Cryptographic Attacks

Question 1

What is a monoalphabetic substitution cipher?

Answer 1

A monoalphabetic substitution cipher is a type of encryption where each letter in the plaintext is replaced by a fixed, different letter from the alphabet. The substitution pattern remains consistent throughout the entire message.

For example, if A is replaced by D, then A will always be D in the ciphertext. While simple, it is vulnerable to frequency analysis attacks due to the fixed substitution pattern.

This type of cipher is particularly vulnerable to frequency analysis.

Question 2

What is a poly alphabetical substitution cipher?

Answer 2

A polyalphabetic substitution cipher is an encryption method where each letter in the plaintext is replaced by multiple possible letters, depending on its position in the text. This is achieved using multiple substitution alphabets (often based on a keyword). Unlike monoalphabetic ciphers, this method varies the substitution pattern throughout the message, making it more resistant to frequency analysis attacks.

An example of this type of cipher is the Vigenère cipher.

Question 3

What are the four components of a cryptographic system?

Answer 3

1. the plaintext
2. the algorithm (encryption, decryption, hash generation)
3. a key or salt
4. the ciphertext.

Remember: this is true for both hashing and encryption algorithms as they are both considered cryptographic processes!

Question 4

What is the difference between encryption and hashing?

Answer 4

Encryption is a two-way process and is used for the safe transmission of data (confidentiality).

Hashing is a one-way function that produces a fixed length hash digest and is used for data integrity.

Question 5

What is a salt value and what is it used for?

Answer 5

A salt value is a random piece of text added to the information, typically by prefixing or suffixing it, before creating a hash digest. This is particularly useful in applications that store passwords, as using a salt value effectively prevents dictionary and rainbow table attacks by ensuring that even identical passwords produce different hash values.

Question 6

What is a Hash collision?

Answer 6

A hash collision occurs when two different inputs produce the same hash value or digest when processed by a hash function. This is a significant concern in cryptography because the primary purpose of a hash function is to uniquely represent data. If a collision occurs, it undermines the security and integrity of systems relying on hash functions, such as digital signatures, password storage, and data integrity checks. Cryptographic hash functions are designed to minimize the likelihood of collisions, but they are theoretically possible due to the finite size of the hash output.

Question 7

What is are dictionary and rainbow table attacks?

Answer 7

Dictionary attacks involve attackers using a precompiled list of common passwords or words (a “dictionary”) to guess a user’s password by hashing each word and comparing it to the stored hash.

Rainbow table attacks are more advanced, where attackers use a precomputed table of hash values for many possible passwords. This table allows them to quickly find the password corresponding to a given hash, bypassing the need to hash each guess individually. Salting passwords helps protect against these attacks by ensuring that identical passwords produce different hashes.

Question 8

What are the two primary reasons to attempt to break a hash?

Answer 8

1. To retrieve passwords
2. To forge digital signatures.

Question 9

What is a** ciphertext-only attack (COA)**?

Answer 9

A ciphertext-only attack is a type of cryptographic attack where the attacker has access only to the ciphertext, without any knowledge of the plaintext or the encryption key. The attacker attempts to deduce the plaintext or the encryption key by analyzing patterns, frequencies, or using statistical methods. This type of attack is challenging because the attacker has minimal information to work with, but it can still be effective against weak encryption schemes.

Question 10

What is a known plaintext attack (KPA)?

Answer 10

A known plaintext attack is a type of cryptographic attack where the attacker has access to both the plaintext and its corresponding ciphertext. By analysing the relationship between the plaintext and ciphertext, the attacker attempts to deduce the encryption key or develop a method to decrypt other ciphertexts encrypted with the same key. This type of attack is particularly effective against encryption algorithms that have predictable patterns or weaknesses.

Question 11

What is a chosen plaintext attack (CPA)?

Answer 11

A chosen plaintext attack is a type of cryptographic attack where the attacker can choose arbitrary plaintexts to be encrypted and then gains access to the corresponding ciphertexts. By carefully selecting the plaintexts and analysing the resulting ciphertexts, the attacker attempts to deduce the encryption key or uncover weaknesses in the encryption algorithm. This type of attack is more powerful than a known plaintext attack because the attacker has control over the input data, allowing for a more targeted analysis of the encryption process.

Question 12

What is a chosen ciphertext attack (CCA)?

Answer 12

A chosen ciphertext attack is a type of cryptographic attack where the attacker can select arbitrary ciphertexts to be decrypted and then gains access to the corresponding plaintexts. The attacker uses this capability to analyse how the decryption process works, attempting to deduce the encryption key or uncover vulnerabilities in the encryption algorithm. This attack is particularly powerful because it allows the attacker to manipulate the ciphertext in ways that can expose weaknesses in the cryptosystem, especially if the algorithm does not correctly handle certain types of malformed or specially crafted ciphertexts.

NOTE: for a chosen ciphertext attack to be feasible, the attacker must have some level of access to the decryption process, either through authorised means or by exploiting vulnerabilities in the system.

Question 13

What is a chosen key attack (CKA)?

Answer 13

A chosen key attack is a type of cryptographic attack where the attacker can influence or choose specific keys that are used in the encryption process. The goal is to find weaknesses or patterns in how the encryption algorithm behaves with particular keys, which could allow the attacker to break the encryption or recover the plaintext without knowing the actual key used in the encryption.

In this attack, the attacker doesn’t directly recover the encryption key but instead tries to learn how the encryption system responds to specific keys, potentially revealing vulnerabilities or shortcuts in the encryption process.

Key Parameters for the Attack:

• The attacker must have the ability to select or influence the keys used during the encryption process.
• The attacker can then analyse the resulting ciphertexts or system behavior to uncover weaknesses in the encryption algorithm.

This type of attack is theoretical and often used in cryptanalysis to test the strength and resilience of cryptographic algorithms against unconventional key usage.

Question 14

What is cryptanalysis?

Answer 14

Cryptanalysis is the study and practice of analysing cryptographic systems to find weaknesses or vulnerabilities, with the aim of breaking the encryption and revealing the plaintext or key. It involves various techniques to defeat or weaken cryptographic security, enabling access to protected information without the original key.

Question 15

What are the five categories by which you measure an intruders success in Cryptanalysis?

Answer 15

The five categories by which you measure the success of an intruder conducting cryptanalysis are:

1. Total Break: The intruder discovers the encryption key, allowing them to decrypt all intercepted messages.
2. Global Deduction: The intruder finds an alternative algorithm that is functionally equivalent to the encryption algorithm, enabling decryption without knowing the key.
3. Instance (Local) Deduction: The intruder determines the plaintext for a specific ciphertext without knowing the key.
4. Information Deduction: The intruder gains some information about the plaintext or key that was not intended to be revealed, even if they cannot fully decrypt the message.
5. Distinguishing Algorithm: The intruder can distinguish the output of the encryption algorithm from random data, suggesting they have found a non-random pattern in the ciphertext.

Question 16

What are the two categories of cryptanalysis attacks?

Answer 16

The two categories of a cryptanalysis attack are:

1. Passive Attack: In a passive attack, the intruder monitors and analyzes encrypted data without altering it. The goal is to gather information that might lead to breaking the encryption, such as patterns in the ciphertext or statistical anomalies, without the sender or receiver being aware of the intrusion.
2. Active Attack: In an active attack, the intruder not only monitors but also manipulates the data or the communication process. This could involve injecting new messages, altering existing ones, or causing errors in the system to extract additional information that could help break the encryption.

These two categories define the different approaches an attacker might take when attempting to compromise cryptographic security.

Question 17

What are the two main types of cryptanalysis attacks?

Answer 17

The two main types of cryptanalytic attacks are:

1. Classical Cryptanalysis: This type of attack exploits weaknesses in the cryptographic algorithm itself. The attacker analyses the structure of the algorithm, seeking patterns or flaws that could reveal the key or plaintext without needing to brute force every possible key.

Classical attacks comprise of BFAs, differential and linear cryptanalytic attacks

2. Implementation Attacks: These attacks target the way a cryptographic system is implemented rather than the algorithm itself. Implementation attacks exploit vulnerabilities in the system’s design, coding, or execution, such as flaws in key management, errors in coding, or weaknesses in how cryptographic operations are performed. These weaknesses can be used to bypass the intended security without directly breaking the encryption algorithm.

Question 18

What is a linear cryptanalytic attack?

Answer 18

linear cryptanalytic attack is a type of known plaintext attack. In this attack, the attacker needs access to a number of plaintext-ciphertext pairs, where the plaintext and its corresponding ciphertext are both known. Using these pairs, the attacker applies linear approximations to identify patterns and relationships that can be exploited to deduce information about the encryption key.

The success of a linear cryptanalytic attack relies on having enough known plaintext-ciphertext pairs to make the statistical analysis effective, making it a specific form of known plaintext attack that focuses on exploiting linear relationships in the encryption process.

Question 19

What is a differential cryptanalytic attack?

Answer 19

A differential cryptanalytic attack is a powerful technique that leverages the analysis of input-output differences to uncover weaknesses in the cipher and ultimately recover the encryption key.

Question 20

What are software and hardware implementation attacks?

Answer 20

Implementation Attacks exploit weaknesses in how a cryptographic system is deployed, targeting either hardware or software.

Hardware Implementation Attacks:

• Side-Channel Attacks: Exploit physical properties like timing, power consumption, or electromagnetic emissions to reveal keys.
  
  • Example: Power analysis to deduce encryption keys from power usage.
• Fault Injection Attacks: Induce errors in hardware (e.g., voltage spikes) to produce faulty outputs that reveal sensitive information.
  
  • Example: Glitching to cause errors in encryption processing.

Software Implementation Attacks:

• Timing Attacks: Exploit variations in operation times to infer key details.
  
  • Example: Measuring processing times to deduce password length.
• Cache Attacks: Target cache memory to extract sensitive data by observing cache hits/misses.
  
  • Example: Cache-timing attacks revealing secret keys.
• Software Bugs: Exploit vulnerabilities in the code, like buffer overflows, to gain access or extract keys.
  
  • Example: Using a software bug to bypass encryption.

Summary:

• Hardware Attacks require physical access and exploit device properties.
• Software Attacks exploit code vulnerabilities or execution patterns, often remotely.

Question 21

What are the three categories of hardware implementation attacks?

Answer 21

The three categories of hardware implementation attacks are:

1. Non-Invasive Attacks:
   
   • Description: Do not physically alter the device. Exploit external characteristics like power consumption or timing.
   • Examples: Power analysis, electromagnetic analysis, timing attacks.
2. Semi-Invasive Attacks:
   
   • Description: Require physical access but do not expose internal circuitry. Disrupt or modify device operations without major damage.
   • Examples: Fault injection using lasers, light, or voltage spikes.
3. Invasive Attacks:
   
   • Description: Involve physically accessing and altering internal components, often by opening the device.
   • Examples: Microprobing, reverse engineering, hardware modification.

These categories reflect increasing levels of physical interaction and complexity.

Question 22

What does The Regulation of Investigatory Powers Act 2000 (RIPA) in the UK stipulate about encryption?

Answer 22

Under the Regulation of Investigatory Powers Act 2000 (RIPA) in the UK, specific provisions related to cryptography are outlined in Part III of the Act. These provisions include:

1. Demand for Decryption (Section 49): Authorities, such as law enforcement and intelligence agencies, can issue a notice requiring individuals or organisations to decrypt data or provide access to encrypted information, including decryption keys.
2. Compelled Disclosure (Section 49): If authorities cannot decrypt the data themselves, they can compel the person or entity in possession of the encryption key to disclose it, allowing access to the plaintext data.
3. Penalties for Non-Compliance (Section 53): Failure to comply with a decryption notice can result in criminal charges, including imprisonment of up to two years (or up to five years in cases involving national security or child indecency).

These provisions in RIPA are designed to ensure that law enforcement can access necessary information while balancing the right to privacy.