Getting the fundamentals down necessary to get yourself a cryptography certification can seem like a really tough path but it is possible. Below we put together a quick study guide on what we think are those most critical nuggets you should learn to pass any cryptography certification exam and especially for the following certification.
So, welcome back my fellow hackers! Today we’re going to be continuing our series on preparing for exam certifications. The certification we’ll be covering today is the Certified Encryption Specialist hosted by EC-Council (ECES), the same company that hosts the Certified Ethical Hacker (CEH).
This certification revolves around having a basic understanding of cryptography. It begins with the history of cryptography, mainly historic algorithms and fundamental concepts. It then moves on to the foundation of modern cryptography, including modern cryptographic algorithms and some methodologies. This certification also includes some bits and pieces of other cryptographic concepts, such as stenography.
Now that we know what material we need to cover, we can get started. We’ll be covering the topics in the order that we’ve introduced them. So we’ll be starting with historic cryptography, then we’ll move into modern cryptography, and finally we’ll discuss all the other concepts you need to know. So, we’ll begin with historic cryptography:
- Cryptography – The science of altering a message so that it cannot be read or understood without a key.
- Mono-alphabet substitution cipher – Algorithms that substitute one character for one character, using a single alphabet. These are most primitive ciphers.
- Caesar cipher – Shifts letters a fixed number of spaces left or right. This cipher can be represented by this formula: (1X + N) mod 26. X represents the letter to be shifted and N represents the number of spaces to shift. The integer after the modulo operator (mod) is the length of the alphabet to be used, which in this case is the 26 letter English alphabet.
- Atbash cipher – Historic cipher used by the Hebrews. Simply reverses the chosen alphabet.
- Affine cipher – Any single substitution cipher where each letter is mapped to a numeric value, put through a simple mathematical function, and then converted back to a letter. The basic formula is (ax + b) mod M, where M is the size of alphabet and b is the magnitude of the shift.
- Rot13 – Single alphabet substitution cipher where all characters are rotated 13 spaces through the alphabet.
- Scytale cipher – Physical cylinder used to encrypt messages. Turning the cylinder produces different cipher texts. Decryption requires a cylinder of equal diameter.
- Single substitution weakness – Literacy rates have risen drastically over the centuries. With this, all languages have certain letter and word frequencies. This can lead to vulnerabilities in single substitution ciphers via crypt-analysis.
- Cipher disk – Invented by Leon Alberti in 1466. A physical disk that, with each turn, produces a new cipher.
- Vigenere cipher – Invented by Giovan Battista Bellaso in 1553; used until early 1900’s. Uses a series of Caesar ciphers based on a keyword.
- Multi-alphabet substitution – Examples of this are the Cipher disk and Vigenere cipher.
- Friedrich Kasiski – First person to successfully attack a Vigenere cipher.
- Playfair cipher – Invented by Charles Wheatstone in 1854. This cipher encrypts two letters at once, making it more complex. This cipher implements a 5 by 5 table containing a keyword.
- ADFVGX cipher – Transposition cipher invented by Fritz Nebel in 1918. Uses a 36 letter alphabet with a modified Polybius square in conjunction with a single columnar transposition.
- Homophonic substitution – An early attempt to make substitution ciphers more robust. It masks letter frequencies and maps plain text letters to multiple cipher text symbols.
- Null cipher – The message is hidden in unrelated text, such as a newspaper. A predetermined pattern is used to remove the unrelated text and extract the intended message.
- Book cipher – The sender and receiver agree on a book. Coordinates are used to locate the words of the message within the book. Different than a null cipher, as unrelated text is not removed, the message itself is directly isolated.
- Rail Fence cipher – The most widely known transposition cipher. Encrypts the message by altering each letter on a different row. The message must be written down left to right and put into rows.
- Enigma machine – Electro-mechanical rotor-based cipher used in World War II; invented and implemented by the Germans.
- Cryptool – Free tool that allows the user to encrypt a message using a multitude of different historical algorithms.
That does it for the historical portion of this certification. Next up we’ll be discussing the foundations of modern cryptography. This will include some basic concepts as well as information about specific modern ciphers:
- Symmetric cryptography – Cryptographic methodology where-in the same key is used to both encrypt and decrypt the message. Examples of symmetric ciphers include AES and DES.
- Asymmetric cryptography – Cryptographic methodology in which a different key is used to both encrypt and decrypt the message. The keys are broken down into two types, public keys and private keys. Public keys are readily available and used to encrypt a message for the intended recipient. Private keys and kept private and secure and are used to decrypt information that has been encrypted with the matching public key. Commonly used to protect the transfer of a symmetric key. Asymmetric cryptography is slower, as it requires more intense computations.
- Public Key Infrastructure (PKI) – A repository of public keys. PKIs are used to facilitate the storage and transfer of public keys for the purposes of asymmetric encryption.
- Feistel function – An internal function, also known as a round function, that is reiterated to encryption information. Used in symmetric algorithms.
- DES – Block cipher with a 64 bit block size. Works on 16 rounds with a 48 bit key used for each round.
- 3DES – An interim replacement for DES. Repeats the DES process 3 times with 3 keys. Possible key sizes are 56, 112, and 168 bits.
- DESx – Variation of DES that XORs the key with the text before or after the round function (possibly both before and after). This technique is called key whitening.
- AES – Replacement for DES. Works with a block size of 128 bits with possible key lengths of 128, 192, and 256 bits.
- Blowfish – Intended replacement for DES. Works on a 16 round Feistel function with 64 bit blocks. Has a variable key length of 32 bits up to 448 bits.
- Serpent – Works with a block size of 128 bits with keys sizes of 128, 192, and 256. Uses 32 rounds with a block of four 32 bit words.
- Twofish – Finalist to replace DES. Uses a block size of 128 bits with a variable key size up to 256 bits. This is an example of a Feistel cipher.
- Skipjack – Uses an 80 bit key length with 64 bit blocks (working on 32 rounds). Used in the controversial Clipper Chip.
- CAST-128 – Uses a 64 bit block size with a variable key size of 40 bits up to 128 bits in 8 bit increments.
- TEA – Stands for Tiny Encryption Algorithm, easy to implement in code. Uses 64 rounds with a 64 bit block size. Works with 128 bit keys.
- SHARK – Uses 64 bit blocks with a 128 bit key.
That does it for the modern cryptography foundation portion of the certification. Next we’ll be going into all the extra information you’ll need to know. The reason I’ve separated it like this is because this information would not fit well among the other groups. So, let’s get into it:
- Stenography – The practice of hiding information inside of non-secret data such as unrelated text, images, audio, or video.
- Confusion – Each bit of cipher text depends on multiple parts of the key, obscuring the relationship between them. This makes it much more difficult to derive the key via crypt-analysis.
- Diffusion – The concept that any bits of the plain text that are changed should cause change to permeate throughout the cipher text. This makes it more difficult to derive the key by comparing known plain texts to cipher texts.
- Kerckchoffs principle – The principle that a cryptographic system should be secure, even if information about the system (except for the key) is made public.
- Hash function – A function that takes a variable amount of data and processes it into a fixed length string of characters. Can be used to verify data integrity. If two hashes of the same file taken at different dates match, the file has not been altered.
- Hash collision – A condition in which two different inputs into a hash function yield the same hash output. This renders the hash function broken.
- Hash algorithms – A list of hashing algorithms you should know for the test are: MD5, MD6, SHA, GOST, and RIPEMD.
That is just about all you need to know to obtain this certification. I suggest that you use this as a supplementary learning material to aid your studying. There are some things that I didn’t cover in this article, namely the asymmetric algorithms that will be tested on. Things such as RSA, Elgamal, Elliptic Curve, and DSA. I suggest you study these independently. I’ve yet to decide what certification the next guide will cover, but I’ll let you all know when I do. In the meantime we’ll be getting back to the hacking!