Brute force Attack,Cryptography, Encryption algorithms | How to make your data safe using Cryptography?

What is Cryptography?

Cryptography is a technique that used to hide the real meaning of information and transforming it into non readable format. For example : nowadays just take an example of 'Whatsapp'. There is encryption while sending a message. You can also called it as encryption of data. suppose you want to send a message "I Love You" to someone. The cryptography technique is that it replaces each and every letter in phrase with the third successive letter in the alphabet ie. "K NQXG AQX". To decry pt our message we will have to go back two letters in the alphabet using the letter that we want to decrypt.
The process of transforming information into nonhuman readable form is called encryption.
The process of reversing encryption is called decryption.

Decryption is done using a secret key which is only known to the legitimate recipients of the information. The key is used to decrypt the hidden messages. This makes the communication secure because even if the attacker manages to get the information, it will not make sense to them.

The encrypted information is known as a cipher.

What is Cryptanalysis?

Cryptanalysis is the art of trying to decrypt the encrypted messages without the use of the key that was used to encrypt the messages. Cryptanalysis uses maths analysis & algorithms to decipher the ciphers. The success of cryptanalysis attacks depends on 

Amount of time available

available Computing power

Storage capacity available  

The following is the list of Cryptanalysis attacks :

Brute force attack– this type of attack uses algorithms that try to guess all the possible logical combinations of the plaintext which are then ciphered and compared against the original cipher.  

Dictionary attack– this type of attack uses a wordlist in order to find a match of either the plaintext or key. It is mostly used when trying to crack encrypted passwords.  

Rainbow table attack– this type of attack compares the cipher text against pre-computed hashes to find matches.  

Also i forgot one term ie. Cryptology which combines the techniques of cryptography and crypt-analysis.

Encryption Algorithms

SHA– this is the acronym for Secure Hash Algorithm. SHA algorithms are used to generate condensed representations of a message (message digest). It has various versions as follows

SHA-0:  produces 120-bit hash values. It was withdrawn from use due to significant flaws and replaced by SHA-1.  

SHA-1:  produces 160-bit hash values. It is similar to earlier versions of MD5. It has cryptographic weakness and is not recommended for use since the year 2010.

SHA-2:  it has two hash functions namely SHA-256 and SHA-512. SHA-256 uses 32-bit words while SHA-512 uses 64-bit words.

SHA-3: this algorithm was formally known as Keccak.  

RC4– this algorithm is used to create stream ciphers. It is mostly used in protocols such as Secure Socket Layer (SSL) to encrypt internet communication and Wired Equivalent Privacy (WEP) to secure wireless networks.  

BLOWFISH– this algorithm is used to create keyed, symmetrically blocked ciphers. It can be used to encrypt passwords and other data.

Hacking Activity: Use CrypTool

We will create a simple cipher using the RC4 algorithm. We will then attempt to decrypt it using brute-force attack. let us assume that we know the encryption secret key is 24 bits. We will use this information to break the cipher.CrypTool 1 as our cryptology tool.
We will use CrypTool 1 as our cryptology tool. 

 

Creating the RC4 stream cipher

Open tool and replacing the text with Never underestimate the determination of a kid who is time-rich and cash-poor

Click on Encrypt/Decrypt menu 

Symmetric (modern) then select RC4  as shown in fig.

Then following window will appear  

Select 24 bits as the encryption key
Set the value to 00 00 00
Click on Encrypt button
You will get the following stream cipher

 

Now Attacking the stream cipher

Click on Analysis menu  

Point to Symmetric Encryption (modern) then select RC4 as shown above
You will get the following window

Remember the assumption made is the secret key is 24 bits. So make sure you select 24 bits as the key length.
Click on the Start button. You will get the following window

The time taken to complete the Brute-Force Analysis attack depends on the processing capacity of the machine been used and the key length. The longer the key length, the longer it takes to complete the attack.  

When the analysis is complete, you will get the following results.  

A lower Entropy number means it is the most likely correct result. It is possible a higher than the lowest found Entropy value could be the correct result.  

Select the line that makes the most sense then click on Accept selection button when done.

Note : This is only for educational purpose.