Cryptography - Attacks Flashcards
Two categories of Cryptography Attacks
Passive, Active
Passive attack harder to detect because carried out by eavesdropping or packet sniffing
Active attacks involve attacker performing message alteration or file modification
Ciphertext only attack
Attacker uses several encrypted messages (ciphertext) to figure out key used
Known Plaintext attack
attacker uses plaintext and ciphertext versions of a message to discover key used.
Implements reverse engineering, frequency analysis or brute force to determine the key, so all messages can be deciphered
Chosen Plaintext Attack
Attacker sends message hoping user will forward it as ciphertext to another user. Attacker captures ciphertext version and tries to determine key by comparing plaintext and ciphertext versions
Chosen Ciphertext Attack
Attacker chooses ciphertext to be decrypted to obtain the plaintext. This is more difficult because control of the system that implements the algorithm is needed
Social Engineering Attack
Attackers attempted to trick users into giving attacker the cryptographic key used
Social Engineering Attack
Attackers attempt to trick users into giving attacker the cryptographic key used
Brute Force Attack
Uses all possible keys until key is discovered that successfully decrypts the ciphertext
Differential cryptanalysis (Side Channel Attack)
measures execution times and power required by cryptographic device to help determine key and algorithm used
Linear cryptanalysis
Known plaintext attack that uses linear approximation, which describes behavior of the block cipher.
More successful when more plaintext and matching ciphertext messages are obtained
Algebraic attack
Exploits known vulnerabilities of the algebra used, looking for those vulnerabilities can help attacker to determine key and algorithm used
Frequency Analysis
relies on fact that substitution and transposition ciphers will result in repeated patterns in ciphertext
today’s algorithms considered too complex to be vulnerable to this, because of using IV’s and similar, but could change
Birthday attack
Assumes finding two messages that result in same hash value is easier than than matching a message and its hash value.
Most hash algorithms can resist simple birthday attacks
Dictionary attack
uses all words in a dictionary until a key is discovered that successfully decrypts the ciphertext
Replay attack
attacker sends same data in attempt to trick receiving device, often authentication information
countermeasures are timestamps and sequence numbers