Cryptanalysis

All about common security weaknesses and attacks.

What?

Cryptography refers to the design of mechanisms based on mathematical algorithms that provide fundamental information security services. It is required in order to protect the confidentiality and integrity of sensitive user data. Cryptographic systems aim to provide one or more of the following services:

1. Authentication

   Using cryptography, it is possible to identify a remote user (or system), e.g., via SSL certificates.

2. Non-Repudiation

   By digitally signing a transaction request, it is possible to ensure non-repudiation (i.e., guarantee that a specific user authorized the transaction) on a financial or e-commerce application.

3. Confidentiality

   Sensitive data could be stored and transferred securely through data encryption.

4. Integrity

Cryptographic hashes could provide a secure checksum to ensure that data is not viewed or altered during storage or transmission.

The goal of cryptanalysis is to find some weakness or insecurity in a cryptographic scheme, thus permitting its subversion or evasion.

Why?

Often cryptographic algorithms and protocols are necessary to keep a system secure, particularly when communicating through an untrusted network such as the Internet. Where possible, use cryptographic techniques to authenticate information and keep the information private (but don’t assume that simple encryption automatically authenticates as well). Generally you’ll need to use a suite of available tools to secure your application.

Cryptographic protocols and algorithms are difficult to get right, so do not create your own. Instead, where you can, use protocols and algorithms that are widely-used, heavily analyzed, and accepted as secure.

In modern cryptography, the security of a system purely relies upon keeping the encryption and decryption keys as a secret.

How?

Cryptographic Algorithms

1. Symmetric Cryptography

   Symmetric cryptography is a two-step process:

   • The involved parties share a common secret, which could be a password, a pass phrase, or a key.

   • Data is encrypted and decrypted using the same key.

   e.g., DES, 3DES and AES

   Note: It is advisable to use AES, as DES is deprecated.

2. Asymmetric Cryptography (also called Public/Private Key Cryptography)

   Asymmetric algorithms use two keys, one to encrypt the data, and other key to decrypt.

   e.g., PGP and SSL are systems that implement asymmetric cryptography, using RSA or other algorithms.

3. Hashes

   Hash functions take some data of an arbitrary length (and possibly a key or a password) and generate a fixed-length hash based on this input.

   e.g., MD5, SHA-1, SHA-2

   Note: Refer this article to understand the difference between SHA-1, SHA-2 and SHA-256 Hash Algorithms.

4. Key Exchange Algorithms

   Key exchange algorithms allow us to safely exchange encryption keys with an unknown party.

   e.g., Diffie-Hellman for SSL

Cryptographic Protocols

Cryptographic algorithms, when used in networks, are used within a cryptographic protocol. Cryptographic protocols cover a range of different applications:

1. Communicating securely
2. Signing documents
3. Authenticating users
4. Exchanging keys

The key problem with protocols today is that many result from cryptographic design many years (even decades) ago. Thus cryptographic protocols suffer more from legacy issues than the underlying cryptographic components.

When in need of a security protocol, it is recommended to use standard-conforming protocols such as IPSec, SSL (soon to be TLS), SSH, S/MIME, OpenPGP/GnuPG/PGP, and Kerberos. Each has advantages and disadvantages; many of them overlap somewhat in functionality, but each tends to be used in different areas.

Cryptanalytic Attacks

1. Ciphertext-only attack

   In ciphertext-only attack, the attacker is assumed to have access only to a set of ciphertexts.

   The ciphertext is said to be successful only when the corresponding plaintext could be determined from a given set of ciphertext. Occasionally, the encryption key could be determined from this attack.

   Modern cryptosystems are guarded against ciphertext-only attacks.

2. Known-plaintext attack

   In known-plaintext attack, the attacker knows the plaintext for some parts of the ciphertext. The task is to decrypt the rest of the ciphertext using this information. This may be done by determining the key or via some other method.

   The best example of this attack is linear cryptanalysis against block ciphers.

3. Chosen-plaintext attack

   During the chosen-plaintext attack, a cryptanalyst can choose arbitrary plaintext data to be encrypted and then he receives the corresponding ciphertext. He tries to acquire the secret encryption key or alternatively to create an algorithm which would allow him to decrypt any ciphertext messages encrypted using this key (but without actually knowing the secret key).

4. Chosen-ciphertext attack

   During the chosen-ciphertext attack, a cryptanalyst can analyse any chosen ciphertexts together with their corresponding plaintexts. His goal is to acquire a secret key or to get as many information about the attacked system as possible.

5. Adaptive-chosen-plaintext attack

   In adaptive-chosen-plaintext attack, the intruder has the capability to choose plaintext for encryption many times. Instead of using one big block of text, it can choose the smaller one, receive its encrypted ciphertext and then based on the answer, choose another one, and so on. This allows him to investigate the attacked system in much more details.

6. Adaptive-chosen-ciphertext attack

   The adaptive-chosen-ciphertext attack is a kind of chosen-ciphertext attacks, during which an attacker can make the attacked system decrypt many different ciphertexts. This means that the new ciphertexts are created based on responses (plaintexts) received previously. The attacker can request decrypting of many ciphertexts.

7. Related-key attack

   In related-key attack, the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the keys is known to the attacker. For example, the attacker might know that the last 80 bits of the keys are always the same, even though they don’t know, at first, what the bits are.

8. Man-in-the-middle attack

   In MITM attack, a malicious actor inserts him/herself into a conversation between two parties, impersonates both parties and gains access to information that the two parties were trying to send to each other. A man-in-the-middle attack allows a malicious actor to intercept, send and receive data meant for someone else, or not meant to be sent at all, without either outside party knowing until it is too late.

Points to Remember

1. The SSL industry has picked SHA as their hashing algorithm for digital signatures. And, digital signatures are incredibly important for ensuring the security of SSL/TLS.

2. A cryptographic hashing algorithm must produce unique hashes. If two different values or files could produce the same hash, a collision could occur.

3. Collisions are extremely dangerous because they allow two files to produce the same signature, thus, when a computer checks the signature, it may appear to be valid even though that file was never actually signed.

4. A large bit-length does not automatically mean that a hashing algorithm would produce secure hashes. The construction of the algorithm is also incredibly important.

References

• https://youtu.be/68Pqir_moqA
• https://www.owasp.org/index.php/Guide_to_Cryptography
• https://en.wikipedia.org/wiki/Cryptography
• https://www.thesslstore.com/blog/difference-sha-1-sha-2-sha-256-hash-algorithms/
• https://en.wikipedia.org/wiki/Ciphertext-only_attack
• https://en.wikipedia.org/wiki/Known-plaintext_attack
• https://en.wikipedia.org/wiki/Chosen-plaintext_attack
• https://en.wikipedia.org/wiki/Related-key_attack
• https://en.wikipedia.org/wiki/Man-in-the-middle_attack
• https://www.veracode.com/security/man-middle-attack
• https://www.tutorialspoint.com/cryptography/attacks_on_cryptosystems.htm
• https://www.youtube.com/watch?v=60RnrDA4SvE&feature=youtu.be
• https://www.youtube.com/watch?v=gtyh8V5ootA&feature=youtu.be
• https://ipfs.io/ipfs/QmXoypizjW3WknFiJnKLwHCnL72vedxjQkDDP1mXWo6uco/wiki/Chosen_plaintext_attack.html *https://ipfs.io/ipfs/QmXoypizjW3WknFiJnKLwHCnL72vedxjQkDDP1mXWo6uco/wiki/Chosen-ciphertext_attack.html
• https://www.coursera.org/learn/crypto
• https://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/crypto.html
• http://www.inf.unibz.it/dis/teaching/INFSEC/slides/chapter4.pdf
• https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=18&ved=2ahUKEwi3qYnBoZLdAhUGeisKHbhkBrMQFjARegQIBRAC&url=https%3A%2F%2Fwww.enisa.europa.eu%2Fpublications%2Fstudy-on-cryptographic-protocols%2Fat_download%2FfullReport&usg=AOvVaw0YZXRFN180Q24PrrgHwn7n