Cryptography and Microsoft Tools

CRYPTOGRAPHY

Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa. It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. Cryptography not only protects data from theft or alteration but can also be used for user authentication.

Simply says, Cryptography is the science of using mathematics to encrypt and decrypt data.

Nowadays, Cryptography is mainly based on mathematical theory and computer science practice -

Modern cryptography concerns with -
1. Confidentiality - Information cannot be understood by anyone

2. Integrity - Information cannot be altered.

3. Non-repudiation - Sender cannot deny his/her intentions in the transmission of the 

information at a later stage

4. Authentication - Sender and receiver can confirm each

This is the basic flow of cryptography -

Note - While cryptography is the science of securing data, cryptanalysis is the science of analyzing and breaking secure communication. Cryptology embraces both cryptography and cryptanalysis.

Types of Cryptography -

Three types of cryptographic techniques used in general.

1. Symmetric-key cryptography (SKC)

2. Public-key cryptography (PKC)

3. Hash functions.

Symmetric-key Cryptography: Both the sender and receiver share a single key. The sender uses this key to encrypt plaintext and send the ciphertext to the receiver. On the other side, the receiver applies the same key to decrypt the message and recover the plain text.

Public-Key Cryptography: This is the most revolutionary concept in the last 300-400 years. In Public-Key Cryptography two related keys (public and private key) are used. The public key may be freely distributed, while its paired private key, remains a secret. The public key is used for encryption and for decryption private key is used.

Hash Functions: No key is used in this algorithm. A fixed-length hash value is computed as per the plain text that makes it impossible for the contents of the plaintext to be recovered. Hash functions are also used by many operating systems to encrypt passwords.

Encryption Algorithms

MD5– this is the acronym for Message-Digest 5. It is used to create 128-bit hash values. Theoretically, hashes cannot be reversed into the original plain text. MD5 is used to encrypt passwords as well as check data integrity.  MD5 is not collision resistant. Collision resistance is the difficulties in finding two values that produce the same hash values.

• SHA– this is the acronym for Secure Hash Algorithm. SHA algorithms are used to generate condensed representations of a message (message digest). It has various versions such as;

• SHA-0:  produces 120-bit hash values. It was withdrawn from use due to significant flaws and replaced by SHA-1.
• SHA-1:  produces 160-bit hash values. It is similar to earlier versions of MD5. It has cryptographic weakness and is not recommended for use since the year 2010.
• SHA-2:  it has two hash functions namely SHA-256 and SHA-512. SHA-256 uses 32-bit words while SHA-512 uses 64-bit words.
• SHA-3: this algorithm was formally known as Keccak.

• RC4– this algorithm is used to create stream ciphers. It is mostly used in protocols such as Secure Socket Layer (SSL) to encrypt internet communication and Wired Equivalent Privacy (WEP) to secure wireless networks.
• BLOWFISH– this algorithm is used to create keyed, symmetrically blocked ciphers. It can be used to encrypt passwords and other data.

Hacking Activity: Use CrypTool

In this practical scenario, we will create a simple cipher using the RC4 algorithm. We will then attempt to decrypt it using brute-force attack. For this exercise, let us assume that we know the encryption secret key is 24 bits. We will use this information to break the cipher.

We will use CrypTool 1 as our cryptology tool. CrypTool 1 is an open source educational tool for cryptological studies. You can download it from https://www.cryptool.org/en/ct1-downloads

Microsoft Cryptography Tools

The publishing tools and the signing DLL are installed in the \Bin directory of your Microsoft SDK installation. They include the following files.

Filename	Remarks
Cert2SPC.exe	Creates a Software Publisher Certificate (SPC) for testing purposes only.
CertMgr.exe	Manages certificates, CTLs, and certificate revocation lists (CRLs).
MakeCat.exe	Creates an unsigned catalog file that contains the hashes of a set of files along with associated attributes of each file.
MakeCert.exe	Creates an X.509 certificate for testing purposes only.
Pvk2pfx.exe	Converts a software publisher certificate file (.spc) or a private key file (.pvk) to Personal Information Exchange (PFX) file format.
SetReg.exe	Sets registry keys that control certificate verification.
SignTool.exe	Signs and time stamps a file. Additionally, checks the signature of a file.

Uses - Cryptography is used in many applications like banking transactions cards, computer passwords, and e-commerce transactions.