Cryptography involves hiding the information to be transmitted so that only the receiver is able to view it. This is done by encoding the information to be sent at the sender’s end and decoding the information on the receiver’s end.
The field of cryptography is an old one and dates back to 2000 B.C. in Egypt. Let us have a brief look at the basic working of cryptography before moving onto the different types of attacks:
This is the basic and fundamental concept behind cryptography. There are two modes of encryption – symmetric encryption and asymmetric encryption.
In ‘Symmetric encryption’ algorithms, the same key which is used to encrypt is used to decrypt a message.
In ‘Asymmetric encryption’ algorithms, different keys are used to encrypt and decrypt a message.
Cryptography ensures that the information that is sent safely and securely, preserves the concept of confidentiality, integrity, and authenticity. Having seen, the basics of cryptography and the different types of encryption, let us next view the different types of attacks that are possible.
There are two types of attacks – ‘passive attacks’ and ‘active attacks’. Snooping on data, eavesdropping is simple examples of ‘passive attacks’. Passive attacks are not as harmful as they do not cause any altering or modification of data. ‘Active attacks’ cause data to be altered, system files to be modified and are obviously much more harmful than ‘passive attacks’.
These are some examples of ‘active attacks’:
Brute-force attacks involve trying every possible character combination to find the ‘key’ to decrypt an encrypted message. While brute-force attacks may take a smaller amount of time for smaller keyspaces, it will take an immeasurable amount of time for larger keyspaces. Hence it is impractical to try brute-force attacks modern encryption systems.
In the ‘cipher-only’ attack, the attacker knows the ciphertext of various messages which have been encrypted using the same encryption algorithm. The attacker’s challenge is to figure the ‘key’ which can then be used to decrypt all messages.
The ‘cipher-only’ attack is probably one of the easiest attacks to commit since it is easy to capture the ciphertext (by sniffing) but difficult to implement since the knowledge about the encryption process is limited.
In the ‘known-plaintext’ attack, the attacker knows some of the plaintext and the ciphertext. He then has to figure the ‘key’ by reverse engineering and he can decipher other messages which use the same ‘key’ and algorithm.
The ‘known-plaintext’ attack was effective against simple ciphers such as the ‘substitution cipher’. It was popular for breaking ciphers used during the Second World War.
The ‘chosen-plaintext’ attack is similar to the ‘known-plaintext’ attack, but here the attacker experiments by choosing his own plaintext (say choosing a word such as ‘cryptography’) for a ‘Vignere cipher’ and with the generated ciphertext he can figure the ‘key’.
Once he figures the ‘key’ he can learn more about the whole encryption process and understand how the ‘key’ is being used.
With this information, he can decrypt other messages.
In the ‘chosen ciphertext’ attack, the attacker chooses a portion of the decrypted ciphertext. He then compares the decrypted ciphertext with the plaintext and figures out the key.
This is relatively a harder type of attack and earlier versions of RSA were subject to these types of attacks.
This was a popular type of attack against block algorithms such as DES in 1990. The primary aim of this attack, as with other attacks, is finding the ‘key’.
The attacker follows several messages of plaintext into their transformed ciphertext. He observes the changes form plaintext to the ciphertext and deduces the key.
This is a type of ‘chosen-plaintext’ attack since the attacker chooses the plaintext to observe the transformation.
The attacker carries out a “known-plaintext” attack against several messages which have been encrypted with the same key. This gives the attacker insight into the probability of a particular key. If more messages are attacked, there is a higher possibility of finding the particular “key”.
Apart from just relying on mathematical ways to break into systems, attackers may use other techniques such as observing power consumption, radiation emissions and time for data processing. With this data, the attacker works in a reverse manner to figure the ‘keys’ to an algorithm just by observing the amount of heat released in an attack.
RSA keys in 1995 were uncovered using this type of attack.
In a ‘replay attack’, the attacker captures some information (as an example, authentication information) and re-submits it back to the receiver. This dupes the receiver and they give the attacker unauthorized access.
Timestamps are one of the important countermeasures to handle ‘replay attacks’.
This post outlined the basic concepts of cryptography and some of the popular cryptography attacks.