Cryptography has been used throughout the ages. The Spartans used a form of cryptography to send information to their generals in the field called Scytale. Ancient Hebrews used a basic cryptographic system called ATBASH. Even Julius Caesar used a form of encryption to send messages back to Rome in what is known as Caesar's cipher. Although many might not consider it a true form of encryption, Caesar's cipher worked by what we now call a simple substitution cipher. In Caesar's cipher, there was a plaintext alphabet and a ciphertext alphabet. The alphabets were arranged as shown in Figure 12.1.
Figure 12.1. Caesar's cipher.
When Caesar was ready to send a message, encryption required that he move forward three characters. As an example, using Caesar's cipher to encrypt the word cat would result in fdw. You can try this yourself by referring to Figure 12.1; just look up each of the message's letters in the top row and write down the corresponding letter from the bottom row.
Believe it or not, you have now been introduced to many of the elementary items used in all cryptosystems. First, there was the algorithm. In the case of Caesar's cipher, it was to convert letter by letter each plaintext character with the corresponding ciphertext character. There was also the key. This was Caesar's decision to move forward three characters for encryption and to move back three characters for decryption. Next, there was the plaintext. In our example, the plaintext was cat. Finally, there was the ciphertext. Our ciphertext was the value fdw. Before this continues too far into our discussion of encryption, let's spend a few minutes reviewing these basic and important terms:
Around the beginning of the twentieth century, the United States became much more involved in encryption and cryptanalysis. Events such as WWI and WWII served to fuel the advances in cryptographic systems. Although some of these systems, such as the Japanese Purple Machine and the Germans Enigma, were rather complex mechanical devices; others were simply based on languages or unknown codes. Anyone who has ever seen the movie Windtalkers knows of one such story. In the movie, the U.S. military is faced with the need of an encryption scheme that would be secure against the Japanese, so they turned to the Navajo Indians. The unwritten Navajo language became the key used to create a code for the U.S. Marine Corps. Using their native tongue, Navajo code talkers transmitted top secret military messages that the Japanese were unable to decrypt. This helped to turn the war against Japan and helped hasten its defeat. Entire government agencies were eventually created, such as the National Security Agency (NSA), to manage the task of coming up with new methods of keeping secret messages secure. These same agencies were also tasked with breaking the enemy's secret messages. Today, encryption is no longer just a concern of the government; it can be found all around us and is used to perform transactions on the Internet, secure your email, maintain the privacy of your cell phone call, and to protect intellectual property rights.
Part I: Exam Preparation
The Business Aspects of Penetration Testing
The Technical Foundations of Hacking
Footprinting and Scanning
Enumeration and System Hacking
Linux and Automated Security Assessment Tools
Trojans and Backdoors
Sniffers, Session Hijacking, and Denial of Service
Web Server Hacking, Web Applications, and Database Attacks
Wireless Technologies, Security, and Attacks
IDS, Firewalls, and Honeypots
Buffer Overflows, Viruses, and Worms
Cryptographic Attacks and Defenses
Physical Security and Social Engineering
Part II: Final Review
Part III: Appendixes
Appendix A. Using the ExamGear Special Edition Software