2020 was more than just a rollercoaster ride for businesses. Enterprises were under tremendous pressure to keep their businesses up and running. Entering 2021, CISOs and enterprises’ security teams are under pressure to safeguard their businesses from all kinds of threats to ensure the established business continuity. 2021 will be marked by the next wave of disruption in cryptography. What is secure today might come under the insecurity umbrella tomorrow. The reason? As algorithms evolve, new vulnerabilities will appear, and cyber attackers will find more unique ways of breaking the cryptography on which most businesses rely.
By the end of 2021, organizations with highly agile cryptography plans will likely suffer 60% fewer security breaches and application failures than organizations without a plan.
In this article, we’ll explore:
- What is Cryptanalysis?
- Cryptanalysis Techniques and Cryptanalytic Attacks
- Difference between Cryptography and Cryptanalysis
- Requirements and Responsibilities for Cryptanalysts
Let us look at cryptanalysis in detail.
1) What is Cryptanalysis?
Cryptanalysis definition states that it is the detailed study of various methods used to understand or decode encrypted information with no access to the confidential information usually required to do so. It is also referred to as code-breaking or code-cracking.
2) Cryptanalysis Techniques and Cryptanalytic Attacks
Types of Cryptanalysis Attacks
Cryptology is divided into two parts. The first part, cryptography, emphasizes on creation of secret codes, and cryptanalysis involves the deep study of the cryptographic algorithm and the cracking of the secret codes. A cryptanalyst is a person who practices cryptanalysis. A cryptanalyst can help us understand cryptosystems and improve them by identifying any weak points. Cryptanalysis meaning directly deals with working on the algorithm to create a more safe and secure secret code. For example, to derive the plaintext, a cryptanalyst might have to decipher a ciphertext. It helps deduce the encryption key or plaintext.
Cryptanalytic attacks are conducted to identify the weak areas of a cryptographic system. Through these weak points, cryptography can be decrypted. These cryptanalysis attacks primarily depend on the algorithm’s nature and knowledge of the plaintext’s general characteristics. A plaintext could either be written in the English language or a code written in Java. It is essential to know the nature of the plaintext before planning an attack.
Cryptanalytic attacks can be broadly categorized into five types:
- Known-Plaintext Analysis or KPA – In this, the attacker is aware of plaintext-ciphertext pairs. For finding the encryption key, all an attacker has to do is map those pairs. This attack is relatively easy as there is already plenty of information readily available with the attacker.
- Chosen-Plaintext Analysis or CPA – This attack is conducted by choosing random plaintexts and then obtaining the corresponding ciphertexts. The attacker must find the encryption key. Though it is pretty similar to KPA and relatively simple to implement, the success rate is not high.
- Ciphertext-Only Analysis or COA – An attack of this kind is possible when the attacker knows only some ciphertext and is trying to find the corresponding encryption key and plaintext. Though this kind of attack is the hardest of all, the success rate is relatively high as only the ciphertext is needed.
- Man-In-The-Middle or MITM attack – This attack successfully intercepts the message between two communicators sent through a secured channel.
- Adaptive Chosen-Plaintext Analysis or ACPA – Though it is similar to CPA, it involves attackers requesting ciphertexts of additional plaintexts.
Uses of Cryptography
Cryptanalysis is used in various industries. Cryptography has been widely adopted in today’s modern world, and the whole system will fail in its absence.
Let us see the fields in which cryptography finds an application:
- Maintaining secrecy while transmitting sensitive information – Senders transmitting several sensitive pieces of information cannot afford messages being intercepted and read by a third party. E.g., in the defense sector, a senior officer passing information about a secret mission to another senior officer. In this case, cryptography is used to prevent data from being read by a third party. The most common type is the secret key. It is used to encrypt and decrypt data shared between the sender and receiver. It is crucial to keep the key secure to prevent unauthorized access. Anyone with the key can easily decrypt the message. There is a master key used to generate a one-time session key for every transaction. The only drawback is that if an attacker cracks the master key, the whole system will collapse. A better alternative is using a public-key cryptosystem. In this system, though anyone with the public key can encrypt data, only a private key can decrypt it. Also, the data signed with a private key can be verified only using a public key. This way, the owner can maintain secrecy without keeping track of many keys or master keys.
- Maintaining secrecy in storage – In data storage encryption, the cryptography technique is used during transit and while storing on media. Enterprises widely use storage encryption as they use storage area networks (SANs). Data is secretly stored in an encrypted form. To decrypt and access this data, the user must provide the key to the computer at the session’s start. Then encryption and decryption follow automatically throughout the course. The information stored on a disk can also be encrypted using hardware devices. After turning the computer on, the user must supply a key to the hardware. Without the key, the information is of no use. It prevents any misuse of the information in case the disk is lost or stolen. More than one cipher can be used for individual files or folders. To ensure data security, one must change the ciphers and keys frequently. The user must remember the key because, without the key, the encrypted information will be rendered useless. It is recommended that users take a backup of the encrypted data and store it in plaintext. That way, the data will only be encrypted when in storage and not during actual use. A computer system can be exposed to a data security breach only when encryption and decryption are done using the software. Also, if a user stores the key somewhere in the system, a security breach can occur.
- Maintaining integrity in transmission – Cryptography can also be used to ensure changes cannot be made to the data during transmission and to make sure its integrity is maintained. It is essential to maintain integrity during electronic fund transfers as an unauthorized interception can cost banks millions in losses. Using cryptographic techniques, users can prevent accidental or intentional data alteration during data transmission. An excellent way to ensure integrity is by performing a checksum on the information being transmitted and then transmitting the checksum in an encrypted form. The information is again checksummed after it is received at the other end. The next step is decrypting the transmitted checksum and comparing it with the previous one. If the checksums match, you can rest assured that the information is unaltered.
The only issue with this method is that if the original message’s checksum is stolen, then another message can be generated using the same checksum and sent instead of the original one. A public-key cryptosystem can solve this problem. After generating the public-key/private-key pair, if the user discards the private-key and uses only the public-key to encrypt the checksum, the possibility of decrypting the checksum is zero.
- Maintaining integrity in storage – This can be ensured using access control systems with locks and keys. These are used to prevent unauthorized access to the stored data. In a volatile environment, where viruses have changed data security methods, cryptographic checksums help ascertain stored data’s validity. During any such data transmission, a cryptographic checksum is generated and compared to the expected value. As storage media has larger volumes of information or data with longer exposure, it is more prone to attack.
- Identity authentication – The process of verifying a user’s authority to access data is called identity authentication. Passwords are exchanged to enable identity authentication. Modern-age systems use cryptographic transforms along with other characteristics of individuals for more reliable and efficient identity authentication. The passwords are stored in an encrypted form, and read access is available to programs that may use them. Since the passwords are not stored as plaintext, the system’s security is uncompromised. These passwords are analogous to the key in a cryptosystem. This cryptosystem allows encryption and decryption of anything to which the password has access. It is best to have a longer password as the longer a password is, the harder it is to guess.
- Creating system credentials – By creating a credential, users generate proof of qualification of a person. Now, electronic credentials can also be made to allow electronic verification of something. It is mainly used with smart cards used for performing cryptographic functions and storing secret information.
- Digital signatures – They are widely used for authenticating a message and proving that it is coming from a particular trusted sender. It is similar to a signature on a paper document. If users want digital signatures to be as effective as paper signatures, the signs must be difficult to forge. Digital signatures are pretty helpful when entities are located in distant places and cannot quickly meet but deal with high volumes of paperwork. It is rather beneficial for high-value business dealings. Digital signatures can easily be created using a public key cryptosystem and hashing process. Another advantage of a digital signature is that a receiver cannot restrict any person using the sender’s public key from verifying and signing the document. It is usually included in the digital signature format.
- Electronic money – Everybody is aware that electronic money has replaced cash transactions for quite some time now. Cryptography maintains such assets in electronic forms, such as electronic funds transfer (ETF), digital gold currency, virtual currency, and direct deposits. Electronic money transactions could be ATM withdrawals, debit card payments, direct deposits, wire transfers, etc.
- Secure multi-party computation – It involves a set of parties with private inputs intending to jointly compute a function of their inputs to preserve specific security properties, such as privacy and correctness. It is used to solve various real-life problems, such as private auctions, distributed voting, sharing of signature or decryption functions, etc.
Tools Used in Cryptanalysis
- CrypTool – Launched in 1998, it is an online learning tool that explains cryptanalysis and cryptography. It aims to explain the concept of network security threats and cryptology. It contains asymmetric ciphers like RSA and elliptic curve cryptography.
- EverCrack – It is a GPL open-source software that mainly deals with monoalphabetic substitution and transposition ciphers. It is a cryptanalysis engine that supports multiple languages, including English, French, German, Italian, Spanish, Swedish, etc. It was initially developed in the C language and currently focuses on online web-based applications. Its programming is kernel-based, which means that it deciphers complex ciphers for the kernel.
- Cryptol – Developed by software development firm Galois Inc., this learning tool analyzes algorithms and implementations. It was initially designed for NSA; this tool is also widely used by private firms. The programming language is used for developing and using cryptography, such as the implementation and design of new ciphers and verifying cryptographic algorithms.
3) Difference between Cryptography and Cryptanalysis
We have learned the cryptography definition already, and it is clear that it is used to hide information, especially over an unsecured channel or transmission mode. Today, most of the messages are communicated over the internet, including bank interactions and email communication. Therefore, it becomes imperative to secure messages. This technique converts a plaintext (message to be communicated) to a ciphertext message by employing encryption techniques. The process of obtaining a ciphertext from a plaintext is called decryption.
Cryptanalysis is used as a method of decrypting a ciphertext into plaintext. An unauthorized person tries to decrypt the message by eavesdropping on the unsecured channel. It is also known as code-breaking. This person is not bound by any rules. He may use any method to acquire the plaintext.
4) Requirements and Responsibilities for Cryptanalysts
A cryptanalyst can secure the data and network by leveraging these cryptanalysis techniques:
- Prime job is to investigate, research, and test new cryptology theories and applications
- Able to tests computational models to achieve reliability and accuracy
- Ensures message transmission data (wireless network, secure telephone, cellphones, email, etc.) is not accessed illegally or is altered during data transit
- Protect vital information from being intercepted, copied, modified, or deleted
- Capable of decoding cryptic messages and coding systems for agencies such as military, political, and law enforcement
- Develop statistical and mathematical models for analyzing data and solving security-related issues
- Evaluate, analyze and target loopholes in cryptographic security systems and algorithms
- Design robust security systems to prevent vulnerabilities
- Capable of looking for loopholes in communication lines
This article explains the overall science behind cryptanalysis. While most modern encryptions are secured against cryptanalysis attacks, those still vulnerable require advanced mathematics skills to understand them.
To become a cryptanalyst, learn cryptanalysis from Jigsaw Academy.