Cryptography - Attacks Flashcards

1
Q

Two categories of Cryptography Attacks

A

Passive, Active

Passive attack harder to detect because carried out by eavesdropping or packet sniffing

Active attacks involve attacker performing message alteration or file modification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Ciphertext only attack

A

Attacker uses several encrypted messages (ciphertext) to figure out key used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Known Plaintext attack

A

attacker uses plaintext and ciphertext versions of a message to discover key used.

Implements reverse engineering, frequency analysis or brute force to determine the key, so all messages can be deciphered

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Chosen Plaintext Attack

A

Attacker sends message hoping user will forward it as ciphertext to another user. Attacker captures ciphertext version and tries to determine key by comparing plaintext and ciphertext versions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Chosen Ciphertext Attack

A

Attacker chooses ciphertext to be decrypted to obtain the plaintext. This is more difficult because control of the system that implements the algorithm is needed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Social Engineering Attack

A

Attackers attempted to trick users into giving attacker the cryptographic key used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Social Engineering Attack

A

Attackers attempt to trick users into giving attacker the cryptographic key used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Brute Force Attack

A

Uses all possible keys until key is discovered that successfully decrypts the ciphertext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Differential cryptanalysis (Side Channel Attack)

A

measures execution times and power required by cryptographic device to help determine key and algorithm used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Linear cryptanalysis

A

Known plaintext attack that uses linear approximation, which describes behavior of the block cipher.

More successful when more plaintext and matching ciphertext messages are obtained

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Algebraic attack

A

Exploits known vulnerabilities of the algebra used, looking for those vulnerabilities can help attacker to determine key and algorithm used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Frequency Analysis

A

relies on fact that substitution and transposition ciphers will result in repeated patterns in ciphertext

today’s algorithms considered too complex to be vulnerable to this, because of using IV’s and similar, but could change

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Birthday attack

A

Assumes finding two messages that result in same hash value is easier than than matching a message and its hash value.

Most hash algorithms can resist simple birthday attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Dictionary attack

A

uses all words in a dictionary until a key is discovered that successfully decrypts the ciphertext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Replay attack

A

attacker sends same data in attempt to trick receiving device, often authentication information

countermeasures are timestamps and sequence numbers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Analytic attack

A

attackers use known structural weaknesses or flaws to determine algorithm used

i.e. RC4 used in WEP, and WEP was cracked because of way RC4 was implemented

17
Q

Statistical attack

A

use known statistical weaknesses of an algorithm to aid in attack

18
Q

Factoring attack

A

carried out against RSA algorithm by using solutions of factoring large numbers

19
Q

Reverse Engineering

A

Attacker obtains cryptographic product and attempts to reverse engineer it to discover confidential information about algorithm

20
Q

Meet in the middle attack

A

Attacker tries to break algorithm by encrypting from one end and decrypting from other end to determine mathematical problem used