1 Introduction
There are many different methods of encryption available ranging from the extremely trivial ROT-13 (which believe it or not was originally developed by Julias Caesar, albeit in a slightly different form that could have been called ROT-3), through medium strength techniques such as DES, and finally onto highly secure algorithms such as Blowfish.
The principle behind any encryption technique remains the same, i.e. to rearrange data held within a file to ensure the data is not easily readable by others.
The unencrypted file is often referred to as Plaintext, and the encrypted file as Ciphertext.
The process in principle is straightforward. In it's simplest form, an algorithm to encrypt needs two basic components :-
The data itself
An encryption/decryption key
The key can be thought of as a password consisting of hundreds, or even thousands of bits to ensure it is difficult to break the encrypted file.
wikepedia :encryption
"Encrypt" redirects here. For the film, see Encrypt (film).
This article is about algorithms for encryption and decryption. For an overview of cryptographic technology in general, see Cryptography.
In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as ciphertext). In many contexts, the word encryption also implicitly refers to the reverse process, decryption (e.g. “software for encryption” can typically also perform decryption), to make the encrypted information readable again (i.e. to make it unencrypted).
Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is now used in protecting information within many kinds of civilian systems, such as computers, storage devices (e.g. USB flash drives), networks (e.g. the Internet, e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. Encryption is also used in digital rights management to prevent unauthorized use or reproduction of copyrighted material and in software also to protect against reverse engineering (see also copy protection).
Encryption, by itself, can protect the confidentiality of messages, but other techniques are still needed to protect the integrity and authenticity of a message; for example, verification of a message authentication code (MAC) or a digital signature. Standards and cryptographic software and hardware to perform encryption are widely available, but successfully using encryption to ensure security may be a challenging problem. A single slip-up in system design or execution can allow successful attacks. Sometimes an adversary can obtain unencrypted information without directly undoing the encryption. See, e.g., traffic analysis, TEMPEST, or Trojan horse.
One of the earliest public key encryption applications was called Pretty Good Privacy (PGP), according to Paul Rubens. It was written in 1991 by Phil Zimmermann and was bought by Network Associates in 1997 and is now called PGP Corporation.
There are a number of reasons why an encryption product may not be suitable in all cases. First e-mail must be digitally signed at the point it was created to provide non-repudiation for some legal purposes, otherwise the sender could argue that it was tampered with after it left their computer but before it was encrypted at a gateway according to Paul. An encryption product may also not be practical when mobile users need to send e-mail from outside the corporate network.* [1]
Obviously it would not be easy to remember say a 2048 bit key every time you want to encrypt or decrypt a file. Various techniques are used within encryption routines to generate large keys that are held in encrypted form and are decrypted by entering a shorter password, which is a lot easier to remember.
2 A Simple Example
As a simple example of a weak encryption method, consider a file that consists of a single line of text :-
Hello
This would actually be stored on your hard disk as the following series of bytes :-
48 65 6C 6C 6F
Suppose we decide to encrypt this file using the key (or password) :-
Where
This would actually be stored on your hard disk as the following series of bytes :-
57 68 65 72 65
We could encrypt our file by applying an XOR (exclusive or) function to it. This looks at individual bits within each byte and compares the data bits with the key bits. If both the data and key individual bits are he same, then the output of the XOR function is a zero and vice versa. The following truth table illustrates the XOR function :-
Input A Input B Output X
0 0 0
0 1 1
1 0 1
1 1 0
If we use the XOR function on our file containing the text "Hello" using the key "Where" we end up with the following set of numbers :-
1F 0D 09 1E 0A
Obviously, anyone reading that file would not be able to decipher the word "Hello" without having access to our key. We can decrypt the file by applying the XOR function to the encrypted file using the same key we used to encrypt it.
The same technique can be used to encrypt a file of any size by applying the key to successive chunks of data.
Although this method of encryption would protect your file from the eyes of most people, if you were targetted by experts, and you had plenty of encrypted files for them to go to work on, your files wouldn't remain safe for long.
There are many methods an experienced cryptologist can use to break encryption techniques. This is not an area I will discuss on this site as it would more than double the contents. If you are interested in such methods, a search on the web will find plenty of sites to read. Take a look at the Links section as a starting point for your research.
3 Public and Private Keys
Many encryption algorithms use a single (private) key for both encryption and decryption. This is fine for encrypting data on your own hard drive as you will be the only person who will require access to the key. However, there may be times where you want to send an encrypted file to someone else, or that person might want to send you an encrypted file.
Obviously you would need to release your key to that person to enable them to decrypt your file. However, this would also mean that if you have used the same key to encrypt other information on your own computer, then that information is no longer safe. If your key fell into the hands of the authorites and they raided your house, they would be able to read all of your encrypted data.
More importantly, if your methods of communication are being monitored by the authorities, they could quite easily intercept both the key and encrypted file you might send to another person.
The problem of key distribution was solved in the 1970's by the development of cryptographic algorithms that use two keys. One of the keys is used for encryption, and is called the public key. It is safe to release this key to anyone as it can't be used to decrypt a file. The second key is your private key and is used to decrypt files.
Your private key should never be divulged to anyone !
Say for example that you want to send encrypted messages via email to a friend. Obviously your friend will also want to be able to send encrypted messages back to you. So how does this work ?
You release your public key to your friend and vice versa. It does not matter if the keys are intercepted by the authorities as they can only be used to encrypt data. Once you have exchanged public keys, you can send encrypted data (using your friends public key for encryption) knowing that if it is intercepted by the authorities, they will not be able to decrypt the data without your friends private key, which of course (s)he never divulges to anyone. Similarly, your friend can encrypt a message using your public key for encryption, which means that it can only be decrypted by you with your private key.
4 Key Size
So what key size should you use ?
This is a frequently asked question that is not adequately covered by most articles on encryption.
Choosing a suitable key size is vital to ensure your data remains safe from the experienced cryptologer who might be hired to crack your data.
Assuming you have taken the time to pick a strong encryption algorithm that allows you to choose key sizes, and you want to protect very sensitive data for many years, I would advise the following :-
Encryption Type Minimum Key Length in Bits
Public Key 8192
Private Key 4096
That might seem a little over the top if you have read other articles on encryption key size. However, who knows what is round the corner in terms of increases in networked computing power and new techniques to break encryption !
RSA is a strong encryption algorithm that can be used for public and private key cryptography. 512 bit keys have already been broken and 1024 bit keys are expected to be compromised within the next year.
Be warned that usually the bigger the better when it comes to key size, however, that is not always true. For example, the Triple-DES encryption method only uses 56 bit keys and has not yet been broken. The 56 bit key is a bit of a misnomer here as Triple-DES encrypts three times in a variety of ways.
I'll be talking about key sizes in more detail in the Algorithms section.
5 Digital Signatures
In the public key scenario, there is a major weakness in that you have made your public key available to anyone who can intercept it. So when you get an encrypted message from your friend, how do you know it actually originated from him/her ?
Maybe it is an attempt by the authorities to get you to reply back and incriminate yourself...after all, your public key can be used by anyone !
This is where the concept of the Digital Signature comes in.
There are various methods used to add a Signature to a message you encrypt, using your own private key to do this which ensures that your friend can be certain the message originated from you (as only you have access to your private key). The algorithms used for adding such a signature also ensure that when your friend decrypts your message, he is certain that the data has not been tampered with in any way after you have sent it.
However, let me make one important point clear.
If you do send a digitally signed message, make sure you know exactly who you are sending it to. Under UK law, such messages can be used as evidence and are considered proof that you actually were the sender. If you admit to doing something illegal in such a message, you might find yourself in very deep waters !
If you are in any doubt as to who you are sending a message to, and it contains incriminating evidence, it might be better to send it from an email account which you have previously setup (and only ever access) via a Phreaked connection.
See the Phreaking section for further details on this.
6 Other Issues
There are many other concepts involved in cryptography, e.g. Digital Certificates to name one phrase you might have come across before.
However, these are all outside the scope of this article, which after all has been written with the intention of showing you how to hide encrypted data on your own hard drive.
The Links section has many references to sites that discuss cryptography in depth.
In the UK, there are moves afoot to make it law that a person has to provide his password to the authorities on request, ie Key Escrow. This is causing a lot of controversy and the government appear to be chopping and changing their ideas on what they want to do with this.
What many people don't realise is that the police in effect already have this power under the Police and Criminal Evidence Act 1984 (PACE). The Police can sieze computer equipment if they get a search warrant from the Courts. Section 20 of PACE states that powers of seizure conferred on a constable who has entered premises under statutory authority shall be construed as a power to require any information contained in a computer and accessible from the premises to be produced in a form in which it can be taken away and in which it is visible and legible.
This obviously implies that encrypted files must be decrypted on request if you happen to be at home and get busted, in order to make your files legible !
I believe it is the Basic 6 mission. In the forums it said something about using ASCII tables to break it. It has an encryption generator. I did this:
947g8;=k (the encrypted passcode)
aaaaaaaa (unencrypted)
abcdefgh (encrypted)
bbbbbbbb (unencrypted)
bcdefghi (encrypted)
cccccccc (unencrypted)
cdefghij' (encrypted)
dddddddd (unencrypted)
defghijk (encrypted)
How to Break PDF Encryption?
Return KB main page Question
Is there a tool available to break pdf encryption?
Solution
Use A-PDF Password Security
Launching the application: A-pdf Password Security
Select the option "Batch PDF Documents Security" and push the button Next >, a file list window will be opened.
You can add files or even Add Dir for add all of files in a directory in there, you also can remove or clear files in list
After finished adding pdf files, you can click "try password" button, then A-pdf Password Security will try to open the pdf documents which have open password security by using password pool one by one, password pool is a password list which stored common password that can be defined by user.
Push the button Next >, a Security Option Window will be opened, where set "Security Level" option values to "None", that means remove the password restrictions.
Clicking "Save" or "Save as ..." button to batch decrypt PDF files. 9050914689
No comments:
Post a Comment