1 00:00:00,510 --> 00:00:05,580 OK, so really quickly, let's talk about cryptography a little bit just for a lot of you guys, you 2 00:00:05,580 --> 00:00:11,250 might be looking into getting like you, S.H., or your security. 3 00:00:11,250 --> 00:00:15,940 Plus, understanding cryptography in a different attacks against it will be very important. 4 00:00:16,260 --> 00:00:23,250 So to sum it up, cryptography, by definition is a science or a study of protecting information, whether 5 00:00:23,250 --> 00:00:24,760 it's in transit or arrest. 6 00:00:25,050 --> 00:00:30,720 And this is typically done by using techniques to render the information unusable to anyone who does 7 00:00:30,720 --> 00:00:32,460 not possess the means to decrypt it. 8 00:00:33,150 --> 00:00:38,880 So in our case, it simply means taking a text like Hello John, and transforming it into something 9 00:00:38,880 --> 00:00:43,440 that's unreadable like this this string right here that I'm not even going to try to read. 10 00:00:44,070 --> 00:00:48,590 And this is just to keep the contents of the message confidential. 11 00:00:48,990 --> 00:00:52,890 And this is achieved using what are called encryption algorithms. 12 00:00:54,790 --> 00:01:01,060 So encryption algorithms are pretty much just mathematical formulas, and they can encrypt and decrypt 13 00:01:01,060 --> 00:01:09,250 data using keys without the key, the message will be forever unreadable for the most part and will 14 00:01:09,250 --> 00:01:11,120 not be able to be decrypted. 15 00:01:11,440 --> 00:01:13,720 And there's two forms of encryption. 16 00:01:13,720 --> 00:01:16,690 There's some magic encryption and there's asymmetric encryption. 17 00:01:17,080 --> 00:01:24,370 So symmetric encryption is when you use the exact same key to encrypt the data in the exact same key 18 00:01:24,370 --> 00:01:25,120 to decrypt it. 19 00:01:25,360 --> 00:01:30,510 So this provides confidentiality, but not but not not repudiation. 20 00:01:30,520 --> 00:01:35,920 And one of the challenges with symmetric encryption is that you have to have some way, some secure 21 00:01:35,920 --> 00:01:42,070 way to transfer the key to whoever the recipient of your data is so that that's where it kind of causes 22 00:01:42,070 --> 00:01:44,860 issues and only it should only be used in certain situations. 23 00:01:45,670 --> 00:01:50,890 Asymmetric encryption, on the other hand, uses one key to encrypt it by encrypt the data and then 24 00:01:50,890 --> 00:01:52,730 another key to decrypt the data. 25 00:01:53,230 --> 00:02:00,460 And typically the recipient of like a message or something, they're there publicly, which is a key 26 00:02:00,460 --> 00:02:07,180 that anyone can get access to, is used to encrypt the data that you know, that they're being sent. 27 00:02:07,480 --> 00:02:11,890 And then their private key is the only key that that can actually decrypt that data. 28 00:02:11,920 --> 00:02:18,050 So really, as long as the private keys is private, you know, no one can read that except for them. 29 00:02:18,070 --> 00:02:23,630 So that's where how asymmetric encryption is useful and very versatile. 30 00:02:23,800 --> 00:02:29,860 So there are some there are things called ciphers and ciphers are the methods by which the data is actually 31 00:02:29,860 --> 00:02:30,420 encrypted. 32 00:02:31,150 --> 00:02:34,210 So there's two different kinds of block ciphers and string ciphers. 33 00:02:34,210 --> 00:02:38,910 So extreme ciphers, bits of data are encrypted as a continuous stream. 34 00:02:38,920 --> 00:02:43,810 So you can just imagine like feeding something into a machine and it goes in one end and it's going 35 00:02:43,810 --> 00:02:44,890 out the other end encrypted. 36 00:02:45,400 --> 00:02:48,670 And this is typically a lot faster than block ciphers. 37 00:02:49,360 --> 00:02:54,280 So for block ciphers, bits of data that are put into blocks. 38 00:02:54,790 --> 00:03:02,290 So, for example, you'll see that some ciphers use, you know, 64 bit blocks and they're encrypted 39 00:03:02,290 --> 00:03:05,520 all at once with a key in an algorithm. 40 00:03:05,740 --> 00:03:10,570 And this causes slower speed for encryption. 41 00:03:11,590 --> 00:03:16,630 But, you know, a little bit more reliable and a little bit more secure in some ways. 42 00:03:16,750 --> 00:03:23,110 So as a result, you know, the cipher is, like I said, are used for specific functions based on how 43 00:03:23,110 --> 00:03:23,540 they work. 44 00:03:23,560 --> 00:03:25,460 So reliability and speed for the most part. 45 00:03:25,750 --> 00:03:31,720 So just to go over quickly, some popular symmetric encryption algorithms that you guys want to be aware 46 00:03:31,720 --> 00:03:37,080 of, the D and three D, which is also called a triple test. 47 00:03:37,750 --> 00:03:46,210 So this is a data standard and it's a block cipher that uses a 56 Beaky and it reserves eight bits for 48 00:03:46,210 --> 00:03:46,750 parity. 49 00:03:47,590 --> 00:03:53,560 So this was the de facto standard, for the most part, more then, as came along, the advanced encryption 50 00:03:53,560 --> 00:03:55,660 standard and is also a block cipher. 51 00:03:55,660 --> 00:04:02,760 And it uses either one hundred twenty bit, one hundred ninety two or two hundred fifty six big keys. 52 00:04:02,770 --> 00:04:05,590 And like I said, it replace deaths and triple this. 53 00:04:05,770 --> 00:04:12,070 And just also for clarity, triple das is just doing the deciphering on data three times as all that 54 00:04:12,070 --> 00:04:12,310 is. 55 00:04:14,200 --> 00:04:20,380 So the next one is going to be to fish the of the popular blog Cypher, and he uses a key size of the 56 00:04:20,380 --> 00:04:26,000 256 bits and then there's blowfish, which is faster block cipher. 57 00:04:26,000 --> 00:04:33,550 It uses a 64 bit block size and a key that ranges from thirty two to four hundred forty eight minutes. 58 00:04:34,570 --> 00:04:38,320 And then news RC, which is reverse cipher. 59 00:04:38,590 --> 00:04:45,040 And this is the block cipher that uses a variable chelate of up to 20 and 40 bits. 60 00:04:45,340 --> 00:04:52,470 And the latest one, which is RC six, uses one hundred twenty eight bit blocks for encryption. 61 00:04:53,080 --> 00:05:01,240 So what I want you guys to get from this is pretty much know these names, know that these are block 62 00:05:01,240 --> 00:05:08,080 ciphers and know, you know, how many bits are used like he was. 63 00:05:08,110 --> 00:05:12,220 OK, that's what you're going to need to know, especially if you're going for these certifications. 64 00:05:12,220 --> 00:05:19,030 So some asymmetric encryption algorithms that are popular, Willhelm and this is pretty much what you 65 00:05:19,030 --> 00:05:22,120 see a lot is a secure key exchange protocol. 66 00:05:22,120 --> 00:05:30,220 And he uses SSL and IPCA encryption actually to Shirkey so the keys can be exchanged in a secure manner. 67 00:05:31,600 --> 00:05:33,640 Elliptical curve crypto system. 68 00:05:34,390 --> 00:05:38,130 Also you'll see in places it uses points. 69 00:05:38,140 --> 00:05:45,580 It's very complicated, very complex is points on an elliptical curve in conjunction with logarithmic 70 00:05:45,580 --> 00:05:47,920 problems for encryption is integers. 71 00:05:47,920 --> 00:05:51,450 So it uses like a lot less processing power than other methods. 72 00:05:51,700 --> 00:05:55,360 So it's very popularly used on mobile devices. 73 00:05:55,510 --> 00:06:00,730 So if you ever see, like, you know, particularly exam's or something and you see something about 74 00:06:00,730 --> 00:06:03,240 encryption for a mobile device, this is probably the answer. 75 00:06:04,270 --> 00:06:11,350 And then there's RSA and this proves that she's strong encryption through the use of, you know, large 76 00:06:11,350 --> 00:06:12,160 prime numbers. 77 00:06:12,340 --> 00:06:16,260 And factoring these numbers creates key sizes of the four thousand ninety six bits. 78 00:06:16,270 --> 00:06:17,440 This is the standard. 79 00:06:17,920 --> 00:06:23,230 Typically when you creped things, you're going to be using RSA like for the most part you can use like 80 00:06:23,230 --> 00:06:23,800 RSA. 81 00:06:24,180 --> 00:06:24,510 Yes. 82 00:06:24,760 --> 00:06:26,310 This is what you're going to be doing. 83 00:06:26,650 --> 00:06:33,130 OK, so now let's go over some hashing algorithms so hashing algorithms can be thought of as forms of 84 00:06:33,130 --> 00:06:34,990 encryption, but you just can't reverse them. 85 00:06:35,270 --> 00:06:36,900 It's a one way transaction. 86 00:06:37,720 --> 00:06:44,380 So as a result, you know, hashes using hashes that you might have heard of a file hash or something. 87 00:06:44,560 --> 00:06:51,580 And this is a good way to ensure that the integrity of files and messages remain intact. 88 00:06:51,850 --> 00:06:57,820 And you typically would use hash tag algorithms to securely transmit things like passwords like you 89 00:06:57,820 --> 00:07:01,120 would never send or store passwords in plain text. 90 00:07:01,360 --> 00:07:06,610 You would you once you hash it and then either store it or send it somewhere, that's what you want 91 00:07:06,610 --> 00:07:07,000 to do. 92 00:07:07,210 --> 00:07:12,460 And if you're going to check that again, it's like another password, like maybe in a form like online, 93 00:07:12,670 --> 00:07:18,190 you would take the hash of whatever for whatever password or submit it, send it over, compare it to 94 00:07:18,190 --> 00:07:25,000 the hash and then see then give like a confirmation of if it's correct, if it's correct, and do whatever 95 00:07:25,000 --> 00:07:26,380 function that form is supposed to do. 96 00:07:26,800 --> 00:07:28,540 That's like the secure way of doing things. 97 00:07:28,540 --> 00:07:31,420 And that's kind of like we're hashing algorithms are mainly used. 98 00:07:33,370 --> 00:07:41,560 So just some specific hashing algorithms that you guys should know of this MI five, this produces a 99 00:07:41,560 --> 00:07:49,120 one hundred twenty bit hash output and is expressed as a thirty two digit hexadecimal number. 100 00:07:50,440 --> 00:07:57,250 There is one which is very popular, very popular to use for most products, like the probably the widest 101 00:07:57,250 --> 00:07:57,550 use. 102 00:07:58,030 --> 00:08:00,680 It produces a one hundred sixty bid value output. 103 00:08:00,910 --> 00:08:08,590 So if you, if you get this sha one hash of, of like a file or something is going to be a one hundred 104 00:08:08,590 --> 00:08:16,390 and sixty bid value and then you shot two and three shots, it holds four separate hash function functions 105 00:08:16,570 --> 00:08:21,910 that could produce outputs of two hundred twenty four, two hundred fifty six, three hundred eighty 106 00:08:21,910 --> 00:08:28,920 four and five hundred four bits just to put it out there to Shazza isn't very isn't as widely used as 107 00:08:29,290 --> 00:08:29,680 one. 108 00:08:30,430 --> 00:08:36,490 So you know, further progressing like progress on this stuff is kind of like slow down a little because 109 00:08:36,820 --> 00:08:42,250 I want to still use a lot in Shazza has a lot of functionality and a lot of potential, but one day 110 00:08:42,250 --> 00:08:49,420 I'll probably be up there and probably the most widely used just because of what it can do in the range 111 00:08:49,420 --> 00:08:51,050 of hashes then it can actually have. 112 00:08:51,070 --> 00:08:56,950 OK, so while hashes are secure, you can't attack them so they're not immune to being attacked at all. 113 00:08:57,490 --> 00:09:03,490 Hashes can't be cracked quote unquote in various ways, including preparing like a discovered hash, 114 00:09:03,490 --> 00:09:06,400 like maybe someone pulls a hash out from a database. 115 00:09:07,240 --> 00:09:12,040 They can compare that hash to the hashes of a list of strings that they have in a file. 116 00:09:12,190 --> 00:09:18,100 And this is achievable pretty easily, pretty quickly with applications like Hash Cat and John and Linux 117 00:09:18,100 --> 00:09:18,880 are you're going to see that. 118 00:09:20,260 --> 00:09:24,340 And then also hash is also vulnerable to what are known as collisions. 119 00:09:24,520 --> 00:09:33,270 And this is when the hash of two separate strings actually are equivalent by some crazy coincidence. 120 00:09:33,280 --> 00:09:36,870 This is a very small chance of this happening, but it is always possible. 121 00:09:37,120 --> 00:09:42,070 So in order to protect hashes, there's an extra measure. 122 00:09:42,070 --> 00:09:44,260 That extra security measure is called a salt. 123 00:09:44,440 --> 00:09:51,360 And you can add this on to a password hash, and this is called sorting a hash. 124 00:09:51,700 --> 00:09:58,450 So this is when you add just extra bits of data, you know, onto a hash to prevent the original hash 125 00:09:58,630 --> 00:09:59,740 from being cracked. 126 00:09:59,740 --> 00:10:05,950 And if further reduces the chance that the plaintext version of whatever that original, you know, 127 00:10:07,120 --> 00:10:13,380 whatever the original plaintext string was, it's going to prevent it from being uncovered. 128 00:10:13,810 --> 00:10:23,350 So sorting hashes is very common nowadays, but sorting hashes doesn't always solve the issue, because 129 00:10:23,350 --> 00:10:30,820 if I had if assault is detected, these applications like John and Hash Cat can actually figure out 130 00:10:30,820 --> 00:10:34,150 what the source is and still be able to correct hash. 131 00:10:34,150 --> 00:10:38,200 So that's something that, you know, to keep in mind when you're thinking about attacking. 132 00:10:38,200 --> 00:10:43,570 Cryptography is not extremely practical and it's not something that, you know, we're going to be able 133 00:10:43,570 --> 00:10:44,020 to do here. 134 00:10:44,200 --> 00:10:46,390 And that's something that's actually commonly done. 135 00:10:47,260 --> 00:10:48,940 There's a few ways that it can be hacked, though. 136 00:10:48,940 --> 00:10:50,040 So we're going to go over those. 137 00:10:50,770 --> 00:10:52,480 So there's three ways right now. 138 00:10:53,200 --> 00:10:54,760 Of course, there's a couple other ones. 139 00:10:54,760 --> 00:11:01,210 But the three main ways are going to be a known plaintext attack, a ciphertext only attack and a replay 140 00:11:01,210 --> 00:11:05,290 attack where the replay attack is probably going to be the most effective one for you. 141 00:11:05,770 --> 00:11:14,890 So the no plain text attack is when the attacker has both ciphertext and a plain text and uses uses 142 00:11:14,890 --> 00:11:20,830 both in to kind of figure out how it was encrypted, that it would analyze and see what's going on and 143 00:11:20,830 --> 00:11:24,000 try to see, hey, maybe this was the key that was used in this data. 144 00:11:24,250 --> 00:11:31,660 Now I can use that key, you know, to, you know, send out specific messages or something like that. 145 00:11:31,870 --> 00:11:37,420 I'm going to personally somebody or gain access to different data that's being sent across the network 146 00:11:37,420 --> 00:11:46,270 between like two to something on the side only attack where the hacker has like multiple messages that 147 00:11:46,270 --> 00:11:48,220 are encrypted, like in the same exact way. 148 00:11:48,220 --> 00:11:53,410 And then it would do a statistical analysis on it and figure out, you know, exactly how they were 149 00:11:53,410 --> 00:11:54,120 encrypted. 150 00:11:54,220 --> 00:11:57,880 So this was probably a little bit more difficult versus the first one. 151 00:11:57,880 --> 00:11:59,610 And it's in even both. 152 00:11:59,620 --> 00:12:03,550 It is a very kind of impractical to do for the most part and then is a replay. 153 00:12:03,550 --> 00:12:06,160 It's like this is your best bet as an ethical hacker. 154 00:12:07,490 --> 00:12:12,040 This is typically done with like a man in the middle of attack where the attacker would you be. 155 00:12:12,050 --> 00:12:17,920 You you sit in between two computers or two or something like that, and you capture a cryptographic 156 00:12:17,920 --> 00:12:24,580 exchange and then you repeat it, you know, in hopes of gaining access to whatever, you know, the 157 00:12:24,580 --> 00:12:27,640 host is trying to, you know, gain access to. 158 00:12:27,880 --> 00:12:31,950 And, you know, this is typically is not to affect them when session. 159 00:12:31,960 --> 00:12:32,680 So I use. 160 00:12:32,970 --> 00:12:38,910 But there are ways and still session to still like people's sessions and cookies and such, which we're 161 00:12:38,910 --> 00:12:39,670 going to go over. 162 00:12:39,730 --> 00:12:47,670 We're also going to go over a method of actually being able to spoof someone and downgrade like it would 163 00:12:47,670 --> 00:12:49,080 typically be a GPS. 164 00:12:49,870 --> 00:12:56,550 If they visit a site, we can actually make them we can actually spoof them and make them think that 165 00:12:56,550 --> 00:13:00,440 they're still visiting a cyber really they're visiting our machine. 166 00:13:00,630 --> 00:13:03,130 And then that way they're not using https. 167 00:13:03,150 --> 00:13:05,800 So that's that's kind of a way to be cryptography as well. 168 00:13:05,940 --> 00:13:07,620 So that's a little bit of cryptography. 169 00:13:07,620 --> 00:13:12,240 Just to teach you guys just a little bit, help you get ready for your exams that you're probably going 170 00:13:12,240 --> 00:13:12,750 to take. 171 00:13:12,900 --> 00:13:20,430 And also to give you an idea of how you can actually take, you know, take on cryptography in somewhat 172 00:13:20,430 --> 00:13:21,670 of a way to give you an idea. 173 00:13:21,690 --> 00:13:26,460 So typically, like I said, man in the middle of tech is going to be your bread and butter. 174 00:13:26,760 --> 00:13:30,240 And we're going to kind of do a man in the middle attack here.