| Algorithm | Output Size | Status | Use |
|---|
| MD5 | 128-bit | Broken | Legacy only |
| SHA-1 | 160-bit | Deprecated | Avoid |
| SHA-256 | 256-bit | Secure | General use |
| SHA-512 | 512-bit | Secure | High security |
| bcrypt | Variable | Secure | Password hashing |
| scrypt | Variable | Secure | Password hashing |
| Argon2 | Variable | Secure (winner) | Password hashing |
32 chars → MD5
40 chars → SHA-1
56 chars → SHA-224
64 chars → SHA-256
96 chars → SHA-384
128 chars → SHA-512
$2a$/$2b$ → bcrypt
$6$ → SHA-512crypt (Linux)
$1$ → MD5crypt (Linux)
-m 0 → MD5
-m 100 → SHA-1
-m 1400 → SHA-256
-m 1800 → SHA-512crypt ($6$)
-m 3200 → bcrypt
-m 13100 → Kerberoast (TGS-REP)
-m 18200 → AS-REP Roast
-m 5600 → NetNTLMv2
-m 1000 → NTLM
Same key for encryption and decryption.
| Algorithm | Key Size | Block Size | Status |
|---|
| DES | 56-bit | 64-bit | Broken |
| 3DES | 112/168-bit | 64-bit | Deprecated |
| AES-128 | 128-bit | 128-bit | Secure |
| AES-256 | 256-bit | 128-bit | Secure |
| ChaCha20 | 256-bit | Stream | Secure |
| Mode | Notes |
|---|
| ECB | Insecure — same block = same ciphertext |
| CBC | Requires IV, vulnerable to padding oracle |
| CTR | Stream mode, parallelizable |
| GCM | Authenticated encryption (AEAD) — preferred |
Different keys for encryption (public) and decryption (private).
| Algorithm | Key Size | Use |
|---|
| RSA-2048 | 2048-bit | Min recommended |
| RSA-4096 | 4096-bit | High security |
| ECDSA | 256-bit | Digital signatures |
| Ed25519 | 256-bit | SSH keys (preferred) |
| Diffie-Hellman | 2048+ bit | Key exchange |
| ECDH | 256-bit | Key exchange |
| Version | Status |
|---|
| SSL 2.0 | Broken — disabled |
| SSL 3.0 | Broken (POODLE) — disabled |
| TLS 1.0 | Deprecated |
| TLS 1.1 | Deprecated |
| TLS 1.2 | Acceptable |
| TLS 1.3 | Recommended |
1. Client → Server: ClientHello (supported ciphers, key share)
2. Server → Client: ServerHello + Certificate + Finished
3. Client → Server: Finished
4. Encrypted communication begins
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
│ │ │ │ └── MAC/PRF hash
│ │ │ └── Encryption + mode
│ │ └── Authentication
│ └── Key exchange
└── Protocol
# Check certificate
openssl s_client -connect example.com:443
# Check supported protocols
nmap --script ssl-enum-ciphers -p 443 example.com
# Check certificate expiry
openssl s_client -connect example.com:443 2>/dev/null | \
openssl x509 -noout -dates
# testssl.sh (comprehensive)
./testssl.sh example.com
# /etc/shadow format
$id$salt$hash
# IDs:
$1$ = MD5
$2a$ = Blowfish/bcrypt
$5$ = SHA-256
$6$ = SHA-512 (most common)
$y$ = yescrypt (modern)
# Generate SHA-512 hash
openssl passwd -6 -salt xyz mypassword
python3 -c "import crypt; print(crypt.crypt('pass', crypt.mksalt(crypt.METHOD_SHA512)))"
| Attack | Target | Description |
|---|
| Brute force | Weak passwords/keys | Try all combinations |
| Dictionary | Passwords | Try wordlist |
| Rainbow table | Unsalted hashes | Precomputed hash table |
| Birthday attack | Hash collisions | Find two inputs with same hash |
| Padding oracle | CBC mode | Decrypt without key via error messages |
| BEAST | TLS 1.0 CBC | Exploit CBC IV predictability |
| POODLE | SSL 3.0 | Downgrade + padding oracle |
| CRIME/BREACH | TLS compression | Compression + chosen plaintext |
| Heartbleed | OpenSSL | Memory leak via heartbeat extension |
# Generate RSA key pair
openssl genrsa -out private.pem 4096
openssl rsa -in private.pem -pubout -out public.pem
# Generate self-signed cert
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
# Encode/decode base64
echo "text" | openssl base64
echo "dGV4dA==" | openssl base64 -d
# Hash a file
openssl dgst -sha256 file.txt
# Encrypt/decrypt
openssl enc -aes-256-cbc -in file.txt -out file.enc -k password
openssl enc -d -aes-256-cbc -in file.enc -out file.txt -k password