encryption_auth.html

黑客培训教程

address in the bar at the top, if you had a secure transaction in place with
blacksun's site your address bar would read https://blacksun.box.sk instead
of the usual http:// beofore the address. You may also notice some Certificate
or digitally signed alerts you recieve when you try to download certain software
or access certain websites, this is just to tell you that the site *should*
essentially be trustworthy altough the average web surfer wont have a clue what
its talking about.


4.0 HASH ALGORITHMS
=======================================

To get a public key we use a hash value, to get this value the computer uses
an input value usually a large one like 12,537, then puts that number trough
the hashing algorithm and we get an ouput, if we had a simple algorithm like
multiply the input number by 124 we would end up with 1,554,588, it would be
very hard to guess the original number was 12,537 unless you knew to divide
the output by 124 to get the original number. Most Hash algorithms are much
more sophisticated than this.

Hash algorithms can be very long and use massive hash values, the level of
encryption is measured by its hash value and this can go up to 128 bit numbers
which would give us a hash value of anything between 2 to the power of 0 and
2 to the power of 128, which in decimal terms is anywhere inbetween 0 and
3,402,823,669,209,384,634,633,746,074,300,000,000,000,000,000,000,000,000,000,000,000,000.
which would be a little more difficult :).


5.0 AUTHENTICATION
=======================================

Another option in computer security which is often used hand in hand with
encryption is authentication systems. There are several different commonly
used authentication systems including the following.


5.1 USERNAMES AND PASSWORDS
=======================================

This method has been used for many years to gaurd the personal information
and privacy of different users on a computer system or network. This is
the most popular method and is in place in one form or another on every
operating system to varying degrees of success. The computer encrypts the
password and compares it with an earlier encrypted version of the users
password, if the two files match then the password is correct. A password
cracker operates by encrypting a series of words and comparing them with
the password file, once it finds a match it alerts the user of the cracking
software with both username and password.


5.2 PASS CARDS
=======================================

There are several types of pass cards mostly used in offices, these range
from standard swipe cards, similiar to credit cards they have a magnetic
strip holding the users information, to smart cards containg a small chip,
this method is used most commonly on the macintosh where you place a small
card into the keyboard on the left, some software such as Quark Express
uses this method to ensure that a licence for the software has been purchased.


5.3 DIGITAL SIGNATURES
=======================================

Digital signatures are a form of public key encryption. The signer of the
document(e-mail, text file etc..) uses his private key and a four part
public key to digitally sign the document, the algorithm used is the
Digital Signature Algorithm (DSA) which is endorsed by the US government.
If any changes occur to the contents of the document after it has been
signed the signature is rendered invalid.


5.4 CHECKSUM
=======================================

Checksum methods arent usually used for security purposes but can be used
as such. TCP/IP uses a checksum technique, it gets the size of the packet
and stores it in a field within the header, on arrival to the remote computer
it checks the size of the packet and then compares it with the value of the
field within the header, if the 2 dont match, the packet is discarded this
is usually because of errors or loss during transport but this and similiar
methods can be used to ensure data is not altered by a person.


6.0 BIOMETRICS
=======================================

Biometrics operate on the fact that every person has a certain unique
set of features about them and these features are then used as a basis
of authentification to that person. Biometric authentication can use
several features of the person including,

Face scan			- Identifying a person based on the features of their face.
Retina Scan		- Identified upon the patterns of the eyes retina.
Fingerprints		- Identifies the person on their unique fingerprint.
Voice Identification	- Based upon levels and pitch of voice.
DNS Fingerprinting		- Not very common, checks the DNA structure from biological material.


7.0 STEGANOGRAPHY
=======================================

Steganography is the process of storing information within common everyday
material. This method is most commonly used with images such as gif or jpeg
files however the technology has been extended to other areas such as mp3
files or common internet traffic within the headers. There are many programs
available across the internet for hiding information with steganogaphy.
As an example of steganography heres an example of storing some information
within normal web traffic:

within the ip header theres a field called the ttl or Time-To-Live, which
holds a numeric value, by storing the numerical value of an ascii characther
we can send short messages 1 charachter at a time, the maximum value of an
ascii characther is 255 so this value would not seem very uncommon so far as
ttl fields in ordinary traffic. You would have to ensure the remote computer
was on the same network so that the hop count could be predicted, move 1
charachter up for each hop to handle the ttl being decremented. A better
example would be to use icmp, icmp has alot of room left within its body
as it doesnt usually carry a payload, by storing information with the payload
of an icmp packet you could transfer information similiarly to normal traffic
and it is uncommon for this to be checked or logged by systems, this could be
further improved by encrypting the payload and this method is not bound by
prolems such as calculating the hops and has much more room to transmit data,
despite limitations heres an example of transmitting a word in ttl fields >>

Packet-1
192.62.4.1->192.62.4.2, win:512, ttl:72, id:20482
(72 = 'H')

Packet-2
192.62.4.1->192.62.4.2, win:512, ttl:69, id:21436
(69 = 'E')

Packet-3
192.62.4.1->192.62.4.2, win:512, ttl:76, id:22132
(76 = 'L')

Packet-4
192.62.4.1->192.62.4.2, win:512, ttl:76, id:23019
(76 = 'L')

Packet-5
192.62.4.1->192.62.4.2, win:512, ttl:79, id:24149
(79 = 'O')

Packet-6
192.62.4.1->192.62.4.2, win:512, ttl:10, id:25218
(10 = '\r\n'[Carriage return or New Line])

This transfers H-E-L-L-O\r\n, which is of course the
word hello, its terminated by a carriage return to
track the end of each word.


8.0 LAST WORDS
=======================================

By using a mixture of these technologies it is possible to make communiceation
and information more secure from unwelcome eyes and ears. Thanks to these
methods digital transmissions are more secure than other kinds like mail
or even phone calls, especially on cellular phones, altough it pays to
remember that nothing is truely secure, especially in the way that the
encryption algorithms were so quickly cracked and captured using radio
antennas on wireless networks or from programs such as john the cracker.

Well thats the end of this little tutorial and i hope you learnt more about
both encryption and authentication and their processes.


SHOUTS
=======================================

Starman_Jones		- Thanks for everything over the years (especially for my own room).

Vsus			- I am never drinking Tsambuca with you again :P.

Delusive			- Nice arse luv :P.

BSRF			- Thanks to every-1 at BSRF for releasing this and for being a good laugh :).

ALL @ IRC.BOX.SK


</PRE>
</BODY></HTML>