T3 Flashcards
What is the goal of the T3 tutorial?
To demonstrate how a dictionary attack can break symmetric encryption by testing every password in a dictionary file.
What is symmetric encryption?
A type of encryption where the same key is used for encryption and decryption.
What is AES-256-CBC?
Symmetric encryption algorithm using a 256-bit key in Cipher Block Chaining (CBC) mode for secure data encryption.
What is the role of SHA-512 in the T3 tutorial?
It is used as the hashing algorithm to derive the encryption key from the password (key derivation).
What does the -iter 1 flag do?
Specifies the number of iterations the key derivation function performs, in this case hashing, only once.
What happens during a dictionary attack?
Each word in the dictionary is tested as a password to decrypt the ciphertext.
Why do false positives occur during the attack?
OpenSSL doesn’t validate the decrypted plaintext’s meaning, so gibberish output may still be considered successful decryption.
How can false positives be mitigated?
By using heuristics, such as checking for printable characters or specific patterns in the decrypted output.
What us GNU Parallel used for in the T3 turorial
To split the dictionary file into chunks and tests passwords in parallel across multiple CPU cores, speeding up brute-force attack.
How many scripts were tested in T3?
4
How does the script check if a password is correct?
It uses OpenSSL to decrypt the ciphertext and checks for an error-free ouput.
How can dictionary attacks be made more efficient (3)?
Heuristics to reduce false positives
running attack in parallel
leveraging hardware acceleration (clusters,gpu)
What is a false negative in a dictionary attack?
When the correct password is in the dictionary but not identified.
Why does this tutorial show the importance of strong passwords?
Weak passwords are easily guessed or brute-forced
