C r y p t o g r a p h y
Module 19
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures
Cryptography
C r y p t o g r a p h y
M o d u le 19
Engineered by Hackers. Presented by Professionals.
CEH
E t h ic a l H a c k in g a n d C o u n t e r m e a s u r e s v 8
M o d u le 19: C ryp to gra p hy
Exam 31 2 -50
Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
Module 19 Page 2783
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures
Cryptography
01 October 2012
Ransom M alware H its Australia as
30 Busin esse s A ttacked
The 2012 epidemic of ransom malware appears to have turned even nastier with reports that as many
as 30 Australian businesses have now asked police for help coping with attacks in a matter of days.
According to local news, police in the state of Queensland have received reports from a dozen
businesses while many other are believed to have chosen to keep incidents to themselves.
Businesses affected included those in the medical, entertainment, retail and insurance sectors, the
news source said, with several dozen affected in total.
In one recent incident, a business in the Northern Territories reportedly paid an AUD $3,000 (about
£2,000) ransom via Western Union to get back access to important financial records, including credit
card data and debtor invoices. The attackers demanded the money within seven days or the sum would
increase by AUD $1,000 per week.
Worryingly, this attack used 256-bit encryption, to all intents and purposes impossible to crack if the
key has not been exposed during the attack.

"A lot of businesses can't afford the interruptions to their trade and will pay straight away," detective
superintendent Brian Hay of Queensland's fraud and corporate crime group told press.

Copyright © by EG-G*ancil. All Rights Reserved. Reproduction is Strictly Prohibited.
S e c u r i t y N e w s
.1* R a n s o m M a lw a r e H it s A u s t r a lia a s 30 B u s in e s s e s
A tta c k e d
Source:
The 2012 epidemic of ransom malware appears to have turned even nastier with reports that
as many as 30 Australian businesses have now asked police for help coping with attacks in a
matter of days.
According to local news, police in the state of Queensland have received reports from a dozen
businesses while many other are believed to have chosen to keep incidents to themselves.
Businesses affected included those in the medical, entertainment, retail and insurance sectors,
the news source said, with several dozen affected in total.
In one recent incident, a business in the Northern Territories reportedly paid an AUD $3,000
(about £2,000) ransom via Western Union to get back access to important financial records,
including credit card data and debtor invoices. The attackers demanded the money within
seven days or the sum would increase by AUD $1,000 per week.
Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
Module 19 Page 2784
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures
Cryptography
Worryingly, this attack used, to all intents and purposes impossible to crack if the key has not
been exposed during the attack.
"A lot of businesses can't afford the interruptions to their trade and will pay straight away/'
detective superintendent Brian Hay of Queensland's fraud and corporate crime group told
press.
Ransom malware has become a serious issue during 2012, although its effect on businesses is

rarely recorded. Most of the data that has become public has been in the form of police
warnings based on attacks against consumers.
Most attacks simply attempt to engineer users into believing their files are encrypted when
they are not or make more general threats, often to report victims to national police for non-
existent crimes.
The use of industrial-strength encryption is rare although this sort of technique is actually
where the form started as long ago in 2006 with a piece of malware called 'Cryzip.׳
In August, the FBI said it had been "inundated" with ransom malware reports from consumers,
not long after the UK's Police Central e-Crime Unit (PCeU) publicised an identical spate of
attacks that had affected over a thousand PCs in the UK.
In the past the few security companies that have investigated the issue have pinned the blame
on a single cabal of Russian criminals that seem able to operate with impunity. Now the same
tactics appear to have spread to gangs in nearby countries such as the Ukraine and Romania.
The suspicion is that some security vendors say little about the problem because not only is
their software unable to stop infections but they can't always unlock the files after the fact
either.
All contents © IDG 2012
By: John E Dunn
/>businesses-attacked/
Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
Module 19 Page 2785
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures
Cryptography
CEH
M o d u l e O b j e c t i v e s
1
J
Cryptography
'J

Digital Signature
J
Encryption Algorithm s
J
Disk Encryption
J
Ciphers
J
Disk Encryption Tool
J
W hat Is SSH (Secure Shell)?
J Cryptography Attacks
J
Cryptography Tools
J Code Breaking Meth odologies
J
Public Key Infrastructure (PKI)
J
Cryptanalysis Tools
J Certification Authorities J Online M D 5 Decryption Tools
Copyright © by EG-G*ancil. All Rights Reserved. Reproduction is Strictly Prohibited.
ft: M o d u l e O b j e c t i v e s
Having dealt with various security concerns and countermeasures in the preceding
modules, it is obvious that cryptography, as a security measure, is here to stay. This module will
familiarize you with:
Digital Signature
Disk Encryption
Disk Encryption Tool
Cryptography Attacks
Code Breaking Methodologies

Cryptanalysis Tools
Online MD5 Decryption Tools
s Cryptography
S Encryption Algorithms
S Ciphers
0 What Is SSH (Secure Shell)?
S Cryptography Tools
S Public Key Infrastructure (PKI)
S Certification Authorities
Ethical Hacking and Countermeasures Copyright © by EC-C0l1nCil
All Rights Reserved. Reproduction is Strictly Prohibited.
Module 19 Page 2786
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures
Cryptography
M o d u l e F l o w C EH
M o d u l e F lo w
■V
V׳
X
To understand cryptography security measures, let's begin with cryptography and its
associated concepts.
Cryptography Concepts
|*jiH Encryption Algorithms
Cryptography Tools Public Key Infrastructure (PKI)
Email Encryption
Disk Encryption
Cryptography Attacks
0 ^ ) Cryptanalysis Tools
This section describes cryptography and the types of cryptography.
Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil

All Rights Reserved. Reproduction is Strictly Prohibited.
Module 19 Page 2787
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
C E H
C r y p t o g r a p h y
C ry p to g raphy is t h e c o n v e rsio n o f d a t a into a s c ram b led
c o d e th a t is d e c r y p ted a n d s e n t a c ro ss a p r iv a te o r
p u blic n e tw o r k
Cryptography is used to protect confidential data such as
email messages, chat sessions, web transactions, personal
data, corporate data, e-commerce applications, etc.
J Authentication
J Non-Repudiation
J Confidentiality
J Integrity
Objectives
W
Process
D e cry p tion
•>*

•>
E ncry p ti on
PlaintextCiphertextCiphertextPlaintext
C op yrig ht © by EG-G*ancil. All Rights R ese rv ed . R ep ro du ction is S trictly P ro hib ite d.
C r y p t o g r a p h y
Everyone has secrets, and when it is necessary to transfer that secret information
from one person to another, it's very important to protect that information or data during the
transfer. Cryptography takes plaintext and transforms it into an unreadable form (ciphertext)

for the purpose of maintaining security of the data being transferred. It uses a key to transform
it back into readable data when the information reaches its destination. The word crypto is
derived from the Greek word kryptos. Kryptos was used to depict anything that was concealed,
hidden, veiled, secret, or mysterious. Graph is derived from graphia, which means writing;
hence, cryptography means the art of "the secret writing."
Cryptography is the study of mathematical techniques involved in information security such as
confidentiality, data integrity, entity authentication, and data origin authentication.
Cryptography transforms plaintext messages to ciphertext (encrypted messages) by means of
encryption. Modern cryptography techniques are virtually unbreakable, though it is possible to
break encrypted messages by means of cryptanalysis, also called code breaking. There are four
main objectives of cryptography:
C o n f i d e n t i a l it y
According to the International Standards Organization (ISO), confidentiality is "ensuring
that the information/data can be accessed only by those authorized." Confidentiality is the
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2788
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
term used to describe the prevention of revealing information to unauthorized computers or
users.
Any breach in confidentiality may lead to both financial and emotional distress. There have
been instances of organizations going bankrupt due to a system breach by rival organizations.
Moreover, personal information in the wrong hands can ruin the lives of system users.
Therefore, only authorized users should possess access to information.
I n t e g r i t y
Integrity is ״ensuring that the information is accurate, complete, reliable, and is in its
original form/' Valuable information is stored on the computer. Any data
corruption/modification can reduce the value of the information. The damage that data
corruption/modification can do to an organization is unfathomable.

Integrity of the data is affected when an insider (employee) of an organization or an attacker
deletes/alters important files or when malware infects the computer.
Although it may be possible to restore the modified data to an extent, it is impossible to restore
the value and reliability of the information.
Examples of violating the data integrity include:
9 A frustrated employee deleting important files and modifying the payroll system
9 Vandalizing a website and so on
A u t h e n t i c a t i o n

Authenticity is "the identification and assurance of the origin of information." It is
important to ensure that the information on the system is authentic and has not been
tampered with. It is also important to ensure that the computer users or those who access
information are who they claim to be.
N o n r e p u d i a t i o n
— In digital security, nonrepudiation is the means to ensure that a message transferred
has been sent and received by the persons or parties who actually intended to. Let us assume
that party A is sending a message M with the signature S to the party B. Then party A cannot
deny the authenticity of its signature S. It can be obtained through the use of:
9 Digital signatures: A digital signature functions as unique identifier for an individual, like
a written signature. It is used to ensure that a message or document is electronically
signed by the person.
9 Confirmation services: It is possible to indicate that messages are received and/or sent
by creating digital receipts. These digital receipts are generated by the message transfer
agent.
D ecryption ^
L ״j
C ip he rte xt Plain text
Encryption

>

FIGURE 19.1: Illustrating cry pto graphy pro cess
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2789
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
T y p e s o f C r y p t o g r a p h y
c
(•rtifwd
E H
itkKJl
1
Symmetric Encryption
Dear John,
A/C number
7974392830
Enc ryptio n
Guuihifhofn
kbifkfnnfk
Nklclmlm
«*״&}״(_)_
D ecryptio n
|

Dear John,
This is my
A/C number
7974392830
P lain t e x t C ip h e r te x t P lain tex t
Asymm etric Encryption

Asymmetric encryption (public-key)
uses different encryption keys for
encryption and decryption. These keys
are known as public and private keys
Symm etric Encryption
Symmetric encryption (secret-key,
shared-key, and private-key) uses the
same key for encryption as it does for
decryption
Asymmetric Encryption
Dear John,
A/C number
7974392830
E ncry ption
Guuihifhofn
kbifkfnnfk ■ •
Nklclmlm
»A״&)״LL
D ecryp tio n
Dear John,
This is my
A/C number
7974392830
P la in tex t
C ip h e r te x t Plain t e x t ^
C op yrig ht © by EG-G*ancil. All Rights R ese rv ed . R ep ro du ction is S trictly P ro hib ite d.
' C m T y p e s o f C r y p t o g r a p h y
'■־•'־" The following are the two types of cryptography:
9 Symmetric encryption (secret key cryptography)
e Asymmetric encryption (public key cryptography)

S y m m e t r ic E n c r y p t i o n
'וי
The symmetric encryption method uses the same key for encryption and decryption.
As shown in the following figure, the sender uses a key to encrypt the plaintext and sends the
ciphertext to the receiver. The receiver decrypts the ciphertext with the same key that is used
for encryption and reads the message in plaintext. As a single secret key is used in this process
symmetric encryption is also known as secret key cryptography. This kind of cryptography
works well when you are communicating with only a few people.
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2790
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
S y m m e t r i c E n c r y p t i o n
3
G uuihifh ofn
LkifW nnflr
Decryption
3
DearJo hn,
KD IIK ■ nn TK
Nklclm lm

A/C num be r
7974392830
Encryption
f^ )
Dear John,
This is m y
A/C num be r

7974392830
Plain textCiphertext
FIGURE 19.2: Symmetric Encryption method
Plain text
The problem with the secret key is transferring it over the large network or Internet while
preventing it from falling into the wrong hands. In this process, anyone who knows the secret
key can decrypt the message. This problem can be fixed by asymmetric encryption.
A s y m m e t r i c E n c r y p t i o n
' 1 Asymmetric cryptography uses different keys for encryption and decryption. In this
type of cryptography, an end user on a public or private network has a pair of keys: a public key
for encryption and a private key for decryption. Here, a private key cannot be derived from the
public key.
The asymmetric cryptography method has been proven to be secure against attackers. In
asymmetric cryptography, the sender encodes the message with the help of a public key and
the receiver decodes the message using a random key generated by the sender's public key.
A s y m m e t r ic E n c r y p t io n
\
Decryption
\
G uuih ifhofn DearJohn,
kbifkfnnfk This is m y
Nklclm lm
A/C num be r
7974392830
Encryption
Dear John,
This is m y
A/C n um ber
7974392830
Plain textCiphertextPlain text

FIGURE 19.3: Asymmetric Encryption method
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2791
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
E H
G o v e r n m e n t A c c e s s t o K e y s ( G A K ) C
m
Government Access to
Keys means that software
companies will give copies of all
keys, (or at least enough of the
key that the remainder could
be cracked) to the government
\ssue
th\s
—יע ג ז י״ ־
II Rig hts R eserved. R e pro du ctio n is Strictly Prohibited .
0n'y Use S and *ill
C° u r t issu es a
Sa *arram
to do so
G o v e r n m e n t A c c e s s t o K e y s ( G A K )
A key escrow encryption system provides the decrypting capability to certain
authorized personnel, under stipulated conditions, and can decrypt the data.
The data recovery keys for encrypting and decrypting the data are not similar, but they inform
a method to determine the encryption and decryption keys. They include a key escrow (used to
refer the safeguard the data keys), key archive, key backup, and data recovery system.
Key recovery systems have gained prominence due to the desire of government intelligence

and law enforcement agencies to guarantee they have access to the encrypted information
without the knowledge or consent of encryption users.
A well-designed cryptosystem provides security by recovering the encrypted data without
proper information about the correct key. The maintenance of such high-security measures
may cause problems to the owner of the encrypted data if the owner loses the key.
The eventual goal of government-driven recovery encryption, as stated in the US Department
of Commerce's recent encryption regulations, "Envisions a worldwide key management
infrastructure with the use of key escrow and key recovery encryption items."
The Clipper Chip is a hardware-based cryptographic device used to secure private
communications by simultaneously authorizing government agents to obtain the keys upon
giving it, vaguely termed "legal authorization."
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2792
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
The keys are split betw een tw o gove rnm e n t escrow agencies. This helps the g o vern m ent in
accessing private com m un icatio n channels. A device called C lippe r is used to encrypt voice
com m unicatio n s and a sim ilar device called Capstone is used to encrypt th e data.
The N ational Security Agency (NSA) is a secret US m ilitary intelligence agency responsible for
capturing foreign go v e rn m en t co m m unications, and cracking th e codes of protected
transmissions th at are developed w ith an a lgorithm know n as Skipjack.
The Skipjack algorithm uses 80 -bit keys. C rypt analyzing requires searching th roug h all keys,
w h ich makes it sixteen m illio n tim es as hard to break as DES.
From th e user's view poin t, any key escrow system diminishes security. It puts th e potential fo r
access to the user's com m unicatio ns in th e hands of escrow agencies, whose intentions,
policies, security capabilities, and fu ture ca n n o t be know n.
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2793

Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
M o d u l e F l o w C E H
C op yrig ht © by EG-G*ancil. All Rights R ese rv ed . R ep ro du ction Is Strictly Pro hib ited.
M o d u l e F l o w
So far, we have discussed cryptography and the concepts associated w ith it. Now we
w ill discuss encryption key concepts o f cryptography. There are m any mechanisms, i.e,
encryption algorithm s, th a t allow you to encrypt the plaintext.
C rypto graph y Concepts
p i Encryption A lgo rithm s
111:1111
C rypto graph y Tools Public Key In frastru ctu re (PKI)
Email E ncryption
Disk Encryption
^ C ryptograph y A ttacks
Cryptanalysis Tools
This section describes ciphers and various e ncryption algorithms such as AES, DES, RC4, RC5,
RC6, DSA, RSA, MD 5, and SSH.
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2794
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
C i p h e r s
Cryptography refers to secret w ritin g and a cipher is no th ing more than an algo rithm
used for both e ncryption as w ell as de cryption. The tra dition al m etho d o f encoding and
decoding used to be in a differen t fo rm a t, w hich provided num bering for each le tter of the
alphabet and used to encode the given message. If the attacker also knew the num b ering
system, he or she could decode it.
In cryptography, the cipher algo rithm used for encoding is known as enciphering and decoding

is known as deciphering.
Example:
a b c d e f g h z are given in codes of numerical num bers, such as 1 2 3 4 5 26.
The message can be encoded based on this exam ple and can be decoded as w ell. In a cipher,
the message appears as plainte xt but has been encoded th rou gh a key. Based on the
requirem ents the key could be a sym bol or some o the r form of te xt. If the message is highly
confidential, then the key is restricted to the sender and recipient, but in some cases in open
domains, some keys are shared w ith ou t affecting the m ain data.
There are various types of ciphers:
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2795
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
C l a s s i c a l C i p h e r s
vv (!ך ו■
ITO W j Classical ciphers are the m ost basic type of ciphers th a t operate on alp hab et letters,
such as A-Z. These are usually im p lem ented either by hand or w ith sim ple m echanical
devices. These are not very reliable. There are tw o types o f classical ciphers:
9 Su bstitu tion cipher: The units of plain te xt are replaced w ith ciphertext. It replaces bits,
characters, or blocks of characters w ith d iffe re n t bits, characters, or blocks.
9 Transposition ciphe r: The letters o f th e plain te xt are shifted to form the crypto gra m .
The cipherte xt is a pe rm utation o f the plaintext.
M o d e r n C i p h e r s
Jjy
M odern ciphers are designed to w ith stand a w ide range o f attacks. M ode rn ciphers
provide message secrecy, inte grity, and authentica tio n of th e sender. The m odern ciphers are
calculated w ith the help of a one-way m athem atical fu nctio n th at is capable of fa cto rin g large
prim e num bers. M odern ciphers are again classified in to tw o categories based on the typ e of
key and th e input data. They are:

Based on th e type o f key used
9 Private-key crypto gra phy (sym metric key algorithm ): The same key is used for
encryptio n and decryption.
9 P ublic-key c ryp tog rap hy (asymm etric key alg orith m ): Tw o different keys are used fo r
encryption and decryption.
R L י
Based on the typ e o f inp u t data
CH *)-□
9 Block ciphers: Refer to an a lg orith m operating on block (group of bits) of fixed
size w ith an unvarying tra nsform a tio n specified by a symm etric key.
9 Stream ciphers: Refer to sym m etric key ciphers. This is obtained by com bining th e
pla in text digits w ith a key stream (pseudorandom cipher digit stream).
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2796
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
D a t a E n c r y p t i o n S t a n d a r d ( D E S )
C E H
H3
1־ HmU
The algorithm is designed to encipher and
decipher blocks of data consisting of 64 bits
under control of a 56-bit key
S
DES is the archetypal block cipher — an algorithm
that takes a fixed-length string of plaintext bits and
transforms it into a ciphertext bitstring of the
same length
Due to the inherent weakness of DES with today's

technologies, some organizations repeat the
process three times (3DES) for added strength, until
they can afford to update their equipment to AES
capabilities
C op yrig ht © by EG-G*ancil. All Rights R ese rv ed . R ep ro du ction Is Strictly Pro hib ited.
D a t a E n c r y p t i o n S t a n d a r d ( D E S )
- rrY־=r־*|

DES is th e nam e of th e Federal info rm a tion Processing Standard (FIPS) 46-3 th at
describes the data encryption a lgo rithm (DEA). It is a sym m etric cryptosystem designed for
im plem e ntatio n in hardw are and used for single-user encryption, such as to store files on a
hard disk in encrypted form .
DES gives 72 q ua drillio n or m ore possible encryption keys and choses a random key fo r each
message to be encrypted. Though DES is considered to be strong encryption, at present, triple
DES is used by many organizations. Triple DES applies thre e keys successively.
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2797
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
A d v a n c e d E n c r y p t i o n S t a n d a r d ״ _ ״
t t H
■ X l U l J I UrtifW4 ttfciul lUchM
AES Pseudocode
C ip h e r (b y te i n [ 4 * N b ] , b y t e o u t [4 * N b ]
w o rd w [ N b * ( N r + 1 ) ] )
b e g in
b y t e s t a t e [ 4 , N b]
s t a t e = i n
A d d R o u n d K e y ( s ta te , w)

f o r r o u n d = 1 s t e p 1 t o N r - 1
S u b B y t e s ( s ta t e )
S h ift R o w s ( s t a t e )
M ix C o lu m n s ( s ta t e )
A d d R o u n d K e y (s ta te , w + ro u n d *N b )
e n d f o r
S u b B y t e s ( s ta t e )
S h ift R o w s ( s t a t e )
A d d R o u n d K e y ( s t a te , w + N r* N b )
o u t = s t a t e
C op yrig ht © by EG-G*ancil. All Rights R ese rv ed . R ep ro du ction is S trictly P ro hib ite d.
AES is a symmetric-key algorithm for
securing sensitive but unclassified material
by U.S. government agencies
AES is an iterated block cipher, which
works by repeating the same operation
multiple times
It has a 128-bit block size, with key sizes of
128,192, and 256 bits, respectively for AES-
128, AES-192, and AES-256
A d v a n c e d E n c r y p t i o n S t a n d a r d ( A E S )
The Advanced Encryption Standard (AES) is a N ational Institu te o f Standards and
Technology specification for the en cryption of electronic data. It can be used to encrypt digital
in form ation such as telecom m unica tions, financial, and g overnm ent data. AES consists o f a
sym metric-key algo rithm , i.e., both e ncryption and decryption are p erfo rm ed using the same
key.
It is an iterated block cipher that works by repeating the defined steps m u ltiple tim es. This has a
128-bit block size, w ith key sizes of 128, 192, and 256 bits, respectively, fo r AES-128, AES-192,
and AES-256.
AES Pseudo code

Initially, the cipher in put is copied in to the internal state and then an initia l round key is added.
The state is transform e d by itera tin g a round fun ctio n in a num ber of cycles. Based on the block
size and key length, the number of cycles may vary. Once rounding is com pleted, th e final state
is copied in to the ciphe r ou tpu t. C ip h e r (b yte in [4 *N b ], b y te o u t [4 *N b ], word
w [N b * (N r+ 1 )])
b e gin
b y te s t a t e [4, Nb]
s ta te = in
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2798
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
AddRoundKey ( s ta te , w)
f o r rou nd = 1 ste p 1 t o N r-1
SubBytes (s ta te )
S h iftR o w s (s ta te )
M ixC olu m ns( s ta te )
AddR oundKey(s ta t e , w+round*Nb)
end f o r
S u b B y te s(s ta te )
S h iftR o w s (s ta te )
AddRoundKey(s ta te , w+Nr*Nb)
o u t = s ta te
end
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2799
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography

R C 4 , R C 5 , R C 6 A l g o r i t h m s
C E H
A variable key size stream cipher with byte-
oriented operations, and is based on the use of
a random permutation
It is a parameterized algorithm with a variable
block size, a variable key size, and a variable
number of rounds. The key size is 128-bits
RC6 is a symmetric key block cipher derived from RC5
with two additional features:
» Uses Integer m ultiplication
» Uses fo ur 4-bit working registers (RC5 uses tw o 2-bit registers)
C op yrig ht © by EG-G*ancil. All Rights R ese rv ed . R ep ro du ction is S trictly P ro hib ite d.
R C 4 , R C 5 , a n d R C 6 A l g o r i t h m s
The encryptio n algo rithm s developed by RSA Security are:
RC4
RC4 is a stream cipher for RSA Security, w hich Rivest designed. It is a variable key-size
stream cipher w ith byte-orien ted operations and is based on th e use o f a random
p erm u ta tio n. According to some analysis, the period o f the cipher is likely to be greater than
10100. For each ou tp ut byte, eight to sixteen system operations are used, which means the
cipher can run fast in softw are. Independent analysts have had a careful and critical look at the
algorithm , and it is considered secure. Products like RSA SecurPC use this alg orithm for file
encryption. Rc4 is also used for safe com m unications like traffic encryption, w hich secures
websites and fro m secure websites w ith SSL pro toco l.
RC5
RC5 is a block ciphe r known for its sim plicity . Ronald Rivest designed it. This algorithm
has a variable block size and key size and a variable num ber of rounds. The choices fo r
the block-size are 32 bits, 64 bits, and 128 bits. The ite rations range from 0 to 255;
whereas the key sizes have a range from 0 to 2040 bits. It has th re e routines: key expansion,
encryptio n, and decryption.

RC6
Ethical Hacking and C ounte rm easures Copyright © by EC-C0l1nCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2800
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
It is a block cipher tha t is based on RC5. Like in RC5, the block size, th e key size, and the num ber
of rounds are variable in the RC6 algo rithm . The key-size ranges from 0 bits to 2040. In additio n
to RC5, RC6 has tw o m ore features, w hich are the ad dition of integer m ultip lica tio n and the
usage o f fou r 4 -bit w orking registers as an alte rn ative to RC5׳s tw o 2-bit registers.
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2801
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
C E H
T h e D S A a n d R e l a t e d S i g n a t u r e
S c h e m e s
Digital Signature
The digital signature is computed using a
set of rules (i.e., the DSA) and a set of
parameters such that the identity of the
signatory and integrity of the data can be
verified
e _ 9
Digital Signature Algorithm
FIPS 186-2 specifies the Digital Signature
Algorithm (DSA) that may be used in the
generation and verification of digital
signatures for sensitive, unclassified

applications
1. Select a prim e num ber q such th at 2159 < q < 2160
2. Choose t so that 0 < t £ 8
3. Select a prim e nu mber p such that 2511*64' < p < 2512*64' w ith the
additio nal p rope rty tha t q divides (p-1)
4. Select a generator a o f the unique cyclic group of order q in Z*p
5. To compute a, select an eleme nt g in and com pute mod p
6. If a = 1, perform step five again w ith a different g
7. Select a random a such tha t 1 < a < q-1
8. Com pute y= a° mod p
The public key is (p, q, a, y). The private key is a.
Each entity creates
a public key and
corresponding
private key
C op yrig ht © by EG-G*ancil. All Rights R ese rv ed . R ep ro du ction is S trictly P ro hib ite d.
T h e D S A a n d R e l a t e d S i g n a t u r e S c h e m e s
A digital signature is a m athem atical scheme used for the a uthe nticatio n of a digital
message. Digital Signature Algorithm (DSA) is intended fo r its use in the U.S. Federal
Inform ation Processing Standard (FIPS 186) called the Digital Signature Standard (DSS). DSA
was actually proposed by the National Institu te of Standards and Technology (NIST) in August
1991. NIST made the U.S. Patent 5,231,668 th at covers DSA available w o rld w ide freely. It is the
firs t digital signature schem e recognized by any go vernm ent.
A digital signature algorithm includes a signature g eneration process and a signature
ve rifica tio n process.
Signature G eneration Process: The private key is used to know w ho has signed it.
Signature V erifica tio n Process: The public key is used to ve rify w h eth er the given digital
signature is genuine or not.
As to the p opu larity of online shopping grows, e-payment systems and various oth er electronic
payment modes rely on various systems like DSA.

Benefits of DSA:
© Less chances of fo rg ery as it is in the case of w ritte n signature,
e Quick and easy method of business transactions,
e Fake currency problem can be drastically reduced.
DSA, w ith its uses and benefits, may bring revolu tion ary changes in the fu tu re .
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2802
C op yrig ht © by EG-G*ancil. All Rig hts R eser ved. R ep ro duc tio n is S tric tly P ro hib ited.
R S A ( R i v e s t S h a m i r A d l e m a n )
RSA is a public-key cryptosystem. It uses m odular a rithm etic and elem entary num ber
theo ries to p erfo rm com putation s using tw o large prim e num bers. RSA e ncryption is w idely
used and is the de-facto e ncryption standard.
Ron Rivest, Adi Shamir, and Leonard Adlem an fo rm ula te d RSA, a public key cryptosystem for
encryptio n and authentica tio n. It is usually used w ith a secret key cryptosystem , like DES. The
RSA system is w ide ly used in a variety of products, platform s, and industries. M any operating
systems like M icrosoft, Apple, Sun, and Novell build the RSA algorithm s into the existing
versions. It can also be fo und on hardw are secured telephones, on Ethernet netw ork cards, and
on sm art cards. Consider th a t Alice uses the RSA technique to send Bob a message. If Alice
desires to com m unicate w ith Bob, she encrypts the message using a random ly chosen DES key
and sends it to Bob. Then she w ill look up Bob's public key and use it to encrypt th e DES key.
The RSA digital envelope, w hich is sent to Bob by Alice, consists o f a DES-encrypted message
and RSA-encrypted DES key. When Bob receives the digital envelope, he w ill decrypt the DES
key w ith his private key, and then use the DES key to decrypt the message itself. This system
combines the high speed o f DES w ith the key m anagem ent convenience o f th e RSA system .
The w orking of RSA is as follow s: Two large prim e num bers are taken (say "a" and "b"), and
their product is de term in ed (c = ab, w here "c" is called th e modulus). A number "e" is chosen
such th at it is less than "c " and relatively prime to (a -l)(b -l), which means that "e " and (a -l)(b -
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.

M odule 19 Page 2803
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
1) have no com mon factors except 1. A part from this, another num be r " f" is chosen such th at
(ef - 1) is divisible by (a -l)(b -l). The values "e " and "f" are called the public and private
exponents, respectively. The public key is the pair (c, e); the private key is the pair (c, f). It is
considered to be d ifficult to obtain the private key “f" from the public key (c, e). H owever, if
someone can factor "c" into "a" and "b", then he or she can decipher the private key "f". The
security o f the RSA system is based on th e assum ption tha t such facto rin g is diffic ult to carry
out, and the re fore, the cryptographic techniq ue is safe.
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2804
Exam 312-50 Certified Ethical HackerEthical Hacking and C oun term easures
C ryptography
E x a m p l e o f R S A A l g o r i t h m
C E H
P = 61 <= f i r s t p r im e n um b e r ( d e s t r o y t h is a f t e r c o m p u tin g E a n d D)
Q = 53 <= secon d p rim e n u m ber ( d e s t r o y t h is a f t e r c o m p u tin g E a n d D)
PQ = 3 233 <= m o d u lu s ( g iv e t h i s to o t h e r s )
E = 17 <= p u b lic e x p o n e n t ( g i v e t h i s t o o t h e r s )
D = 2753 < = p r iv a t e e x p o n e n t (ke e p t h is s e c r e t ! )
Y o u r p u b l ic k e y i s ( E , P Q ) .
Y o u r p r iv a t e k e y i s D .
T h e e n c r y p t io n f u n c t i o n i s : e n c r y p t (T ) = (T AE ) m od PQ
= (T "1 7 ) m od 32 3 3
T h e d e c r y p t io n f u n c t i o n i s : d e c r y p t (C ) = (C AD) m od PQ
= (0 *2 7 5 3 ) mod 3 233
T o e n c r y p t t h e p l a i n t e x t v a l u e 1 2 3 , d o t h i s :
e n c r y p t (1 2 3 ) = ( 1 2 3 A1 7 ) m od 3 233

= 3 3 7 5 8 7 9 1 7 4 4 6 6 5 3 7 1 5 5 9 6 5 9 2 9 5 8 8 1 7 6 7 9 8 03 m od 323 3
= 855
T o d e c r y p t t h e c i p h e r t e x t v a lu e 8 5 5 , d o t h i s :
d e c r y p t (8 5 5 ) = ( 8 5 5 *2 7 5 3 ) mod 323 3
= 123
I
C op yrig ht © by EG-G*ancil. All Rights R ese rv ed . R ep ro du ction is S trictly P ro hib ite d.
E x a m p l e o f R S A A l g o r i t h m
RSA retains its security through the apparent d ifficulty in fa cto rin g large composites.
Yet there is a possibility o f discovering th e polynom ial tim e factorin g algo rithm using the
advance num ber the ory. There are th re e factors tha t can aggravate the path towa rds
com prom ising RSA security. The advances include factoring technique, com puting pow er, and
decrease in the expend iture o f th e hardware. The w orking of RSA as explained before is
illustrated in the fo llo wing example. For P = 61 and Q = 53, PQ = 3233. Taking a public
exponent, E = 17, and a private exponent, D = 2753, it can be encrypted into plain te xt 123 as
shown as follow s:
P = 61 <= first prim e num ber (destroy this a fter com puting E and D)
Q = 53 <= second prim e num ber (destroy this a fter com pu ting E and D)
PQ = 3233 <= m odulus (give this to others)
E = 17 <= public exponent (give this to others)
D = 2753 <= private exponent (keep this secret!)
Your public key is (E,PQ).
Your private key is D.
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2805
Exam 312-50 Certified Ethical Hacker
The encryption fun ctio n is: encrypt(T) = (TAE) mod PQ
= (TA17) m od 3233
The decryption fun ctio n is: decrypt(C) = (CAD) mod PQ

= (CA2753) mod 3233
To encrypt the plaintext value 123, do this:
encrypt(123) = (123A17) mod 3233
= 337587917446653715596592958817679803 mod 3233
= 855
To decrypt the cipher text value 855, do this:
decrypt(855) = (855*2753) mod 3233
= 123
Ethical Hacking and C o unterm easu res
C ryptography
Ethical Hacking and C ounte rm easures Copyright © by EC-C0UnCil
All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 19 Page 2806