Cryptography, Deception and Ethical Hacking

Cryptography
- Basic Terminologies
• Plaintext
• Ciphertext
• Encryption
• Decryption
• Keys
• Hash
• Salt
• Symmetric and Asymmetric Algorithms
• Public and Private Keys
• HTTPS
• End-to-End Encryption
 Basic Terminologies in
Cryptography
• Plaintext
– which is simple but just as important as the
others: plaintext is an unencrypted, readable,
plain message that anyone can read.
 Basic Terminologies in
Cryptography
• Ciphertext
– Ciphertext is the result of the encryption process.
– The encrypted plaintext appears as apparently
random strings of characters, rendering them
useless.
– A cipher is another way of referring to the
encryption algorithm that transforms the
plaintext, hence the term ciphertext.
 Basic Terminologies in
Cryptography
• Encryption
– Encryption is the process of applying a mathematical
function to a file that renders its contents unreadable
and inaccessible---unless you have the decryption key.
– For instance, let's say you have a Microsoft Word
document.
– You apply a password using Microsoft Office's inbuilt
encryption function.
– The file is now unreadable and inaccessible to anyone
without the password. You can even encrypt your
entire hard drive for security.
 Basic Terminologies in
Cryptography
• Decryption
– If encryption locks the file, then decryption
reverses the process, turning ciphertext back to
plaintext. 
– Decryption requires two elements: the correct
password and the corresponding decryption
algorithm.
 Basic Terminologies in
Cryptography

• Keys
– The encryption process requires a cryptographic
key that tells the algorithm how to transform the
plaintext into ciphertext. 
–  Kerckhoffs's principle states that "only secrecy of
the key provides security," while Shannon's maxim
continues "the enemy knows the system.”
 Basic Terminologies in
Cryptography
• Keys
– These two statements influence the role of
encryption, and keys within that.
– Keeping the details of an entire encryption
algorithm secret is extremely difficult; keeping a
much smaller key secret is easier.
– The key locks and unlocks the algorithm, allowing
the encryption or decryption process to function.
 Basic Terminologies in
Cryptography
• Keys
– Is a Key a Password?
• No. Well, at least not entirely. Key creation is a result of
using an algorithm, whereas a password is usually a
user choice.
• The confusion arises as we rarely specifically interact
with a cryptographic key, whereas passwords are part
of daily life.
• Passwords are at times part of the key creation process.
A user enters their super-strong password using all
manner of characters and symbols, and the algorithm
generates a key using their input.
 Basic Terminologies in
Cryptography
• Hash
– When a website encrypts your password, it uses an
encryption algorithm to convert your plaintext
password to a hash.
– A hash is different from encryption in that once the
data is hashed, it cannot be unhashed. Or rather, it is
extremely difficult.
– Hashing is really useful when you need to verify
something's authenticity, but not have it read back. In
this, password hashing offers some protection
against brute-force attacks (where the attacker tries
every possible password combination).
 Basic Terminologies in
Cryptography
• Hash
– You might have even heard of some of the
common hashing algorithms, such as MD5, SHA,
SHA-1, and SHA-2. Some are stronger than others,
while some, such as MD5, are outright vulnerable.
– For instance, if you head to the site MD5 Online,
you'll note they have 123,255,542,234 words in
their MD5 hash database.
 Basic Terminologies in
Cryptography
• Salt
– When passwords are part of key creation, the
encryption process requires additional security
steps.
– One of those steps is salting the passwords.
– At a basic level, a salt adds random data to a one-
way hash function.
 Basic Terminologies in
Cryptography
• Salt
– There are two users with the exact same
password: hunter2.
– We run hunter2 through an SHA256 hash
generator and receive
f52fbd32b2b3b86ff88ef6c490628285f482af15ddc
b29541f94bcf526a3f6c7.
– Someone hacks the password database and they
check this hash
 Basic Terminologies in
Cryptography
• Symmetric and Asymmetric Algorithms
– In modern computing, there are two primary
encryption algorithm types: symmetric and
asymmetric. They both encrypt data, but function in
a slightly different manner.
• Symmetric algorithm: 
– Uses the same key for both encryption and decryption. Both
parties must agree on the algorithm key before commencing
communication.
• Asymmetric algorithm: 
– Uses two different keys: a public key and a private key. This
enables secure encryption while communicating without
previously establishing a mutual algorithm. This is also known
as public key cryptology
 Basic Terminologies in
Cryptography
• Public and Private Keys
– An asymmetric algorithm uses two keys: a public
key and a private key.
– The public key can be sent to other people, while
the private key is only known by the owner.
– What's the purpose of this?
• Well, anyone with the intended recipient's public key
can encrypt a private message for them, while the
recipient can only read the contents of that message
provided they have access to the paired private key.
Check out the below image for more clarity.
 Basic Terminologies in
Cryptography
• Public and Private Keys
 Basic Terminologies in
Cryptography
• Public and Private Keys
– Public and private keys also play an essential role
in digital signatures, whereby a sender can sign
their message with their private encryption key.
– Those with the public key can then verify the
message, safe in the knowledge that the original
message came from the sender's private key.
– A key pair is the mathematically linked public and
private key generated by an encryption algorithm.
 Basic Terminologies in
Cryptography
• HTTPS
– HTTPS (HTTP Secure) is a now widely
implemented security upgrade for the HTTP
application protocol that is a foundation of the
internet as we know it.
– When using a HTTPS connection, your data is
encrypted using Transport Layer Security (TLS),
protecting your data while in transit.
– HTTPS generates long-term private and public keys
that in turn are used to create a short-term
session key.
 Basic Terminologies in
Cryptography
• HTTPS
– The session key is a single-use symmetric key that the
connection destroys once you leave the HTTPS site
(closing the connection and ending its encryption).
– However, when you revisit the site, you will receive
another single-use session key to secure your
communication.
– A site must completely adhere to HTTPS to offer
users complete security.
– Since 2018 the majority of sites online began offering
HTTPS connections over standard HTTP.
 Basic Terminologies in
Cryptography

• End-to-End Encryption
– One of the biggest encryption buzzwords is that
of end-to-end encryption.
– Social messaging platform service WhatsApp
began offering its users end-to-end encryption
(E2EE) in 2016, making sure their messages are
private at all times.
 Encryption
(Cryptography)
- “hidden writing” (hiding the meaning of the
message)
 Encryption
(Cryptography)
 Encryption
(Cryptography)
• Basic security goals:
- privacy (secrecy, confidentiality)
• only the intended recipient can see the
communication
- authenticity (integrity)
• the communication is generated by the
alleged sender
Types of Encryption Algorithms
Deception
 Deception
Deception technology is a cyber
security defense practice that
aims to deceive attackers by
distributing a collection of traps and decoys across a
system's infrastructure to imitate genuine assets.

• Deception technology, commonly referred to as

cyber deception, is a category of security tools and
techniques designed to detect and divert an attacker's
lateral movement once they are inside the network.
Deception
 Deception
Deception is a threat to either system integrity or data integrity.
Types of attacks can result in this threat consequence:
• Masquerade:
– attempt by an unauthorized user to gain access to a system by posing as an authorized
user; this could happen if the unauthorized user has learned another user’s logon ID and
password.
– malicious logic, such as a Trojan horse, that appears to perform a useful or desirable
function but actually gains unauthorized access to system resources or tricks a user into
executing other malicious logic.
• Falsification: This refers to the altering or replacing of valid data or the
introduction of false data into a file or database. For example, a student may alter
his or her grades on a school database.
• Repudiation: In this case, a user either denies sending data or a user denies
receiving or possessing the data.
Ethical Hacking
Types of Hackers
Ethical hackers or white hat hackers do not intend
to harm the system or organization but they do so,
officially, to penetrate and locate the vulnerabilities,
providing solutions to fix them and ensure safety.

Black hat hackers or non-ethical hackers

perform hacking to fulfill their selfish
intentions to collect monetary benefits

Grey hat hackers are the combination of white

and black hat hackers. They hack without any
malicious intention for fun. They perform the
hacking without any approval from the targeted
organization.
 Ethical Hacking
• Authorized attempt to gain unauthorized access to a computer
system, application, or data
• Carrying out an ethical hack involves duplicating strategies and
actions of malicious attackers.
• Helps to identify security vulnerabilities which can then be resolved
before a malicious attacker has the opportunity to exploit them
• “white hats,” ethical hackers are security experts perform these
assessments
• The proactive work they do helps to improve an organization’s
security posture
• With prior approval from the organization or owner of the IT asset,
the mission of ethical hacking is opposite from malicious hacking.
 Ethical Hacking
(Sample scenario)
Key concepts of Ethical Hacking
Hacking experts follow four key protocol concepts:
• Stay legal. Obtain proper approval before accessing and
performing a security assessment.
• Define the scope. Determine the scope of the assessment so that
the ethical hacker’s work remains legal and within the
organization’s approved boundaries.
• Report vulnerabilities. Notify the organization of all
vulnerabilities discovered during the assessment. Provide
remediation advice for resolving these vulnerabilities.
• Respect data sensitivity. Depending on the data sensitivity, ethical
hackers may have to agree to a non-disclosure agreement, in
addition to other terms and conditions required by the assessed
organization. 
Phases of Ethical Hacking
 Most common vulnerabilities discovered by ethical hackers:
Injection attacks
Broken authentication
Security misconfigurations
Use of components with known vulnerabilities
Sensitive data exposure

Limitations of ethical hacking?

• Limited scope. Ethical hackers cannot progress beyond a defined scope to
make an attack successful. However, it’s not unreasonable to discuss out of
scope attack potential with the organization.  
• Resource constraints. Malicious hackers don’t have time constraints that
ethical hackers often face. Computing power and budget are additional
constraints of ethical hackers.
• Restricted methods. Some organizations ask experts to avoid test cases that
lead the servers to crash (e.g., Denial of Service (DoS) attacks). 
• An ethical hacker should have a wide range of computer skills. They often
specialize, becoming subject matter experts (SME) on a particular area within
the ethical hacking domain.
• All ethical hackers should have:
– Expertise in scripting languages.
– Proficiency in operating systems.
– A thorough knowledge of networking.
– A solid foundation in the principles of information security.

Some of the most well-known and acquired certifications include:

• EC Council: Certified Ethical Hacking Certification
• Offensive Security Certified Professional (OSCP) Certification
• CompTIA Security+
• Cisco’s CCNA Security
• SANS GIAC