Play hacking and

cracking with me ;)
A joyful way to study the computer
security...

Gopi Krishnan S
 Preface
This book is released under the GNU license. This book is
not stable. Hence lot of titles yet to be coverd. As i have
lesser free time, I will complete this book as soon as
possible. You can expect the complete book by end of the
approching summer .Friends please feel free to upgrage
this book with your thoughts. Letus explore more on this.
You are allowed to copy and replicate this book in any
form.
The contents of the book are designed for people who
willing to learn about internals of computer security. This
book is intended for beginners, intermediate level, and
those who fun of hacking. Apart from this this book focus of
the students who is studying Course on Information
Security .About 100 source code have been provided in
this book to help the readers to understand the internals of
computer security. I have been used C, Python, Java, and
TCL programming languages through out this book to
demonstrate information security techniques. I advise to
use `lcc` or `Dev C++` to work on C programs. This book
also make you to understand how to use these security
techniques in real time.
This book was organized in such a way that, a reader can
start from any chapter they wish. The chapters in this book
are independent of others. But the source codes given
have some dependency. To reduce the repeatation, I have
given all the functions used in the programs in appendix.
I consider the reader of the book know python
programming language. It is designed such that you can
read any chapter at any time. But sometime you may
require referring previous chapter rarely. This text book
makes very simple to understand the cryptosystems. Even
a novice computer user can understand how the computer
security is working. The content of this book have been
referred from various academic studies from various
universities in India who provide education on Information
Security and other online reffrences.
About Me

I have worked in Voice Application for 1 year and

currently doing my Master degree in Information Security
stream. Am interested in web services and security. Voice
application is pretty intresting to me, I use to write php,
bash, python, and tcl codings at my work place.
Now am learning some new languages and some
tehniques to to secure the computing. During my UG
degree I was eager to learn Linux. But nobody knows linux
at my college, At my college we had lesser resource at our
college.
People who intrested in learning things can join here:
http://www.orkut.co.in/Main#Community?
cmm=98911946
For world problems socialism will give answer.
Capitalism grows one , but shrink many. Am a social
person interested on rationalism, and socialism.
 1. Computer Security
1.1. Definition
Computer Security is a branch of computer technology that deals with
protecting the content of the computer from the risks.

Now a day’s most of the systems become more vulnerable unless they are
connected to a network. Here not the computer but content of the computer is
vulnerable to risks in various severities. Hence these computers are connected
to open public network. Today even critical systems are connected to open
public network.

Cryptosystem plays major role in computer security. Everywhere

cryptosystem is used for protecting communication and local storage.

The cryptosystem is a part of computer security. Cryptosystem has two

branch called Cryptography and Cryptanalysis.

Cryptography Encoding and Decoding a crux information to protect from a

risk.

Cryptanalysis Decoding a coded crux information without knowing legal

keys .

I Hope you know the story where the cryptography was started. So I don’t want
you to get bored. Just try to find the solution for the below problem.

1.2. Problem
Squad A is divided into two sub groups to attack Squad B. Before initiating
the attack the group should be communicate the plan how to attack. Take a look
at figure 1.1 and make the solution yourself how to communication the
information between them.

Figure 1.1 `Squad B` in middle and `Squad A` in other each ends who plan to attack
Squad B

Now write an algorithm to communicate the message “startattack2300” from

Squad A (East) to Squad A (West).Squad B should not know the communication.
Consider only have only weapons like sword, bow & arrow to attack. It may not
easy now. But you can try. Is it playful? Ha.. Ha.. Remember “A single problem
will have more than one solution”.
 2. Cryptography
2.1. Definition
Cryptography is a branch of Cryptosystem deals with protecting the
information with five entities (PT, CT, EK, DK, EA, DA)

PT Plain Text input given by the user to be encrypted.

CT Cipher Text output after encrypting the given plain text.
EK Encryption Key used to encrypt the plain text.
DK Decryption Key used to decrypt the cipher text.
EA Encryption Algorithm, CT = EA(PT, EK).
DA Decryption Algorithm, PT = DA(CT, DK).

This can be represented as function PT = DA(EA(PT, EK), DK).

2.2. History of Cryptography

Julis caeser started a form of coading technique to send the message
secretly. He defined a simple code format which helps to protect message. It
made the communication between sender and receiver more secure. Hence only
sender and receiver know the secret how to encode and decode the secret
message.

A Sample Caeser Cipher: EA(“HELLO”, 4) = “LIPPS”, and DA(“LIPPS”, 4) =

“HELLO”

After a mathemetician from british invented a mathematical steps to

encode and decode a message. And the cryptography techniques where
emerged. Arround the world most the mathematician involved in inventing new
cryptographic techniques.

All the techniques used a key to lock and unlock the secret message. A set
of operation is done with the given key to encode aand decode the secret
message.

At the same time evils started to decode the secret message without
knowledge about the key. We call this technique as cryptanalysis.

2.3. Types of Cryptography

• Symmetric Key Cryptography
• Asymmetric Key Cryptography
• Hashing Techniques
 3. Symmetric key
cryptography
3.1. Definition
Symmetric Key Cryptography is a cryptographic scheme that uses same
key for both encryption and decryption. It is also known as Private Key
cryptography. They are more vulnerable for attack. So it is not advisable to use
this while transferring message over a network.

Examples: Caesar Cipher, Vigenere Cipher, Play fair Cipher, Hill Cipher,
and etc.

NOTE: In symmetric cryptography we have further mono-cipher, di-cipher,

and multi-cipher depends on the number of charecters ciphered per cycle of
algorithm PT = DA(EA(PT, K), K)

3.2. Current Trend

Now a symmetric Key Cryptography is a used very less or not directly
used. Because we mostly use the cryptography to transfer the message over
network. Each time e can't use same key as it is more vulnerable for attack. So
we have to exchange the key. Here we have the problem. It is like giving the
copy of our house key to a thief.

So we use the symmetric key technique in combination with assymetric

key technique. Are you confused?. For know just know that symmetric key
technique have same key to encrypt and decrypt, but assymetric key technique
will have twodifferent key to encrypt and decrypt. Now don't think about them
deeply.

• The assymetric encryption key is sent from receiver to sender

• Using symmetric key encryption the data is encrypted on sender side
• Then the key is assymetric encrypted used to encrypt the symmetric key
• Both are sent to the receiver side
• The receiver decrypt the symmetric key using his assymetric decryption key
• Finally he use that key to decrypt the message

3.3. So Now What?

We don't concentrate more on this symmetric key as they are easily
understadable. I have given source code of some Symmetric / Private Key
cryptography in appendix section. Let's move on to the Assymetric / Public Key
cryptography
 4. Assymetric key
cryptography
4.1. Definition
Asymmetric Key Cryptography is a cryptographic scheme that uses one
key for encryption and another key for decryption. It is also known as Public Key
Cryptography. They are very hard to attack. It is widely used to communicate
messages over a network.

Examples: Knapsack, DSA, RSA, Zero knowledge protocol, and etc.

4.2. Idea of Assymetric key Cryptography

The idea of assymmetric Key Cryptography is to use different key for
encryption and decryption. This helps the secure communication without
disclosing private key. Here only the public key is distributed to other side.
Hence public key can do only encryption, but not decrytion.

4.3. Attacks on Public Key Cryptography

Still the public key cryptography is not completely secure. That too have
vulnerablities. But it's take long time to break, sometime the attack requires
time in years to complete the attack successively.

4.3.1. Brute Force Attack

It is a method of guessing with all possible keys . The attack which

requires more time to complete successively.

4.3.2. Repeated Public Key Attack

This is also a guessing method as previous one. The public key is applied
again and again on a cipher text until it forms a cycle or the plain text recovered.

4.3.3. Co-Prime Key Guessing

Some cryptographic techniques with public and private key will be co-
prime each other. In other words “Let consider E and D, such that E and D are
co-prime or E is pseudoprime to D and vice-versa”.

4.3.4. Factorization

Some cryptographic system uses some common value in both private and
public key entity, like modules in RSA. This can be factorized to find the private
key. But now a days we use very large number as 1024 Bit integers which is very
difficult to break.

Apart from this lot of new methods are on research and being introduced
day by day. White paper available in journals such as IEEE, CESA, FIPS regarding
the cryptoanalysis of some public key cryptography.
 5. RSA Cryptosystem
5.1. Introduction
RSA Cryptosystem is a public key cryptosystem. RSA Algorithm was
invented by Ron Rivest, Adi Shamir, and Leonard Adleman at MIT in the year
1978. RSA stands for initials of the surname of inventors. Here we are going to
see how to perform cryptography and cryptanalysis.

The RSA Cryptography generates a public and private key first. Then
encryption and decryption is done using modular exponentiation algorithm.

5.2. RSA Algorithm

• Select two distinct prime number name it as ‘P’ and ‘Q’
• Assign N = P · Q
• Calculate and assign Phi = (P – 1) · (Q – 1)
• Get a Ekey from user until the condition gcd(Phi, Ekey) = 1 is satisfied
• For J = 0 to, Phi calculate Dkey use formula (1 + J · Phi)/Ekey until (1 + J ·
Phi) mod Ekey = 1
• Distribute Public key = (Ekey, N), and Private Key = (Dkey, N)
• Now use formula C = PEkey mod N and PDkey mod N to encrypt and decrypt
respectively.

5.3. RSA Implementation (Python)

000 # Gopi Krishnan S
001 # Demonstration of RSA Cryptography
002 # Since 12 Jan 2010
003 # Use credits while reusing any of these modules
004 # coutesy: pajhome.org.uk
005
006 import random;
007 import math;
008 import os;
009
010 # [................ modules required are added in appendix ................]
011
012 #_______Main_Starting_Here_______
013 # initializing the RSA Objects and User Objects
014 primeP = 0;
015 primeQ = 0;
016 module = 0;
017 pXqPhi = 0;
018 iniKey = 0;
019 encKey = 0;
020 decKey = 0;
021 pnText = 0;
022 crText = 0;
023
024 print "# RSA CryptoSystem";
025 print "# Author: Gopi Krishnan Subramanian";
026 print "# Learn Hacking & Cracking with ME ;)";
027
028 # Building RSA Parameters
029 primeQ = random.randrange(6, 36);
030 primeP = nextPrimeNumber(primeQ);
031 primeQ = nextPrimeNumber(primeP + random.randrange(10, 50));
032 module = primeP * primeQ;
033 pXqPhi = (primeP - 1) * (primeQ - 1);
034 # [contd...]
035 # generating and distribution of keys
036 iniKey = raw_input("\n\nEnter a number start key generation below %i: " % pXqPhi);
037 encKey = makeRsaEncKey(int(iniKey), int(pXqPhi));
038 decKey = makeRsaDecKey(int(encKey), int(pXqPhi));
039
040 # resetting prime numbers to avoid secret disclosure
041 primeP = 0;
042 primeQ = 0;
043 print "\nKey Distribution";
044
045 # getting a number from user to encrypt
046 pnText = raw_input("\nEnter a number to encrypt and decrypt: ");
047
048 # encrypting and decrypting
049 crText = modularExponentiation(int(pnText), int(encKey), int(module));
050 pnText = modularExponentiation(int(crText), int(decKey), int(module));
051 print "The %i is encrypted as %i" %(pnText, crText);
052 print "The %i is decrypted as %i" %(crText, pnText);
053

So we know how the cryptography works. Play with it. Here I used small number
range for ‘P’ and ‘Q’ in line 29, 30, 31. Of course it is not secure to use small
number. Hence we can crack it easily using factorization. We use different types
of technique depends on the strength of the public key.

5.4. Attacks on RSA

RSA Cryptanalysis is a process of generating the finding the private key
with public key. In key distribution we know that N (product of ‘P’ and ‘Q’) is
common among public and private key. We can use this hole to attack. But the
problem is we can’t use same technique for all N. If N is too large we have to
approach with efficient mathematical concept.

For small numbers of ‘P’ and ‘Q’ we can use prime factor algorithm to
crack the ‘P’ and ‘Q’ from N and we have to do Top-Down method of RSA
Algorithm again with given Ekey to find the Dkey.

5.5. Sample Attack

• Now let us take the key as
• Public Key is {'key': 59, 'module': 407}
• Private Key is {'key': 299, 'module': 407}
• To confirm the pair now apply the number ‘3’ as plain text
• Encrypted as ‘169’
• Decrypted as ‘3’
• Now consider you know only Public Key and Cipher text ‘169’.
• Take Public Key {'key': 59, 'module': 407}
• Now factorize the module (‘N’ the product of ‘P’ and ‘Q’)
• After factorizing you will get ‘11’ and ‘37’ as ‘P’ and ‘Q’ respectively
• To do this a shortcut method is take square root of ‘N’
• For I = square root of ‘N’ to 3 as prime number do until N mod I = 0
• Use RSA Algorithm and apply P = 11, Q = 37, and Ekey = 59.

5.6. RSA Simple Attack Implementation (Python)

000 # Gopi Krishnan S
001 # Demonstration of RSA Modulus Factorization
002 # Since 12 Jan 2010
003
004 import math;
005
006 # [................ modules required are added in appendix ................]
007
 008 #_______Main_Starting_Here_______
009 print "Enter the sniffed public key to crack it";
010 mod = int(raw_input("Enter the module enrity: "));
011 fct = primeFactor(mod);
013 print fct;
014 print mod/fct;
5.7. Some efficient Fatrorization mathods
I Hope you enjoyed with RSA Cryptanalysis. Now let’s move for some
efficient method. I know some efficient factorization methods are listed below.

• Fermat Factorization
• Rho Method
• Quatratic Sieve Method

5.7.1. Fermat Factorization

Fermat Factorization is an efficient way to factor the composite number

‘N’ if it is a product of two close primes. Compare to the previous method this is
more efficient if the factors of ‘N’ are closer. In previous method we take square
root and keep going from starting one by one. It will take such a long time. Just
take your own two primes and product it and manually solve using both this
method and previous method. For example take the below element. We can see
that this method was somewhat closer to the previous method, if you make
previous method for loop in reverse direction such that for √N to 3.

Example: 19 · 23 = 437 is a product of two close primes.

Worked Example:

• Let’s find the factor of N = 200819.

• Let’s T = (√200819) + 1
• T = 448 + 1 = 449
• Now 4492 – 200819 = 782 {is not a perfect square}
• Increment ‘T’ by one until we get T2 – N = X {X – is a perfect square}
• So now let T = 450 and calculate ‘X’ as 4502 – 200819 = 1681 which
is a perfect square
• Then assign S = √1681 = 41
• Now assign A = (T + S) and B = (T - S)
• We get A = (450 + 41) = 491 {is a prime number}
• We get B = (450 - 41) = 409 {is a prime number}

To verify calculate A · B = N
3.8.1.2.. Implementation of RSA modules factorization using Fermat Factorization
000 # Gopi Krishnan S

001 # Demonstration of RSA Cryptanalysis using Fermat Factorization

002 # Since 13 Jan 2010

003 # Use credits while reusing any of these modules

004

005 import math;

006
 007

008 # input(s) x

009 # output 0 - no square for x, 1 - square for x

010 # find the given number have perfect square or not

011 def isPerfectSquare(x):

012 xi = float(int(math.sqrt(x)));

013 xf = float(math.sqrt(x));

014 if(xf > xi):

015 return 0;

016 return 1;

017 # input(s) x

018 # output lowest factor of x

019 # find the factor of given x using fermat method

020 def fermatFactor(x):

021 t = int(math.sqrt(x));

022 s = ((t+1)**2) - x;

023 while(isPerfectSquare(s) == 0):

024 t = t+1;

025 s = ((t+1)**2) - x;

026 fct = (t+1) - math.sqrt(s);

027 return fct;

028

029 #_______Main_Starting_Here_______

030 n = int(raw_input("Please enter the n value to factorize: "));

031 fct = fermatFactor(n);

032 print "The factors of %i is %i and %i" %(n, fct, n/fct);

3.8.1. Rho Method factorization

Here ‘N’ is factored with a help of a polynomial equation starting x0=1.

The x is applied to the polynomial function f(x). Then we have to calculate the
gcd (f(xi)-xi-1, N) = X, until ‘X’ is not equal to one and it is a prime number.

3.8.1.1. Worked Example

Let’s factor N = 4087 with f(x) = x2+ x +1 and x0=2.

First find the f(x) and then gcd (xcur-xpre, n)

x1 = f(2) = 7; gcd(7-2, 4087) = 1;

x2 = f(7) = 57; gcd(57-7, 4087) = 1;

x3 = f(57) = 3307; gcd(3307-7, 4087) = 1;

x4 = f(3307) = 2745; gcd(2745-3307, 4087) = 1;

x5 = f(2745) = 1343; gcd(1343-3307, 4087) = 1;

x6 = f(1343) = 2626; gcd(2626-3307, 4087) = 1;

x7 = f(2626) = 3734; gcd(3734-3307, 4087) = 61; {61 is a prime integer}

In this worked example you may wonder why we are still using X3 for gcd
(x4...x7 - x3, n). Here we use a BIT table as shown below, using that we taken
the x3 here accordingly.

Xsuffi 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 1 .....
x 5 .

BIT 1 1 2 2 3 3 3 3 4 4 4 4 4 4 4 4 .....
s .

From this table we take xpre as suffix should be one bit lesser but large suffix
among them.
2.2.2. Hashing Functions

The hash function consist of function f(x) and a hash table. Where the
function f(x) gives the location of x. It is widely used for integrity of a message.
In cryptography it is not reversable. Hash function have collision problem which
offen occur and more calclations are done, either more memory is used or more
time is taken to calculate depends on the table type.

Examples: SHA-0, SHA-2 family, and SHA3 (under developement).

Appendix

0 # input(s) a, b
# output gcd of a & b
# find the GCD of a, b using Euclidean algorithm
def gcd(a, b):
r = 0;
while b!=0:
r = a%b;
a = b;
b = r;
return a;

# input(s) x-number to test

# output 0-false 1-true
# find is given number x is prime or not
def isPrime(x):
for i in range(int(math.sqrt(x))+1):
if(gcd(x, i) > 1 and gcd(x, i) != x):
return 0;
return 1;

# input(s) init - number to start

# output next prime number
# find the prime number that next to init if it is composite
def nextPrimeNumber(init):
while(isPrime(init) == 0):
init+=1;
return init;

# Gopi Krishnan S
# input(s) init-user startes key, phi-calcuated phi
# output compatable encryption/public Key
# generate the encryption/public key
def makeRsaEncKey(init, phi):
while(gcd2(init, phi) != 1):
init=int(init) + 1;
return init;

# Gopi Krishnan S
# input(s) puK-public key, phi-calculated phi
# output 0-false 1-true
# generate the decryption/secret/private key
def makeDecRsaKey(puK, phi):
i = 0;
d = 0;
print "public key"+ `puK`;
print "phi is" + `phi`;
print 1+(i*phi);
while((1+(i*phi))%puK != 0):
i = i+1;
#print "(1+( %i * %i ))" %(i, phi);
print 1+(i*phi);
d = (1+(i*phi))/puK;
return d;

# courtesy: Informatik, Uni-Tuebingen, Germany.

#z = x^b mod n is:
def modularExponentiation(x, b, n):
z = 1
while (b != 0):
while (b % 2 == 0):
b = b / 2
x = (x**2) % n
b = b - 1
z = (z * x) % n
return z;

# input(s) x-product of 2 primes

# output 0-no factor i-factor found
# find prime factor for given number
def primeFactor(x):
for i in range(1, int(math.sqrt(int(x)))):
if((isPrime(int(i)) == 1) and (int(x) % int(i) == 0) and (i != 1)):
return int(i);
return 0;