Archive

Posts Tagged ‘cipher’

WEP is an encryption scheme based on the RC-4 cipher

June 18th, 2008
No comments

WEP is an encryption scheme, based on the RC-4 cipher, that is available on all 802.11a, b and g wireless products. WEP uses a set of bits called a key to scramble information in the data frames as it leaves the access point or client adapter and the scrambled message is then decrypted by the receiver. Both sides must have the same WEP key, which is usually a total of 64 or 128 bits long. A semi-random 24 bit number called an Initialization Vector (IV), is part of the key, so a 64 bit WEP key actually contains only 40 bits of “strong” encryption while a 128 bit key has 104. The IV is placed in encrypted frame’s header, and is transmitted in plain text. Traditionally, crac*ing WEP keys has been a slow and boring process. An attacker would have to capture hundreds of thousands or millions of packets—a process that could take hours or even days, depending on the volume of traffic passing over the wireless network. After enough packets were captured, a WEP crac*ing program such as Aircrac* would be used to find the WEP key. Fast-forward to last summer, when the first of the latest generation of WEP cracking tools appeared. This current generation uses a combination of statistical techniques focused on unique IVs captured and brute-force dictionary attacks to break 128 bit WEP keys in minutes instead of hours. As Special Agent Bickers noted, “It doesn’t matter if you use 128 bit WEP keys, you are vulnerable!” WEP is an encryption scheme, based on the RC-4 cipher, that is available on all 802.11a, b and g wireless products. WEP uses a set of bits called a key to scramble information in the data frames as it leaves the access point or client adapter and the scrambled message is then decrypted by the receiver. Both sides must have the same WEP key, which is usually a total of 64 or 128 bits long. A semi-random 24 bit number called an Initialization Vector (IV), is part of the key, so a 64 bit WEP key actually contains only 40 bits of “strong” encryption while a 128 bit key has 104. The IV is placed in encrypted frame’s header, and is transmitted in plain text. Traditionally, cracking WEP keys has been a slow and boring process. An attacker would have to capture hundreds of thousands or millions of packets a process that could take hours or even days, depending on the volume of traffic passing over the wireless network. After enough packets were captured, a WEP cracking program such as Aircrack would be used to find the WEP key. Fast-forward to last summer, when the first of the latest generation of WEP cracking tools appeared. This current generation uses a combination of statistical techniques focused on unique IVs captured and brute-force dictionary attacks to break 128 bit WEP keys in minutes instead of hours.

Basic Directions:

1)Boot from cd

2)get the wep key

 3)write it down

4)reboot into windows

5)connect using wep key.

Encryption , , ,

What is snake oil

January 29th, 2008
No comments

Refers to a cryptography or security product that makes exaggerated claims of what the product is capable of, giving the user a false sense of security. The term snake oil, which is credited to Matt Curtin for using in reference to computer security products, comes from the 19th-century American practice of selling cure-all elixirs in traveling medicine shows. Snake oil salesmen would falsely claim that the potions would cure any ailments. The term has been appropriated to mean security and encryption products that make impossible claims, such as unbreakable codes.

The problem with bad security is that it looks just like good security. You can’t tell the difference by looking at the finished product. Both make the same security claims; both have the same functionality. Both might even use the same algorithms: triple-DES, 1024-bit RSA, etc. Both might use the same protocols, implement the same standards, and have been endorsed by the same industry groups. Yet one is secure and the other is insecure.

Many cryptographers have likened this situation to the pharmaceutical industry before regulation. The parallels are many: vendors can make any claims they want, consumers don’t have the expertise to judge the accuracy of those claims, and there’s no real liability on the part of the vendors (read the license you agree to when you buy a software security product).

This is not to say that there are no good cryptography products on the market. There are. There are vendors that try to create good products and to be honest in their advertising. And there are vendors that believe they have good products when they don’t, but they’re just not skilled enough to tell the difference. And there are vendors that are just out to make a quick buck, and honestly don’t care if their product is good or not.

Most products seem to fall into the middle category: well-meaning but insecure. I’ve talked about the reason in previous CRYPTO-GRAM essays, but I’ll summarize: anyone can create a cryptography product that he himself cannot break. This means that a well-meaning person comes up with a new idea, or at least an idea that he has never heard of, cannot break it, and believes that he just discovered the magic elixir to cure all security problems. And even if there’s no magic elixir, the difficulty of creating secure products combined with the ease of making mistakes makes bad cryptography the rule.

Cryptography , , ,

Glossary for cryptography

January 29th, 2008
No comments
algorithm
A procedure or mathematical formula. Cryptographic algorithms convert plaintext to and from ciphertext.
cipher
Synonym for “cryptographic algorithm”
cryptanalysis
To solve or “break” a cryptosystem.
EAR
Export Administration Regulations. The rules under which the export of cryptographic software from the US are governed now.
escrow
A third party able to decrypt messages sent from one person to another. Although this term is often used in connection with the US Government’s “Clipper” proposals, it isn’t limited to government-mandated ability to access encrypted information at will. Some corporations might wish to have their employees use cryptosystems with escrow features when conducting the company’s business, so the information can be retrieved should the employee be unable to unlock it himself later, (if he were to forget his passphrase, suddenly quit, get run over by a bus, etc.) Or, someone might wish his spouse or lawyer to be able to recover encrypted data, etc., in which case he could use a cryptosystem with an escrow feature.
initialization vector
One of the problems with encrypting such things as files in specific formats (i.e., that of a word processor, email, etc.) is that there is a high degree of predictability about the first bytes of the message. This could be used to break the encrypted message easier than by brute force. In ciphers where one block of data is used to influence the ciphertext of the next (such as CBC), a random block of data is encrypted and used as the first block of the encrypted message, resulting in a less predictable ciphertext message. This random block is known as the initialization vector. The decryption process also performs the function of removing the first block, resulting in the original plaintext.
ITAR
International Traffic in Arms Regulations. These are the rules by which munitions, as defined by the US State Department, may (or may not) be exported from the US. Until recently, this also included the export of cryptography. The exportability of cryptography is now in the hands of the Bureau of Export Administration, under the US Department of Commerce.
key
A piece of data that, when fed to an algorithm along with ciphertext, will yield plaintext. (Or, when fed to an algorithm along with plaintext, will yield ciphertext.
random session key
This is a temporary key that is generated specifically for one message. Typically, in public key cryptosystems, the message to be sent is encrypted with a symmetric key that was specifically generated for that message. The encrypted version of that message, as well as the associated session key can then be encrypted with the recipient’s public key. When the recipient decrypts the message, then, the system will actually decrypt the message it gets (which is the ciphertext message and the symmetric key to decrypt it), and then use the symmetric key to decrypt the ciphertext. The result is the plaintext message. This is often done because of the tremendous difference in the speed of symmetric vs. asymmetric ciphers.

Cryptography , , ,

Encryption

January 29th, 2008
1 comment

The process of converting data into a coded form (ciphertext) to prevent it from being read and understood by an unauthorized party. 

Encryption refers to algorithmic schemes that encode plain text into non-readable form or cyphertext, providing privacy. The receiver of the encrypted text uses a “key” to decrypt the message, returning it to its original plain text form. The key is the trigger mechanism to the alogrithm.

Until the advent of the Internet, encryption was rarely used by the public, but was largely a military tool. Today, with online marketing, banking, healthcare and other services, even the average householder is aware of encryption.

Web browsers will encrypt text automatically when connected to a secure server, evidenced by an address beginning with https. The server decrypts the text upon its arrival, but as the information travels between computers, interception of the transmission will not be fruitful to anyone “listening in.” They would only see unreadable gibberish.

There are many types of encryption and not all of it is reliable. The same computer power that yeilds strong encryption can be used to break weak encryption schemes. Initially, 64-bit encryption was thought to be quite strong, but today 128-bit encryption is the standard, and this will undoubtedly change again in the future.

The original design of electronic mail did not make any allowances for security. As email has evolved into a mess medium, users have begun to use two solutions to existing serious problems with email security.

  • Authentication:Email services rely on the person sending an email to provide his/her own identity — i.e., they only pass along the email address that a message claims to be “from.” It is extremely easy for anyone to change this address and send messages that claim to be “from” someone they are not. Most current users of email have experienced the frustration with large amounts of spam originating from forged return addresses — or even discovered that their own addresses have been forged as a source of spam. This same vulnerability has allowed virus authors to pass viruses through email for many years, by making an infected attachment appear to come from a trusted source.Modern encryption techniques allow an email to be digitally “signed” by a sender. The recipient of such a message can check a signature to determine that an email message actually came from the person claiming to be the sender.
  • Secure Transmission: Email systems, by default, send messages in plain text. As a consequence, any person using a software package called a “packet sniffer” to “eavesdrop” on a network can easily read email messages being delivered over that network.To put it another way, when you send an email message, you should think of it as a postcard readable by anyone handling email — not as a letter inside an envelope. This clearly presents problems for anyone wishing to exchange sensitive information via email. Encrypting email messages offers a solution.

Simple Encryption with XOR: Now depending on the encryption algorithm, we may also need a decryption key. Public-key encryption has two keys- this is assymetrical encryption. A simple xor though can use the same password for both encryption and decryption as the XOR operator has the property that when

C = A XOR B

then

B = A XOR C

and

A = B XOR C.

Any algorithm can be used that takes the original text and processes it using the encryption key so long as there is a corresponding decryption key. For the strongest encryption, one of the well-tested algorithms such as AES (Advanced Encryption Standard) should be used.

Cryptography, E, Encryption, Glossary of computer security , , , , , ,

Cryptography

January 14th, 2008
No comments

The art of protecting information by transforming it (encrypting it) into an unreadable format, called cipher text. Only those who possess a secret key can decipher (or decrypt) the message into plain text. Encrypted messages can sometimes be broken by cryptanalysis, also called codebreaking, although modern cryptography techniques are virtually unbreakable.

As the Internet and other forms of electronic communication become more prevalent, electronic security is becoming increasingly important. Cryptography is used to protect e-mail messages, credit card information, and corporate data. One of the most popular cryptography systems used on the Internet is Pretty Good Privacy because it’s effective and free.

Cryptography systems can be broadly classified into symmetric-key systems that use a single key that both the sender and recipient have, and public-key systems that use two keys, a public key known to everyone and a private key that only the recipient of messages uses.

 

C, Glossary of computer security , , , ,

XOR encryption is a trivially simple symmetric cipher

September 6th, 2007
No comments

XOR encryption is a trivially simple symmetric cipher which is used in many applications where security is not a defined requirement.

The XOR Operator
XOR, also know as Exclusive OR, is a bitwise operator from binary mathematics.

The six bitwise operators, as defined in the C programming language, are:

Operation Symbol
AND &
Inclusive OR |
Exclusive OR (XOR) ^
Right Shift >>
Left Shift <<
Complement ~

The XOR operator returns a 1 when the value of either the first bit or the second bit is a 1.

The XOR operator returns a 0 when neither or both of the bits is 1.

This is best illustrated in the following chart:

First Bit Second Bit Result
0 0 0
0 1 1
1 0 1
1 1 0

The XOR operator is used to “flip” bits (zeroes and ones) in a piece of plaintext to create a ciphertext.

Converting Plaintext to Ciphertext with XOR Encryption
The plaintext we will start with is the term “FAQ”.

ASCII representation of the plaintext: FAQ
Hexadecimal representation of the plaintext: 70 65 81
Binary representation of the plaintext: 01110000 01100101 1000000
We will XOR the first character of this plaintext into ciphertext using a “V” as the key:

ASCII representation of the key: V
Hexadecimal representation of the key: 86
Binary representation of the key: 10000110
Plaintext ‘F’ Key ‘V’ Ciphertext
0 1 1
1 0 1
1 0 1
1 0 1
0 0 0
0 1 1
0 0 0
0 1 1

Converting Ciphertext to Plaintext with XOR Encryption
XOR encryption is a symmetric algorithm. This means that we can use the encryption key as the decryption key.

Let’s decrypt our ciphertext to recreate our original plaintext.

Ciphertext Key ‘V’ Plaintext
1 1 0
1 0 1
1 0 1
1 0 1
0 0 0
1 1 0
0 0 0
1 1 0

Do the math yourself with the other two characters of plaintext to prove this to yourself.

Many encryption algorithms utilize the XOR operator as part of their operations.

Understanding XOR and the other binary operators is a necessary step on the path to becoming a cryptologist.

XOR Security
XOR encryption is trivially simple to implement and equally trivial to break.

XOR encryption should not be utilized for any data which you would want to protect.

source: http://www.tech-faq.com/xor-encryption.shtml

Encryption , , ,