# CEH v10: 20 Cryptography

Certified Ethical Hacker v10 Chapter 20: Cryptography.

Cryptography is the practice and study of techniques for secure communication in the presence of adversarial behavior.

## Terms

**Clear text / plaintext**: the unencrypted data**Cipher text**: the encrypted data**Key**: specifies the transformation of data for encryption / decryption ("key" is not synonymous with "password", although a password can in fact be used as a key)**Cipher**: an algorithm for performing encryption and decryption

### Symmetric cryptography

- Use the same key for the encryption and the decryption
- Symmetric-key either use stream cipher and block cipher
- Popular algorithms: AES, DES

### Asymmetric / Public Key cryptography

- Two key used: public and private
- Public key is publicly known to everyone, issued by Public Key Infrastructure (PKI) and use to encrypt the data
- Private key is a secret for the public,only known by the owner and it is used to decrypt the data
- Asymmetric cryptography delivers confidentiality, integrity, authenticity and non-repudiation
- Popular algorithms : RSA, DSA and Diffie-Hellman

## Methods

### Substitution Cipher

- Every character is substituted with another one
- More on Wikipedia
- Example cipher : Caesar cipher

Example:

`Plaintext : THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG`

Ciphertext : QEB NRFZH YOLTK CLU GRJMP LSBO QEB IXWV ALD

Key : right shift of 3

### Transposition Cipher

- The positions held by units of plaintext are shifted according to a regular system
- Example cipher Rail Fence cipher

Example:

`Clear text: WE ARE DISCOVERED. FLEE AT ONCE`

W . . . E . . . C . . . R . . . L . . . T . . . E

. E . R . D . S . O . E . E . F . E . A . O . C .

. . A . . . I . . . V . . . D . . . E . . . N . .

Ciphertext: WECRLTEERDSOEEFEAOCAIVDEN

### Polyalphabetic Cipher

- Based on substitution
- Using multiple substitution alphabets
- Example cipher : Vigenère cipher

### Stream Cipher

- Text digits are combined with a pseudorandom cipher digit stream (keystream)
- Each plaintext digit is encrypted one at a time with the corresponding digit of the stream
- 2 type:
**Synchronous Stream Ciphers**: stream of pseudo-random digits is generated independently of the plaintext and ciphertext messages, and then combined with the plaintext (to encrypt) or the ciphertext (to decrypt)**Self-Synchronizing Stream Cipher**: uses several of the previous N ciphertext to compute the keystream- Example cipher: RC4

### Block Cipher

- Operating on fixed-length groups of bits, called a block, with an unvarying transformation that is specified by a symmetric key
- Example cipher: AES, DES

## Stream Cipher

### RC4

- Designed in 1987, leaked in 1994
- Used in SSL, WEP
- Simple amd fast algorithm
- RC4 generates a pseudorandom stream of bits (a keystream) and combining it with the plaintext using bit-wise exclusive-or for encryption
- The permutation is initialized with a variable length key, typically between 40 and 2048 bits
- Marked as insecure

## Symmetric Algorithms

### Data Encryption Standard (DES)

- Introduced in 1975
- Standardized in 1977
- Problem with DES: short key length (56 bits)
- Now considered as insecure
- Improved version: Triple DES (involves DES three times)
- Problem with Triple DES: slow, compute heavy

#### Parameters

Parameter | Value |
---|---|

Block size | 64 bits |

Key size | 56 bits |

No. of rounds | 16 |

### Advanced Encryption Standard (AES)

- First published in 1998
- Became a federal government standard in 2002
- First approved (and only) publicly accessible cipher approved by the NSA for top secret information

#### Parameters

Parameter | AES-128 value | AES-192 value | AES-256 value |
---|---|---|---|

Block size | 128 bits | 128 bits | 128 bits |

Key size | 128 bits | 192 bits | 256 bits |

No. of rounds | 10 | 12 | 14 |