15.2 Cryptanalysis and Cryptographic Attack Countermeasures
One-time pad
A cryptography method that contains many non-repeating, randomly chosen groups of letters or numbers.
Differential cryptanalysis
A form of cryptanalysis applicable to symmetric key algorithms. Differential cryptanalysis works on statistical differences between ciphertexts of chosen data.
Timing attack
An attack in which an abuser explores the contents of a Web browser"s cache. These attacks allow a Web designer to create a malicious form of cookie to store on the client"s system. The attack repeatedly measuring the exact execution times of modular exponentiation operations
Brute force attack
An attack in which cryptography keys are discovered by trying every possible combination.
Integral cryptanalysis
An integral cryptanalysis attack is useful against block ciphers based on substitution-permutation networks. It is an extension of differential cryptanalysis.
Chosen-Plain-Text Attack
Attacker encrypts multiple plain text message in order to gain key
Rubber Hose Attack
Attempt to crack a password by threatening or causing a person physical harm in order to make them tell you the password
What are common code breaking methods?
Brute Force Frequency Analysis Trickery and deceit One-Time pad
Ciphertext-only Attack
Cryptanalysis attack where the attacker is assumed to have access only to a set of ciphertexts. This is where the attacker has access to the ciphertext, and his goal is to recover the encryption key from it. This attack requires a hacker to obtain encrypted messages that have been encrypted using the same encryption algorithm. For example, the original version of WEP used RC4. If they were sniffed for long enough, the repetitions allowed a hacker to extract the WEP key. Ciphertext attacks don't require the hacker to have the plain text, and the statistical analysis might be enough.
known plaintext attack
Cryptanalysis attack where the attacker is assumed to have access to sets of corresponding plaintext and ciphertext.
Chosen Ciphertext Attack (CCA)
Cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plain text output or the effect the decrypted message has on some systems. The hacker analyzes the plain texts corresponding to an arbitrary set of ciphertexts the hacker chooses
What are three countermeasures that can be used to prevent cryptography attacks?
First, cryptographic key access should be given to the application or to the user directly. Intrusion detection system should be deployed to monitor key access and exchanges. Passphrases and passwords should be used to encrypt the key if it's stored on-disk. Keys shouldn't be present inside the source code or binaries. For certificate signing, transfer of private keys shouldn't be allowed. For symmetric algorithms, a key size of 168 bits or 256 bits should be preferred for a secure system, especially in case of large transactions.
Chosen Key Attack
In this type of attack, an attacker not only breaks a ciphertext but also breaks into a bigger system, which is dependent on that ciphertext. The attacker usually breaks an n bit key cipher into 2 n/2 number of operations. An attack where a hacker not only breaks a ciphertext but also breaks into a bigger system that is dependent on that ciphertext.
What are three types of cryptanalysis methods?
Linear cryptanalysis Differential cryptanalysis Integral cryptanalysis
Linear cryptanalysis
Linear cryptanalysis finds the affine approximations to the action of a cipher.
CrypTool project
One of the tools used to break ciphers is the CrypTool project, which develops e-learning programs in the area of cryptography and cryptanalysis. It consists of several e-learning software programs, CT1, CT2, JCT, and CTO. There are also the MD5 Decryption Tool and MD5 Decoder tools.
Adaptive Chosen-Plain-Text Attack
The attacker send a lot of ciphertexts to be decrypted Uses the results of the decryption to select different, but closely related ciphertexts. The hacker makes a series of interactive queries, choosing subsequent plain texts based on the information from the previous encryptions.
Cryptographic Attack Countermeasures`
The countermeasures used to keep hackers from using various cryptanalysis methods and techniques are: - Restrict access to cryptographic keys. Keys should be given to the application or to the user directly. - Deploy an intrusion detection system to monitor the exchange and access of keys. - Use passphrases and passwords to encrypt a key stored on disk. - Do not include keys inside the source code or binaries. - Prohibit the transfer of private keys for certificate signing. - Use a key size of 168 bits or 256 bits for symmetric key algorithms, especially in case of large transactions.
Frequency analysis
The study of the frequency of letters or groups of letters in a ciphertext.
Code Breaking Methods
There are several code breaking methods. - Brute force is one of the most commonly used methods. In a brute force attack, the cryptography keys are discovered by trying every possible combination. - Frequency analysis is the study of the frequency of letters or groups of letters in a ciphertext. It works on the assumption that in any given stretch of written language, certain letters and combinations of letters occur with varying frequencies. - Trickery and deceit involves using social engineering techniques to extract cryptography keys. The one-time pad method uses many non-repeating groups of letters or number keys that are chosen randomly.
Types of Cryptanalysis
There are three types of cryptanalysis methods. - Linear cryptanalysis is based on finding the linear, or affine, an approximation to the action of a cipher. It is commonly used on block ciphers and works on statistical differences between plain text and ciphertext. - Differential cryptanalysis is a form of cryptanalysis applicable to symmetric key algorithms and works on statistical differences between ciphertexts of chosen data. - Integral cryptanalysis is useful against block ciphers based on substitution-permutation networks. It is an extension of differential cryptanalysis.
Related Key Attack
Two chosen plaintext attacks run in parallel, but you are using two different but related keys. You would have two streams of text being encrypted into ciphertext by these two keys. Commonly used against wireless network encryption. The hacker obtains ciphertexts encrypted under two different keys.
