SlideShare uma empresa Scribd logo

Cryptanalysis and Attacks

S
Shahbaz Anjam

DNS

Apresentações e oratória
1 de 9
Baixar para ler offline
Cryptanalysis and AttacksFollow Cryptanalysis is the science of cracking codes and decoding secrets. It is used to violate authentication schemes, to break cryptographic protocols, and, more benignly, to find and correct weaknesses in encryption algorithms. It may be used in information warfare applications - for example, forging an encrypted signal to be accepted as authentic. Competitors who have been able to discover the key will now want to use it to their advantage, therefore they will want to send bogus encrypted messages to the source in order to gain information or gain an advantage. It could also be used to pretend to be the source in order to send bogus information to others, who now will think that it came from the official source. According to Diffie and Hellman Skill in the production of cryptanalysis has always been heavily on the side of the professionals, but innovation, particularly in the design of new types of cryptographic systems, has come primarily from amateurs. Among the types of attacks are: Ciphertext only attacks Known plaintext attacks Chosen plaintext attacks Chosen ciphertext attacks Man-in-the-middle attacks Side channel attacks Brute force attacks Birthday attacks There are also a number of other technical and non-technical cryptography attacks to which systems can fall victim. Cryptanalytic attacks can be mounted not only against encryption algorithms, but also against digital signature algorithms, MACing algorithms and pseudo-random number generators.
Ciphertext Only Attack A ciphertext only attack (COA) is a case in which only the encrypted message is available for attack, but because the language is known a frequency analysis could be attempted. In this situation the attacker does not know anything about the contents of the message, and must work from ciphertext only. Known Plaintext Attack In a known plaintext attack (KPA) both the plaintext and matching ciphertext are available for use in discovering the key. The attacker knows or can guess the plaintext for some parts of the ciphertext. For example, maybe all secure login sessions begin with the characters LOGIN, and the next transmission may be PASSWORD. The task is to decrypt the rest of the ciphertext blocks using this information. This may be done by determining the key used to encrypt the data, or via some shortcut. Chosen Plaintext Attack A chosen plaintext attack (CPA) occurs when the attacker gains access to the target encryption device - if, for example, it is left unattended. The attacker then runs various pieces of plaintext though the device for encryption. This is compared to the plaintext to attempt to derive the key. In an adaptive chosen plaintext attack (ACPA), the attacker not only has access to the plaintext and its encryption, but can adapt or modify the chosen plaintext as needed based on results of the previous encryptions. Chosen Ciphertext Attack
In a chosen ciphertext attack (CCA), the cryptanalyst can choose different cipher texts to be decrypted and has access to the decrypted plaintext. This type of attack is generally applicable to attacks against public key cryptosystems. An adaptive chosen ciphertext attack involves the attacker selecting certain cipher texts to be decrypted, then using the results of these decryptions to select subsequent cipher texts. The modifications in the ciphertext help in deciphering the key from the decryptions. Man-in-the-Middle Attack Cryptographic communications and key exchange protocols are susceptible to an attack in which the attacker is able to place himself on the communication line between two parties. In this "man-in-the-middle attack" the attacker is able to position himself to intercept the key exchange between two parties. He performs his own key exchange with each. Then, with both parties thinking they have set up a secure channel, the attacker decrypts any communications with the proper key, and encrypts them with the other key for sending to the other party. The parties think that they are communicating securely, but in fact the adversary is reading everything. Preventing a man-in-the-middle attacks is possible if both sides compute a cryptographic hash function of the key exchange, sign it using a digital signature algorithm, and send the signature to the other side. The recipient then verifies that the hash matches the locally computed hash and the signature came from the desired other party. Side Channel Attacks Side channel attacks are a type of attacks based on implementation details such as
timing, power, and radiation emissions. By carefully measuring the amount of time required to perform private key operations, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems. Against a vulnerable system, the attack is computationally inexpensive and often requires only known ciphertext. Actual systems are potentially at risk, including cryptographic tokens, network-based cryptosystems, and other applications where attackers can make reasonably accurate timing measurements. (For additional information see http://www.cryptography.com/public/pdf/TimingAttacks.pdf) Differential power analysis (DPA) describes a new class of attacks against smart cards and secure cryptographic tokens. Discovered by researchers at Cryptography Research in San Francisco, DPA attacks exploit characteristic behaviors of transistor logic gates and software running on today's smart cards and other cryptographic devices. The attacks are performed by monitoring the electrical activity of a device, then using advanced statistical methods to determine secret information (such as secret keys and user PINs) in the device. (For additional information, see http://www.cryptography.com/technology/dpa.html) Brute Force Attack A brute force attack involves trying all possible keys until hitting on the one that results in plaintext. This can involve significant costs related to the amount of processing required to try quadrillions (in the case of DES) of keys. The time required is a factor of how many keys can be tried per unit of time, which is a factor of how many computers can be assigned to the task in parallel. Because computers are getting faster all the time. The unit of measure for comparison purposes is million-instructions-per-second (MIPS) per year (MY). It is the number of instructions a million-instructions-per-second (MIPS) computer can execute in one year. Moore's Law (Gordon Moore, founder of Intel) states that processing speed doubles
every 18 months. As a result, advances in technology and computing performance will always make brute force an increasingly practical attack on keys of a fixed length. This table shows the times required for a brute force attack on various key lengths using "Deep Crack" technology. Deep Crack technology was developed in 1998 by the EFF (Electronic Frontier Foundation). They built a machine called the Deep Crack capable of trying a million DES keys per microsecond against a readable ASCII string hours to try all possible keys. In theory, its success in cracking DES makes DES worthless. In practice, however, by using cipher block chaining, doing any initial scrambling of the data and/or doing it three times in a row (triple DES), it can still be fairly difficult to crack. The only hope against a brute force attack is to have so many possible keys that it is not feasible to try them all in a reasonable amount of time. Obviously, as the key length grows beyond 100 or so, the number of keys quickly becomes astronomical. The new AES standard, Rijndael, which is supposed to replace DES, supports 128 and 256 bit keys. Even taking into account the staggering advances in computing power and cryptanalysis, 256 bit keys should be pretty safe for the next 100 years or so. Birthday Attack A birthday attack is a class of brute force attack used against hashing functions. It is based on the "birthday paradox." This states that in a group of 23 people, there is at least a 50% probability that at least two people will share the same birthday. In a group of 60 people, the probability is over 99%.
A hash function gives a set value for a message. It can be easier for an attacker to find two messages with the same digest value than it is to match a specific value. It would seem that a 128-bit hash function would force the attacker to try 2 128 inputs to find a match to a specific source document. But the birthday paradox applies, so the attacker can find two arbitrary documents that hash to the same value in only 2 64 steps for a 128-bit hash function. A strong hash function needs to resist the birthday attack. Attacks on Symmetric Block Ciphers Four types of attacks are normally used against symmetric block ciphers such as DES and RC5: Differential Cryptanalysis Linear Cryptanalysis Differential Linear Cryptanalysis Algebraic Attacks Differential cryptanalysis is a chosen plaintext attack that relies on analysis of the differences between two related plaintexts as they are encrypted with the same key. The correct key is identified by examining probabilities of each key. Linear cryptanalysis, a known plaintext attack, uses linear approximation to describe behavior of the block cipher. Given sufficient pairs of plaintext and corresponding ciphertext, bits of information about the key can be obtained. Differential linear cryptanalysis is a combination of differential and linear cryptanalysis. Algebraic attacks analyze vulnerabilities in the mathematics of the algorithm.
Other Types of Cryptographic Attacks Other types of cryptographic attacks include analytic, statistical and implementation. Analytic attacks use algorithm and algebraic manipulation weakness to reduce complexity. Two examples are an RSA factoring attack and a Double DES attack. Statistical attacks involve using statistical weakness in design, such as more 1s than 0s in the keystream. Implementation attacks exploit weakness in the implementation of the encryption protocol. An example is the 1995 attack on the Netscape key, which had deficient key randomization. Static WEP (wireless equivalent privacy) is similarly subject to attack because of the relatively short initialization vectors that may be reused. To protect against such attacks, the algorithm must be very strong (some vendor algorithms are not), the key needs to be very random without any bias (no patterns), and the implementation must be in accordance with good cryptographic concepts. Non-Technical Cryptographic Attacks Not all system attacks involve sophisticated cryptanalysis or major computing power. The people who use and run systems are themselves subject to attack - and these are often the most successful. "Purchase key" attack is another term for bribery. "Rubber hose cryptanalysis" means gaining access to a system through a physical assault on a user. Social engineering involves convincing someone, usually through subterfuge, to divulge
their password or other persona or confidential information. Summary Cryptanalysis is the science of cracking codes and decoding secrets. It is used to violate authentication schemes, to break cryptographic protocols, and, more benignly, to find and correct weaknesses in encryption algorithms. The major categories of cryptanalysis include ciphertext only, known plaintext, chosen plaintext, and chosen ciphertext. These involve deriving the key from analysis of the pieces provided. In a man-in-the-middle attack, the attacker intercepts the key exchange between the parties. This allows him to decrypt a message from one party, read it, then re-encrypt it with the sender's key before transmitting it on to the intended recipient. The sender and recipient have no way of knowing that their supposedly confidential communication has been intercepted. To prevent this, both sides can compute a cryptographic hash function of the key exchange, sign it using a digital signature algorithm, and send the signature to the other side. The recipient then verifies that the hash matches the locally computed hash and the signature came from the desired other party. A brute force attack involves trying all possible keys until hitting on the one that results in plaintext. The defense is to make the attack too time consuming or expensive. The larger the key length that is supported by an algorithm the larger its key space. Therefore, the more unique keys available, the longer it would take for a successful brute force attack. Other types of attacks look for weaknesses in the algorithm, in the implementation. But the most successful attacks on systems are attacks on the system administrators or users, where attackers gain access through subterfuge, susceptibility to greed, or
through physical violence or threat of violence.

Recomendados

Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
Uday Meena
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
Dr. Kapil Gupta
 
Cryptography
CryptographyCryptography
Cryptography
Darshini Parikh
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptography
zahid-mian
 
Cryptography
CryptographyCryptography
Cryptography
Kalyani Government Engineering College
 
Cryptography
CryptographyCryptography
Cryptography
Sidharth Mohapatra
 
Cryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie BrownCryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie Brown
Information Security Awareness Group
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric key
Triad Square InfoSec
 

Recomendados

Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
Uday Meena
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
Dr. Kapil Gupta
 
Cryptography
CryptographyCryptography
Cryptography
Darshini Parikh
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptography
zahid-mian
 
Cryptography
CryptographyCryptography
Cryptography
Kalyani Government Engineering College
 
Cryptography
CryptographyCryptography
Cryptography
Sidharth Mohapatra
 
Cryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie BrownCryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie Brown
Information Security Awareness Group
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric key
Triad Square InfoSec
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Md. Afif Al Mamun
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture Notes
FellowBuddy.com
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
BharathiKrishna6
 
Cryptography & Steganography
Cryptography & SteganographyCryptography & Steganography
Cryptography & Steganography
Animesh Shaw
 
History of cryptography
History of cryptographyHistory of cryptography
History of cryptography
Farah Shaikh
 
Topic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesTopic1 substitution transposition-techniques
Topic1 substitution transposition-techniques
MdFazleRabbi18
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
kusum sharma
 
Cryptography
CryptographyCryptography
Cryptography
subodh pawar
 
Cryptography
CryptographyCryptography
Cryptography
jayashri kolekar
 
Cryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipherCryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipher
Niloy Biswas
 
Double DES & Triple DES
Double DES & Triple DESDouble DES & Triple DES
Double DES & Triple DES
Hemant Sharma
 
Cryptography
CryptographyCryptography
Cryptography
herrberk
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography Fundamentals
Duy Do Phan
 
block ciphers
block ciphersblock ciphers
block ciphers
Asad Ali
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Seema Goel
 
Cryptography
CryptographyCryptography
Cryptography
Sagar Janagonda
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
GulnurAzat
 
Cryptography
CryptographyCryptography
Cryptography
Jens Patel
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
Adam Reagan
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
Dr Naim R Kidwai
 
Assignment 1 ns
Assignment 1 nsAssignment 1 ns
Assignment 1 ns
university of Gujrat, pakistan
 
Unit-2-IS (1).pdf
Unit-2-IS (1).pdfUnit-2-IS (1).pdf
Unit-2-IS (1).pdf
ShaikSameena24
 

Mais conteúdo relacionado

Mais procurados

Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture Notes
FellowBuddy.com
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography Fundamentals
Duy Do Phan
 

Mais procurados (20)

Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture Notes
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
Cryptography & Steganography
Cryptography & SteganographyCryptography & Steganography
Cryptography & Steganography
 
History of cryptography
History of cryptographyHistory of cryptography
History of cryptography
 
Topic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesTopic1 substitution transposition-techniques
Topic1 substitution transposition-techniques
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipherCryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipher
 
Double DES & Triple DES
Double DES & Triple DESDouble DES & Triple DES
Double DES & Triple DES
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography Fundamentals
 
block ciphers
block ciphersblock ciphers
block ciphers
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
 
Cryptography
CryptographyCryptography
Cryptography
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
 

Semelhante a Cryptanalysis and Attacks

TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
EC-Council
 
Fault Attacks on Cryptosystems
Fault Attacks on CryptosystemsFault Attacks on Cryptosystems
Fault Attacks on Cryptosystems
Sayan Chaudhuri
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated Keys
IJORCS
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated Keys
IJORCS
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic Attack
Mona Rajput
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.ppt
vinitajain703
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
7wounders
 
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
ams1ams11
 
a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...
INFOGAIN PUBLICATION
 

Semelhante a Cryptanalysis and Attacks (20)

Assignment 1 ns
Assignment 1 nsAssignment 1 ns
Assignment 1 ns
 
Unit-2-IS (1).pdf
Unit-2-IS (1).pdfUnit-2-IS (1).pdf
Unit-2-IS (1).pdf
 
Cryptography
CryptographyCryptography
Cryptography
 
Information and data security cryptanalysis method
Information and data security cryptanalysis methodInformation and data security cryptanalysis method
Information and data security cryptanalysis method
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptanalysis
CryptanalysisCryptanalysis
Cryptanalysis
 
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
 
Fault Attacks on Cryptosystems
Fault Attacks on CryptosystemsFault Attacks on Cryptosystems
Fault Attacks on Cryptosystems
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated Keys
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated Keys
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic Attack
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.ppt
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.ppt
 
Presentationon ON THE TOPIC CRYPTOGRAPHY
Presentationon ON THE TOPIC CRYPTOGRAPHYPresentationon ON THE TOPIC CRYPTOGRAPHY
Presentationon ON THE TOPIC CRYPTOGRAPHY
 
Cryptanalysis 101
Cryptanalysis 101Cryptanalysis 101
Cryptanalysis 101
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
 
a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...
 

Mais de Shahbaz Anjam

Mais de Shahbaz Anjam (10)

Usecase diagram
Usecase diagramUsecase diagram
Usecase diagram
 
Sequence diagram
Sequence diagramSequence diagram
Sequence diagram
 
Project overview
Project overviewProject overview
Project overview
 
Dataflow diagram
Dataflow diagramDataflow diagram
Dataflow diagram
 
Class diagram
Class diagramClass diagram
Class diagram
 
Activity Diagram
Activity Diagram Activity Diagram
Activity Diagram
 
Big data (word file)
Big data (word file)Big data (word file)
Big data (word file)
 
Mms resolution
Mms resolutionMms resolution
Mms resolution
 
Resolution
Resolution Resolution
Resolution
 
RAID its types
RAID its typesRAID its types
RAID its types
 

Último

No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
Sheetaleventcompany
 
If this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New NigeriaIf this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New Nigeria
Kayode Fayemi
 
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptxChiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
raffaeleoman
 
Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...
Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...
Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...
Delhi Call girls
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Kayode Fayemi
 
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
Delhi Call girls
 
Uncommon Grace The Autobiography of Isaac Folorunso
Uncommon Grace The Autobiography of Isaac FolorunsoUncommon Grace The Autobiography of Isaac Folorunso
Uncommon Grace The Autobiography of Isaac Folorunso
Kayode Fayemi
 

Último (20)

No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
 
Presentation on Engagement in Book Clubs
Presentation on Engagement in Book ClubsPresentation on Engagement in Book Clubs
Presentation on Engagement in Book Clubs
 
If this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New NigeriaIf this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New Nigeria
 
ICT role in 21st century education and it's challenges.pdf
ICT role in 21st century education and it's challenges.pdfICT role in 21st century education and it's challenges.pdf
ICT role in 21st century education and it's challenges.pdf
 
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesVVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
 
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
 
lONG QUESTION ANSWER PAKISTAN STUDIES10.
lONG QUESTION ANSWER PAKISTAN STUDIES10.lONG QUESTION ANSWER PAKISTAN STUDIES10.
lONG QUESTION ANSWER PAKISTAN STUDIES10.
 
Dreaming Marissa Sánchez Music Video Treatment
Dreaming Marissa Sánchez Music Video TreatmentDreaming Marissa Sánchez Music Video Treatment
Dreaming Marissa Sánchez Music Video Treatment
 
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptxChiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
 
Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...
Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...
Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...
 
My Presentation "In Your Hands" by Halle Bailey
My Presentation "In Your Hands" by Halle BaileyMy Presentation "In Your Hands" by Halle Bailey
My Presentation "In Your Hands" by Halle Bailey
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
 
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
 
Uncommon Grace The Autobiography of Isaac Folorunso
Uncommon Grace The Autobiography of Isaac FolorunsoUncommon Grace The Autobiography of Isaac Folorunso
Uncommon Grace The Autobiography of Isaac Folorunso
 
SaaStr Workshop Wednesday w/ Lucas Price, Yardstick
SaaStr Workshop Wednesday w/ Lucas Price, YardstickSaaStr Workshop Wednesday w/ Lucas Price, Yardstick
SaaStr Workshop Wednesday w/ Lucas Price, Yardstick
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
 
Air breathing and respiratory adaptations in diver animals
Air breathing and respiratory adaptations in diver animalsAir breathing and respiratory adaptations in diver animals
Air breathing and respiratory adaptations in diver animals
 
The workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdf
The workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdfThe workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdf
The workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdf
 
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptxMohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
 
Dreaming Music Video Treatment _ Project & Portfolio III
Dreaming Music Video Treatment _ Project & Portfolio IIIDreaming Music Video Treatment _ Project & Portfolio III
Dreaming Music Video Treatment _ Project & Portfolio III
 

Cryptanalysis and Attacks

  • 1. Cryptanalysis and AttacksFollow Cryptanalysis is the science of cracking codes and decoding secrets. It is used to violate authentication schemes, to break cryptographic protocols, and, more benignly, to find and correct weaknesses in encryption algorithms. It may be used in information warfare applications - for example, forging an encrypted signal to be accepted as authentic. Competitors who have been able to discover the key will now want to use it to their advantage, therefore they will want to send bogus encrypted messages to the source in order to gain information or gain an advantage. It could also be used to pretend to be the source in order to send bogus information to others, who now will think that it came from the official source. According to Diffie and Hellman Skill in the production of cryptanalysis has always been heavily on the side of the professionals, but innovation, particularly in the design of new types of cryptographic systems, has come primarily from amateurs. Among the types of attacks are: Ciphertext only attacks Known plaintext attacks Chosen plaintext attacks Chosen ciphertext attacks Man-in-the-middle attacks Side channel attacks Brute force attacks Birthday attacks There are also a number of other technical and non-technical cryptography attacks to which systems can fall victim. Cryptanalytic attacks can be mounted not only against encryption algorithms, but also against digital signature algorithms, MACing algorithms and pseudo-random number generators.
  • 2. Ciphertext Only Attack A ciphertext only attack (COA) is a case in which only the encrypted message is available for attack, but because the language is known a frequency analysis could be attempted. In this situation the attacker does not know anything about the contents of the message, and must work from ciphertext only. Known Plaintext Attack In a known plaintext attack (KPA) both the plaintext and matching ciphertext are available for use in discovering the key. The attacker knows or can guess the plaintext for some parts of the ciphertext. For example, maybe all secure login sessions begin with the characters LOGIN, and the next transmission may be PASSWORD. The task is to decrypt the rest of the ciphertext blocks using this information. This may be done by determining the key used to encrypt the data, or via some shortcut. Chosen Plaintext Attack A chosen plaintext attack (CPA) occurs when the attacker gains access to the target encryption device - if, for example, it is left unattended. The attacker then runs various pieces of plaintext though the device for encryption. This is compared to the plaintext to attempt to derive the key. In an adaptive chosen plaintext attack (ACPA), the attacker not only has access to the plaintext and its encryption, but can adapt or modify the chosen plaintext as needed based on results of the previous encryptions. Chosen Ciphertext Attack
  • 3. In a chosen ciphertext attack (CCA), the cryptanalyst can choose different cipher texts to be decrypted and has access to the decrypted plaintext. This type of attack is generally applicable to attacks against public key cryptosystems. An adaptive chosen ciphertext attack involves the attacker selecting certain cipher texts to be decrypted, then using the results of these decryptions to select subsequent cipher texts. The modifications in the ciphertext help in deciphering the key from the decryptions. Man-in-the-Middle Attack Cryptographic communications and key exchange protocols are susceptible to an attack in which the attacker is able to place himself on the communication line between two parties. In this "man-in-the-middle attack" the attacker is able to position himself to intercept the key exchange between two parties. He performs his own key exchange with each. Then, with both parties thinking they have set up a secure channel, the attacker decrypts any communications with the proper key, and encrypts them with the other key for sending to the other party. The parties think that they are communicating securely, but in fact the adversary is reading everything. Preventing a man-in-the-middle attacks is possible if both sides compute a cryptographic hash function of the key exchange, sign it using a digital signature algorithm, and send the signature to the other side. The recipient then verifies that the hash matches the locally computed hash and the signature came from the desired other party. Side Channel Attacks Side channel attacks are a type of attacks based on implementation details such as
  • 4. timing, power, and radiation emissions. By carefully measuring the amount of time required to perform private key operations, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems. Against a vulnerable system, the attack is computationally inexpensive and often requires only known ciphertext. Actual systems are potentially at risk, including cryptographic tokens, network-based cryptosystems, and other applications where attackers can make reasonably accurate timing measurements. (For additional information see http://www.cryptography.com/public/pdf/TimingAttacks.pdf) Differential power analysis (DPA) describes a new class of attacks against smart cards and secure cryptographic tokens. Discovered by researchers at Cryptography Research in San Francisco, DPA attacks exploit characteristic behaviors of transistor logic gates and software running on today's smart cards and other cryptographic devices. The attacks are performed by monitoring the electrical activity of a device, then using advanced statistical methods to determine secret information (such as secret keys and user PINs) in the device. (For additional information, see http://www.cryptography.com/technology/dpa.html) Brute Force Attack A brute force attack involves trying all possible keys until hitting on the one that results in plaintext. This can involve significant costs related to the amount of processing required to try quadrillions (in the case of DES) of keys. The time required is a factor of how many keys can be tried per unit of time, which is a factor of how many computers can be assigned to the task in parallel. Because computers are getting faster all the time. The unit of measure for comparison purposes is million-instructions-per-second (MIPS) per year (MY). It is the number of instructions a million-instructions-per-second (MIPS) computer can execute in one year. Moore's Law (Gordon Moore, founder of Intel) states that processing speed doubles
  • 5. every 18 months. As a result, advances in technology and computing performance will always make brute force an increasingly practical attack on keys of a fixed length. This table shows the times required for a brute force attack on various key lengths using "Deep Crack" technology. Deep Crack technology was developed in 1998 by the EFF (Electronic Frontier Foundation). They built a machine called the Deep Crack capable of trying a million DES keys per microsecond against a readable ASCII string hours to try all possible keys. In theory, its success in cracking DES makes DES worthless. In practice, however, by using cipher block chaining, doing any initial scrambling of the data and/or doing it three times in a row (triple DES), it can still be fairly difficult to crack. The only hope against a brute force attack is to have so many possible keys that it is not feasible to try them all in a reasonable amount of time. Obviously, as the key length grows beyond 100 or so, the number of keys quickly becomes astronomical. The new AES standard, Rijndael, which is supposed to replace DES, supports 128 and 256 bit keys. Even taking into account the staggering advances in computing power and cryptanalysis, 256 bit keys should be pretty safe for the next 100 years or so. Birthday Attack A birthday attack is a class of brute force attack used against hashing functions. It is based on the "birthday paradox." This states that in a group of 23 people, there is at least a 50% probability that at least two people will share the same birthday. In a group of 60 people, the probability is over 99%.
  • 6. A hash function gives a set value for a message. It can be easier for an attacker to find two messages with the same digest value than it is to match a specific value. It would seem that a 128-bit hash function would force the attacker to try 2 128 inputs to find a match to a specific source document. But the birthday paradox applies, so the attacker can find two arbitrary documents that hash to the same value in only 2 64 steps for a 128-bit hash function. A strong hash function needs to resist the birthday attack. Attacks on Symmetric Block Ciphers Four types of attacks are normally used against symmetric block ciphers such as DES and RC5: Differential Cryptanalysis Linear Cryptanalysis Differential Linear Cryptanalysis Algebraic Attacks Differential cryptanalysis is a chosen plaintext attack that relies on analysis of the differences between two related plaintexts as they are encrypted with the same key. The correct key is identified by examining probabilities of each key. Linear cryptanalysis, a known plaintext attack, uses linear approximation to describe behavior of the block cipher. Given sufficient pairs of plaintext and corresponding ciphertext, bits of information about the key can be obtained. Differential linear cryptanalysis is a combination of differential and linear cryptanalysis. Algebraic attacks analyze vulnerabilities in the mathematics of the algorithm.
  • 7. Other Types of Cryptographic Attacks Other types of cryptographic attacks include analytic, statistical and implementation. Analytic attacks use algorithm and algebraic manipulation weakness to reduce complexity. Two examples are an RSA factoring attack and a Double DES attack. Statistical attacks involve using statistical weakness in design, such as more 1s than 0s in the keystream. Implementation attacks exploit weakness in the implementation of the encryption protocol. An example is the 1995 attack on the Netscape key, which had deficient key randomization. Static WEP (wireless equivalent privacy) is similarly subject to attack because of the relatively short initialization vectors that may be reused. To protect against such attacks, the algorithm must be very strong (some vendor algorithms are not), the key needs to be very random without any bias (no patterns), and the implementation must be in accordance with good cryptographic concepts. Non-Technical Cryptographic Attacks Not all system attacks involve sophisticated cryptanalysis or major computing power. The people who use and run systems are themselves subject to attack - and these are often the most successful. "Purchase key" attack is another term for bribery. "Rubber hose cryptanalysis" means gaining access to a system through a physical assault on a user. Social engineering involves convincing someone, usually through subterfuge, to divulge
  • 8. their password or other persona or confidential information. Summary Cryptanalysis is the science of cracking codes and decoding secrets. It is used to violate authentication schemes, to break cryptographic protocols, and, more benignly, to find and correct weaknesses in encryption algorithms. The major categories of cryptanalysis include ciphertext only, known plaintext, chosen plaintext, and chosen ciphertext. These involve deriving the key from analysis of the pieces provided. In a man-in-the-middle attack, the attacker intercepts the key exchange between the parties. This allows him to decrypt a message from one party, read it, then re-encrypt it with the sender's key before transmitting it on to the intended recipient. The sender and recipient have no way of knowing that their supposedly confidential communication has been intercepted. To prevent this, both sides can compute a cryptographic hash function of the key exchange, sign it using a digital signature algorithm, and send the signature to the other side. The recipient then verifies that the hash matches the locally computed hash and the signature came from the desired other party. A brute force attack involves trying all possible keys until hitting on the one that results in plaintext. The defense is to make the attack too time consuming or expensive. The larger the key length that is supported by an algorithm the larger its key space. Therefore, the more unique keys available, the longer it would take for a successful brute force attack. Other types of attacks look for weaknesses in the algorithm, in the implementation. But the most successful attacks on systems are attacks on the system administrators or users, where attackers gain access through subterfuge, susceptibility to greed, or
  • 9. through physical violence or threat of violence.