cryptography notes

  1. DES/3DES
  2. AES
  3. RC4, RC5 and RC6
  4. twofish
    • Symmetric key block cipher
    • block size: 128 bits
    • Key size: up to 256 bits
    • Key-dependent S-Boxes: obscure relationship of key and cipher
  5. DSA (Digital Signature Algorithm)
    • 2 phases of key generation:
    • choice of algorithm paramaters (shared between different users)
    • computes public and private keys for users
    • ECDSA (Elliptic Curve Signature Algorithm) (Remember the Sony PS3 hack)
  6. RSA (Rivest Shamir Adleman)
    • Asymmetric
    • Each user has his/her own private key. Public keys are shared.
  7. Diffie-Hellman (DH)
  8. MD5, SHA, RIPEMD-160, HMAC
    • MD5 (Message Digest Function)
      • 128-bit value
      • non-identical messages can have the same hash value (collision!!)
    • SHA (Secure Hashing Algorithm)
      • SHA-1: 160-bit hash value
      • SHA-2: 224, 256, 384 and 512 bit
      • SHA-3: 512 bit value, sponge construction
    • RIPEMD-160 (RACE Integrity Primitives Evaluation Message Digest)
      • 160-bit
    • HMAC (Hash-based Message Authentication Code)
      • cryptographic hash function and cryptogrpahic key
      • integrity and authentication
      • can be used with other algorithms: HMAC_MD5("key","the quick brown fox jumps over the lazy dog")

Related Tools:

  1. PKI (Public Key Infrastructure)
    • roles, policies and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public key encryption
    • bind public keys to entities
    • CA (Certificate Authority)
    • RA (Regisration Authority)
    • Web of trust (self-signed)

Email Encryption

  • DSA (Digital Signature Algorithm)
  • SSL (Secure Sockets Layer): See “Poodle” Vulnerability
  • TLS (Transport Layer Security)
  • PGP (Pretty Good Privacy)
    • End-to-end encryption
    • OpenPGP Standard (RFC 4880)
    • Hashing, Data Compression, Symmetric, Assymetric

Related Tools:


  1. Brute-Force: passwords/passphrases
  2. Birthday
  3. Meet-in-the-Middle: space-time tradeoff
  4. DUHK (Don’t Use Hard-coded Keys)
  5. Rainbow Table