Download presentation
Presentation is loading. Please wait.
1
Crypto for CTFs
2
In This Talk (I promise there won’t be any math)
Security Services Classical (Substitution) Ciphers Why those suck Bitwise encodings Random Number Generators Entropy Frequency Analysis
3
XKCD, “Security” available at https://xkcd
XKCD, “Security” available at under Creative Commons Attribution-NonCommercial 2.5 License
4
Security Keywords Give you hints as to what the question is asking
‘Plaintext’ ‘Ciphertext’ ‘Encrypt’ ‘Decrypt’ ‘Key’ ‘Sign’
5
Security Services Confidentiality - ensure that data is hidden
Authentication - ensure that data comes from who it says it does Integrity - ensure that data isn’t altered in transit Non-repudiation - ensure that when Alice sends Bob data, Alice can’t take back later that she sent it
6
Encodings Base64 Base32 Hex encoding - H(0xdeadbeef) => “deadbeef”
7
Substitution (classical) ciphers
Caesar Cipher - shift each letter by a constant amount Atbash Cipher - Convert each letter to the l-26 % 26 letter Vignere Cipher - shift each letter by a corresponding letter in the codeword Oftentimes, non-alpha characters stay the same
8
How to solve: Atbash No key: A always maps to Z, etc
Ciphertext: R nfhg hzb, Nrgxs rh ollprmt tivzg glwzb!
9
How to solve: Caesar Key fact: There are only 26 possible shifts
Ciphertext: Hdoxc dn vi zsxzggzio ozvxczm Try each possible key, see if ciphertext makes sense: Key 1: Iepyd eo wj atyahhajp pawydan Key 2: Jfqze fp xk buzbiibkq qbxzebo ….
10
How to solve: Vignere Short ciphertexts: brute force
Long ciphertexts: frequency analysis Certain characters in the english alphabet are more common than others 2-character sequences… 3-character sequences…
11
Why substitution ciphers are bad
Kerckhoff's Principle - A cryptosystem should be secure even if an attacker knows everything about the system (other than a secret key) In contrast to “Security through obscurity” (All three previous examples, Windows). You should assume attackers will gain access to system details Modern ciphers combine Substitution and Permutation - if you change one number or input it completely, seemingly randomly changes occur throughout the new ciphertext
12
Why substitution ciphers are bad
Modern ciphers combine Substitution and Permutation - if you change one number or input it completely, seemingly randomly changes occur throughout the new ciphertext Modern concept of “perfect secrecy” - none of these are perfectly secret - or even close
13
Perfect Secrecy Ciphertext conveys no information about the plaintext
Key length > plaintext length Ex. vignere cipher with keyword longer than message (eh…) Key: thisisakey, Message: hello, ciphertext: altdw One-Time Pads
14
Bitwise Encoding Messages are often represented as binary strings (ASCII, etc) XOR encoding ⊕ A B Result 1
15
Bitwise encoding continued (Need to know for interviews!)
Very nice mathematical properties! A ⊕ 0 = A A ⊕ A = 0, A ⊕ B = R => A ⊕ R = B Example: A=1100 B=1010 A ⊕ 0000 = A, A ⊕ A = 0000, A ⊕ B = 0110, A ⊕ 0110 = 1010 Critical for symmetric cryptography Good for CTFs
16
One-Time Pad Random sequence of 1s and 0s Bitwise XOR encrypt
Ciphertext: No way to get what the plaintext is without info on the key Don’t use twice! (hence one-time) Crib-drag: xor ciphertext with different offsets ciphertexts crib-drag.html
17
Random Number Generators
Goal: Create a stream of random numbers to create a one-time pad without needing to reuse any bits Problem: How to implement this? Problem: How to share this information secretly?
18
How to implement?
19
How to share this info?
20
Pseudo Random Number Generators (PRNG)
Idea: Create a “sharable” RNG The only parameter you need to share for reproducibility is a key and/or seed Goal: It should be practically impossible for attacker to guess the inner state or any future states from a subsequence of output Goal: It should be practically impossible for an attacker to guess previous subsequence given an inner state Subgoal: There should be about as many 0 bits as 1 bits
21
Pseudo Random Number Generators (PRNG)
Problem: PRNGs must have a finite state, introducing period of generated numbers Problem: Mathematic difficulty creating a proper PRNG
22
PRNG Examples Linear Congruential Generator Mersenne Twister
Blum Blum Shub
23
Example: Blum Blum Shub
Generate two large primes p and q and a seed s (= x-1) Calculate xn+1 = x2n mod M
24
Modular Arithmetic science/cryptography/modarithmetic/a/what-is-modular-arithmetic
25
Entropy Entropy is a measure of the randomness of data
Many different ways to measure Can you think of any?
26
Entropy Let’s look at a random byte: “ ”
27
Look Closer:
28
Entropy This byte may not seem random, but it has an equal probability of occuring in a truly random sequence of bytes as any other This is why it is important to measure entropy over large sample sizes
29
Frequency Analysis Fact: Each letter in the english language has a certain frequency of use A simple computation will give us the frequencies - for each letter a through z, divide the total number of times it has been spoken or written and divide by the number of all letters ever spoken or written In practice we use a representative sample to compute these frequencies 2004/cryptography/subs/frequencies.html Why is this useful?
30
Frequency Analysis Substitution Ciphers - Frequency of original letters unchanged, but transferred to new letters I.e. If ‘x’ is the most frequent letter in the ciphertext, it is reasonable to assume this correlates with the plaintext letter ‘e’ Idea can be extended to Single-Byte XOR Letter Bigram and Trigram frequencies can be more useful than single- letter frequencies Idea can be extended to Multi-Byte XOR HW will walk you through a FA problem
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.