Encryption

https://tryhackme.com/room/encryptioncrypto101

Encryption can be symetric and asymetric.

Symetric means the same key is used for encryption and decryption. Asymetric means one (private) key is used to encrypt/decrypt the data, another (public) key is used for decryption.

RSA

Rivest Shamir Adleman

• https://github.com/Ganapati/RsaCtfTool
• https://github.com/ius/rsatool

Public RSA Keys with a strength of 128/256 can be used to derive a private key: https://github.com/b4den/rsacrack. Because RSA keys this days are created with a strength of 2048 and higher, this attack vector is only feasable in CTFs.

Diffie Hellman Key Exchange

Key exchange allows two people/parties to establish a set of common cryptographic keys without an observer being able to get these keys. Generally, to establish common symmetric keys.

Alice and Bob want to talk securely. They want to establish a common key, so they can use symmetric cryptography, but they don’t want to use key exchange with asymmetric cryptography. This is where DH Key Exchange comes in.

Alice and Bob both have secrets that they generate, let’s call these A and B. They also have some common material that’s public, let’s call this C.

We need to make some assumptions. Firstly, whenever we combine secrets/material it’s impossible or very very difficult to separate. Secondly, the order that they're combined in doesn’t matter.

Alice and Bob will combine their secrets with the common material, and form AC and BC. They will then send these to each other, and combine that with their secrets to form two identical keys, both ABC. Now they can use this key to communicate.

PGP/GPG

PGP stands for Pretty Goog Privacy.

GPG or GnuPG is the open source implementation of PGP. These keys can be protected via a passphrase like SSH keys.

AES

Rijndael, Advanced Encryption Standard