Вы находитесь на странице: 1из 5

<HTML>

<HEAD>
<META NAME="Author" CONTENT="Jatt">
<META NAME="HTML" CONTENT="Penguin">
<TITLE>The Basics of Cryptography</TITLE>
</HEAD>
<BODY BGCOLOR="#000000" TEXT="#FFFFFF">
<H2><CENTER>The Basics of Cryptography written by, <A HREF="mailto:dancho@mbox.d
igsys.bg">tHe mAnIaC</A><BR>
(<A HREF="http:\\blacksun.box.sk">blacksun.box.sk</A>)</H2><HR></CENTER>
version 1.0,<BR>
Converted to HTML by <A HREF="mailto:penguin20000@yahoo.com">Penguin</A>
<BR><BR>
<B><U>Disclaimer</U></B><BR>
This guide is for educational purposes only I do not take any responsibility abo
ut anything
happen after reading the guide. I'm only telling you how to do this not to do it
. It's your decision.
If you want to put this text on your Site/FTP/Newsgroup or anything else you can
do it but don'tu can do it but don't
change anything without the permission of the author.
<BR><BR>
<B><U>A word from the author:</U></B><BR>
I hope you like my Text and find them useful.
If you have any problem or some suggestion feel free to e-mail me but please don
't send mails like
"I want to hack the US government please help me" or "Tell me how to bind a troj
an into a .jpg"
Be sure if I can help you with something I will do it.
<BR><BR>
<B><U>Table of Contents</U></B><BR>
<OL>
<LI>What is this text about?
<LI>About Encryption and how it works
<LI>About the Cryptography and PGP
<LI>Ways of breaking the encryption<BR>
-Bad pass phrases<BR>
-Not deleted files<BR>
-Viruses and trojans<BR>
-Fake Version of PGP
</OL>
<B><U>1. What is this text about?</U></B><BR>
In this text I'll explain you everything about encryption, what is it, PGP,
ways that someone can read your encrypted files etc. Every hacker or
paranoid should use encryption and keep the other from reading their
files. The encryption is very important thing and I'll explain you how can
someone break and decrypt your files.

<BR><BR>
<B><U>2. About Encryption and how it works</U></B><BR>
The Encryption is very old. Even Julius Caesar used it when he was
sending messages because he didn't trust to his messengers. You see
encryption is everywhere, when you watch some spy film you see
there's always a computer with encrypted files or some film about hackersrypted
files or some film about hackers
when the feds busted the hacker and they see all of the hacker's files are
encrypted.
<BR><BR>
When you have simple .txt file that you can read this is called "plain text".
But when you use encryption and encrypt the file it will become unreadable
by the time you don't enter the password.This text is called cipher text.
The process of converting a cipher text into plain text is called decryption.
<BR><BR>
Here's a little example:
<BR><BR>
Plain text ==&gt;Encryption==&gt;Ciphertext==&gt;Descryption==&gt;Plaintext
<BR><BR>
This example shows you the way when you encrypt and decrypt a file.
<BR><BR>
<B><U>3. About the Cryptography and PGP</U></B><BR>
Cryptography is science that use the mathematics to encrypt and decrypt data. Th
is science
let you keep your files and documents safe even on insecure networks like the In
ternet.
The cryptography can be weak and strong. The best is of course the strong one. E
ven when you
use all the computers in the world and they're doing billion operations in secon
d you'll just need
BILLIONS of years to decrypt strong encryption.
<BR><BR>
PGP (Pretty Good Privacy) is maybe the best encryption program to encrypt your f
iles and documents.
It work in this way:
<BR><BR>
When you encrypt one file with PGP,PGP first compress the file. This saves you d
isk space and modem
transmition. Then it creates a session key. This session key works with a veon k
ey. This session key works with a very secure and fast
confidential encryption algorithm to encrypt the file. Then the session key is e
ncrypted with the
recipient's public key.
<BR><BR>

PGP ask you for pass phrase not for password. This is more secure against the di
ctionary attacks
when someone tries to use all the words in a dictionary to get your password. Wh
en you use
pass phrase you can enter a whole phrase with upper and lowercase letters with n
umeric and
punctuation characters.
<BR><BR>
<B><U>Ways of breaking the encryption</U></B><BR>
PGP has been written for people that want their files encrypted for people that
want privacy. When you send an e-mail it can be read from other people if you us
e PGP only the person for who
is the message will be able to read it.
<BR><BR>
Now you know many things about PGP and the encryption but you may like to know c
an someone
break it and read your private Text and files. In fact if you use all the comput
ers in the world to
decrypt a simple PGP message they'll need 12 million times the age of the univer
se to break it.
You see this is the BEST the encryption is so strong noone can break it.
The people that program it has done their work now everything depends on you.
<BR><BR>
<B><U>-Bad pass phrases</U></B><BR>
The algorithm is unbreakable but they're other ways to decrypt the text and read
it.
One of the biggest mistakes when someone writes his/her pass phrase is that the
pass phss phrase is that the pass phrase is
something like : "John" "I love you" and such lame phrases. Other one are the na
me of some friend
or something like that. This is not good because this is pass phrase not passwor
d make it longer
put numbers and other characters in it. The longer your pass phrase is the harde
r it will be guessed
but put whole sentences even one that doesn't make sense just think in this way:
Someone is brute-forcing thousands of pass phrases from a dictionary therefore m
y pass phrase
should be someone that is not there in the dictionary something very stupid like
:
<BR><BR>
hEllowOrld33IjustwanTtoteLLtoev3ryon3thatI'maLamErandI'mahacKer666
<BR><BR>
This is easy to remember because it's funny and there are only a few numbers but
you may not use
upper and lowercase characters. I hope you know will put some very good pass phr
ase and be sure
noone will know it.
<BR><BR>

Another mistake is that you may write the pass phase on a paper and if someone f
ind it you'll loose
it and he/she will be able to read your encrypted files.
<BR><BR>
<B><U>-Not deleted files</U></B><BR>
Another big security problem is how most of the operating systems delete files.
So when you encrypt
the file you delete the plain text and of course leave the encrypted one.
<BR><BR>
But the system doesn't actually delete the file.It just mark those blocks of the
disk deleted and free.
Someone may run a disk recovery program and sti a disk recovery program and stil
l see all the files but in plaintext.Even when you're
writing your text file with a word editor it can create some temporary copies of
it.When you close it
these files are deleted but as I told you they're still somewhere on your comput
er.
PGP has tool called PGP Secure Wipe that complete removes all deleted files from
your computer
by overwriting them. In this way you'll only have the encrypted files on your co
mputer.
<BR><BR>
<B><U>-Viruses and Trojans</U></B><BR>
Another dangerous security problem are the viruses and the trojans. So when you
infect with a
trojan the attacker may run a key logger on your system.
<BR><BR>
*Note
A key logger is a program that captures all keystrokes pressed by you then saves
them on your
hard drive or send them to the attacker
<BR><BR>
So after the attacker run it he/she will be able to see everything you have writ
ten on your computer
and of course with your PGP pass phrase. There are also a viruses designed to do
this. Simpy record your pass phrase and send it back to the
attacker.
<BR><BR>
<B><U>-Fake Version of PGP</U></B><BR>
Another security problem is the PGP source that is
available so someone can make a fake copy of it that is recording your pass phas
e and
sending it back to the attacker.The program will look real and it will work but
it may also have
functions you even don't know about.
<BR><BR>

A way of defending of these security problems is to use a trojan and a virus sca
nner.You should
also be sure your computer is clean from viruses and trojans when you install PG
P and also be sure
you get PGP from Network Associates Inc. not from some other pages.
<BR><BR>
So now I hope you understand that PGP can't be braked but if you use it wisely a
nd be sure
your pass phrase is good one, you're not infected with viruses or trojans and yo
u're using the
real version of PGP you'll be secure.
</HEAD>
</HTML>
of PGP you'll be secure.
</HEAD>
</HTML>

Вам также может понравиться