What Is Cryptanalysis?

Cryptanalysis is the study and process of analyzing and decrypting ciphers, codes, and encrypted text
without using the real key. Alternately, we can say it’s the technique of accessing a communication’s plain
text content when you don’t have access to the decryption key.Put simply, cryptanalysis is the practice,
science, or art of decrypting encrypted messages.

Cryptanalysis experts study ciphers, cryptosystems, and ciphertext to understand their functions. Then,
they use that knowledge to find or improve techniques to weaken or defeat them. However, as we're
about to see, it can be used for good or nefarious purposes.

So, a cryptographer is someone who writes encryption code used in cybersecurity, while a cryptoanalyst
is someone who tries to crack those encryption codes. Two opposing sides of the cybersecurity coin,
locked in conflict, trying to one-up the other, constantly inventing new measures and countermeasures.
This rivalry drives the innovation found in the cybersecurity field.

Who Uses Cryptanalysis?

Unsurprisingly, hackers use cryptanalysis. Would-be hackers use cryptanalysis to root out cryptosystem
vulnerabilities rather than a brute force attack. Governments use cryptanalysis to decipher the encrypted
messages of other nations. Companies specializing in cybersecurity products and services use
cryptanalysis to test their security features. Even the world of academia gets in on the action, with
researchers and academicians looking for weaknesses in cryptographic algorithms and protocols.

Speaking of hackers, we should point out that both black and white-hat hackers use cryptanalysis. Black-
hat hackers use it to commit cybercrimes, and white-hat hackers use it to conduct penetration testing as
directed by organizations that hire them to test their security.

What is Cryptanalysis: Cryptanalysis Attacks and

Techniques
There are many different forms of cryptanalysis attacks. However, the two most common techniques are:

Ciphertext-Only Attack

The would-be attacker only has access to at least one encrypted message but does not know the
plaintext data, any cryptographic key data used, or the encryption algorithm being employed. Intelligence
agencies often face this challenge when they've intercepted encrypted communications from a target.
However, this is a formidable attack to pull off, thanks to the lack of target data.

Known Plaintext Attack

This attack is easier to implement, compared to the ciphertext-only attack. With a known plaintext attack,
the analyst most likely has access to some or all the ciphertext’s plaintext. The cryptanalyst's goal is to
discover the key the target uses to encrypt the message and use the key to decrypt the message. Once
the key is discovered, the attacker can decrypt every message encrypted with that specific key. Known
plaintext attacks rely on the attacker finding or guessing all or part of an encrypted message, or
alternately, even the original plaintext's format.And here are some other attack types and
techniques cybersecurity experts potentially must guard against:

Differential Cryptanalysis Attack

This plaintext attack variant targets block ciphers that analyze plaintext in pairs rather than individually.
This approach lets the analyst determine how the algorithm in question works when it runs into different
data types.

Man-in-the-Middle Attack

This attack occurs when the intruder finds a way to insert themselves into an otherwise secure channel
between two parties that want to exchange keys. The cryptanalyst conducts the key exchange with each
end-user, with the latter believing that they’re conducting the exchange with each other. Thus, the
involved parties are none the wiser and are now using a key that the attacker knows.

Integral Cryptanalysis Attack

The integral cryptanalysis attack is like the differential cryptanalysis attack, but rather than using pairs of
plaintexts, the attack relies on plaintext sets where part of the plaintext remains constant, and the
remainder is modified.

Chosen Plaintext Attack

Analysts using a chosen plaintext attack either already knows the encryption or can use the device used
for encryption. The cryptanalyst can then encrypt the chosen plaintext using the targeted algorithm to
gather information regarding the key.

Side-Channel Attack

Side-channel attacks rely on information obtained from the physical system employed in the
encryption/decryption process. This attack uses data related to the target system's response time to
queries or power usage rather than the plaintext that's slated to be encrypted or the ciphertext that comes
from the encryption process.

Dictionary Attack

Many people typically use passwords consisting either of easily guessed alphanumeric sequences or
actual words. Analysts exploit this habit by encrypting all the words in a dictionary and checking if a
resulting hash matches the encrypted password residing in a SAM file format or another password file
DIGITAL SIGNATURE
A digital signature is a mathematical technique which validates the authenticity and integrity of a
message, software or digital documents. It allows us to verify the author name, date and time of
signatures, and authenticate the message contents. The digital signature offers far more inherent security
and intended to solve the problem of tampering and impersonation (Intentionally copy another person's
characteristics) in digital communications.

The computer-based business information authentication interrelates both technology and the law. It also
calls for cooperation between the people of different professional backgrounds and areas of expertise.
The digital signatures are different from other electronic signatures not only in terms of process and
result, but also it makes digital signatures more serviceable for legal purposes. Some electronic signatures
that legally recognizable as signatures may not be secure as digital signatures and may lead to
uncertainty and disputes.

Application of Digital Signature

The important reason to implement digital signature to communication is:

o Authentication
o Non-repudiation
o Integrity

Authentication

Authentication is a process which verifies the identity of a user who wants to access the system. In the
digital signature, authentication helps to authenticate the sources of messages.

Non-repudiation

Non-repudiation means assurance of something that cannot be denied. It ensures that someone to a
contract or communication cannot later deny the authenticity of their signature on a document or in a file
or the sending of a message that they originated.

Integrity

Integrity ensures that the message is real, accurate and safeguards from unauthorized user modification
during the transmission.

Algorithms in Digital Signature

A digital signature consists of three algorithms:

1. Key generation algorithm

The key generation algorithm selects private key randomly from a set of possible private keys. This
algorithm provides the private key and its corresponding public key.

2. Signing algorithm

A signing algorithm produces a signature for the document.

3. Signature verifying algorithm

A signature verifying algorithm either accepts or rejects the document's authenticity.

How digital signatures work

Digital signatures are created and verified by using public key cryptography, also known as asymmetric
cryptography. By the use of a public key algorithm, such as RSA, one can generate two keys that are
mathematically linked- one is a private key, and another is a public key.

The user who is creating the digital signature uses their own private key to encrypt the signature-related
document. There is only one way to decrypt that document is with the use of signer's public key.

This technology requires all the parties to trust that the individual who creates the signature has been
able to keep their private key secret. If someone has access the signer's private key, there is a possibility
that they could create fraudulent signatures in the name of the private key holder.

The steps which are followed in creating a digital signature are:

1. Select a file to be digitally signed.

2. The hash value of the message or file content is calculated. This message or file content is
encrypted by using a private key of a sender to form the digital signature.
3. Now, the original message or file content along with the digital signature is transmitted.
4. The receiver decrypts the digital signature by using a public key of a sender.
5. The receiver now has the message or file content and can compute it.
6. Comparing these computed message or file content with the original computed message. The
comparison needs to be the same for ensuring integrity.

Message Digest is used to ensure the integrity of a message transmitted over an insecure
channel (where the content of the message can be changed). The message is passed through
a Cryptographic hash function . This function creates a compressed image of the message
called Digest.
Lets assume, Alice sent a message and digest pair to Bob. To check the integrity of the message
Bob runs the cryptographic hash function on the received message and gets a new digest. Now,
Bob will compare the new digest and the digest sent by Alice. If, both are same then Bob is sure
that the original message is not changed.
 This message and digest pair is equivalent to a physical document and fingerprint of a person on
that document. Unlike the physical document and the fingerprint, the message and the digest can
be sent separately.
 Most importantly, the digest should be unchanged during the transmission.
 The cryptographic hash function is a one way function, that is, a function which is practically
infeasible to invert. This cryptographic hash function takes a message of variable length as
input and creates a digest / hash / fingerprint of fixed length, which is used to verify the
integrity of the message.
 Message digest ensures the integrity of the document. To provide authenticity of the message,
digest is encrypted with sender’s private key. Now this digest is called digital signature, which
can be only decrypted by the receiver who has sender’s public key. Now the receiver can
authenticate the sender and also verify the integrity of the sent message.
Example:
The hash algorithm MD5 is widely used to check the integrity of messages. MD5 divides the
message into blocks of 512 bits and creates a 128 bit digest(typically, 32 Hexadecimal digits). It is
no longer considered reliable for use as researchers have demonstrated techniques capable of
easily generating MD5 collisions on commercial computers.

Message digests are widely used in network security for various purposes, including:

1. Data Integrity Verification: Message digests are used to verify the integrity of data. Before transmitting
or storing data, the sender calculates the message digest of the data and sends both the original data and
the message digest to the recipient. Upon receiving the data, the recipient recalculates the message
digest of the received data and compares it to the provided message digest. If they match, it indicates
that the data has not been tampered with during transmission.
2. Digital Signatures: In digital signatures, a message digest is first generated from the original message.
Then, the digest is encrypted using the sender's private key, forming the digital signature. The recipient
 can decrypt the digital signature using the sender's public key and verify that the generated message
digest matches the one calculated from the received message, ensuring message integrity and
authenticity.
3. Password Storage: Instead of storing user passwords in plain text, systems often store their message
digests. When a user attempts to log in, the system generates a message digest from the entered
password and compares it to the stored message digest. This approach provides a higher level of security
since the original passwords are not stored in the system.
4. Checksums: Message digests are commonly used as checksums in network protocols. In data
transmission, a checksum is calculated from the data to detect errors during transmission. The receiving
end calculates the checksum from the received data and compares it to the transmitted checksum to
check for any errors.
File Verification: Before downloading or executing files from the internet, users can compare the
message digest of the downloaded file with a known, trusted message digest to ensure that the file has
not been altered or corrupted