Documente Academic
Documente Profesional
Documente Cultură
cracking with me ;)
A joyful way to study the computer
security...
Gopi Krishnan S
Preface
This book is released under the GNU license. This book is
not stable. Hence lot of titles yet to be coverd. As i have
lesser free time, I will complete this book as soon as
possible. You can expect the complete book by end of the
approching summer .Friends please feel free to upgrage
this book with your thoughts. Letus explore more on this.
You are allowed to copy and replicate this book in any
form.
The contents of the book are designed for people who
willing to learn about internals of computer security. This
book is intended for beginners, intermediate level, and
those who fun of hacking. Apart from this this book focus of
the students who is studying Course on Information
Security .About 100 source code have been provided in
this book to help the readers to understand the internals of
computer security. I have been used C, Python, Java, and
TCL programming languages through out this book to
demonstrate information security techniques. I advise to
use `lcc` or `Dev C++` to work on C programs. This book
also make you to understand how to use these security
techniques in real time.
This book was organized in such a way that, a reader can
start from any chapter they wish. The chapters in this book
are independent of others. But the source codes given
have some dependency. To reduce the repeatation, I have
given all the functions used in the programs in appendix.
I consider the reader of the book know python
programming language. It is designed such that you can
read any chapter at any time. But sometime you may
require referring previous chapter rarely. This text book
makes very simple to understand the cryptosystems. Even
a novice computer user can understand how the computer
security is working. The content of this book have been
referred from various academic studies from various
universities in India who provide education on Information
Security and other online reffrences.
About Me
Now a day’s most of the systems become more vulnerable unless they are
connected to a network. Here not the computer but content of the computer is
vulnerable to risks in various severities. Hence these computers are connected
to open public network. Today even critical systems are connected to open
public network.
I Hope you know the story where the cryptography was started. So I don’t want
you to get bored. Just try to find the solution for the below problem.
1.2. Problem
Squad A is divided into two sub groups to attack Squad B. Before initiating
the attack the group should be communicate the plan how to attack. Take a look
at figure 1.1 and make the solution yourself how to communication the
information between them.
Figure 1.1 `Squad B` in middle and `Squad A` in other each ends who plan to attack
Squad B
All the techniques used a key to lock and unlock the secret message. A set
of operation is done with the given key to encode aand decode the secret
message.
At the same time evils started to decode the secret message without
knowledge about the key. We call this technique as cryptanalysis.
Examples: Caesar Cipher, Vigenere Cipher, Play fair Cipher, Hill Cipher,
and etc.
This is also a guessing method as previous one. The public key is applied
again and again on a cipher text until it forms a cycle or the plain text recovered.
Some cryptographic techniques with public and private key will be co-
prime each other. In other words “Let consider E and D, such that E and D are
co-prime or E is pseudoprime to D and vice-versa”.
4.3.4. Factorization
Some cryptographic system uses some common value in both private and
public key entity, like modules in RSA. This can be factorized to find the private
key. But now a days we use very large number as 1024 Bit integers which is very
difficult to break.
Apart from this lot of new methods are on research and being introduced
day by day. White paper available in journals such as IEEE, CESA, FIPS regarding
the cryptoanalysis of some public key cryptography.
5. RSA Cryptosystem
5.1. Introduction
RSA Cryptosystem is a public key cryptosystem. RSA Algorithm was
invented by Ron Rivest, Adi Shamir, and Leonard Adleman at MIT in the year
1978. RSA stands for initials of the surname of inventors. Here we are going to
see how to perform cryptography and cryptanalysis.
The RSA Cryptography generates a public and private key first. Then
encryption and decryption is done using modular exponentiation algorithm.
So we know how the cryptography works. Play with it. Here I used small number
range for ‘P’ and ‘Q’ in line 29, 30, 31. Of course it is not secure to use small
number. Hence we can crack it easily using factorization. We use different types
of technique depends on the strength of the public key.
For small numbers of ‘P’ and ‘Q’ we can use prime factor algorithm to
crack the ‘P’ and ‘Q’ from N and we have to do Top-Down method of RSA
Algorithm again with given Ekey to find the Dkey.
• Fermat Factorization
• Rho Method
• Quatratic Sieve Method
Worked Example:
To verify calculate A · B = N
3.8.1.2.. Implementation of RSA modules factorization using Fermat Factorization
000 # Gopi Krishnan S
004
006
007
008 # input(s) x
012 xi = float(int(math.sqrt(x)));
013 xf = float(math.sqrt(x));
015 return 0;
016 return 1;
017 # input(s) x
021 t = int(math.sqrt(x));
022 s = ((t+1)**2) - x;
024 t = t+1;
025 s = ((t+1)**2) - x;
028
029 #_______Main_Starting_Here_______
In this worked example you may wonder why we are still using X3 for gcd
(x4...x7 - x3, n). Here we use a BIT table as shown below, using that we taken
the x3 here accordingly.
Xsuffi 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 1 .....
x 5 .
BIT 1 1 2 2 3 3 3 3 4 4 4 4 4 4 4 4 .....
s .
From this table we take xpre as suffix should be one bit lesser but large suffix
among them.
2.2.2. Hashing Functions
The hash function consist of function f(x) and a hash table. Where the
function f(x) gives the location of x. It is widely used for integrity of a message.
In cryptography it is not reversable. Hash function have collision problem which
offen occur and more calclations are done, either more memory is used or more
time is taken to calculate depends on the table type.
0 # input(s) a, b
# output gcd of a & b
# find the GCD of a, b using Euclidean algorithm
def gcd(a, b):
r = 0;
while b!=0:
r = a%b;
a = b;
b = r;
return a;
# Gopi Krishnan S
# input(s) init-user startes key, phi-calcuated phi
# output compatable encryption/public Key
# generate the encryption/public key
def makeRsaEncKey(init, phi):
while(gcd2(init, phi) != 1):
init=int(init) + 1;
return init;
# Gopi Krishnan S
# input(s) puK-public key, phi-calculated phi
# output 0-false 1-true
# generate the decryption/secret/private key
def makeDecRsaKey(puK, phi):
i = 0;
d = 0;
print "public key"+ `puK`;
print "phi is" + `phi`;
print 1+(i*phi);
while((1+(i*phi))%puK != 0):
i = i+1;
#print "(1+( %i * %i ))" %(i, phi);
print 1+(i*phi);
d = (1+(i*phi))/puK;
return d;