In this course you will learn how cryptographic primitives work, as well as how implement them correctly and securely.

Cryptography is Everywhere

Cryptography is used for secure communication
  • Web traffic is secured using HTTPS Cryptography
  • Wireless traffic uses an array of protocols such as 802.11 WPA2, GSM, Bluetooth

It is used for encrypting files on a disk for secure storage using tools like TrueCrypt and EFS.

DvD and Blu-Ray disks have content protection to protect them from being ripped and duplicated. DvDs are secured with CSS and Blu-Ray AACS. It just so happens that CSS is very broken and we will go over how to crack it in a later lesson.

Secure Communication

Everyday we use applications that talk to servers securely using Cryptographic Protocols. For example, when browsing the web we secure our data using HTTPS which is in fact just a protocol called SSL. The goal of this protocol is to make it so the data traveling across the network can't be read by an attacker or tampered with.

Secure Socket Layer

Secure Socket Layer (SSL) also known as TLS consists of two parts.

The first part is called the handshake protocol where the user and the server establish a shared secret key using public key cryptography (we will go over this later).

The second part is called the record layer in which we use this shared secret key to transmit data securely. Because only the user and the server know the key, an attacker can not read or tamper with the data.

Protecting Files on Disk

As I mentioned before, one of the main uses of cryptography is to secure data on a disk. The user generates a secret key just like in secure communication using SSL, this key in then used to write the files to the disk. When the user wants to read these files they must supply the proper secret key to properly read them. This means if the data is stolen it would be completely unreadable without the key, which we will assume the thief doesn't have.

Basic Cryptography

The fundamental building block of cryptography is called symmetrical encryption.

Basically the two parties communicating share a secret key in which the attacker does not know. They use this key in conjunction with a cipher, a set of encryption and decryption algorithms, to secure their data.

The encryption algorithm takes the original data and the secret key and produces what is called a "cipher text". For example, if the original data is the word "hello" the algorithm may convert that into "lb597z" using the secret key.

The decryption algorithm can than take that cipher text and the secret key and turn it back into the original plain text of "hello".

Types of Keys

Single use keys
A single use key is used to encrypt one message. For example, an encrypted E-Mail would generate a new key for every E-Mail.

Multi use keys
A Multi use key is used to encrypt multiple messages. For example, encrypting many files on a disk at the same time would use the same key for each file.

Post a Comment