Saturday, December 29, 2012

The smallest guide to encryption!! Encryption for starters.

Most people mistake this word as "Only meant for hackers and programmers" but its only the name that is complicated. In fact, understanding how it works is quite simple!

Simplified definition: Encryption can be defined as the process of conversion of some information in such a way that it can be understood/decoded/rendered only by the people who are authorized to do it.

So if you want to send some data to your friend and you don't want anyone to be able to access it even if they confiscate/eavesdrop the piece of data, you should probably encrypt it. The unreadable copy of data can also be called a ciphertext. So how does this actually work??
There are millions of algorithms (ways) in which you can encrypt/decrypt data. It is used extensively by governments, military etc. to exchange information. But deep inside, it's a sophisticated procedure. A single slip-up in any part of the encryption can be used as an opening or attacking point for hackers. Hackers have several ways of undoing the encryption so there are always new algorithms and cracking methods coming up.
In most cases there is a password to decrypt the data which is known only by the ones who are authorized.

Here are a few ways (not all) in which a hacker can undo the encryption or gain access to the unencrypted data:

1. By infecting the file with a trojan horse or a virus before it is even encrypted:
 This sounds crazy!! Some hackers first send a hidden virus or a trojan horse to the victim's system. The victim never knows that his system is infected. The virus is of such a kind that it sends the encryption/decryption passwords to the hacker or he gets a better idea on how it can be broken. Genius!!

2. Brute force attacks:
This attack sounds simple but its not so. The idea is to keep guessing the password in every possible way until you find the correct one. This process might take hours, days or even years with little chance of completion. The resources and the time required to correctly figure out the password grows "exponentially" with it's length and difficulty. That is why we are asked to keep long and difficult passwords which contain numbers and symbols while registering on some websites!

3.Cold boot attack:
This attack is possible if the attacker has physical access to the victim's computer. The hacker "cold-boots" the victim's computer in the middle of encryption process without completely shutting it down (e.g the reset button). So in any lightweight OS when system is restarted suddenly, the details of running processes are dumped to a file whose location is already known to the attacker. This method requires a deep understanding of a computer's internal processes and is not always successful.

There are several other methods such as keylogging, cryptanalysis by rainbow tables and countless more.

So coming back on talking about encryption, there are various software and hardware which encrypt data in a chosen format and some also help in cracking it!! Here are some of them:

Encryption/Decryption software: TrueCrypt, Symantec Endpoint Encryption, BitLocker Drive Encryption, BestCrypt

Cryptanalysis (cracking) software: Aircrack-ng, Ophcrack, Cain and Abel

Hope this article was helpful.