What is Cryptography?
Cryptography is protecting the confidentiality and integrity of the information without being vulnerable to the attackers or threat. It is an encryption technique when ensure the data is only visible to the sender and recipient and no middle man can steal the data and snoop for information.
There are three most common types of cryptographic techniques in general. They are –
- Symmetric key cryptography – Here the sender and receiver share a similar key and it can be used for both encryption and decryption.
- Hash functions – There is no key used, rather a hash value is used to encrypt text, contents and passwords.
- Public key cryptography – In this two different keys such as public key for encryption and private key for decryption is used. Only the private key is kept as secret.
Encryption Tools and Techniques:
There are few tools available for encryption technique. They include –
- Triple DES – Replaces Data encryption standard(DES) algorithm, uses 3 individual keys with 56 bit.
- RSA – Public encryption algorithm to protect the data over internet. It is an asymmetric key encryption algorithm which uses public and private key.
- Blowfish – It splits the message into 64 bits and encrypts them, is used in certain payment gateways. It is fast, effective and flexible.
- Twofish – Keys in this algorithm are 256 bits in length and it is a symmetric key encryption technique.
- AES – Advanced encryption standard, trusted by many standard organizations. It can encrypt is 128 bit, 192 bit as well as 256-bit.
There are five essential privacy in the internet to be maintained. They are email, file, voice, chat and traffic privacy. Few custom software and applications are available for encryption technique, which includes –
- LastPass – Password manager and used to generate strong and secure passwords.
- BitLocker – Integrated in Windows OS, it is a full disk encryption tool which uses AES for encryption.
- Veracrypt – Similar to Bitlocker, but used in cross platforms like Windows, Linux, OS X and so on.
- DiskCryptor – Free encryption tool, used to even hide system partitions and ISO images.
- HTTPS Everywhere – Makes sure the websites go through an authentication process while connecting to a secure website.
- VPN’s – Tor browser, Express VPN, Cyber ghost and several other tools are available for VPN’s. It is used to ensure that the web traffic and data remains encrypted.
- Using online proxy servers we can hide the IP address and surf anonymously.
Join the best Ethical Hacking course and give a head-start to your career as a professional Ethical Hacker!
Secure Hashing Algorithm:
A hash is a mathematical function which is used by computer since they are convenient to compute a hash. They identify, compare or run calculations against files and strings of data. Hashing algorithms are used in databases, also used to store passwords.
||SHA-1 is a 160 bit hash.
||SHA-2 is a 256 hash.
||Developed in 1993.
||Developed after 2009.
||Vulnerable to brute force attacks
||Brute force attacks are prevented in SHA-2.
Properties of Hash function:
A hash function with the following properties is considered desirable. They include –
- Pre-image resistance – This property is known for hard computation to reverse the hash.
- Second pre-image resistance – This property gives an input and hash and it is hard to find the same input and hash.
- Collision resistance – This property makes it difficult to find two unique inputs of any length that result in same hash.
The cryptographic attacks performed by a hacker can be either an active or passive attack. There are different methodologies of cryptographic attacks −
- Ciphertext Only Attacks (COA) − The attacker deciphers the plain text using ciphertext. Encryption key is determined from this attack.
- Known Plaintext Attack (KPA) − Few parts of the plain text are known, remaining few parts are deciphered using ciphertext.
- Chosen Plaintext Attack (CPA) − The choice of the plain word is chosen by the attacker itself. RSA is vulnerable to this type of attacks.
- Brute Force Attack (BFA) − Long process where the attacker tries to decrypt all the possible combinations of the key.
- Birthday Attack − Variant of brute force, used against hash function.
- Side Channel Attack (SCA) − Used to find the vulnerabilities and exploit the system.
- Timing Attacks − They try to find the duration of the encryption to find the strength of the encryption.
- Power Analysis Attacks − They try and find the power consumption used to encrypt the system.