Cryptographic Attacks Flashcards
Birthday attack
Exploit the mathematics behind the birthday problem in probability theory to cause a collision (hash type attack)
Side channel attack
Is any attack based on information gained from implementation of a computer system, rather than weaknesses in the implemented algorithm itself, monitoring cpu cycles, power consumption, radiation and timing to break the cryptosystem
Broken
Means that algorithm and/or key lenght is exploitable (use of 802.11 or DES encryption)
Depreciated
Means that the use of algorithm and key length is allowed, but the user must accept the risk/weakness
Depreciated
Means that the use of algorithm and key length is allowed, but the user must accept the risk/weakness
Frequency analysis attack
Cryptovariable (key)attack, analyses patterns of frequencies (specific letters) in encrypted messages to deduce information about underlying plaintext or key used to encrypt the message
Rainbow tables
Publicly available tables of precomputed hashes that can be used to quickly attack and crack password hashes
Brute force
Cryptovariable (key) attack, every possible key is tested (online/offline) until a key is discovered and that successfully decrypts the ciphertext . Brute force attacks are limited by Workfactor and discovery
Collision
Hash attack, uses mathematical technique to force two inputs into producing the same hash value. The hash metod used cannot be relied on any more to identify different data
Downgrade attack
Common and strong attack, it forces degradation to lower-quality crypto model. Attacker exploits the lesser security control from TLS to SSL, from HTTPS to http
Dictionary attack
Cryptovariable (key) attack, a list of known keys are tested (common word list)
Pass the hash
Hash attack, attackers can use captured hashed credentials from one machine to successfully gain control of another machine
Timming attack
Exploits the fact that different computations take different time to compute on the processor, it the encryption takes time it indicates that the secret key is long
Ransomware
Is a form of malware designed to encrypt files on a device and rendering them to unusable. Adds an extension to the encrypted files (.aaa,.micro) to show that the files have been encrypted. The extension is unique to ransomware. After finishing encryption ransomware displays the file with instruction how to pay to receive decryption key.