Encryption — Crypto 101 — TryHackMe Walkthrough

Task 2 Key terms

Ciphertext — The result of encrypting a plaintext, encrypted data

Cipher — A method of encrypting or decrypting data. Modern ciphers are cryptographic, but there are many non cryptographic ciphers like Caesar.

Plaintext — Data before encryption, often text but not always. Could be a photograph or other file

Encryption — Transforming data into ciphertext, using a cipher.

Encoding — NOT a form of encryption, just a form of data representation like base64. Immediately reversible.

Key — Some information that is needed to correctly decrypt the ciphertext and obtain the plaintext.

Passphrase — Separate to the key, a passphrase is similar to a password and used to protect a key.

Asymmetric encryption — Uses different keys to encrypt and decrypt.

Symmetric encryption — Uses the same key to encrypt and decrypt

Brute force — Attacking cryptography by trying every different password or every different key

Cryptanalysis — Attacking cryptography by finding a weakness in the underlying maths

Are SSH keys protected with a passphrase or a password?

>> Passphrase

Task 3 Why is Encryption important?

When you connect to SSH, your client and the server establish an encrypted tunnel so that no one can snoop on your session.

What does SSH stand for?

>> Secure Shell

How do webservers prove their identity?

>> Certificates

What is the main set of standards you need to comply with if you store or process payment card details?

>> PCI-DSS

Task 4 Crucial Crypto Maths

X % Y is the remainder when X is divided by Y.

Examples

25 % 5 = 0 (5*5 = 25 so it divides exactly with no remainder)

23 % 6 = 5 (23 does not divide evenly by 6, there would be a remainder of 5)

An important thing to remember about modulo is that it’s not reversible. If I gave you an equation: x % 5 = 4, there are infinite values of x that will be valid.

What’s 30 % 5?

>> 0

What’s 25 % 7

>> 4

What’s 118613842 % 9091

>> 3565

Task 5 Types of Encryption

Should you trust DES? Yea/Nay

>> Nay

What was the result of the attempt to make DES more secure so that it could be used for longer?

>> Triple DES

Is it ok to share your public key? Yea/Nay

>> Yea

Task 6 RSA — Rivest Shamir Adleman

RSA is based on the mathematically difficult problem of working out the factors of a large number. It’s very quick to multiply two prime numbers together, say 17*23 = 391, but it’s quite difficult to work out what two prime numbers multiply together to make 14351 (113x127 for reference).

The key variables that you need to know about for RSA in CTFs are p, q, m, n, e, d, and c.

“p” and “q” are large prime numbers, “n” is the product of p and q.

The public key is n and e, the private key is n and d.

“m” is used to represent the message (in plaintext) and “c” represents the ciphertext (encrypted text).

p = 4391, q = 6659. What is n?

>> 29239669

Task 8 Digital signatures and Certificates

Find Certificate Details: https://www.geocerts.com/ssl-checker

Who is TryHackMe’s HTTPS certificate issued by?

.

Task 9 SSH Authentication

What algorithm does the key use?

>> RSA

Crack the password with John The Ripper and rockyou, what’s the passphrase for the key?

Task 10 Explaining Diffie Hellman Key Exchange

You have the private key, and a file encrypted with the public key. Decrypt the file. What’s the secret word?

>> Use Following Commands:

Thank You…!

Follow : LinkedIn | Twitter

Written By: Pratik Dhavade