Professional Documents
Culture Documents
Cryptography Notes
Cryptography Notes
Cryptography Notes
UNIT: 01
Denial of Service: It prevents or inhibits the normal use or Use technology to your advantage, including:
management of communications facilities. This attack may
have a specific target; for eg, an entity may suppress all Ad blockers
messages directed to a particular destination. Another form
of service denial is the disruption of an entire network, Anti-malware tools
either by disabling the network or by overloading it with
messages so as to degrade performance. Anti-virus tools
Endpoint protection
Next-gen firewalls
A few basic steps to defend against cryptojacking are: Computer’s fan running faster or more frequently than
usual
Avoid unsecured websites (i.e., those with no SSL Device overheating or feeling much hotter than usual
certificate)
Increased processor usage and higher electrical bills
Create website whitelists and blacklists
More frequent computer crashes or unusually poor 4. Non-repudiation: Prevents either sender or
performance receiver from denying message transmission or receipt
Spikes in CPU usage of message.
-Origin non-repudiation: preventing sender
Response: For the detection process to have any from denying that he has sent a message.
value there must be a timely response. The response to - Destination non-repudiation: preventing
an incident should be planned well in advance. Making receiver from denying that he has received a
important decisions or developing policy while under message.
attack is a recipe for disaster. 5. Access control: The prevention of the unauthorized
use of a resource (i.e. this service controls who can have
In the event that a device or network is compromised access to a resource, under what conditions access can
by a web-based cryptojacking attack, a number of steps occur, and what those accessing the resource are
can be taken to stop the cryptomining. allowed to do).
6. Availability: Making system or resources available
Kill the browser tab that’s running the crypto mining script. upon demand by legitimate users.
Update browser extensions. The attacks rely on nature of the algorithm and also
Disable all website-delivered scripts. knowledge of the general characteristics of the plaintext,
i.e., plaintext can be a regular document written in
Delete and remove all extensions. English or it can be a code written in Java. Therefore,
nature of the plaintext should be known before trying
Run an antivirus scan to detect and eradicate malware.
to use the attacks.
Preventative measures noted in the section above
should also be implemented once the cryptojacking Types of Cryptanalytic attacks :
attack has been stopped and remediated.
Known-Plaintext Analysis (KPA) :In this type of
attack, some plaintext-ciphertext pairs are
Security Services and Attacks: already known. Attacker maps them in order to
A security service is something that enhances the find the encryption key. This attack is easier to
security of data processing systems and information use as a lot of information is already available.
transfers of an organization. The services are intended Chosen-Plaintext Analysis (CPA) :In this type of
to counter security attacks, and they make use of one or attack, the attacker chooses random plaintexts
more security mechanisms to provide the services. and obtains the corresponding ciphertexts and
tries to find the encryption key. Its very simple
1. Confidentiality: It is a security service that keeps to implement like KPA but the success rate is
the information secure from an unauthorized quite low.
person. Encryption is a process to ensure the Ciphertext-Only Analysis (COA) :In this type of
confidentiality. attack, only some cipher-text is known and the
attacker tries to find the corresponding
2. Data integrity: The assurance that data received encryption key and plaintext. Its the hardest to
are exactly as sent by an authorized entity (i.e. implement but is the most probable attack as
contains no modification, insertion, deletion, or only ciphertext is required.
replay). Man-In-The-Middle (MITM) attack :In this type
of attack, attacker intercepts the message/key
3. Authentication: The assurance that an entity of between two communicating parties through a
concern or the origin of communication is secured channel.
authentic. Two specific authentication services: Adaptive Chosen-Plaintext Analysis
-Peer entity authentication: When establishing a (ACPA) :This attack is similar CPA. Here, the
logical connection, assure that the other party is attacker requests the cipher texts of additional
as claimed. plaintexts after they have ciphertexts for some
- Data origin authentication: In a connectionless texts.
transfer, assure that the source of received data
is as claimed.
Classical Cryptography: Disadvantages of Classical Cryptography:
Classical cryptography is based on the mathematics and While employing the one-time pad, it is
it relies on the computational difficulty of factorizing cumbersome and requires a personal meetup to
large number. The security of classical cryptography is exchange the pads.
based on the high complexity of the mathematical If not employing the OTP, anyone who is even
problem for the instance factorization of large number. remotely interested in knowing what you wrote
and knows about cryptography will be able to
Classical Cryptography has two types of techniques: break the encryption.
Presentation Layer
The presentation layer in S-DES manages the translation,
encryption/decryption, authentication and compression.
These are explained below −
2.Asymmetric Cryptography: In the asymmetric
cryptography a pair of key, i.e., public key and private Translation: It can transform the complex data structures
key is used for encryption and decryption. A sender can used by an application string, integers, structures, etc., into
use its public key to encrypt the data and on receiver a byte flow that can be shared across the network. The
end receiver can decrypt the data by using its private message is defined so that communicating devices agree to
key. This technique overcomes the problem of key the structure of the data being transformed. For instance,
ASCII or EBCDIC character sets.
distribution.
Encryption/Decryption: It can handle security and
privacy issues. Encryption can scramble the information so
that only authorized persons can unscramble the
conversation information. Decryption shifts the encryption
procedure to interpret the message back into its original
form.
There are two types of Encryption which are as follows –
Block Cipher Design Principles: There are mainly two categories of concerns about the
strength of Data encryption standard. They are:
Block ciphers are built in the Feistel cipher structure.
Block cipher has a specific number of rounds and keys Concerns about the particular algorithm used.
for generating ciphertext. For defining the complexity Concerns about the usage of key of size 56-bit.
level of an algorithm few design principles are to be
considered. Assuming that on an average one has to search half the
key space, to break the cipher text, a system performing
Block Cipher Principles one DES encryption per microsecond might require
more than thousand years. But, the assumption of one
A block cipher is designed by considering its three DES encryption per microsecond is too conservative. In
critical aspects which are listed as below: July 1998, DES was finally proved to be insecure when
the Electronic Frontier Foundation (EFF) had broken a
DES encryption. The encryption was broken with the
1.Number of Rounds: The number of rounds judges
help of a special-purpose “DES cracker” machine. It was
the strength of the block cipher algorithm. It is
reported that the attack took less than 3 days.
considered that more is the number of rounds, difficult
is for cryptanalysis to break the algorithm.
Simply running through all possible keys won’t result in
It is considered that even if the function F is relatively cracking the DES encryption. Unless known plain text is
weak, the number of rounds would make the algorithm given, the attacker must be able to differentiate the
tough to break. plain text from other data. Some degree of knowledge
about the target plain text and some techniques for
2.Design of Function F: The function F of the block automatically distinguishing plain text from garble are
cipher must be designed such that it must be impossible required to supplement the brute-force approach. If
for any cryptanalysis to unscramble the substitution. brute force attack is the only means to crack the DES
The criterion that strengthens the function F is it non- encryption algorithm, then using longer keys will
linearity. obviously help us to counter such attacks. An algorithm
is guaranteed unbreakable by brute force if a 128- bit
More the function F is nonlinear, more it would be key is used.
difficult to crack it. Well, while designing the function F
it should be confirmed that it has a good avalanche The differential cryptanalysis, linear cryptanalysis, are
property which states that a change in one-bit of input examples for statistical attacks on DES algorithm. Few of
must reflect the change in many bits of output. the important alternatives for DES are AES (Advanced
Encryption Standard) and triple DES.
The Function F should be designed such that it
possesses a bit independence criterion which states that Block Cipher modes of Operation:
the output bits must change independently if there is
any change in the input bit. Encryption algorithms are divided into two categories
based on the input type, as a block cipher and stream
3.Key Schedule Algorithm: It is suggested that the cipher. Block cipher is an encryption algorithm that
key schedule should confirm the strict avalanche effect takes a fixed size of input say b bits and produces a
and bit independence criterion. ciphertext of b bits again. If the input is larger than b
bits it can be divided further. For different applications
DES & Strength of Data encryption and uses, there are several modes of operations for a
standard (DES): block cipher.
2. Differential Cryptanalysis:
Differential
Linear cryptanalysis cryptanalysis was
was basically first defined in the
invented by Matsui year 1990 by Eli
and Yamagishi in Biham and Adi
1. the year 1992. Shamir.
The underlying
structure of each
individual input is
Subsets of input unimportant in this
attributes refer to the case since the input
internal structures of attributes are
5. a single input. differential.