Chapter 5. Cryptographic Projects
Encryption is the science of attempting to hide data from prying eyes. Realistically though, it's a losing game. Ultimately, all ciphers can be broken with correctly applied force. When it comes to cracking hashes, it's a matter of deducing the method used to create the hash and the number of comparisons per second that can be performed. When it comes to cracking stream ciphers, it's the ability to capture as much traffic as possible and apply as much processing power to attempt calculating potential keys through factorization.
Catch all that? Because I certainly didn't, and I wrote it. This chapter will focus on the types of questionable encryption you may encounter during a pen test. A pen tester that informs you that your crypto is broken because the NSA can crack it is a poor pen tester (in most circumstances for most clients). In the calm, it reminds me of the regularly repeated words of my old boss, "that's not...