Professional Documents
Culture Documents
Cryptanalysis notes
Cryptanalysis notes
Cryptanalysis notes
Cryptanalysis is the study and process of analyzing and decrypting ciphers, codes, and encrypted text
without using the real key. Alternately, we can say it’s the technique of accessing a communication’s plain
text content when you don’t have access to the decryption key.Put simply, cryptanalysis is the practice,
science, or art of decrypting encrypted messages.
Cryptanalysis experts study ciphers, cryptosystems, and ciphertext to understand their functions. Then,
they use that knowledge to find or improve techniques to weaken or defeat them. However, as we're
about to see, it can be used for good or nefarious purposes.
So, a cryptographer is someone who writes encryption code used in cybersecurity, while a cryptoanalyst
is someone who tries to crack those encryption codes. Two opposing sides of the cybersecurity coin,
locked in conflict, trying to one-up the other, constantly inventing new measures and countermeasures.
This rivalry drives the innovation found in the cybersecurity field.
Speaking of hackers, we should point out that both black and white-hat hackers use cryptanalysis. Black-
hat hackers use it to commit cybercrimes, and white-hat hackers use it to conduct penetration testing as
directed by organizations that hire them to test their security.
Ciphertext-Only Attack
The would-be attacker only has access to at least one encrypted message but does not know the
plaintext data, any cryptographic key data used, or the encryption algorithm being employed. Intelligence
agencies often face this challenge when they've intercepted encrypted communications from a target.
However, this is a formidable attack to pull off, thanks to the lack of target data.
This plaintext attack variant targets block ciphers that analyze plaintext in pairs rather than individually.
This approach lets the analyst determine how the algorithm in question works when it runs into different
data types.
Man-in-the-Middle Attack
This attack occurs when the intruder finds a way to insert themselves into an otherwise secure channel
between two parties that want to exchange keys. The cryptanalyst conducts the key exchange with each
end-user, with the latter believing that they’re conducting the exchange with each other. Thus, the
involved parties are none the wiser and are now using a key that the attacker knows.
The integral cryptanalysis attack is like the differential cryptanalysis attack, but rather than using pairs of
plaintexts, the attack relies on plaintext sets where part of the plaintext remains constant, and the
remainder is modified.
Analysts using a chosen plaintext attack either already knows the encryption or can use the device used
for encryption. The cryptanalyst can then encrypt the chosen plaintext using the targeted algorithm to
gather information regarding the key.
Side-Channel Attack
Side-channel attacks rely on information obtained from the physical system employed in the
encryption/decryption process. This attack uses data related to the target system's response time to
queries or power usage rather than the plaintext that's slated to be encrypted or the ciphertext that comes
from the encryption process.
Dictionary Attack
Many people typically use passwords consisting either of easily guessed alphanumeric sequences or
actual words. Analysts exploit this habit by encrypting all the words in a dictionary and checking if a
resulting hash matches the encrypted password residing in a SAM file format or another password file
DIGITAL SIGNATURE
A digital signature is a mathematical technique which validates the authenticity and integrity of a
message, software or digital documents. It allows us to verify the author name, date and time of
signatures, and authenticate the message contents. The digital signature offers far more inherent security
and intended to solve the problem of tampering and impersonation (Intentionally copy another person's
characteristics) in digital communications.
The computer-based business information authentication interrelates both technology and the law. It also
calls for cooperation between the people of different professional backgrounds and areas of expertise.
The digital signatures are different from other electronic signatures not only in terms of process and
result, but also it makes digital signatures more serviceable for legal purposes. Some electronic signatures
that legally recognizable as signatures may not be secure as digital signatures and may lead to
uncertainty and disputes.
o Authentication
o Non-repudiation
o Integrity
Authentication
Authentication is a process which verifies the identity of a user who wants to access the system. In the
digital signature, authentication helps to authenticate the sources of messages.
Non-repudiation
Non-repudiation means assurance of something that cannot be denied. It ensures that someone to a
contract or communication cannot later deny the authenticity of their signature on a document or in a file
or the sending of a message that they originated.
Integrity
Integrity ensures that the message is real, accurate and safeguards from unauthorized user modification
during the transmission.
2. Signing algorithm
The user who is creating the digital signature uses their own private key to encrypt the signature-related
document. There is only one way to decrypt that document is with the use of signer's public key.
This technology requires all the parties to trust that the individual who creates the signature has been
able to keep their private key secret. If someone has access the signer's private key, there is a possibility
that they could create fraudulent signatures in the name of the private key holder.
Message Digest is used to ensure the integrity of a message transmitted over an insecure
channel (where the content of the message can be changed). The message is passed through
a Cryptographic hash function . This function creates a compressed image of the message
called Digest.
Lets assume, Alice sent a message and digest pair to Bob. To check the integrity of the message
Bob runs the cryptographic hash function on the received message and gets a new digest. Now,
Bob will compare the new digest and the digest sent by Alice. If, both are same then Bob is sure
that the original message is not changed.
This message and digest pair is equivalent to a physical document and fingerprint of a person on
that document. Unlike the physical document and the fingerprint, the message and the digest can
be sent separately.
Most importantly, the digest should be unchanged during the transmission.
The cryptographic hash function is a one way function, that is, a function which is practically
infeasible to invert. This cryptographic hash function takes a message of variable length as
input and creates a digest / hash / fingerprint of fixed length, which is used to verify the
integrity of the message.
Message digest ensures the integrity of the document. To provide authenticity of the message,
digest is encrypted with sender’s private key. Now this digest is called digital signature, which
can be only decrypted by the receiver who has sender’s public key. Now the receiver can
authenticate the sender and also verify the integrity of the sent message.
Example:
The hash algorithm MD5 is widely used to check the integrity of messages. MD5 divides the
message into blocks of 512 bits and creates a 128 bit digest(typically, 32 Hexadecimal digits). It is
no longer considered reliable for use as researchers have demonstrated techniques capable of
easily generating MD5 collisions on commercial computers.
Message digests are widely used in network security for various purposes, including:
1. Data Integrity Verification: Message digests are used to verify the integrity of data. Before transmitting
or storing data, the sender calculates the message digest of the data and sends both the original data and
the message digest to the recipient. Upon receiving the data, the recipient recalculates the message
digest of the received data and compares it to the provided message digest. If they match, it indicates
that the data has not been tampered with during transmission.
2. Digital Signatures: In digital signatures, a message digest is first generated from the original message.
Then, the digest is encrypted using the sender's private key, forming the digital signature. The recipient
can decrypt the digital signature using the sender's public key and verify that the generated message
digest matches the one calculated from the received message, ensuring message integrity and
authenticity.
3. Password Storage: Instead of storing user passwords in plain text, systems often store their message
digests. When a user attempts to log in, the system generates a message digest from the entered
password and compares it to the stored message digest. This approach provides a higher level of security
since the original passwords are not stored in the system.
4. Checksums: Message digests are commonly used as checksums in network protocols. In data
transmission, a checksum is calculated from the data to detect errors during transmission. The receiving
end calculates the checksum from the received data and compares it to the transmitted checksum to
check for any errors.
File Verification: Before downloading or executing files from the internet, users can compare the
message digest of the downloaded file with a known, trusted message digest to ensure that the file has
not been altered or corrupted