Cryptography Basics, Part 3: Attack Models for Cryptanalysis

Uncategorized

Welcome back, my aspiring cyber warriors!

In an earlier tutorial, I tried to explain some of the basic concepts and terms of cryptography. Not only are those terms and concepts key to becoming effective in the world of cyber security, but they are required to pass such certification exams such as the CISSP, CCSP, CWA, Security+ and many others.

In this tutorial we will address the various attack models for cryptanalysis. In other words, what methods can a cryptanalyst (someone who breaks cryptography like Alan Turing with the Enigma machine during World War II) use to break the encryption without knowing the key. So, instead of trying to crack the password or other confidential information, how might someone break the cryptography.

Besides being fascinating, you are likely to find these methods, concepts and analysis on the CISSP and CASP exams.

Terminology

Let’s begin with a little bit of new terminology.

plaintext – text that has not been encrypted

ciphertext – text that has been encrypted

cryptanalyst – person knowledgeable in breaking encryption without the key

cipher – a way of hiding the content and message of plaintext

Next, we can divide these methods into four types and further classify them as passive and active.

Let’s look at the passive methods first.

Passive

Ciphertext-Only Attackers (COA)

In this attack on the encryption, attacker/cryptanalyst can only observe the ciphertext. In order words, they can only see what all of us see, what appears to be indecipherable nonsense that comes out after the encryption such as that below.

The cryptananlyst doesn’t have any of the plaintexts that went into the encryption algorithm, they have no idea what plaintexts created the ciphertexts, and they are totally passive (they can’t send known–their own– plaintext through the algorithm and observe the ciphertext).

Most encryption algorithms are NOT vulnerable to this type of attack and the attackers/cryptanalyst’s probability of success is VERY low.

Known-Plaintext Attack (KPA)

In this attack, the attacker/cryptanalysts know the plaintext that generates the ciphertext. They can’t select the plaintext, but they can observe plaintext-ciphertext pairs. This attack has a significantly better chance of success than COA. Simple XOR ciphers and the old PKZIP were vulnerable to this attack.

From a historical context, this is one of the approaches taken at Bletchley Park by Allen Turing and his team that deciphered the Nazi messages generated by the German Enigma machine (they knew that the German messages had some common plaintext in their messages such as headers and weather forecasts). From a perspective of math, computer science, and logic, Alan Turing was one of the great minds of the 20th century (for more on Turing, see “The Imitation Game”).

Now, Let’s look at two active attacks.

Active Attacks

Chosen-Plaintext Attack (CPA)

In this attack, the attacker/cryptanalyst can select or choose the plaintext that is sent through the encryption algorithm and observe the ciphertext that it generates. This is an active model where the attacker actually gets to chose the plaintext and do the encryption.

Being able to chose any plaintext and observing the ciphertext gives the attacker a strong foothold into the inner workings of the algorithm and secret key. One approach here would be to generate a database of popular plaintexts and ciphertexts and then use this database of common plaintext-ciphertext pairs to determine the cipher text input.

As you might imagine, by being able to select the plaintext and observe the ciphertext, the chances of breaking the encryption is significantly improved.

Chosen-Ciphertext Attack

In this attack, the attacker can both encrypt and decrypt. This means that they can select plaintext, encrypt it, observe the ciphertext and then reverse the entire process. Note that the cryptanalyst is not necessarily trying to find the plaintext, but rather they are trying to decipher the algorithm and secret key used to encrypt the plaintext.

This model has a good probability of success.

Summary

Although this information might seem a bit geeky and obscure, the professional-level cyber warrior must be conversant in these techniques and concepts. Although you may never become a cryptanalyst, understanding these methods will enlighten you to the weaknesses of the technologies of one of the foundational technologies of infosec/cybersecurity. In addition, these techniques will prove especially useful in a world being ramsacked by ransomware. In those cases, cryptography is used as malicious weapon and those who can break the encryption will become the heroes.