Cryptography
文章目录
- Cryptography
- Encryption - Crypto 101
- Task1 What will this room cover?
- Task2 Key terms
- Task3 Why is Encryption important?
- Task4 Crucial Crypto Maths
- Task5 Types of Encryption
- Task6 RSA - Rivest Shamir Adleman
- Task7 Establishing Keys Using Asymmetric Cryptography
- Task8 Digital signatures and Certificates
- Task9 SSH Authentication
- Task10 Explaining Diffie Hellman Key Exchange
- Task11 PGP, GPG and AES
- Task12 The Future - Quantum Computers and Encryption
Encryption - Crypto 101
Task1 What will this room cover?
Task2 Key terms
1.I agree not to complain too much about how theory heavy this room is
2.Are SSH keys protected with a passphrase or a password?
Passphrase
Task3 Why is Encryption important?
1.What does SSH stand for?
secure shell
SSH(secure shell)
2.How do webservers prove their identity?
Certificates
Certificates are also a key use of public key cryptography, linked to digital signatures. It prove the identity of who we are (webservers).
3.What is the main set of standards you need to comply with if you store or process payment card details?
PCI-DSS
PCI-DSS state that the data should be encrypted both at rest (in storage) AND while being transmitted, including when we store payment card details.
Task4 Crucial Crypto Maths
1.What’s 30 % 5?
0
2.What’s 25 % 7
4
3.What’s 118613842 % 9091
3565
Task5 Types of Encryption
1.Should you trust DES? Yea/Nay
Nay
2.What was the result of the attempt to make DES more secure so that it could be used for longer?
triple DES
AES is an important algorithm and was originally meant to replace DES (and its more secure variant triple DES*) as the standard algorithm for non-classi?ed material*
3.Is it ok to share your public key? Yea/Nay
Yea
Task6 RSA - Rivest Shamir Adleman
1.p = 4391, q = 6659. What is n?
29239669
2.I understand enough about RSA to move on, and I know where to look to learn more if I want to
Task7 Establishing Keys Using Asymmetric Cryptography
I understand how keys can be established using Public Key (asymmetric) cryptography.
Task8 Digital signatures and Certificates
What company is TryHackMe’s certificate issued to?
Cloudflare
Task9 SSH Authentication
1.I recommend giving this a go yourself. Deploy a VM, like Linux Fundamentals 2 and try to add an SSH key and log in with the private key
2.Download the SSH Private Key attached to this room.
3.What algorithm does the key use?
RSA
4.Crack the password with John The Ripper and rockyou, what’s the passphrase for the key?
1.使用ssh2john将id_rsa文件转换为john可以破解的模式
ssh2john idrsa.id_rsa > rsacrack
2.使用john破解
john rsacrack --wordlist=wordlists\rockyou.txt
Task10 Explaining Diffie Hellman Key Exchange
I understand how Diffie Hellman Key Exchange works at a basic level
Task11 PGP, GPG and AES
1.Time to try some GPG. Download the archive attached and extract it somewhere sensible
2.You have the private key, and a file encrypted with the public key. Decrypt the file. What’s the secret word?
Pineapple
下载kleopatra工具,导入tryhackme.key
解密message.gpg文件,得到message文件
You decrypted the file! The secret word is Pineapple.
Task12 The Future - Quantum Computers and Encryption
I understand that quantum computers affect the future of encryption. I know where to look if I want to learn more.