At Deepwatch, " Empowering Your Digital Defense, Ensuring Your Peace of Mind"

Category: Cryptography & Stegnography

Drughydrus Add Google Drive To Roughrobin Torjan

Drughydrus Add Google Drive To Roughrobin Torjan

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolorer

Read More
Beginner Guide to Classic Cryptography

Beginner Guide to Classic Cryptography

Cryptography:  It is a technique of scrambling messages using mathematical logic to keep the information secure. It preserves the scrambled message from being hacked when transported over the unsecured network. Since it converts the readable message in unreadable text. Plaintext: It is the content of data which is in a readable form that needs to be shared over the insecure network. Encrypting key: It is a random string of bits created particularly to scramble the plaintext information into unreadable text using mathematical logic. There are two types of encryption keys symmetric key and asymmetric key. Ciphertext: The output of encryption produces ciphertext which is not readable by human beings. Decrypting key: It is the key which used to decipher the ciphertext into again plaintext using the symmetric or asymmetric key to read the original message. Functionality of cryptosystem Authentication: It is the process of verification of the identity of a valid person through his username and password that communicates over a network. Authorization: It refers to the process of granting or denying access to a network resource or service. Most of the computer security systems that we have today are based on a two-step mechanism. The first step is authentication, and the second step is authorization or access control, which allows the user to access various resources based on the user’s identity. Confidentiality or privacy: It means the assurance that only authorized users can read or use confidential information. When cryptographic keys are used on plaintext to create ciphertext, privacy is assigned to the information. Integrity: Integrity is the security aspect that confirms that the original contents of information have not been altered or corrupted. There should be no kind of modification with information while it is transported over the network. Non-repudiation: Non-repudiation makes sure that each party is liable for its sent message. Someone can communicate and then later either falsely deny the communication entirely or claim that it occurred at a different time or even deny receiving any piece of information. Classical Cryptographic Algorithms Types Caesar Cipher Caesar cypher is a type of substitution cypher in which each letter of the alphabet is swapped by a letter a certain distance away from that letter. Algorithm Step 0: Mathematically, map the letters to numbers (i.e., A = 1, B = 2, and so on). Step 1: Select an integer key K between 1 and 25 (i.e., there are a total of 26 letters in the English language) let’s say shift right to 3 alphabets where A +3 = D, B+3 = E and so on. Step 2: The encryption formula is “Add k mod 26”; that is, the original letter L becomes (L + k)%26. For example encryption of “IGNITE” will like as: C = E (L+K) %26 Here L= I and K = 3 C = E (I+3) % 26 C = E (9+3) % 26 C = E (12) % 26 C = E (L) Hence encryption of IGNITE: LJQLWH Step 3: The deciphering is “Subtract k mod 26”; that is, the encrypted letter L becomes (L – k) %26. For example Decryption of “LJQLWH” will like as: C = D (L-K) %26 C = D (L-3) % 26 C = D (12-3) % 26 C = D (9) % 26 C = D (I) Hence decryption of LJQLWH: IGNITE  Limitation: Caesar cypher is vulnerable to brute-force attack because it depends on a single key with 25 possible values if the plaintext is written in English. Consequently, by trying each option and checking which one results in a meaningful word, it is possible to find out the key. Once the key is found, the full ciphertext can be deciphered accurately. Monoalphabetic Cipher It is also a type of substitution cipher in which each letter of the alphabet is swapped by using some permutation of the letters in an alphabet. Hence permutations of 26 letters will be 26! (Factorial of 26) and that is equal to 4×1026. This technique uses a random key for every single letter for encryption and which makes the monoalphabetic cipher secure against brute-force attack. The sender and the receiver decide on a randomly selected permutation of the letters of the alphabet. For example in word “HACKING” replace G from “J” and N from “W” hence permutation key is 2! i.e. factorial of 2 and HACKING will become “HACKJIW”. Algorithm Step 0: Generate plaintext–cypher text pair by mapping each plain text letter to a different random cipher text letter IJKLQR——–GFE. Step 1: To encipher, for each letter in the original text, replace the plain text letter with a ciphertext letter. Hence encryption of “IGNITE” will be as shown below Step 2: For deciphering, reverse the procedure in step 1. Hence decryption of “USBUOQ” will be “IGNITE” Limitations Despite its advantages, the random key for each letter in monoalphabetic substitution has some downsides too. It is very difficult to remember the order of the letters in the key, and therefore, it takes a lot of time and effort to encipher or decipher the text manually. Monoalphabetic substitution is vulnerable to frequency analysis. Playfair Cipher  It encrypts digraphs or pairs of letters rather than single letters like the plain substitution cipher In this cipher, a table of the alphabet is 5×5 grids is created which contain 25 letters instead of 26. One alphabet “J” (or any other) is omitted. One would first fill in the spaces in the table with the letters of the keyword (dropping any duplicate letters), then fill the remaining spaces with the rest of the letters of the alphabet in order. If the plaintext () contains J, then it is replaced by I. Algorithm Step 0: Split the plaintext into a pair, if the number of letters is odd then add “X” with the last letter of the plaintext For example “TABLE” is our plaintext split it into the pair as TA BL EX Step 1: Set the 5 × 5 matrices by filling the first positions with the key. Fill the rest of the matrix with other letters. Let’s assume “ARTI” is our key for encryption. Step

Read More
Understand Hashing in Cryptography (A Practical Approach)

Understand Hashing in Cryptography (A Practical Approach)

Cryptography is the conversion of plain readable text into the unreadable form. In cryptography first, the data is converted into ciphertext (that is encryption) and then the ciphertext is converted back into readable form (that is decryption). Cryptography basically works on the concept of encryption and decryption. Encryption and decryption should not be confused with encoding and decoding, in which data is converted from one form to another but is not deliberately altered so as to conceal its content. Encryption is achieved through the algorithms. These algorithms are works with logic, mathematics calculations, and its complexities. Hash Function is the most important function in Cryptography. A hash means a 1 to 1 relationship between data. This is a common data type in languages, although sometimes it’s called a dictionary. A hash algorithm is a way to take an input and always have the same output, otherwise known as a 1 to 1 function. An ideal hash function is when this same process always yields a unique output. So you can tell someone, here is a file, and here is its md5 hash. If the file has been corrupted during then the md5 hash will be a different value. In practice, a hash function will always produce a value of the same size, for instance, md5 () it will always return 128bits no matter the size of the input. This makes a 1 to 1 relationship impossible. A cryptographic hash function takes extra precautions in making it difficult to produce 2 different inputs with the same output, this is called a collision. It also makes it difficult to reverse the function. Hash functions are used for password storage because if an attacker where to obtain the password’s hash then it forces the attacker to break the hash before he can use it to log in. To break hashes, attackers will take a word list or an English dictionary and find all of the corresponding hash values and then iterate through the list for each password looking for a match. md5 (), sha0 and sha1 () are all vulnerable to hash collision attacks and should never be used for anything security related. Instead, any member of the sha-2 family, such as sha-256 should be used. To calculate the Hash Value, we will use a Hash Calculator. Install Hash Calculator from –> http://www.slavasoft.com/hashcalc/ Hash function plays a major role in the hacking/forensic world because it helps us to know whether a particular file has changed or not. You can also calculate the hash value of your computer and know if anyone has made any kind of changes. To calculate the hash value open Hash Calculator. Now browse the file of which you want to calculate the hash value. And click on Calculate. After clicking on calculate it will give too hash values using four different hashing algorithms i.e MD5, SHA1, RIPEMD160, CRC32. You can check other boxes too if you want to use those algorithms to calculate the hash value. This way Hash calculator helps us to know the hash value. Now if there are any changes made in this file, the hash value will change too. Once I calculated the hash value above I made some changes in the file and calculated the hash value again with the same method and as a result, the hash value was changed. Now, we have two hash values. Let us compare both of these values of MD5. The value of first file is 1110808875326e25dl93e4ee096afaf1 and the value of other file is fb9d53883f302d78c978a583e8a85. Seeing these two values of MD5 of the same file we can conclude that some changes are made. Because even the slightest difference will change the hash value. But now the main question is how to detect this change because a file can be of 1TB too. Also, imagine that you are sending a hard disk full of important documents to someone and there is a huge possibility that someone can bribe the sender and make changes in your documents. So how can you detect these changes? The answer is very simple –> Compare it! This tool helps us achieve our goal which is to detect the change. Download Compare it! From —>http://www.grigsoft.com/wincmp3.htm Open Compare it! Click the file and a drop menu will appear. Select the compare files option. A Dialogue box will open which will ask you to choose the files that you want to compare. Click on Browse button and select your file. And click on Open. It will show you the changes by highlighting them with green colour and the red colour will tell the exact change as shown below: So, in such a way you can protect your sensitive data and detect the crime done too.

Read More
Beginner Guide of Cryptography (Part 1)

Beginner Guide of Cryptography (Part 1)

Cryptography is a conversion of plain readable text into an unreadable form. In cryptography first, the data is converted into ciphertext (that is encryption) and then the ciphertext is converted back into readable form (that is decryption). Cryptography basically works on the concept of encryption and decryption. Encryption and decryption should not be confused with encoding and decoding, in which data is converted from one form to another but is not deliberately altered so as to conceal its content. Encryption is achieved through the algorithms. These algorithms are works with logic, mathematics calculations and its complexities. Encryption: Encrypted data is referred to as ciphertext. Cyphertext is a conversion of readable text into an unreadable form. It is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it.  Decryption: Decryption is the process of converting encrypted data back into its original form, so it can be understood. To decrypt the data one needs a secret key or password so it can be decrypted. Encryption can be done in three ways: Symmetric Asymmetric Hash Symmetric: Symmetric encryption’s job is to take readable data, scramble it to make it unreadable, then unscramble it again when it’s needed. It’s generally fast, and there are lots of good encryption methods to choose from.  The most important thing to remember about symmetric encryption is that both sides—the encrypter, and the decrypter—need access to the same key. Asymmetric: Asymmetric encryption also takes readable data, scrambles it, and unscrambles it again at the other end, but there’s a twist: a different key is used for each end.  Encrypters use a public key to scramble the data, and decrypters use the matching private (secret) key on the other end to unscramble it again. Hash: Hashing is what is actually happening when you hear about passwords being “encrypted”.  Strictly speaking, hashing is not a form of encryption, though it does use cryptography.  Hashing takes data and creates a hash out of it, a string of data with three important properties : the same data will always produce the same hash, it’s impossible to reverse it back to the original data, given knowledge of only the hash, it’s infeasible to create another string of data that will create the same hash (called a “collision” in crypto parlance). hash is to authenticate otherwise clearly-transmitted data using a shared secret (effectively, a key.) The hash is generated from the data and this secret so that only the data and the hash are visible; the shared secret is not transmitted and it thus becomes infeasible to modify either the data or the hash without such modification being detected. Now, there are very simple methods to achieve cryptography in our day to day life so that our data sharing can be done securely. For Symmetric encryption we can simply visit the website: www.aesencryption.net, shown below : On this website in the first box writing your message and in the second box give your password and then click on the encrypt button on the right side. The website will now reload itself and will provide you with the encrypted text. Send this encrypted text to the desired person and tell them the key (which, in this case, is time). The said person, after receiving your encrypted message, can come on this website to decrypt it. He/She will simply have to copy the encrypted text and paste it on the first box and enter the key in the next box and click on the decrypt button on the right side as shown below : After clicking on decrypt the site will reload itself and will provide you with plain text. Hence, symmetric encryption. For Asymmetric encryption, we can simply go to www.igolder.com/pgp/generate-key/, the following website will open Click on generate PGP keys, after opening the website. A public and private key will be generated. Now, copy the public key and click on PGP encrypt message option, it will redirect to the following page Paste the public key in the first box and write your message in the second box. By clicking on Encrypt Message, you will get your message encrypted. Now, copy this encrypted message to the desired person along with the private key which you generated in the first step. The same person can also visit this site and click on PGP decrypt message option to decrypt the message. After clicking on the said option, the following page will open: He/She can copy the private key and encrypted message and paste it on the first and second box respectively. At last click on Decrypt message and your message will be decrypted.

Read More
× Live Chat