Cryptanalysis refers in the original sense to the study of methods and techniques to obtain information from encrypted texts. This information can be both the key used and the original text. Nowadays, the term cryptanalysis more generally refers to the analysis of cryptographic methods (not only for encryption) with the aim of either “breaking” them, i.e. removing or circumventing their protective function, or proving and quantifying their security. Cryptanalysis is thus the “counterpart” to cryptography. Both are subfields of cryptology.
Analogous to cryptanalysis, which focuses on cryptography, bridge analysis can be understood as a “counterpart” to steganography. However, in contrast to cryptanalysis, where cryptographic content exists and is to be analyzed or broken, bridge analysis initially only works with the assumption that there is hidden information in a carrier medium. Only when this assumption has been substantiated will an attempt be made to extract the actual information. Methods from cryptanalysis can also be used.
The safety of steganography is based on the fact that third parties do not notice its use. Even if they know about it, third parties should not be able to read the actual content in plain text.
---
Decryption and Decipherment
In cryptology, the terms “decipherment” and “decryption” have different meanings: (authorized) decryption is the process of using the known key to convert the ciphertext back into plaintext and thus be able to read the message. deciphering, on the other hand, is the art of wresting the message from the ciphertext without knowing the key. Instead of the verb to decipher, the term “break” or colloquially “crack” is also used in cryptanalysis.
In archaeology, on the other hand, i.e. when it comes to the analysis of an old, no longer known script, the terms decoding and decipherment are often used synonymously.
Methods of Cryptanalysis
An important approach to cryptanalysis is to include all available information about the investigated method, its parameters and the protected data in the analysis. This information can be public, based on plausible assumptions, or targeted (e.g., through social engineering). The type of information available and its control over it is divided into different attack scenarios (see Models and Statements on Security) and qualifies the relevance of the attack or the statement about security.
Before mechanical devices such as the Enigma or computers made it possible for cryptography to scramble messages into pseudo-random sequences, statistics were the most powerful weapon for deciphering messages. As long as a human encrypts the texts by hand, the algorithm used must remain simple enough to implement the message without errors in a reasonable time. These encryption methods are usually vulnerable to statistics. It is used to determine the frequency of certain characters and strings. With the knowledge of the laws of a language, letters and words can be assigned and the plain text can be reconstructed.
Since computers have reduced the statistical ties in an encrypted text to almost zero through their speed and precision, new analysis techniques have to be used to uncover the encryption algorithm, exploit a vulnerability in the algorithm (just as statistics used vulnerabilities) and reconstruct the key used to encrypt the message. Complicated mathematical theories and procedures are often used for this purpose, e.g. from algebra or stochastics.
Here are some key attack and analysis methods:
Brute Force Method
All possible keys are tried one after the other. The order is selected according to probability, if necessary. This method is also useful for modern encryption methods if it can be assumed that a relatively weak password is used. Even on commercially available computers (as of 2008), several million keys per second can be tried out without further ado.
Dictionary attack
All keys from password collections specially made for this purpose are tried out one after the other. The order is selected according to probability, if necessary. This method is also useful for modern encryption methods, if it can be assumed that a relatively simple password is used.
Trying out all conceivable words is also possible without further ado. With an active vocabulary of 50,000 words per language, dozens of languages can be tried out within a few seconds, even on standard computers. A single word as a key is therefore very insecure.
Side Channel Attack
In addition to the plaintext, the cipher or the key, the attacker first tries to capture other data and gain information about the algorithm and key used. For example, the duration of the encryption (timing attack), the temporal course of the power consumption of a chip (simple/differential power analysis), calculation errors due to extreme environmental conditions (differential error analysis), a branch analysis (Simple Branch Prediction Analysis) or the radiation of electromagnetic waves (TEMPEST attack) can be considered.
Linear cryptanalysis
This method was published in 1993 by Mitsuru Matsui. The method is based on the linear approximation of the most likely key to break block encryption methods.
Differential Cryptanalysis
Differential cryptanalysis was developed in 1991 by Eli Biham and Adi Shamir to attack DES. This attack attempt failed because the NSA’s differential analysis was already known during the development of DES. In differential analysis, plaintext pairs with certain differences (the differences) are encrypted in order to derive the secret key of the symmetric cryptosystem from the differences in the cipher.
Man-in-the-middle attack
The attacker is located between two communication partners and can listen to all messages and even change them or insert new messages.
Algebraic Attack Methods
If the cryptographic algorithm operates on a suitable algebraic structure or can be represented by suitable algebraic operations, special properties of the algebraic structure can be exploited to successfully attack the algorithm. Often, the breaking of the procedure can be traced back to solving a system of equations over the structure or a propositional logic formula. Such attacks are mainly applied to asymmetric methods, which often operate on finite groups. However, stream encryption methods and some block encryption methods, such as AES, can also be algebraically modeled and thus attacked more or less successfully.
Gridbase Reduction Attacks
Many cryptographic methods can be attacked by determining a short vector in a certain lattice. This attack method is used in cryptography methods based on the lattice or backpack problem, such as NTRU or the Merkle-Hellman cryptosystem, but can also be used in combination with algebraic attack methods in other asymmetric cryptography methods, such as RSA.
The Role of Cryptanalysis
Cryptanalysis seeks to exploit weaknesses in cryptographic systems to decipher encrypted messages without proper authorization. It encompasses a wide array of techniques, ranging from mathematical analysis to brute force attacks. The goals of cryptanalysis include:
Breaking Encryption Algorithms
Cryptanalysts analyze encryption algorithms to identify vulnerabilities that could be exploited to decrypt messages. This involves studying the mathematical properties of the algorithms and searching for weaknesses that make them susceptible to attacks.
Key Recovery
In cases where the encryption algorithm is secure, cryptanalysts may attempt to recover the encryption key through various methods. These methods include exploiting implementation flaws, analyzing patterns in encrypted data, or leveraging side-channel attacks that target the physical characteristics of cryptographic devices.
Frequency Analysis
One of the oldest and most fundamental techniques in cryptanalysis is frequency analysis, which exploits the fact that certain letters or combinations of letters appear more frequently in natural language. By analyzing the frequency of symbols in encrypted messages, cryptanalysts can make educated guesses about the underlying plaintext and potentially decipher the message.
Brute Force Attacks
Brute force attacks involve systematically trying every possible key until the correct one is found. While computationally intensive, brute force attacks can be effective against weak encryption schemes or short keys. However, advances in computing power have made brute force attacks less practical against modern encryption algorithms with longer keys.
Tagged With separateagr