Cryptanalytic Attacks and Cryptography Lifecycle

Cryptography attacks are categorized as either passive or active attacks. A passive attack is usually implemented just to discover information and is much harder to detect because it is usually carried out by eavesdropping or packet sniffing. Active attacks involve an attacker actually carrying out steps, like message alteration or file modification. Cryptography is usually attacked via the key, algorithm, execution, data, or people. But most of these attacks are attempting to discover the key used.

Cryptography attacks that are discussed include the following:

Cryptanalytic Attack
Cryptanalytic Attack
Cryptanalytic Attack
Cryptanalytic Attack

QUIZ TIME * – Practicing questions along with Concepts is Best way to Maintain Interest in Study. Hence, Please take some time for a small Quiz on Cryptanalytic Attacks? – Please click on below image for quiz to start.

Cryptography Lifecycle

* The questions in these practice tests are listed to help you study information and concepts that are likely to be tested on CISSP certification and do not represent questions from any actual test. Your score on these practice tests is not meant to and will not correlate to any particular score on any test.

Transcript

  • Cipher-text only attack
    • An attacker uses several “encrypted message” to figure out the key
    • Not much successful
  • Known plaintext attack
    • An attacker uses “Plaintext and Ciphertext” versions of a message to discover the key used
    • Attacker implements
      • Reverse engineering
      • Frequency analysis
      • Brute force
  • Chosen plaintext attack
    • Attacker select a Plaintext with a hope of getting Ciphertext; Then compare Plaintext and Ciphertext to get Key
  • Social Engineering
    • Intimidation
    • Enticement
    • Inducement
  • Brute Force
    • Requires considerable time and processing power
    • Rainbow Tables
    • Salting
  • Differential Cryptanalysis
    • Measures the execution times and power required by the cryptographic device
    • The measurements help to detect the key and algorithm used
  • Birthday Attack
    • Collision
  • Dictionary Attack
    • Requires considerable time and processing power
  • Replay attack
    • Intercept encrypted message
    • Most commonly for Authentication message
    • The Best countermeasure: Timestamp, Timeouts, Sequence Numbers
  • Analytic Attack
    • Attackers use known “structural weaknesses or flaws” to determine the algorithm used
  • Statistical Attack
    • Use known statistical weaknesses of an algorithm
  • Factoring Attack
    • Attack is carried out against the RSA algorithm by using the solutions of factoring large numbers
  • Meet-in-middle attack
    • An attacker tries to break the algorithm by encrypting from one end and decrypting from the other to determine the mathematical problem used
    • 2DES
Advertisements

5 thoughts

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.