Department of Computer Engineering Srushti Patyane A678

Experiment No. 1 13/01/2023

Aim: To study Security attacks in Cryptography in System Security.

Theory:
1. What are security attacks? Explain in detail.

An attempt to gain unauthorized access to information resource or services, or to cause

harm or damage to information systems. Cryptography is a security mechanism for
storing and transmitting sensitive data such that only the sender and the intended
receiver can read or understand it. Key(s) are used to encode (at the sender's end) and
decode (at the receiver's end) the data. Encryption is the process of converting plaintext
or data into ciphertext or encoded data (that is not readable to everyone). Converting
the ciphertext or encrypted data to a readable form or decoded version is called
decryption.
A cryptographic attack is a method used by hackers to target cryptographic solutions
like ciphertext, encryption keys, etc. These attacks aim to retrieve the plaintext from
the ciphertext or decode the encrypted data. Hackers may attempt to bypass the security
of a cryptographic system by discovering weaknesses and flaws in cryptography
techniques, cryptographic protocol, encryption algorithms, or key management
strategy. Cryptography attack can be either passive or active in nature.

ACTIVE ATTACKS:
On the other hand, active cryptography attacks
involve some kind of modification of the data or communication. In this case, the
attacker not only gains access to the data but also tampers with it.

Types of Active attacks:

1) Masquerade –
 Department of Computer Engineering Srushti Patyane A678

A masquerade attack takes place when one entity pretends to be a different entity. A
Masquerade attack involves one of the other forms of active attacks. If an authorization
procedure isn’t always absolutely protected, it is able to grow to be extraordinarily liable to a
masquerade assault. Masquerade assaults may be performed using the stolen passwords and
logins, with the aid of using finding gaps in programs, or with the aid of using locating a
manner across the authentication process.

2) Modification of messages –

It means that some portion of a message is altered or that message is delayed or reordered to
produce an unauthorized effect. Modification is an attack on the integrity of the original data.
It basically means that unauthorized parties not only gain access to data but also spoof the
data by triggering denial-of-service attacks, such as altering transmitted data packets or
flooding the network with fake data. Manufacturing is an attack on authentication. For
 Department of Computer Engineering Srushti Patyane A678

example, a message meaning “Allow JOHN to read confidential file X” is modified as

“Allow Smith to read confidential file X”.

3) Repudiation –
This attack occurs when the network is not
completely secured or the login control has been
tampered with.
With this attack, the author’s information can be
changed by actions of a malicious user in order to
save false data in log files, up to the general
manipulation of data on behalf of others, similar to
the spoofing of e-mail messages.

4) Replay –
It involves the
passive capture of a
message and its
subsequent
transmission to
produce an
authorized effect.
In this attack, the
basic aim of the
attacker is to save a
copy of the data
originally present on that particular network and later on use this data for
personal uses. Once the data is corrupted or leaked it is insecure and unsafe for
the users.
5) Denial of Service –
 Department of Computer Engineering Srushti Patyane A678

It prevents the normal use of communication facilities. This attack may have a specific
target. For example, an entity may suppress all messages directed to a particular
destination. Another form of service denial is the disruption of an entire network either
by disabling the network or by overloading it with messages so as to degrade
performance.

PASSIVE ATTACKS:
Passive cryptography attacks intend to obtain unauthorized access to sensitive data or
information by intercepting or eavesdropping on general communication. In this
situation, the data and the communication remain intact and are not tampered with. The
attacker only gains access to the data.

Types of Passive attacks:

1) Eavesdropping –

Eavesdropping attack also referred to as sniffing or snooping attack is a major concern

when comes to cyber security. Through these attacks, your information like passwords,
card details, and other sensitive data is easily stolen while it is getting transferred from
one device to another. These kinds of attacks are most successful because they don’t
raise any kind of alert while the transmission is taking place because they take
advantage of unsecured network communications to access data while it is being sent
or received by its user.
 Department of Computer Engineering Srushti Patyane A678

2) Traffic analysis –

In a traffic analysis attack, a hacker tries to access the same network as you to listen
(and capture) all your network traffic. From there, the hacker can analyse that traffic to
learn something about you or your company. So, unlike with other, more popular
attacks, a hacker is not actively trying to hack into your systems or crack your password.
Therefore, we classify this attack as a passive attack.
Types of cryptography attacks
Depending on the type of cryptographic system in place and the information available
to the attacker, these attacks can be broadly classified into six types:

1. Brute force attack

Public and private keys play a significant role in encrypting and decrypting the data in
a cryptographic system. In a brute force attack, the cybercriminal tries various private
keys to decipher an encrypted message or data. If the key size is 8-bit, the possible
keys will be 256 (i.e., 28). The cybercriminal must know the algorithm (usually found
as open-source programs) to try all the 256 possible keys in this attack technique.
 Department of Computer Engineering Srushti Patyane A678

2. Ciphertext-only attack
In this attack vector, the attacker gains access to a collection of ciphertext. Although
the attacker cannot access the plaintext, they can successfully determine the ciphertext
from the collection. Through this attack technique, the attacker can occasionally
determine the key.

3. Chosen plaintext attack

In this attack model, the cybercriminal can choose arbitrary plaintext data to obtain
the ciphertext. It simplifies the attacker's task of resolving the encryption key. One
well-known example of this type of attack is the differential cryptanalysis performed
on block ciphers.

4. Chosen ciphertext attack

In this attack model, the cybercriminal analyses a chosen ciphertext corresponding to
its plaintext. The attacker tries to obtain a secret key or the details about the system.
By analysing the chosen ciphertext and relating it to the plaintext, the attacker
attempts to guess the key. Older versions of RSA encryption were prone to this attack.

5. Known plaintext attack

In this attack technique, the cybercriminal finds or knows the plaintext of some
portions of the ciphertext using information gathering techniques. Linear
cryptanalysis in block cipher is one such example.

6. Key and algorithm attack

Here, the attacker tries to recover the key used to encrypt or decrypt the data by
analysing the cryptographic algorithm.

2. What are the recent security attacks that have be occurred?

Crypto.com being the largest

cryptocurrency exchange company had its
data breached on January 17th of 2022.
Popular cryptocurrency exchange
Crypto.com acknowledged that at least 483
users on its platform lost $34 million in
cryptocurrencies after cybercriminals took
advantage of a vulnerability and hacked
the exchange on
January 17. Over $19 million worth of Bitcoin, $15 million worth of Ethereum and
 Department of Computer Engineering Srushti Patyane A678

$66,200 in “other currencies” were stolen. The platform said that its risk monitoring
systems “detected unauthorised activity
on a small number of user accounts where transactions were being approved without
the 2FA authentication control being inputted by the user.” Crypto.com noted that all
affected customers have been fully reimbursed for the losses. While the company has
confirmed the security breach, however, details of the exact method of compromise still
remain unclear.
The other most recent security breaches caused in cryptography are:

1) Uber: December 2022

Uber announced on December 12th, 2022 that a hacker under the pseudonym “UberLeaks”
gained access to 70,000+ Uber employees data and was posting stolen corporate data. They
believe this data breach occurred because of a third-party vendor, Teqtivity (a tech asset
management company) who had their mobile device management compromised.

2) MediBank: October 2022

Health insurer MediBank revealed on 10/25/2022 that almost 4
million of their customers’ data had been exposed to a hacker. The
Australian health insurer said the personal information that could
have been obtained includes name, address, date of birth, and even
insurance card numbers. In order to make things right,
MediBank said it would offer compensation to those
who were taken advantage of due to their private information
being accessed. The estimated cost of this
cyberattack to the company is between $25M and $35M. They
have since conducted an investigation and added
more network monitoring and determined the hacker is no longer
present.

3) Plex: August 2022

 Department of Computer Engineering Srushti Patyane A678

An August data breach into Plex, a media server app

used by millions, resulted in personal encrypted data
of their customers being compromised; including
passwords, usernames, and emails. Millions of
people’s personal info being
accessed can damage a brand’s trust for years to
come.

4) Ronin: April 2022

One of the appeals of crypto

currency is that it is not stored in a
traditional bank, however, many
crypto networks don’t have the
security they need to protect against
a data breach. In April of 2022,
Ronin reported that they were
hacked for $540 Million. Not only
did they lose that money, but they
also had to reimburse their
customers for the amount they lost.
5) GiveSendGo Breach: February 2022

The recent hijacking of a Christian fundraising site, GiveSendGo, took place in response to
the Ottawa truckers’ protests, and resulted in the personal details of those who donated to
their funds being compromised. The hackers redirected the fundraising site to a page that
condemned the Freedom Convoy protests – a case of Distributed Denial of Service (DDoS)
 Department of Computer Engineering Srushti Patyane A678

attack. They then published the personal information of the 90,000 donors who had
contributed to the initiative via the GiveSendGo website.

3. What are the losses that occurred because of these security attacks?

1. Revenue Loss
Significant revenue loss as a result of a security breach is common. Studies show that
29% of businesses that face a data breach end up losing revenue. Of those that lost
revenue, 38% experienced a loss of 20% or more. A nonfunctional website, for
example, may cause potential customers to explore other options. But any IT system
downtime can lead to work disruptions.
2. Damage to Brand Reputation
A security breach can impact much more than just your short-term revenue. The long-
term reputation of your brand is at stake as well. For one, you don’t necessarily want
your emails leaked. In most cases, you need these emails to remain private. However,
customers value their privacy, too — and breaches often involve customer payment
information. Potential leads will be hesitant to trust a business with a history of shoddy
data security.
‘
3. Loss of Intellectual Property
Loss of revenue and damaged reputation can be catastrophic. However, in some cases,
hackers will also target designs, strategies, and blueprints. Businesses within the
manufacturing and construction industries are more prone to this threat. Smaller
businesses tend to believe they won’t get hit. But 60% of hacks target small businesses.
This is because they’re easier to attack. Losing intellectual property can impact the
competitiveness of your business. Some rivals would not hesitate to take advantage of
stolen information.
 Department of Computer Engineering Srushti Patyane A678

4. Hidden Costs
Surface-level costs are just the beginning. There are many hidden costs related to
breaches as well. For instance, legal fees may come into play. Also, you may need to
spend more on PR and investigations, not to mention insurance premium hikes.
Regulatory fines are another reality that many businesses overlook. In 2015, for
example, the FCC slammed AT&T with a $25 million fine. This was a result of a breach
that led to the disclosure of information related to thousands of accounts.

5. Online Vandalism
Some hackers fancy themselves as pranksters. In these cases, a security breach might
only lead to few word changes on your website. While this seems relatively harmless,
it can actually cause a lot of damage. Subtle changes are harder to notice. For example,
a hacker might change a few letters or numbers on your contact page. They may also
add vulgar content to some of your webpages.

4. How to prevent security attacks in cryptography? Give example.

To prevent cryptography attacks, it is essential to have a strong cryptographic system in place.

Some of the ways to achieve this are:

• Regularly update the cryptographic algorithms and protocols to ensure they are not
obsolete.
 Department of Computer Engineering Srushti Patyane A678

• Ensure that the data is appropriately encrypted so that even if it falls into the wrong hands,
it will be unreadable.

• Use strong and unique keys for encryption.

• Store the keys in a secure location.

• Ensure that the cryptographic system is implemented correctly.

• Regularly test the system for vulnerabilities.

• Educate employees about cryptography attacks and how to prevent them.

Example to prevent Cryptography security attacks:

1) 3DES

3DES, or Triple Data Encryption Standard, is a block cipher and a modern cryptography
standard. 3DES is similar to the previous encryption method of the same type, namely
Data Encryption Standard, a method that uses 56-bit keys. Triple Data Encryption
Standard is unique in that it uses symmetric-key encryption, three distinct 56-bit keys.
This method encrypts data a full three times, essentially transforming your singular 56-
bit key into a 168-bit key.

While the thrice-encrypted data is more secure while stored or during transition, the
method itself is not as fast as other cryptographic techniques. In addition, since the
method uses block lengths that are shorter in comparison, it is easier for experienced
hackers to decrypt valuable data and exploit it.
 Department of Computer Engineering Srushti Patyane A678

Business institutions and financial firms most commonly use this encryption method,
as they did the previous iterations. The method is also commonly used for electronic
payments.

Conclusion:
Hence, we studied about what security attacks are in term of cryptography. We also did a study
on the recent security attacks and how it was done and caused a huge loss overall. We also
learnt about the prevention techniques required in cryptography and understood a real-world
cryptography technique which companies use.