Cryptographic Attacks

Crytographic attacks are used to attempt to decrypt data without prior access to a key. Cryptanalysis is the art of deciphering encrypted data. Cryptanalysis and Cryptography form the science of Cryptology. The Cryptographic attacks can be classified into six categories, including three plaintext-based methods and three ciphertext-based methods. The plaintext-based methods can be divided into three types such as Known Plaintext, Chosen Plaintext and Adaptive Chosen Plaintext. The ciphertext-based methods can be divided into three types such as Ciphertext Only,Chosen Ciphertext and Adaptive Chosen Ciphertext.

Known Plaintext and Ciphertext-Only Attacks

A known plaintext attack is an attack where a cryptanalyst has access to a plaintext and the corresponding ciphertext and seeks to discover a correlation between the two. A ciphertext-only attack is an attack where a cryptanalyst has access to a ciphertext but does not have access to corresponding plaintext.

Chosen Plaintext and Chosen Ciphertext Attacks

A chosen plaintext attack is an attack where a cryptanalyst can encrypt a plaintext of his choosing and study the resulting ciphertext. This is most common against asymmetric cryptography, where a cryptanalyst has access to a public key.

A chosen ciphertext attack is an attack where a cryptanalyst chooses a ciphertext and attempts to find a matching plaintext. This can be done with a machine that decrypts without exposing the key. This is also often performed on attacks versus public key encryption; it begins with a ciphertext and searches for matching publicly-posted plaintext data.

Adaptive Chosen Plaintext and Adaptive Chosen Ciphertext Attacks
In both adaptive attacks, a cryptanalyst chooses further plaintexts or ciphertexts adapts the attack based on prior results.

Side Channel Attacks
Side channel attacks leverage additional information based on the physical implementation of a cryptographic algorithm, including the hardware used to encrypt or decrypt data. A side channel attack leverages additional information, such as time taken or CPU cycles used, to perform a calculation, voltage used and so on.

Brute Force Attacks
A brute force attack systematically attempts every possible key. It is most often used in a known plaintext or ciphertext-only attack. A brute-force attack, or exhaustive key search, is a cryptanalytic attack that can be used against any encrypted data. Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system that
Would make the task easier. It consists of systematically checking all possible keys until the correct key is found.

Man-in-the-Middle Attack
Meet-in-the-middle attacks can be used against cryptographic algorithms that use multiple keys for encryption. The attackers intrude into the network and establish a succesful man-in-the-middle connection. An example of a successful meet-in-the-middle attack is the attack versus Double DES. The meet-in-the-middle attack is a known plaintext attack; the cryptanalyst has access to both the plaintext and resulting ciphertext.

Linear Cryptanalysis and Differential Cryptanalysis
Linear cryptanalysis is a known plaintext attack that requires access to large amounts of plaintext and ciphertext pairs encrypted with an unknown key. It focuses on statistical analysis against one round of decryption on large amounts of ciphertext. The cryptanalyst decrypts each ciphertext using all possible subkeys for one round of encryption and studies the resulting intermediate ciphertext to seek the least random result. A subkey that
Produces the least random intermediate cipher for all ciphertexts becomes a candidate key. Differential cryptanalysis is a chosen plaintext attack that seeks to discover a relationship between cipher texts produced by two related plaintexts. It focuses on statistical analysis of two inputs and two outputs of a cryptographic algorithm. A plaintext pair is created by applying a Boolean exclusive or (XOR) operation to a plaintext. The cryptanalyst then encrypts the plaintext and its XORed pair using all possible subkeys, and it seeks signs of non-randomness in each intermediate ciphertext pair. The subkey that creates the least random pattern becomes the candidate key.

Birthday Attack
The birthday attack is an attack that can discover collisions in hashing algorithms. It exploits the mathematics behind the birthday problem in probability theory. This attack can be used to abuse communication between two or more parties. It is based on the Birthday Paradox, which states that if there are 23 people in a room, the odds are slightly greater than 50% that two will share the same birthday. The birthday attack is most often used to attempt discover collisions in hash functions, such as MD5 or SHA1.

Leave a Reply