-
Notifications
You must be signed in to change notification settings - Fork 6
Data encryption
Now you've gotten to the part where you need to learn about data encryption. This is an important concept for every reverse engineer and even if you aren't one you should still read it as knowing about this could help you, so let's begin.
Standards are algorithms that are highly trusted and recommended. These include AES and the former standard DES.
AES was developed in the United States in 2001 by two Belgian cryptographers. It is a symmetric block cipher. Key ranges are: 128-bit, 192-bit and 256-bit.
It has several modes.
| Mode | Meaning | Security level | Requires IV |
|---|---|---|---|
| GCM | Galois/Counter mode | Highly recommended. | Yes |
| CBC | Cipher block chaining | Decent, shouldn't cause problems | Yes |
| ECB | Electronic codebook | Low, not recommended for use | No |
The real name of AES is Rijndael, it was given the name AES by NIST. NIST held a competition because they needed a brand new standard after it became too dangerous to use DES in any security requiring setting like for example in a bank. What's funny is that Rijndael wasn't even the strongest in the competition it was just picked because it matched the qualities that NIST was looking for in a standard. In other words, it was more balanced.
Currently AES is still the encryption standard and is recommended for use in any setting.
DES was developed in the early 1970s at IBM based on an earlier design by German-American cryptographer Horst Feistel, nowadays ciphers based on this design are called Feistel ciphers. The algorithm was submitted to NIST (National Institute of Standards and Technology) following the agency's invitation to propose a candidate for an encryption standard.
After speaking with the NSA (National Security Agency) NIST selected a slightly modified version of the algorithm strengthened against differential cryptanalysis but weakened against brute-force attacks.
DES uses 64-bit keys sadly only 56-bits are used for the actual key as the remaining 8 are used for parity checking.
DES spread like wildfire but there was a problem and its name was the NSA, people did not like the fact that a major agency had gotten itself involved in the making of an encryption algorithm that was gonna be used to encrypt almost everything.
Later this was confirmed. The NSA made the key size small specifically so that they could brute-force it.
DES was considered not very secure right from the start due to it's small key size which opened the door for brute-force attacks.
This was shown to the world when EFF (Electronic Frontier Foundation) collaborated to publicly brute-force a DES key which they succeeded in doing in 22 hours and 15 minutes.
DES IS NOT RECOMMENDED FOR USE ANYMORE BECAUSE OF IT'S SHORT KEY SIZE
XChaCha20 is a modified version of ChaCha20 by Scott Arciszewski.
XChaCha20 offers 256-bit (32 bytes) long keys with a 192-bit nonce (24 bytes). It has not been tested very well which is why it is relatively recommended to use a time and stress tested standard like AES.