Hacking For Beginners – Manthan Desai

2010

someone did manage to decrypt a transaction, that would not mean that they would have found the server's secret key; ifthey wanted to decrypt another transaction, they'd need to spend as much time and effort on the second transaction asthey did on the first. Of course, they would have first have to have figured out some method of intercepting thetransaction data in the first place, which is in itself extremely difficult. It would be significantly easier to tap your phone,or to intercept your mail to acquire your credit card number than to somehow intercept and decode Internet Data.

Servers and browsers do encryption ranging from a 40-bit secret key to a 128-bit secret key, that is to say '2 to the 40thpower' or '2 to the 128th power'. Many people have heard that 40-bit is insecure and that you need 128-bit to keep yourcredit card info safe. They feel that using a 40-bit key is insecure because it's vulnerable to a "brute force" attack(basically trying each of the 2^40 possible keys until you find the one that decrypts the message). This was in factdemonstrated when a French researcher used a network of fast workstations to crack a 40-bit encrypted message in alittle over a week. Of course, even this 'vulnerability' is not really applicable to applications like an online credit cardtransaction, since the transaction is completed in a few moments. If a network of fast computers takes a week to crack a40-bit key, you'd be completed your transaction and long gone before the hacker even got started.

Of course, using a 128-bit key eliminates any problem at all because there are 2^128 instead of 2^40 possible keys. Usingthe same method (a networked of fast workstations) to crack a message encrypted with such a key takesignificantly longer than the age of the universe using conventional technology. Remember that 128-bit is not just 'threetimes' as powerful as 40-bit encryption. 2^128 is 'two times two, times two, times two...' with 128 two's. That is two,doubled on itself 128 times. 2^40 is already a HUGE number, about a trillion (that's a million, million!). Therefore 2^128is that number (a trillion), doubled over and over on itself another 88 times. Again, it would take significantly longer thanthe age of the universe to crack a 128-bit key.

Key Size

2-bit

3-bit

4-bit

5-bit

6-bit

7-bit

8-bit

9-bit

10-bit

11-bit

12-bit

16-bit

24-bit

30-bit

2^2

2^3

2^4

2^5

2^6

2^7

2^8

2^9

2^10

2^11

2^12

2^16

2^24

2^30

2x2

2x2x2

2x2x2x2

2x2x2x2x2

2x2x2x2x2x2

2x2x2x2x2x2x2

2x2x2x2x2x2x2x2

2x2x2x2x2x2x2x2x2

2x2x2x2x2x2x2x2x2x2

2x2x2x2x2x2x2x2x2x2...

2x2x2x2x2x2x2x2x2x2...

2x2x2x2x2x2x2x2x2x2...

2x2x2x2x2x2x2x2x2x2...

2x2x2x2x2x2x2x2x2x2...

=4

=8

= 16

= 32

= 64

= 128

= 256

= 512

= 1024

= 2048

= 4096

= 65536

= 16.7 million

= 1 billion (1,073,741,800)

Possible Key Combinations

www.hackingtech.co.tv

Page 218