Skip to content

Latest commit

 

History

History
189 lines (166 loc) · 12.9 KB

cryptography.md

File metadata and controls

189 lines (166 loc) · 12.9 KB
Raw

Cryptography

Articles

Blogs

Books

Competitions

Concepts

Ciphers

Diffie Hellman

Notes
  • Encryption without padding is insecure
    • Encryption: SAEP, OAEP+
    • Signature: PSS
  • Diffie Hellman relies on:
    • Discrete log problem
    • Computational DH problem
    • Decisional DH problem
    • Use this setting for public key crypto (Cramer-Shoup) or signatures (Schnorr, DSA). Mostly used for DH though.
    • Really for this setting you just need a group G = of prime order q when DDH problem is hard
    • Can also get this structure from the group of points of an elliptic curve
      • Advantages
        • Much smaller parameters
        • Much more efficient operations
        • Picking parameters is easier and less error-prone
      • Modern protocols use
        • ECDH for key exchange
        • ECDSA, RSA (legacy) for signatures
  • Mod p, every invertible element has order dividing p-1 (with operation multiplication)

RSA

Notes

keyGen

  • pick primes p, q
  • set N = pq
  • set e = 65537
  • compute d s.t. e * d ≡ 1 mod (p - 1)(q - 1)

RSA function

  • f: (Z/NZ)x -> (Z/NZ)x
  • f: x -> xe mod N
  • f-1: y -> yd mod N

Hard problems

  • Factoring: given N, find p and q
  • RSA problem: given N, e, y, find x s.t.xe = y

Signatures from RSA

  • KeyGen: pubkey = (N, e), seckey = d
  • Sign M: σ = [Pack(M)]d mod N, Pack in (Z/NZ)x
  • Verify: σe ≡ Pack(M) mod N

Encryption from RSA

k <- AE keyspace
c = E Pack(k)e mod N

Decrypt: E Unpack(cd mod N) to get x

Infographics

Learning

Papers

Practice

Reddit

Tools

  • AntiMersenne - Predicting Python's Mersenne twister PRNG for 30c3 CTF, with Python calling Java
  • Ciphey - Automatically decode encryptions without a key, decode encodings, and crack hashes
  • cribdrag - an interactive crib dragging tool for cryptanalysis on ciphertext generated with reused or predictable stream cipher keys
  • Crib Dragging Auto Cracker - The project is to crack crib dragging in an efficient way. It will crib drag 5,000 most common English vocabularies on the cipher text and collect all the words that are partially/entirely recognized as an English word.
  • crypto_misc - Paper Implementation, Practice code, Cryptographic some others.
  • cryptobin - crypto and puzzle tools
  • CryptoGotchas - A collection of common (interesting) cryptographic mistakes and learning resources.
  • Crypton - Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Key Exchange, Authentication methods along with example challenges from CTFs
  • Cryptool
  • CryptoTools - a suite of cryptographic utilities for convenience that operate entirely on the client side. No calculations take place on the server, nor is any data generated or used here sent to the server.
  • Cryptoprograms - Make and decrypt ciphers
  • Decodify - It can detect and decode encoded strings, recursively.
  • hashID - Identify the different types of hashes used to encrypt data and especially passwords.
  • Mersenne Twister Predictor - Predict MT19937 PRNG, from preceding 624 generated numbers. There is a specialization for the "random" of Python standard library.
  • Outguess
  • RC4-40-brute-office - Guaranteed cracking of M$ Office files using RC4 40-bit encryption
  • RC4 Python - A simple encrypt/decrypt Python script using RC4
  • Replicated Random
  • RSA CTF Tool - RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data
  • rsa-stream - encrypt/decrypt rsa with streams
  • Solve Crypto With Force
  • XOR Analyze - Program for cryptanalyzing xor "encryption" with variable key length
  • xortool - A tool to analyze multi-byte xor cipher