Upload
laurel-ellis
View
223
Download
1
Tags:
Embed Size (px)
Citation preview
Fmdszqujpo!Encryption!
Encryption
Group Activity 1: Take the message you were
given, and create your own encryption.
You can encrypt it anyway you want
Try to make an interesting version that you think no other group will be able to guess!
Encryption
What do you all think Encryption is?
Where do you think a good place is to use encryption?
Encryption
To change information from one form to another especially to hide its meaning. (from the merriam-webster dictionary)
In cryptography, encryption is the process of encoding messages or information in such a way that only authorized parties can read it. (from our favorite site Wikipedia)
Encoding
Encoding is the act of transforming data so that it may be properly consumed by another party
Encoding is not used for security purposes
Common Encoding Schemes HTML URL Unicode Hex
Encryption
Encryption is similar to encoding, except it implements the use of a key
A key is typically a random string of bits used to scramble and unscramble data
Different types of Encryption Symmetric Key Encryption Public Key Encryption
Common Encryption Schemes WEP TKIP AES-CCMP
EncryptionExhaustive Key Search
Cracking Activity 1
For this activity, we will list each of the messages up here, and then each group should choose a message and try to crack the encryption and get the message.
Cracking Activity 1
The messages are:
More Definitions, yay
There are 2 types of encryption, weak encryption and strong encryption.
Weak encryption means that although it is encrypted, it is a simple algorithm, or simple way to encrypt it, and can be cracked in minutes to anything less than a day or so. An example of this is from a security flaw found in March. This flaw is from the days when the government enforced that products be exported with weak encryption, but then was forgotten, and wasn’t discovered till this year, leaving a lot of time for any number of people to exploit it. The encryption was 512 bits, which can be cracked in about 7 hours if you have a good enough set of computers (or using a cloud of computers).
Definitions cont.
Strong encryption means that the data/message is encrypted with either a very complex algorithm, or it is encrypted enough times that it takes a long time to decrypt. An example is that you use 2048 bit encryption, or if you want to keep the weak encryption algorithm, you can encrypt the data multiple times to make it stronger (like encrypting a message with one method, then encrypting the result with another, and so on for 5 different encrypted algorithms).
Definitions cont.
One last definition that is good to know is what we mean when we say we will crack encryption. When we say crack we mean break it or decrypt it in some shape or form.
Example 1 – Caesar cipher
A Caesar cipher is an algorithm that uses the English alphabet to change a message into something else. You choose a number from 1 to 25, and for each letter in the message you want to encrypt, you add the number to it and change to the new letter.
Example 1 – Caesar cipher
Let’s say we want to take this phrase ‘thisisencryptionclass’ and use the Caesar cipher to encrypt it. Let’s say we choose 5 as our ‘key’, which means the value we want to change it with. First thing we can do is right out the alphabet from 0 to 25, and place the letters with the numbers.
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
a b c d e f g h i j k l m n o p q r s t u v w x y z
Example 1 – Caesar cipher
t h i s i s e n c r y p t i o n c l a s s
19 7 8 18 8 18 4 13 2 17 24 15 19 8 14 13 2 11 0 18 18
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
a b c d e f g h i j k l m n o p q r s t u v w x y z
So the message in number form is:
19 7 8 18 8 18 4 13 2 17 24 15 19 8 14 13 2 11 0 18 18
Example 1 – Caesar cipher
Ok, now that we have the message as a number, let’s convert it using the key.
Our key = 5 in this case, so add 5 to every number (and when it hits 25, start back at 0 ie. 23 + 5 = 25 + 3 = 2
Example 1 – Caesar cipher
19 7 8 18 8 18 4 13 2 17 24 15 19 8 14 13 2 11 0 18 18
+5 +5 ….. …. +5 +5
24 12 13 23 13 23 9 18 7 22 3 20 24 13 19 18 7 16 5 23 23
Finally, let’s convert that back to letters:
(remember:
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
a b c d e f g h i j k l m n o p q r s t u v w x y z
Example 1 – Caesar cipher
24 12 13 23 13 23 9 18 7 22 3 20 24 13 19 18 7 16 5 23 23
y m n x n x j s h w d u y n t s h q f x x
That means our original message: thisisencryptionclass
Is now encrypted and looks like this:
ymnxnxjshwduyntshqfxx
Pretty simple right?
Example 1 – Caesar cipher
Example 2 – Substitution Cipher
The Substitution cipher goes one step further, and instead of using a single key, we just arbitrarily change the way we have the letters.
Example 2 – Substitution Cipher
For this example, let’s use the following for our substitution key:
a b c d e f g h i j k l m n o p q r s t u v w x y z
j d k e b o a p r i l u m n w q s f z x c v b s t y
Now, using the same message we had in example one, we substitute each letter for the one in the key we made.
thisisencryptionclass is the message and gets encrypted to:
Example 2 – Substitution Cipher
t h i s i s e n c r y p t i o n c l a s s
x p r z r z b n k f t q x r w n k u j z z
a b c d e f g h i j k l m n o p q r s t u v w x y z
j d k e b o a p r i l u m n w q s f z x c v b s t y
Example 3
Example 3
For this example, we will explore public/private key encryption
First off, go to https://www.igolder.com/PGP/
We will use this site for the public/private key encryption
Example 3
unencrypted message:
thisisencryptionclass
Example 3
public key:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: BCPG C# v1.6.1.0
mQENBFWUN4IBCACLRN0U0mcGe69UWvc0k7ZYZ5NH1eyIqpRzuISgjvC3AUBWqROk
yveE/zKUDBcYTge3G2yEOuAfTA6lCGPhXfSug6un9r1ddWcmfQK4BSVqFurlZpcC
x10f5ZLsIsJyDXML8GgKk3q0HhPxiE9qVnrhq1lV1KHaAaf60ifbr2dpTZkxLP9Q
hd/1it+wpByNO6xq+lx47CVbOoiCDIQxqPI1CixqnZGmFQ8MNf5dqtDN2i6aVoIb
TtYQSQppKO/bUG6//8mosmWfCQ9T7dHDRgX6KRVTv6PxsmXXFuj4iurcjFPK+9GP
mBf/ml8LwxhHM0b2wc2RTouc7KMrZ2yEQ2VHABEBAAG0HHdiZjAwMDdAdGlnZXJt
Example 3
YWlsLmF1YnVybi5lZHWJARwEEAECAAYFAlWUN4IACgkQnqgOCvo1SJWYiAf/S8bH
P/nUwfVTwyPQ4SHmhA7Dk4ywYuAsrMp6zuaHlPu1s21CMc88GLupcaT8CNdb9I7J
qZeTKVUwRlZAR/CkkF8IcAq/02QrNrZA9Uj0ZaGvxvy9x6MjTazDPkqPJ7IoYmIG
BlvSwGY2LQW5piuHuBgi2VSv8g3d1/4unVph0iiqCosAKldHrLJBkKe0evr0eF1H
BG1htjf9M5t2GyUk2OQ/rw+wYE2bYPZQjtYdgjE3U+hyZpBotrTQFl4ZvuDQdffU
ok2Hrw/vAy92KlM1UcjBO7m2VV52e5TdUVru/tnhvKADzpAn3LgQUVbj5W0GXPds
T+qMeOSA6Iw2fO8gsg==
=LzLX
-----END PGP PUBLIC KEY BLOCK-----
Example 3
encrypted message:
-----BEGIN PGP MESSAGE-----
Version: BCPG C# v1.6.1.0
hQEMA56oDgr6NUiVAQf+OZxioO1wGz3nnEImnyjrKViYBCN4boM+gKGiVo2RRPWw
+Pw8FDyjL2jO8CiX1+UTTZma0x9IXxHhoiQbA5Yncy9Hkn98SuPjvAm4CBvVqwTt
p4l6vm8eGdN8PqHfyGOVgbmvyoAfF8ciG5v5WLk3hJOUYy5t8MHSEltK/DA2RWQw
muUt5ExVxV7usHjUknRXT8FMbRfBZ+maGR5AxLbYnxFwQG5gkldjT4FbXI/cSxEC
p1dgUBL9+TLB/S2SCUCTiblpAn6AlaSfA3lpSU767aoRFhFqdiX+ObYDM6duOXNG
/VB80WwC3T9hMeHy1+KMPKeX3rfWRFmYmC8OfhCroskzr7AEPSOX19hwGijRPpUi
8IcaQyMcZ+mvuyIXP2XAtZgwDjWU9/twrQII1oUI/py6Tsq5
=5kkc
-----END PGP MESSAGE-----
Cracking Activity 2
Let’s go to this website to do some encryption and decryption:
https://picoctf.com/crypto_mats/index.html
As a group, create a few messages
Then take those messages and encrypt them
Next, bring them up to me and put a note that tells me which encryption you used for it
Finally, each group should choose a few (not your own) and try to decrypt them. Once you’ve decrypted them, tell us which you chose, what encryption it was, and what the message is
Public/Private Key Activity
Go to the website: https://www.igolder.com/PGP/
Split each group in half, and each half will play a role
One will be the owner of the public/private keys, and the other will be the one to send the message
The owner should give the sender their public key, and the sender should use the public key to encrypt the message. The sender then gives the message to the owner, who decrypts it using the private key and password for their keys
Next, each half should reverse roles
Finally, both halves will be owners and senders.