Posts Tagged Encryption

GWEBS MailCloak secures your webmail for free

Posted June 13, 2009 at 11:25 am in Encryption | No Comments

GWEBSWe looked at securing your email yesterday using PGP but what if you use a web-based email provider such as Google, Yahoo!, or Windows Live? The PGP method is great for securing your email client but won’t help you much when you’re using webmail. So how can we encrypt and digitally sign our webmail for free? By using GWEBS MailCloak, that’s how.

Why would you want to do this? You never know who may be eavesdropping and reading your email. Many webmail providers also store and index every email message their systems create, send, receive, pass along, etc. This is a problem because this index can be searched by users as well as Internet Service Providers. I’m not going to list all of the reasons why this is a bad idea but let’s put it this way: why give the webmail providers this kind of power, often without any accountability to its users, when you can secure your email easily and for free?

MailCloak is a great solution for people who use laptops to check their Gmail or Yahoo! mail on the go. It gets even better if you use Firefox. With Firefox you can install the GWEBS MailCloak plugin in about 5 seconds and set up your keypair in another 5 seconds. Before you try this, make sure your webmail provider is supported first by checking out the list of supported mail systems.

Continue reading..

Introduction to Cryptography

Posted January 4, 2009 at 1:20 pm in Encryption | 1 Comment

One of the most fascinating areas of information and network security, in my opinion, is the area of cryptography.  In truth, many aspects of cryptography still baffle me but it also the one area that really piques my interest.  I recall my first steps into the cryptographic realm and wondered how anyone was able to comprehend it all.  At the time, my mathematical foundation was weak so understanding the ideas presented to me were confusing.  Much of cryptography, from a mathematical perspective, has its roots in number theory which is the branch of pure mathematics concerned with the properties of numbers in general (integers in particular).  To be more precise, the sub-field of computational number theory which is the study of algorithms relevant in number theory, specifically fast algorithms for prime testing (3, 5, 7, etc.) and integer factorization, is where cryptography resides in the mathematical world.

So, what is cryptography and why should anyone care about it?  Cryptography is the art of transforming a message into an intermediate form that contains the same information as the original message but is hidden or secret to anyone who does not know how to reverse the transformation.  In layman’s terms, it is the science writing in secret code.  Before I supply an example let me use and clarify the proper terminology for this meaning.  A message exists in plain text which means anyone who understands the language the message was written in is able to understand it.  This is how all messages exist prior to the cryptographic process taking place.  The information is always used and understood in plain text form to one or more persons.  Once a message has undergone the cryptographic process of transforming it from a plain text message into a secret message, it is called a cipher text.  Let’s review this quickly.  A message existing in plain text undergoes a cryptographic process and becomes cipher text.

Continue reading..

Basic Cryptanalysis

Posted September 15, 2008 at 6:42 pm in Encryption, Programming | No Comments

My example is very basic and is intended more as an interesting method to begin the complicated and often impossible task of deciphering encrypted messages/codes.

The following C++ program accepts character input from the keyboard or via file redirection. It will count each character instance and report the amount of times each character was used.

Why would anyone want to do this? Depending on the method the original message was encoded with, it may help to determine which characters in the ciphertext are representing specific characters in the plaintext. Certain letters and combinations of letters are used much more frequently than others in the English language. The top twenty most used words in English are: “the of to in and a for was is that on at he with by be it an as his”. The list of the most used letters in the English language in descending order are: “e t a o i n s r h l d c u m f p g w y b v k x j q z”. The letter frequency of the first letter of a word in descending order is “t o a w b c d s f m r h i y e g l n o u j k”, the second letter’s frequency in a word is “h o e i a u n r t” and the third letter’s frequency is “e s a r n i”.

By using this program to compute these letter frequencies and comparing them to known lists as presented above we can gain some insight into the message and possibly crack the code if the code is encoded poorly (simple substitution cipher).

A few limitations to the program include: it treats characters as case-insensitive but can easily be modified to treat characters as case-sensitive and it only works with English alphabetic characters (a-Z). Modifying the program to accept non-standard characters (#, !, etc.) could be added just as easily.

The code: Continue reading..

Page 1 of 11