Teaching an intro to encryption methods?

A friend of mine recently contacted me and asked if I would teach her how to decrypt encrypted text files, with several examples she already owned that have their corresponding originals.

She started off by giving me an MD5 hash, and I'm curious as how to go about explaining that there's no one set way to decrypt something, and that I'm mostly familiar with the long road of brute-forcing.

I think I'll start her with an MD5 library and some example hashes, then move on to manually trying to brute force the passphrases. Hopefully, she'll at least get a solid idea of both how secure, and how insecure, most encryption systems are.

I'm a high school grad, and really don't have a clue about most of this, but I do want to be helpful Can anyone help me get a better idea of cryptography myself?

MD5 checksums are one-way hashes, meaning you can't obtain the original information. You can find what hashes into the checksum you are looking for, but due to collisions, there is not a way to know for sure what it originally was.

If you are talking about cracking passwords, that is something completely different.

Thanks thideras!

I believe she's asking me about both.

I got several rainbow tables together and a few online 'reverse hash' sites to show that simple passwords or common words are relatively easy to find, but something more complicated could require a special program to try brute forcing or more complicated word based lookup, which could take a really long time. I'm also planning to teach her how to use salts to make the lookup nearly impossible.

As far as other password systems, I can discuss them, but I don't think I know any viable options for breaking SHA ones

You could show her programs to brute force the hashes, but we are starting to get into topics that we can't discuss here.

What does she want to understand, exactly?

Yeah, sorry about that

She's interested in the process, I think her original idea about electronic passwords was that there was an set algorithm that could let you decrypt it with only the text. I'm pretty sure she planned to be using a calculator and paper instead of rainbow tables

But that may also be because I'm just discussing something other that what she's looking for, it's possible I just need to tell her to drop the MD5 hashes she has, because they're a one-way only system, and go to something that /is/ more pencil and paper.
Hmm, I think I'll ask whether she's interested in the computer applications or the math/sending notes application.

Thanks!,

I took a course from one of the authors of this book. It should be an excellent way to get started: http://www.amazon.com/Cryptography-Engineering-Principles-Practical-Applications/dp/0470474246

This should also do nicely: http://www.amazon.com/Foundations-Security-Every-Programmer-Experts/dp/1590597842

"Breaking encryption" is an incredibly broad topic, as thid mentioned. If you have no idea what the information is or how it was originally encrypted, it's going to take you a long, long time to decrypt it.

Awesome, I'll try to check them out!