts from this blog

Powerful words from Steve Jobs on his sick bed

Powerful message. Steve Jobs’ Last Words - I reached the pinnacle of success in the business world. In others’ eyes, my life is an epitome of success. However, aside from work, I have little joy. In the end, wealth is only a fact of life that I am accustomed to. At this moment, lying on the sick bed and recalling my whole life, I realize that all the recognition and wealth that I took so much pride in, have paled and become meaningless in the face of impending death. In the darkness, I look at the green lights from the life supporting machines and hear the humming mechanical sounds, I can feel the breath of god of death drawing closer… Now I know, when we have accumulated sufficient wealth to last our lifetime, we should pursue other matters that are unrelated to wealth… Should be something that is more important: Perhaps relationships, perhaps art, perhaps a dream from younger days ... Non-stop pursuing of wealth will only turn a person into a twisted being, just l...
Post a Comment
Read more

iTunes Connect is down!

Something is wrong in Cupertino. A number of developers today turned to Twitter to complain that iTunes Connect, a hub for iOS and Mac software makers, was logging them into the wrong accounts.  The service appears to be matching log-ins with the wrong accounts, showing apps and usernames from completely different people. When developers try to access one of the apps, they receive an error message leading them back to their own account. iTunes Connect has since been taken offline as Apple’s engineers presumably set off to fix the problem. We’ve contacted Apple and will update if we hear back. Culled from:  The Next Web
Post a Comment
Read more

How to Send SMS to any number anonymously

In this technology era, many of us want to send messages anonymously! the reasons might be maintaining privacy, franking etc. But many sees it as impossible! Today I'm going to take you through steps to send SMS/Text message without exposing your identity. This method is actually based on sending SMS using some online websites that will allow you to send SMS without entering any personal details. So just have a look on the websites to send free Anonymous SMS. List of Websites To Send Anonymous SMS To Any Number :- 1   Seasms.com This is the one of the best site that supports 160 character message to send to any number online and you will not need to register any personal details and can send free SMS to any of number. Must try this. 2   Spicesms.com This site only allows you to send SMS in india. The message service of this site is very fast as the message will be send instantly to the receiver end. 3   Smsti.in This website allows to send SMS in...
Post a Comment
Read more