Arbis BSIT 3A Subject: IAS 101 – Information Assurance and Security 1
ASSESSMENT:
1.) What is an example of a cryptography system?
Answer: A classic example of a cryptosystem is the Caesar cipher. A more
contemporary example is the RSA cryptosystem. Another example of a cryptosystem is the Advanced Encryption Standard (AES). AES is a widely used symmetric encryption algorithm that has become the standard for securing data in various applications.
2)Give at least seven (7) cryptosystem attacks. Explain each of them.
Answer: Here are seven common cryptosystem attacks, along with brief explanations of each:
1. Brute Force Attack: In a brute force attack, the attacker systematically
tries all possible combinations of keys to decrypt encrypted data. This attack is time-consuming and resource-intensive, but it can be effective against weak encryption algorithms or short keys. 2. Man-in-the-Middle (MitM) Attack: In a MitM attack, the attacker intercepts and alters communication between two parties without their knowledge. The attacker can eavesdrop on the communication, modify messages, or even impersonate one of the parties. This attack can compromise the confidentiality and integrity of the communication. 3. Side-Channel Attack: A side-channel attack exploits information leaked during the implementation of a cryptosystem, such as power consumption, timing, or electromagnetic emissions. By analyzing this side- channel information, an attacker can deduce the secret key used in the encryption process, bypassing the need to directly break the cryptographic algorithm. 4. Known-Plaintext Attack: In a known-plaintext attack, the attacker has access to both the plaintext and its corresponding ciphertext. By analyzing multiple pairs of known plaintexts and ciphertext, the attacker tries to deduce information about the encryption algorithm or the secret key. This attack is effective when the encryption algorithm has weaknesses that can be exploited. 5. Chosen-Plaintext Attack: In a chosen-plaintext attack, the attacker can choose specific plaintexts and observe their corresponding ciphertexts. The goal is to gain information about the encryption algorithm or the secret key by analyzing the relationship between the chosen plaintexts and the resulting ciphertexts. This attack can be more powerful than a known plaintext attack. 6. Birthday Attack: A birthday attack exploits the birthday paradox, which states that in a group of just 23 people, there is a 50% chance that two people share the same birthday. In the context of cryptography, it means that the attacker can find a collision (two different inputs producing the same hash value) more efficiently than through a brute-force search. This attack is commonly applied to hash functions. 7. Differential Cryptanalysis: Differential cryptanalysis is a method to analyze the behavior of a cryptosystem by observing the differences between pairs of plaintexts and their corresponding ciphertexts. By analyzing these differences, the attacker can gain information about the encryption algorithm or the secret key. Differential cryptanalysis is particularly effective against block ciphers.