CRYPTO cryptography-notes

1. Classical cryptography

1. Replacement method: Use fixed information to replace the original text with cipher text

        Encryption methods of replacement method: one is single table replacement, the other is multi-table replacement

        Single table replacement: original text and cipher text use the same table

        abcde---》sfdgh

        Multi-table replacement: There are multiple tables to compare the original text and the cipher text.

        Form 1: abcde---》sfdgh Form 2: abcde---》chfhk Form 3: abcde---》jftou

       Original text: adc

        Key: 312

        Cipher text: jgf 

2. Displacement method: compare the position of letters on the alphabet and move them

        Caesar Encryption:

               abce---》The backward displacement is 2---》cefg

encryption:

str=input("请输入明文：")
n=int(input("请输入密钥："))
str_encrypt=""
for letter in str:
    if letter==" ":  #遇到空格选择不加密
        letter_encrypt=" "
    else:
        letter_encrypt=chr((ord(letter)-ord("a") +n) %26 +ord("a"))
    str_encrypt += letter_encrypt
print("密文为：",str_encrypt)

Decryption:

str=input("请输入密文：")
n=int(input("请输入密钥："))
str_decrypt=""
for word in str:
    if word==" ":  #遇到空格选择不解密
        word_decrypt=" "
    else:
        word_decrypt=chr((ord(word)-ord("A") -n) %26 +ord("A"))
    str_decrypt = str_decrypt+word_decrypt
print("明文为：",str_decrypt)

 Brute force against Caesar:

LETTERS="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
LETTERS1="ABCDEFGHIJKLMNOPQRSTUVWXYZ"
LETTERS2="abcdefghijklmnopqrstuvwxyz"

text=input("请输入密文：")
for key in range(len(LETTERS)):
    str=""
    for i in text:
        if i in LETTERS:
            if i.isupper():  #密文字母为大写
                num = LETTERS1.find(i)  #在字母里搜索到密文字符的位置
                num = num - key
                if num<0:
                    num = num + len(LETTERS1)
                str = str + LETTERS1[num]  #将解密后字符追加到字符串末尾
            elif i.islower():  #密文字母为小写
                num = LETTERS2.find(i)  #在字母里搜索到密文字符的位置
                num = num - key
                if num<0:
                    num = num + len(LETTERS2)
                str = str + LETTERS2[num]  #将解密后字符追加到字符串末尾
        else:
            str = str + i  #如果密文中内容不在字母里则不解密，直接追加
    print('第%d把钥匙的结果是%s' %(key, str))  #显示每一个可能的值

3. How to crack the Caesar cipher:

        Frequency analysis method: When the key is uncertain, the key is obtained by comparing the most frequent words in the plaintext with the most frequent words in the ciphertext.

Count the frequency of characters in ciphertext:

def count_each_char_sort_value(str):
    dict = {}
    for i in str:
        dict[i] = dict.get(i, 0) + 1
    
    # sorted 方法会生成一个排序好的容器
    # operator.itemgetter(1)  获取字典第一维的数据进行排序
    # reverse 表示倒序排列
    dict=sorted(dict.items(),key= operator.itemgetter(1),reverse=True)
    return dict
 
if __name__ == "__main__":
    res = count_each_char_sort_value("abdefdcsdf")
    print(res)

The word e appears most frequently in English. The difference between the ASCII code of the highest appearing character and the ASCII of e is the key.

The key obtained through frequency analysis is performed on large ciphertext. The longer the ciphertext, the more accurate the decrypted plaintext will be.

 4. Fence password

The fence cipher divides the original string into groups of N, and then connects the first words of each group to form an irregular sentence.

Take 2-column fence encryption as an example:

原始明文：Do you know People fall in love with sunsets when they are sad.

Remove spaces and group: Do yo uk no wP eo pl ef al li nl ov ew it hs un se ts wh en th ey ar es ad .(Group alone)

Group 1: Dyunwepealnoeihusweteaea.

Group 2:ookoPolflilvwtsneshnhyrsd

Cipher text: Dyunwepealnoeihustweteaea.ookoPolflilvwtsneshnhyrsd

5.ROT5/13/18/47

ROT5/13/18/47 encoding is reversible and can be self-decrypted. It is mainly used for quick browsing or machine reading.

ROT13 is the abbreviation of rotate by 13 places, which means rotating by 13 places. rot13 is a special case of Caesar cipher, that is, k=13.

ROT5/13/18/47 encryption and decryption algorithms are exactly the same.

ROT5: Only encrypt the number and replace the current number with the fifth number from the current number.

ROT18: This is an anomaly. There was no such thing originally. It is a combination of rot5 and rot13. For a better name, it is named rot18.

ROT47: Encrypt numbers, letters, and common symbols, and replace positions according to ASCII values ​​(a total of 94 ASCII characters can be displayed). The 47th digit of the ASCII character forward is the corresponding replacement character.

Example: synt{ebg13_vf_sha}

Summarize:

Caesar Encryption: The result is only English letters because it is replaced by alphabetical position

rot13: As a result, only English letters are replaced

rot5: only numbers are replaced

rot47: characters are also replaced

2. Modern cryptography

Symmetric encryption:

Using the encryption method of a single-key cryptosystem, the same key can be used for both encryption and decryption of information. This encryption method is called symmetric encryption, also known as single-key encryption.
Example:
        We now have an original text 3 to be sent to B.
        Set the key to 108, 3 * 108 = 324, and send 324 to B as the ciphertext.
        After B gets the ciphertext 324, use 324/108 = 3 to get the original text.
Common encryption algorithms

• DES: Data Encryption Standard is a block algorithm that uses key encryption. In 1977, it was determined as a Federal Information Processing Standard (FIPS) by the National Bureau of Standards of the U.S. federal government and authorized in unclassified government communications. used, and subsequently the algorithm became widely spread internationally.
• AES: Advanced Encryption Standard, also known as Rijndael encryption method in cryptography, is a block encryption standard adopted by the US federal government. This standard is used to replace the original DES. It has been analyzed by many parties and is widely used around the world.

Features

• Encryption speed is fast and can encrypt large files
• The ciphertext is reversible. Once the key file is leaked, data will be exposed.
• After encryption, the corresponding characters cannot be found in the encoding table and garbled characters appear.
• Generally used in combination with Base64 to solve the problem of garbled characters.

 1.DES encryption

The key used (key length 64 bits) needs to be 8 bytes

Plaintext is grouped by 64 bits

2.AES encryption

Is an advanced version of DES

The key used (key length 128 bits) needs to be 16 bytes

DES encryption and AES encryption both belong to symmetric encryption

3.base64

In the process of DES encryption and AES encryption, the encrypted encoding will have negative numbers, and if the corresponding characters cannot be found in the ascii code table, garbled characters will appear. In order to solve the problem of garbled characters, it is generally used in conjunction with base64

The so-called Base64 means that 64 characters are used in the encoding process: uppercase A to Z, lowercase a to z, numbers 0 to 9, "+" and "/"

Base58 is an encoding method used in Bitcoin. It is mainly used to generate Bitcoin wallet addresses. Compared with Base64, Base58 does not use the number "0", the uppercase letter "O", the uppercase letter "I", and the lowercase letter. "i", as well as the "+" and "/" symbols

Base64 features:

• Base64 is one of the most common human-readable encoding algorithms for transmitting 8-bit bytecode on the Internet.
• Readability encoding algorithms are not designed to protect the security of data, but to be readable
• Readability coding does not change the information content, only the presentation form of the information content.

Base64 algorithm principle:

1. The original data is divided into three bytes as a group. Each byte is 8 bits, so the total is 24 bits.
2. Divide 24 bits into four groups, each group has 6 bits
3. Add 00 in front of each group to complete it into four groups of 8 bits
4. Obtain the corresponding symbol of each byte after expansion according to the Base64 code table

Base64 algorithm principle, special understanding

The abstract understanding is to peel the original string into two layers, get the innermost layer, divide it into 4 groups equally, and finally put the two peeled layers back together to become the original appearance.

1. Take out one group at a time for compilation in the entire original string, one group of three bytes

2. For the first time, the form of English letters is cut off to reveal the form of ASCII code.

3. Cut off the ascii code form for the second time to reveal the binary form

4. Divide all the binaries in this group evenly into 4 groups, that is, 6 bits in each group

 5. Finally, according to the 6-digit code of each group, reverse the original steps and stick the skin back step by step.

That is to convert the binary form into decimal form, and then compare the decimal form with the base64 table and turn it into the form of English letters.

 In the above table, Man is encoded. Man is exactly three groups of 8-bit strings.

For M, first the ascii encoding is 77, then convert 77 into binary form, and then divide it into 4 groups with 6 bytes in one group.

The encoding formed by each group is compared with the base64 comparison table, and the encoded string is written.

Sometimes we will see at the end of the Base64 character =, sometimes 1, sometimes 2

From the above, we know that the Base64 encoding process is performed in groups of 3 characters. What if the length of the original text is not a multiple of 3? For example, our original text is Ma, it is not enough for 3, so it can only be filled in the encoded string =. Just fill in one missing character and fill in two missing characters, so sometimes you will see 1 or 2 characters at the end of a base64 string =.

Based on these characteristics, it can be judged that a string of codes is encoded by base64.

• The encoded characters only contain A to Z, lowercase a to z, numbers 0 to 9, "+" and "/"
• One or two "=" at the end

3. Modern cryptography:

1.Message summary

Introduction

• Perform a one-way Hash function on a piece of data to generate a fixed-length Hash value. This value is the summary of the data, also called a fingerprint.
• The main feature of the message digest algorithm is that the encryption process does not require a private key, and the encrypted data is irreversible. As long as the input is the same plaintext data and the same message digest algorithm is used, the resulting ciphertext will be the same. The calculation amount of the encryption process is relatively large
• Message digest algorithms are currently mainly used in the field of "digital signatures". As a digest algorithm for plain text, the famous digest algorithms include RSA's MD5 algorithm and SHA-1 algorithm and a large number of their variants.

Features

• No matter how long the input message is, the length of the calculated message digest is always fixed

         The message digested by the MD5 algorithm has 128 bits, and the message digested by the SHA-1 algorithm has a final output of 160 bits. Variants of SHA-1 can produce 192-bit and 256-bit message digests.

• As long as the input messages are different, the summary messages generated after summarizing them will also be different; but the same input will produce the same output.
• Message digests are one-way and irreversible

application

Can be used to verify data integrity. (The reason why it is called fingerprint)

For example, when we download a file, the data source will provide the MD5 of a file. After the file is downloaded, we locally calculate the MD5 of the file and compare it with the MD5 provided by the data source. If it is the same, the file is complete. However, when using message digest independently, there is no way to ensure that the data has not been tampered with, because there is no guarantee that the MD5 obtained from the data source has not been tampered with midway.

MD algorithm

MD algorithm: Message Digest Algorithm. The current mainstream one is the MD5 algorithm, which is the fifth version of the algorithm. There were previously MD2, MD3, and MD4 algorithms.

The message digest generated by MD5 is 128 bits

SHA algorithm

Secure Hash Algorithm (English: Secure Hash Algorithm, abbreviated as SHA) is a family of cryptographic hash functions and is a secure hash algorithm certified by FIPS. An algorithm that can calculate the fixed-length string (also called message digest) corresponding to a digital message. And if the input messages are different, the probability that they correspond to different strings is very high.

The five algorithms of the SHA family, namely SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512, were designed by the U.S. National Security Agency (NSA) and developed by the U.S. National Institute of Standards and Technology (NIST); is a U.S. government standard. The latter four are sometimes collectively referred to as SHA-2.

2.Asymmetric encryption

① Asymmetric encryption algorithm is also called modern encryption algorithm and public key cryptography system.

② Asymmetric encryption is the cornerstone of computer communication security, ensuring that encrypted data will not be cracked.

③ Unlike symmetric encryption algorithms, asymmetric encryption algorithms require two keys: public key and private key.

④ The public key and the private key are a pair

⑤ If the data is encrypted with a public key, it can only be decrypted with the corresponding private key.

⑥ If the data is encrypted with a private key, it can only be decrypted with the corresponding public key.

⑦ Because encryption and decryption use two different keys, this algorithm is called an asymmetric encryption algorithm.

Example

First generate a key pair, the public key is (5,14), the private key is (11,14)
Now A wants to send the original text 2 to B
A uses the public key to encrypt the data, 2 to the fifth power mod 14 = 4, will Ciphertext 4 is sent to B.
B uses the private key to decrypt the data. 4 to the 11th power mod14 = 2, and the original text 2 is obtained.

Features

Encryption and decryption use different keys.
If you use private key encryption, you can only use the public key to decrypt.
If you use public key encryption, you can only use the private key to decrypt.
Processing data is slower because of the high security level.

Common algorithms

RSA
ETC
 

In a public key encryption system, encryption and decryption are relatively independent, and two different keys are used for encryption and decryption.

The encryption key (public key) is open to the public, and the decryption key (private key) is only known to the decryptor. Illegal users cannot deduce the private key based on the public key. Therefore, it can be called a public key cryptography system.

In CTF, RSA cipher is the most common public key cryptosystem

3.Digital signature

After the digest is encrypted, a digital signature is obtained

Digital signature is a combination of public key encryption system and message digest technology.

Digital signatures must ensure the following three points:

• Message authentication – the receiver can verify the sender’s signature on the message;
• Message integrity - the recipient cannot forge a signature on the message or alter the message content.
• Non-repudiation - the sender cannot deny the signature of the message afterwards;

Digital signature process:

 4.Digital certificate

Everything above is perfect. You can decrypt it with the public key, which means it was indeed sent by the private key party. You can rest assured...

But have you ever thought about what if the public key itself was tampered with? ? ?

In order to ensure that the "public key" is credible, digital certificates came into being.

effect:

Ensure that the public key of the data recipient has not been tampered with

Digital certificates usually contain the following content:

1. The public key of the certificate owner
2. Digital signature of the certificate by the certificate issuer
3. The signature algorithm used by the certificate
4. Certificate issuing authority, validity period, owner’s information and other information

 CA certificate

There is an important concept in digital certificates. CA, the sender first gives his public key to the CA, and the CA encrypts it to obtain the encrypted sender's public key (using the CA's private key and the CA encryption algorithm), that is CA's digital certificate.

Note that there are two different asymmetric algorithms (corresponding to 2 public key and private key pairs). One algorithm is used by the sender to encrypt the digest and is used to generate digital signatures; the other algorithm is used by CA to encrypt the sender's public key and is used to generate digital signatures. Generate digital certificate. The two algorithms are independent of each other and have no necessary connection.

When sending, not only the content and digital signature are sent, but also the digital certificate of the sender. After the recipient obtains it, he first decrypts the sender's public key from the digital certificate (using the CA's public key and CA decryption algorithm). This public key must be trusted. Then the process is the same as before, using the sender's public key to decrypt the digital certificate and get the digest; finally, compare the digests to see if they are consistent.

A question: Since the digital certificate is to ensure that the sender's public key is not forged by others, how to ensure that the "CA" public key is not forged?

Answer: CA is a third-party organization. The CA public key is public and the recipient can compare it with others (such as searching online), so it is impossible to forge it. However, the sender's public key is obtained by the receiver through communication and cannot be verified after receipt.

Quote [difference] abstract, digital signature, digital certificate - Zhihu (zhihu.com)