In Learning Tree’s System and Network Security Introduction, we use a tool called CrypTool. It is a fun tool for illustrating the operation of ciphers, hashes, digital signatures and the like. This week, I’ll start with a demonstration of some basic encrypting and decrypting and in the future, I’ll discuss other features. In the examples below I’m using CrypTool 2.0 to illustrate its abilities.
The Caesar Cipher is a very basic substitution cipher – each letter is replaced by another. It also includes an offset that determines how many letters away from the original the substituted letter would be. So, for instance, if the offset were 2, A would become C and W would become Y.
Here is a screenshot of CrypTool 2.0 set up to do a Caeser cipher with offset 2.
You can see the message “Amy ate the Cereal.” Notice that the offset (key) is 2. You can see that the “A” in “Amy” became “C” as I noted above.
Here is the decryption of that scrambled message.
Of course, this isn’t very strong at all. In fact, it is easily broken by knowing the structure of the language, which in this case is English. That wouldn’t help much for such a small message, but a larger one might be easier. Trial and error would work quickly, too.
The modern cipher the NSA recommends people use for most purposes is AES (Advanced Encryption Standard). It is called a “symmetric” cipher because the same key is used for encryption as for decryption.
There are multiple parameters and a key required for AES. The Message Encoder and Message Decoder boxes convert to formats necessary for the next stages. The parameters are:
Of course, this one is very difficult to verify! The point is to illustrate CrypTool and its graphic views. It supports multiple classic and modern ciphers. I’ve selected two of them to illustrate. In an upcoming post, I’ll show how to use the tool with a step-by-step example. If you want to learn more about encryption, Cryptool is a simple, yet informative tool to use. That’s why we use it in the course.
If you use CrypTool, tell us about it in the comments below.
To your safe computing,