Fmdszqujpo!Encryption!

Encryption

Group Activity 1: Take the message you were

given, and create your own encryption.

You can encrypt it anyway you want

Try to make an interesting version that you think no other group will be able to guess!

Encryption

What do you all think Encryption is?

Where do you think a good place is to use encryption?

Encryption

To change information from one form to another especially to hide its meaning. (from the merriam-webster dictionary)

In cryptography, encryption is the process of encoding messages or information in such a way that only authorized parties can read it. (from our favorite site Wikipedia)

Encoding

Encoding is the act of transforming data so that it may be properly consumed by another party

Encoding is not used for security purposes

Common Encoding Schemes HTML URL Unicode Hex

Encryption

Encryption is similar to encoding, except it implements the use of a key

A key is typically a random string of bits used to scramble and unscramble data

Different types of Encryption Symmetric Key Encryption Public Key Encryption

Common Encryption Schemes WEP TKIP AES-CCMP

EncryptionExhaustive Key Search

Cracking Activity 1

For this activity, we will list each of the messages up here, and then each group should choose a message and try to crack the encryption and get the message.

Cracking Activity 1

The messages are:

More Definitions, yay

There are 2 types of encryption, weak encryption and strong encryption.

Weak encryption means that although it is encrypted, it is a simple algorithm, or simple way to encrypt it, and can be cracked in minutes to anything less than a day or so. An example of this is from a security flaw found in March. This flaw is from the days when the government enforced that products be exported with weak encryption, but then was forgotten, and wasn’t discovered till this year, leaving a lot of time for any number of people to exploit it. The encryption was 512 bits, which can be cracked in about 7 hours if you have a good enough set of computers (or using a cloud of computers).

Definitions cont.

Strong encryption means that the data/message is encrypted with either a very complex algorithm, or it is encrypted enough times that it takes a long time to decrypt. An example is that you use 2048 bit encryption, or if you want to keep the weak encryption algorithm, you can encrypt the data multiple times to make it stronger (like encrypting a message with one method, then encrypting the result with another, and so on for 5 different encrypted algorithms).

Definitions cont.

One last definition that is good to know is what we mean when we say we will crack encryption. When we say crack we mean break it or decrypt it in some shape or form.

Example 1 – Caesar cipher

A Caesar cipher is an algorithm that uses the English alphabet to change a message into something else. You choose a number from 1 to 25, and for each letter in the message you want to encrypt, you add the number to it and change to the new letter.

Example 1 – Caesar cipher

Let’s say we want to take this phrase ‘thisisencryptionclass’ and use the Caesar cipher to encrypt it. Let’s say we choose 5 as our ‘key’, which means the value we want to change it with. First thing we can do is right out the alphabet from 0 to 25, and place the letters with the numbers.

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

a b c d e f g h i j k l m n o p q r s t u v w x y z

Example 1 – Caesar cipher

t h i s i s e n c r y p t i o n c l a s s

19 7 8 18 8 18 4 13 2 17 24 15 19 8 14 13 2 11 0 18 18

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

a b c d e f g h i j k l m n o p q r s t u v w x y z

So the message in number form is:

19 7 8 18 8 18 4 13 2 17 24 15 19 8 14 13 2 11 0 18 18

Example 1 – Caesar cipher

Ok, now that we have the message as a number, let’s convert it using the key.

Our key = 5 in this case, so add 5 to every number (and when it hits 25, start back at 0 ie. 23 + 5 = 25 + 3 = 2

Example 1 – Caesar cipher

19 7 8 18 8 18 4 13 2 17 24 15 19 8 14 13 2 11 0 18 18

+5 +5 ….. …. +5 +5

24 12 13 23 13 23 9 18 7 22 3 20 24 13 19 18 7 16 5 23 23

Finally, let’s convert that back to letters:

(remember:

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

a b c d e f g h i j k l m n o p q r s t u v w x y z

Example 1 – Caesar cipher

24 12 13 23 13 23 9 18 7 22 3 20 24 13 19 18 7 16 5 23 23

y m n x n x j s h w d u y n t s h q f x x

That means our original message: thisisencryptionclass

Is now encrypted and looks like this:

ymnxnxjshwduyntshqfxx

Pretty simple right?

Example 1 – Caesar cipher

Example 2 – Substitution Cipher

The Substitution cipher goes one step further, and instead of using a single key, we just arbitrarily change the way we have the letters.

Example 2 – Substitution Cipher

For this example, let’s use the following for our substitution key:

a b c d e f g h i j k l m n o p q r s t u v w x y z

j d k e b o a p r i l u m n w q s f z x c v b s t y

Now, using the same message we had in example one, we substitute each letter for the one in the key we made.

thisisencryptionclass is the message and gets encrypted to:

Example 2 – Substitution Cipher

t h i s i s e n c r y p t i o n c l a s s

x p r z r z b n k f t q x r w n k u j z z

a b c d e f g h i j k l m n o p q r s t u v w x y z

j d k e b o a p r i l u m n w q s f z x c v b s t y

Example 3

Example 3

For this example, we will explore public/private key encryption

First off, go to https://www.igolder.com/PGP/

We will use this site for the public/private key encryption

Example 3

unencrypted message:

thisisencryptionclass

Example 3

public key:

-----BEGIN PGP PUBLIC KEY BLOCK-----

Version: BCPG C# v1.6.1.0

mQENBFWUN4IBCACLRN0U0mcGe69UWvc0k7ZYZ5NH1eyIqpRzuISgjvC3AUBWqROk

yveE/zKUDBcYTge3G2yEOuAfTA6lCGPhXfSug6un9r1ddWcmfQK4BSVqFurlZpcC

x10f5ZLsIsJyDXML8GgKk3q0HhPxiE9qVnrhq1lV1KHaAaf60ifbr2dpTZkxLP9Q

hd/1it+wpByNO6xq+lx47CVbOoiCDIQxqPI1CixqnZGmFQ8MNf5dqtDN2i6aVoIb

TtYQSQppKO/bUG6//8mosmWfCQ9T7dHDRgX6KRVTv6PxsmXXFuj4iurcjFPK+9GP

mBf/ml8LwxhHM0b2wc2RTouc7KMrZ2yEQ2VHABEBAAG0HHdiZjAwMDdAdGlnZXJt

Example 3

YWlsLmF1YnVybi5lZHWJARwEEAECAAYFAlWUN4IACgkQnqgOCvo1SJWYiAf/S8bH

P/nUwfVTwyPQ4SHmhA7Dk4ywYuAsrMp6zuaHlPu1s21CMc88GLupcaT8CNdb9I7J

qZeTKVUwRlZAR/CkkF8IcAq/02QrNrZA9Uj0ZaGvxvy9x6MjTazDPkqPJ7IoYmIG

BlvSwGY2LQW5piuHuBgi2VSv8g3d1/4unVph0iiqCosAKldHrLJBkKe0evr0eF1H

BG1htjf9M5t2GyUk2OQ/rw+wYE2bYPZQjtYdgjE3U+hyZpBotrTQFl4ZvuDQdffU

ok2Hrw/vAy92KlM1UcjBO7m2VV52e5TdUVru/tnhvKADzpAn3LgQUVbj5W0GXPds

T+qMeOSA6Iw2fO8gsg==

=LzLX

-----END PGP PUBLIC KEY BLOCK-----

Example 3

encrypted message:

-----BEGIN PGP MESSAGE-----

Version: BCPG C# v1.6.1.0

hQEMA56oDgr6NUiVAQf+OZxioO1wGz3nnEImnyjrKViYBCN4boM+gKGiVo2RRPWw

+Pw8FDyjL2jO8CiX1+UTTZma0x9IXxHhoiQbA5Yncy9Hkn98SuPjvAm4CBvVqwTt

p4l6vm8eGdN8PqHfyGOVgbmvyoAfF8ciG5v5WLk3hJOUYy5t8MHSEltK/DA2RWQw

muUt5ExVxV7usHjUknRXT8FMbRfBZ+maGR5AxLbYnxFwQG5gkldjT4FbXI/cSxEC

p1dgUBL9+TLB/S2SCUCTiblpAn6AlaSfA3lpSU767aoRFhFqdiX+ObYDM6duOXNG

/VB80WwC3T9hMeHy1+KMPKeX3rfWRFmYmC8OfhCroskzr7AEPSOX19hwGijRPpUi

8IcaQyMcZ+mvuyIXP2XAtZgwDjWU9/twrQII1oUI/py6Tsq5

=5kkc

-----END PGP MESSAGE-----

Cracking Activity 2

Let’s go to this website to do some encryption and decryption:

https://picoctf.com/crypto_mats/index.html

As a group, create a few messages

Then take those messages and encrypt them

Next, bring them up to me and put a note that tells me which encryption you used for it

Finally, each group should choose a few (not your own) and try to decrypt them. Once you’ve decrypted them, tell us which you chose, what encryption it was, and what the message is

Public/Private Key Activity

Go to the website: https://www.igolder.com/PGP/

Split each group in half, and each half will play a role

One will be the owner of the public/private keys, and the other will be the one to send the message

The owner should give the sender their public key, and the sender should use the public key to encrypt the message. The sender then gives the message to the owner, who decrypts it using the private key and password for their keys

Next, each half should reverse roles

Finally, both halves will be owners and senders.