## Encryption[Home] This page outlines a wide range of methods used in encryption.
## A few basic principles**Brute Force (with increasing keys)**. Brute Force. This is an outline for brute force calculations.**Brute Force (with parallel processing)**. Brute Force. This is an outline for brute force calculations with multiple processors.**Brute Force (with increasing computing power)**. Brute Force (over the years). This is an outline for brute force calculations for increasing computing power.**Large numbers**. Large. With encryption we normally deal with large numbers. This example shows how we can display these.**Random number**. Random. This provides a 192-bit random number.**Random number (512-bit)**. Random. This provides a 512-bit random number which is used in 1024-bit encryption.**GCD**. GCD. GCD is the greatest common divisor.**Key Entropy**. Entropy. Determines key entropy.**File Entropy**. Entropy. This outlines the calculation of Shannon's entropy.**Binary multiplication (modulo 2) - GF(2)**. Bin. This outlines the calculation of binary multiplication (modulo 2).**Password strength**. Test. This outlines the strength of various passwords types.**Birthday attack**. Calc. This provides a simple example of the birthday attack.**Birthday attack (with Big Integers)**. Calc. This provides a simple example of the birthday attack.**Linear Congruential Random Number Generator**. Calc. This provides a random number generator.**Combinations and Permutations**. Calc. This provides an outline of combinations and permutations**Pollard's ρ method (Factoring integers)**. Pollard. The Pollard ρ method factorises integers.**Elliptic Curve method (Factoring integers)**. Elliptic. The Elliptic Curve method factorises integers.**Padding (AES)**. Padding. This outlines how data is padded for AES.**Padding (DES)**. Padding. This outlines how data is padded for DES.**Caesar codes**. Caesar. This outlines of the possible Caesar code shifts**Fermat's Little Thereom**. Fermat. This outlines Fermat's Little Theorem**Inverse of n mod m**. Inv. This outlines the inverse of n mod m (used in RSA and Knapsack).**Inverse of n mod m (Euclidean method)**. Inv. This outlines the inverse of n mod m (Euclidean method)**Chinese Remainder Theory**. CRT. This outlines Chinese Remainder Theory.**Exponentiation cipher**. Exp. This outlines Exponentiation cipher which provides the basis of several encryption methods, such as RSA and Pohlig-Hellman.**Convert keys to plain English**. English. Convert to plain English.**Factors of integers**. Factors. Determine factors of an integer.**Blockchain work**. Work. Determine Blockchain work.**Fun Crypto Magic Tricks**. Magic. Outlines some fun magic tricks for crypto.**Session keys from HTTPs**. Go.**Base58 (used in Bitcoins)**. Base58.**Bitcoin keys**. Bitcoin.**DNA storage**. DNA. DNA storage**Reed Solomon**. Reed. This outlines Reed Solomon coding.**Simple Homomorphic Cipher**. Hom. This outlines a Simple Homomorphic cipher.**Merkle Tree**. Merkle. This outlines a Merkle Tree.**Secure Remote Password protocol**. SRP. This outlines the Secure Remote Password protocol.**Monte Carlo Test for randomness**. Monte. This outlines the Monte Carlo Test for randomness.
## Zero-knowledge proof**Zero-knowledge proof (discrete logs)**. ZKP. Outlines zero-knowledge proof.**Zero-knowledge proof (Feige-Fiat-Shamir)**. ZKP. Outlines zero-knowledge proof using the Feige-Fiat-Shamir method.**Zero-knowledge proof (non-interactive random oracle access)**. ZKP. Non-interactive random oracle access for the Fiat-Shamir heuristic.**Zero-knowledge proof (Graphs)**. ZKP. Outlines zero-knowledge proof using graphing methods.**Fair coin flip**. ZKP. Outlines how a fair coin flip can be created, without a trusted verifier.**Voting with Paillier crypto system**. ZKP. Outlines voting with Paillier crypto system.**Oblivious transfer**. OT. Oblivious transfer.**Scrambled circuits**. Scrambled. Scrambled circuits - SFE.**Millionaire's Problem**. Mill. Yao's Millionaire Problem.**RAPPOR**. RAPPOR. Outlines RAPPOR (Randomized Aggregatable Privacy-Preserving. Ordinal Response) which allows for privacy in gathered data.
## Ciphers CrackingThe following are examples of cipher cracking: **Index of Coincidence (IC)**. IC. This outlines the Index of Coincidence (IC).**Kasiski examination**. Kasiski. This outlines Kasiski examination.**Vigenère Calculator Crack**. Vig. This outlines Vigenère Crack.**Frequency Analysis**. Freq. This involves frequency analysis of text.**Frequency Analysis (Example)**. Freq. This involves frequency analysis of text.
## Prime numbersThe following are the tips related to prime numbers, which are a key principle in public-key encryption: **Find primes**. Find Prime Numbers. Many public key algorithms depend on primary number, which are difficult to factorize when multiplied together. This program creates the ones from 1 to 1,000,000.**Prime numbers**. Prime. Prime numbers are used extensive in encryption, such as in the Diffie-Hellman method.**Test if prime?**testprime. This checks for whether a number is prime.**Miller-Rabin Test for prime**. M-R. This outlines Miller-Rabin Test**Random Prime Number generator**. Primes. Generates two prime numbers of various bit sizes, and creates the product of these.**Prime Number sieve**. Sieve. Implementation of the fast method to generate a range of prime numbers.
## Public-key encyption methodsThe following are the tips related to encryption: **RSA**. Simple RSA Calculation. This is a simple tutorial for RSA key generation.**RSA**. RSA Encryption. This uses RSA key generation and encryption.**RSA (range of keys)**. RSA Encryption. This uses RSA key generation and encryption using a range of key sizes from 512-bits up to 16,384 bit.**Public Key (ASCII format)**. RSA Public Key. Often we have to convert the public key to an ASCII format.**PGP Encryption**. PGP. This uses PGP encryption.**DSA**. DSA Encryption. This uses DSA key and fingerprint generation.**ElGamal**. ElGamal. ElGamal is a public key method which uses discrete logarithms.**RSA with Commutative Keys**. Comm. Commutative encryption allows Bob and Alice to encrypt in any order, and then they can decrypt in any order.**Commutative Keys (with SRA - Shamir, Rivest and Aldeman)**. Comm. Commutative encryption examples.**Elliptic Curve**. Elliptic Curve. Elliptic Curv is a public key method which can also be used to generate a shared key.**Knapsack Encryption (Theory)**. Knapsack. This outlines Knapsack public encryption**Knapsack Encryption (Example)**. Knapsack. This outlines Knapsack public encryption**RSA Decrypt**. RSA. This outlines RSA decryption.**RSA -partially homomorphic cryptosystem**. RSA. This outlines RSA as a partially homomorphic cryptosystem.**Paillier crypto system (JavaScript)**. Paillier. Outlines Paillier crypto system using JavaScript.**Identity Based Encryption (IBE)**. IBE. Outlines Identity Based Encryption.
## Quantum-robust Public Key**McEliece cryptosystem**. mce. Outlines McEliece cryptosystem.**Lattice Encryption**. Lattice. This outlines Lattice encryption.**Unbalanced Oil and Vinegar (UOV)**. UOV. Outlines Unbalanced Oil and Vinegar (UOV) cryptosystem.**Generalised Merkle Signature Scheme**. GMSS. Outlines Generalised Merkle Signature Scheme.**Simple LWE**. LWE. Outlines Learning With Errors.
## Encryption cracking**RSA Crack (same message, different e)**. RSA. This outlines the usage of modified e value and the same message and N value.**RSA Crack**. RSA. This outlines the factorisation of the N value in the RSA method.**RSA Crack 2**. RSA. This outlines of the cracking of RSA when \(M^e\) is less than N.**RSA Crack 2 (CRT)**. RSA. This outlines of the cracking of RSA with Chinese Remainder Theorem.**AES Crack (Copy-and-paste)**. RSA. This outlines of the cracking of AES with copy-and-paste attacks.**AES Crack (Brute force)**. RSA. This outlines of the cracking of AES with common passwords.**AES Crack (Non-random numbers)**. RSA. This outlines of the cracking of AES with non-random numbers.**RSA - chosen cipher attack**. RSA. This outlines of the cracking of RSA with a chosen cipher attack.**RSA - blinding attack**. RSA. This outlines the RSA blinding attack, which tricks a user to sign a message.**RSA - Bleichenbacher's attack**. RSA. This outlines the RSA Bleichenbacher's attack.
## Private-key encryption methodsThe following are the tips related to encryption: **DES**. DES. DES encryption algorithm is block cipher and uses a 64-bit block and a 64-bit encryption key.**3DES**. 3DES. DES encryption algorithm is block cipher and uses a 64-bit block and a 64-bit encryption key (of which only 56 bits are actively used in the encryption process). Unfortunately DES has been around for a long time, and the 56-bit version is now easily crackable (in less than a day, on fairly modest equipment). An enhancement, and one which is still fairly compatible with DES, is the 3-DES algorithm. It has three phases, and splits the key into two. Overall the key size is typically 112 bits (2x54 bits - with a combination of the three keys - of which two of the keys are typically the same). The algorithm is EncryptK3( DecryptK2( EncryptK1(message), where K1 and K3 are typically the same (to keep compatibility).**3DES (with clear text keys)**. 3DES. This example generates the 3DES key clear text keys.**RC2**. RC2. RC2 ("Rivest Cipher") is a block cipher, and is seen as a replacement for DES. It was created by Ron Rivest in 1987, and is a 64-bit block code and can have a key size from 40 bits to 128-bits (in increments of 8 bits). The 40-bit key version is seen as weak, as the encryption key is so small, but is favoured by governments for export purposes, as it can be easily cracked. In this case the key is created from a Key and an IV (Initialisation Vector). The key has 12 characters (96 bits), and the IV has 8 characters (64 bits), which go to make the overall key.**AES**. AES. AES (or Rijndael) is a new block cipher, and is the new replacement for DES, and uses 128-bit blocks with 128, 192 and 256 bit encryption keys. It was selected by NIST in 2001 (after a five year standardisation process). The name Rijndael comes from its Belgium creators: Joan Daemen and Vincent Rijmen.**AES (Python)**. AES. This implements AES using Python for a number of AES modes.**Blowfish**. Blowfish. Bruce Schneier created Blowfish with a general-purpose private key block cipher encryption algorithm.**Blowfish (with CBC)**. Blowfishcbc. With CBC we split the message into blocks and encrypt each block. The input from the first stage is the IV (Initialisation Vector), and the input to the following stages is the output from the previous stage. In this example we will use Blowfish to encrypt, using CBC.**Twofish**. Twofish. Bruce Schneier created Twofish with a general-purpose private key block cipher encryption algorithm.**Skipjack**. Skip jack. Skipjack is a block cipher, using private-key encryption algorithm, and designed by NSA.**Camellia**. Camellia. Camillia is a block cipher created by Mitsubishi and NTT.**RC4**. RC4. RC4 is a**stream cipher**used in WEP (in wireless encryption).**RC4 (repeating IV)**. RC4. This illustrates how we can EX-OR two values with the same IV value.**A5/1**. A5. This uses the A5/1 algorithm.**A5/3 (Kasumi)**. Kasumi. This uses the A5/3 (Kasumi) algorithm.**Snow**. Snow. This uses the Snow stream cipher algorithm.**Pohlig-Hellman**. Pohlig. This uses the Pohlig-Hellman algorithm.**Fernet**. Fernet. This outlines Fernet encryption**Fernet (Auto key)**. Fernet. This outlines Fernet encryption**Fernet (Decoding token)**. Fernet Decode. This outlines Fernet decoding of the token**Affine**. Affine. Affine is a**stream cipher**which uses an equation to encrypt.**XTEA**. XTEA. XTEA is a**block cipher**.**All-or-nothing**. AONT. The All-or-nothing created hash messages, of which all the messages are required to rebuild the original message..**Range of methods**. OpenSSL. This includes the encryption of a wide range of methods.**SSL**. SSL. This outlines the debug information returned from an SSL/TLS connection.**Heartbleed (Theory)**. Heartbleed. This outlines the Heartbleed vulnerability.**Heartbleed (Demo)**. Heartbleed. This provides a demo of the Heartbleed vulnerability.**Heartbleed (Network)**. Heartbleed. This provides a capture of network traffic and IDS detection for Heartbleed.**Heartbleed (View Session)**. Heartbleed. This provides a capture of session information.
## Hash functionsThe following are the tips related to hashing: **MD5 and SHA-1**. Hash. MD5 and SHA-1 methods produces a hash signature, and are the two of the most widely used methods. The MD5 algorithm has been show to have weaknesses, and a collision of message hashes has been shown to occur in less than one day. An MD5 signature has 128 bits, an SHA-1 signature has 160 bits, and an SHA-256 signature has 256 bits.**MD5 Cracking**. Hash Cracker. MD5 has a 128-bit signature, and can be cracked using rainbow tables. This page tries to crack the MD5 signature.**MD5 and SHA-1 (to Base-64)**Hash. MD5 and SHA-1 produces a hash signature, and the output is typically show in a hex format or a Base-64. In this example the output is converted into a**Base-64**format.**MD5 and SHA-1 (to Base-64) with salt**Salt. It is possible to add salt to the MD5 algorithm, to mix it up a little.**MD2 and MD4**MD2/4. The MD2 and MD4 hashing functions were developed by Prof Ronald Rivest in 1989 and 1990, respectively. They both produce a 128-bit hash, but have been shown be vunerable to attack (see the Collision section in the page).**Murmur and FNV**Murmur and FNV. While hashing methods such as MD5 and SHA-1 use cryto methods, the Murmurand FNV hashes uses a non-cryptographic hash function. This can be used for general hash-based lookup, and was designed by Austin Appleby. It has a good performance compared with other hashing methods.**Bloom Filter**Bloom filter. A Bloom filter goes a probabilistic method of determining if an element is in a data structure, using indexed hashing methods.**LM Hash**. LM Hash. This is an LM Hash Calculator. LM Hash is used in many version of Windows to store user passwords that are fewer than 15 characters long.**APR1**. APR1. This produces an APR1 hash signature for a password.**phpass**. phpass. This produces an phpass hash signature for a password.**LDAP**. LDAP. This produces a LDAP hash signature for a password.**Chaffing**. Chaffing. This produces a keyless system.**Peason**. Pearson. This uses a non-crypto hash.**Whirlpool**. Whirlpool. Whirlpool is a 512-bit cryptographic hash function, and was created by Vincent Rijmen (one of the AES creators) and Paulo Barreto, in 2000.**RIPEMD (RACE Integrity Primitives Evaluation Message Digest) and GOST**. RIPEM160. RIPEMD is a 128-bit, 160-bit, 256-bit or 320-bit cryptographic hash function, and was created by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. It is used on TrueCrypt, and is open source. The 160-bit version is seen as an alternative to SHA-1, and is part of ISO/IEC 10118**Tiger**. Tiger. Tiger is a 192-bit hash function, and was designed by Ross Anderson and Eli Biham in 1995. It is often used by clients within Gnutella file sharing networks, and does not suffer from known attacks on MD5 and SHA-0/SHA-1. Tiger2 is an addition, in which the message is padded with a byte of 0x80 (in a similar way to MD4, MD5 and SHA), whereas in Tiger it is 0x01. Otherwise the two methods are the same in their operation.**SHA-3**. SHA-3. SHA-3 was known as Keccak and is a hash function designed by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche. MD5 and SHA-0 have been shown to be susceptible to attacks, along with theoretical attacks on SHA-1. NIST thus defined there was a need for a new hashing method which did not use the existing methods for hashing, and setup a competition for competing algorithms. In October 2012, Keccak won the NIST hash function competition, and is proposed as the SHA-3 standard. It should be noted that it is not replacement SHA-2, which is currently a secure methods. Overall Keccak uses the sponge construction where the message blocks are XORed into the initial bits of the state, and then invertibly permuted.**Bcrypt**. Bcrypt. This creates a hash value which has salt.**PBKDF2**. PBKDF2. The PBKDF2 method created a salted hashed value, and which is used to generate the main key for TrueCrypt.**PBKDF2 (Part 2)**. PBKDF2. The PBKDF2 method created a salted hashed value, and which is used to generate the main key for TrueCrypt.**SHA-3, Keccak and SHAKE**. SHA-3. Implements SHA-3, Keccak and SHAKE (SHA-3 winner).**Blake and Blake 2**. Blake. Implements Blake and Blake 2 (SHA-3 contender).**Skein**. Skein. Implements Skein (SHA-3 contender).**Grøstl**. Grøstl. Implements Grøstl (SHA-3 contender).**Hash benchmark**. Benchmark. Benchmarks some hashing methods.**Hash values**. Hashes. Outlines hash method.**Open SSL Hash passwords**. Open SSL Passwords. This creates a hash value which has salt using a range of methods.
## Non-crypto hashingThe following are the tips related to non-crypto hashing: **xxHash**. xxHash. xxHash is one of the fastest hashing methods.**FNV**. FNV. FNV is one of the fastest hashing methods.**Murmur**. Murmur. Murmur is one of the fastest hashing methods.**Spooky**. Spooky. Spooky is a fast hashing method.
## One Time Passwords/Time StampsThe following are the tips related to hashing: **One Time Passwords**. One Time. This allows a new unique password to be created each instance, based on an initial seed.**Timed One Time Password (TOTP)**. Timed One Time Password. This allows a new unique passcode to be created each instance, based on an initial seed for a given time window. We will use a five second window in this case, where a new passcode is generated every five seconds, based on an initial seed of a pass phrase.**Hashed One Time Password (HOTP)**. Hashed One Time Password. This allows a new unique passcode to be created each instance, based on a counter value and an initial seed.**Time Stamp Protocol**. TSP. This creates a time stamp for data.**HOTP and TOTP (Python)**. OTP. This creates hashed passwords.
## Message authentication codes (MACs)**OMA Digest**OMA. Open Mobile Alliance Device Management (OMA DM)**MAC Triple-DES**. MAC3DES. MACs can be used to authenticate a message, as a key is required to determine the hash value. With this the sender computes the hash with a secret key, and sends to the receiver, where the receive then calculates the hash of the message, and uses the secret key. If the hash received is the same as the computed one, the message has not been tampered with. The key size can be 8, 16 or 24 bytes. In this case, 24 bytes are used, and produces a hash of 8 bytes (64 bits), using the TripleDES encryption method.**HMAC**. HMAC. HMAC is a message authentication code (MAC) and can be used to verify the integrity and authentication of a message. It involves hashing a message with a secret key. As with any MAC, it can be used with standard hash function, such as MD5 or SHA-1, which results in methods such as HMAC-MD5 or HMAC-SHA-1. As with any hashing function, the strength depends on the quality of the hashing function, and the resulting number of code bits. Along with this the number of bits in the secret key is a factor.**HMAC (Python)**. HMAC. HMAC is a message authentication code (MAC).
## Authenticated Encryption**AES CCM**. AES CCM. AES is a secret key encryption method, and does not provide authentication of the message. CCM can add to AES by providing an authentication and encrypt block cipher mode [CCM - Counter with CBC-MAC]]. It has two parameters: M which indicates the indicates the size of the integrity check value (ICV) and L which defines the size of the length field in octets.
## Data Integrity**CRC-32**. CRC-32. CRC is one of the most reliable error detection schemes and can detect up to 95.5% of all errors. The most commonly used code is the CRC-32 standard code which is defined by the CCITT, and will give a 32-bit CRC signature (8 hex characters). This signature is normally appended onto the data, and then checked when the data is read. If the CRC-32 check differs from the stored value, there is likely to be an error in the data.
## Key interchange/generationThe following relates to key interchange: **Diffie-Hellman**. Diffie-Hellman Calculation. Diffie-Hellman is a standard method of Alice and Bob being able to communicate, and end up with the same secret encryption key. It is used in many applications.**Diffie-Hellman (Real example)**. Diffie-Hellman Real. Diffie-Hellman is a standard method of Alice and Bob being able to communicate, and end up with the same secret encryption key. It is used in many applications.**Diffie-Hellman (Python)**. Diffie-Hellman. Diffie-Hellman is a standard method of Alice and Bob being able to communicate, and end up with the same secret encryption key. It is used in many applications.**Key generation**. Key gen. This will generate a keys for different methods based on a passphase.**Kerberos**. Kerberos. This will implement a Kerberos method of generating a shared key.**Diffie-Hellman (Man-in-the-middle)**. DF. This outlines the man-in-the-middle method for Diffie-Hellman.
## Digital CertificatesThe following are the tips related to digital certs: **Digital Certificate**Digital Cert.**Digital Certificate (PFX)**Digital Cert.**Certificate with Public/Private key**. Cert. This includes the creation of the digital certificate.**SSL**. SSL. This outlines the debug information returned from an SSL/TLS connection.**Cracking certificates**. Crack. This defines the cracking of digital certificates.
## JavaScript client-side encryption**Random number generator**. Rand. Random number generator**AES**. AES. AES encryption**Hash**. Hash. Hashing using JavaScript**RSA**. RSA. RSA using JavaScript**Password generation/hashing**. Hashing. Password generation/hashing using JavaScript
## Data Integrity**CRC-32**. CRC-32. CRC is one of the most reliable error detection schemes and can detect up to 95.5% of all errors. The most commonly used code is the CRC-32 standard code which is defined by the CCITT, and will give a 32-bit CRC signature (8 hex characters). This signature is normally appended onto the data, and then checked when the data is read. If the CRC-32 check differs from the stored value, there is likely to be an error in the data.
## AssociatedThe following are the tips related to associated material: **Web.config**. Web.config. The following is a demonstration of the Web.config file in ASP.NET. Alt Demo: Security Software (ASP.NET)**Role-based security**. Role-based. The Microsoft .NET environment now offers an excellent alternative to Java in producing portable and secure code. It uses a role-based approach for user authentication, with the WindowsIndentity class, where the GetCurrent() method can be used to get the current user. The WindowsPrincipal class can then be used to apply the role.**Shamir's Secret Sharing (creator)**. Shamir.**Shamir's Secret Sharing (decrypt)**. Shamir.**SFE**. SFE. SFE can be used to verify a value, without releasing the original data. For example if we have a voting competion with Bob, Alice and Carol. Bob, Alice and Carol vote, and they want to keep their votes secret, but they need to calculate the overall total. Typically an independent person would tally up the votes, but what if they do not trust anyone. This is where SFE comes in, where they can calculate the total with knowing the votes from the others.
## Data Communications**Binary multiplication (modulo 2) - GF(2)**. Bin. This outlines the calculation of binary multiplication (modulo 2).**Binary division (modulo 2) - GF(2)**. Bin. This outlines the calculation of binary divide (modulo 2).**Hamming distance**. Bin. This outlines the calculation of the Hamming distance.**Longitudinal/vertical redundancy checks (LRC/VRC)**. LRC. This outlines the calculation of the LRC.**Bit errors**. Bits. This outlines the calculation of bit error.**Block parity**. Bits. This outlines the calculation of block parity.**Hamming (7,4) code**. Hamming. This outlines the single bit error correcting code.
## PresentationThe following is an outline presentation on encryption: |