CEH_ Official Certified Ethical Hacker Review Guide_ Exam 312-50 - Kimberly Graves [87]
Encryption algorithms can use simple methods of scrambling characters, such as substitution (replacing characters with other characters) and transposition (changing the order of characters). Encryption algorithms are mathematical calculations based on substitution and transposition. The two primary types of encryption are symmetric and asymmetric key encryption.
Symmetric key encryption means both sender and receiver use the same secret key to encrypt and decrypt the data. The drawback to symmetric key encryption is there is no secure way to share the key between multiple systems. Systems that use symmetric key encryption need to use an offline method to transfer the keys from one system to another. This is not practical in a large environment such as the Internet, where the clients and server could be on opposite sides of the world.
Asymmetric (or public) key cryptography was created to address the weaknesses of symmetric key management and distribution. Asymmetric key encryption will be covered in the next section of this chapter.
Describe How Public and Private
Keys Are Generated
When a client and a server use asymmetric cryptography, both create their own pairs of keys for a total of four keys: the server's public key, the server's private key, the client's public key, and the client's private key. A system's key pair has a mathematical relationship that allows data encrypted with one of the keys to be decrypted with the other key. These keys have a mathematical relationship based on factoring prime numbers such that each key can be used to decrypt data encrypted with the other key. When a client and a server want to mutually authenticate and share information, they each send their own public key to the remote system, but never share their private keys. Each message is encrypted with the receiver's public key. Only the receiver's private key can decrypt the message.
The server would encrypt a message to the client using the client's public key. The only key that can decrypt the message is held by the client, which ensures confidentiality.
Overview of the MD5, SHA, RC4, RC5,
and Blowfish Algorithms
Algorithms vary in key length from 40 bits to 448 bits. The longer the key length, the stronger the encryption algorithm. To brute-force crack a key of 40 bits ranges from 1.4 minutes to.2 seconds, depending on the strength of the processing computer. In comparison, a 64-bit key requires between 50 years and 37 days to break, again depending on the speed of the processor. Currently, any key with a length over 256 bits is considered uncrackable.
Message Digest 5 (MD5), Secure Hash Algorithm (SHA), RC4, RCS, and Blowfish are all names for different mathematical algorithms used for encryption. As a CEH, you need to be familiar with these algorithms:
MD5 MD5 is a hashing algorithm that uses a random-length input to generate a 128-bit digest. It is popular to create a digital signature to accompany documents and e-mails to prove the integrity of the source. The digital signature process involves the creation of an MD5 message digest of the document, which is then encrypted by the sender's private key. MD5 message digests are encrypted by a private key in the digital signature process.
SHA SHA is also a message digest, which generates a 160-bit digest of encrypted data. SHA takes slightly longer than MD5 and is considered a stronger encryption. It is the preferred algorithm for use by the government.
RC4 and RC5 RC4 is a symmetric key algorithm and is a streaming cipher, meaning one bit is encrypted at a time. It uses random mathematical permutations and a variable key size. RC5 is the next generation algorithm: It uses a variable block size and variable key size. RC5 has been broken with key sizes smaller than 256.
Blowfish Blowfish is a 64-bit block cipher, which means that it encrypts data in chunks or blocks. It is stronger than a stream cipher