Attacking Cryptography - Essay Example

? Full Paper Table of Contents Attacking Cryptography …………………………………… Page 3- 6 Conclusion …………………………………… Page 6-7 References …………………………………… Page 7 Glossary of Terms …………………………………… Page 8 Attacking Cryptography The reason for using an open source operating systems is to customize and select appropriate technology that was set to default. In this rapidly changing digital world of advanced hackers, new prevention techniques are invented for maximum prevention along with minimizing risks. One cannot predict that the blowfish encryption algorithm will also be replaced by the new and more secure algorithm known as (Anonymous2007, 500-500) two fish that will also be replaced at some period of this information age. Security requires constant and periodic changes to pace up and counter the threats that are ever increasing. Similarly, cryptography also goes with the same approach of upgrading new state of the art encryption algorithms one after another and from safe to the safest, so that it cannot be cracked. Lastly, the future concerns for blow fish encryption algorithm are associated with minimizing the use of S boxes along with less iterative processes along with sub key calculation on the fly. Two fish that is considered to be the next state of the art encryption algorithm after blow fish will be considered as AES final with 128 bit block size and can handle more operations. Two fish incorporates a 16 round structure with additional options for inputs and outputs, as the plain text is converted in to 32 bit words. The inputs incorporates four key words followed by sixteen rounds and each round, two words on the left are utilized as inputs to the function donated by ‘g’ (Stinson and Tavares ). The tool utilized in this scenario is ‘keepass’ that is an open source tool for storing all the passwords in a database that is encrypted (Popov). The database can also be encrypted by blow fish (Anonymous2007, 71-71), as it incorporates no weak keys and the design is simple and understandable that supports analysis, algorithm integrity and repeatable block ciphers (Anderson. n.d). Likewise, block ciphers are 64 bits in length with variable length keys. S-boxes are dependent on large keys that are more resilient to cryptanalysis (Anderson. n.d). Moreover, permutations are key dependent with a support of diverse operations associated with mathematics that is integrated with XOR and addition (Anderson). For attacking the encrypted files, Charlie can use many attack methods for retrieving the password files stored in the database maintained by ‘keepass’. The plaintext and cipher text methods of attacks incorporates a cryptanalyst that has an access to plaintext and the conforming cipher text and pursues to find association in between the two. Whereas, a cipher text is associated with an attack in which cryptanalyst is accessible to cipher text and do not have access to conforming plaintext. Charlie can use generic ciphers such as Caesar, frequency analysis for cracking the cipher on Alice’s workstation. Moreover, Charlie can also use a plaintext and chosen cipher text attack for retrieving the passwords. This type of attack incorporates a cryptanalyst that is capable of encrypting a plaintext of choice and examines the results of cipher text. This type of attack is most generic for asymmetric cryptography, as Charlie can gain public key via cryptanalyst. Charlie can also choose cipher text attack that incorporates a cryptanalyst selecting a cipher text that seeks for a similar plaintext. Charlie can decrypt oracle that is a machine for decrypting data without exposure of key. Moreover, Charlie can also execute the attack on public key encryption, as it initiate with a cipher text and seeks for similar matched plaintext data available publically. Charlie can also utilize adaptive attacks (Krawczyk), as these attacks incorporate a cryptanalyst that selects plaintext or cipher text on the basis of previous results. Side channel attacks can also be utilized for data available in Alice’s workstation. These types of attacks extracts information associated with the physical deployment of cryptographic algorithm along with the hardware utilized for encrypting or decrypting data. These cryptographic methods mentioned earlier presume that access to plain text and cipher text is available to cryptanalyst and often to both types of data along with a possibility of cryptographic algorithms. Moreover, a side channel attack initiated by Charlie expands its scope such as CPU cycles utilize or time taken for calculation, voltage utilization etc. as Bruce Schneier wrote: “Some researchers have claimed that this is cheating. True, but in real-world systems, attackers cheat. Their job is to recover the key, not to follow some rules of conduct. Prudent engineers of secure systems anticipate this and adapt to it.” (Conrad, Misenar, and Feldman). Apart from this attack, Charlie can also use network based attacks against Open SSL, as it utilizes two types of multiplications.one of them is called as Karatsuba that is used for words having the characteristics of equal size along with multiplication of those words that are not equal in size. (Yazici and Sener) Karatsuba is robust as the variation is speed can be validated by utilizing SSL TCP/IP data connection, however, information can be hacked by an hacker by using this type of multiplication methodology. For instance, a research team located at Stanford initiated a side channel timing attack for recovering the 1Mega Bit RSA key located on OpenSSL server. Likewise, the researchers utilized two hours and one million queries for the attack. Charlie can utilize brute force attack that will try to retrieve every reachable key in a systematic manner. Likewise, this type of attack is associated with plain text or cipher text type of attacks. Charlie can attack Alice’s workstation by a 4 bit key. Charlie will allocate a limited length of key along with adequate time for a successful brute force attack. Likewise, encryption algorithms may become vulnerable to brute force attacks as the time passes by because CPU utilization increases. A single DES encryption incorporates an effective length key comprising of 56 bits, as the key can be cracked within two or three days by utilizing dedicated hardware components such as Electronic Frontier Foundation’s Deep Crack (Schneider). Charlie will not be able to crack a 168 bit key in the similar fashion because it incorporates Advanced Encryption Standards. Charlie must ensure when the success of brute force attack on only cipher text is accomplished. One of the examples of a brute force attack is demonstrated in Fig 1.1. Figure 1.1 Source: (Anonymous) Charlie can use yet another type of attack for retrieving encrypted passwords available on Alice’s workstation. Man in the middle attack can be executed by Charlie for attacking algorithms that are utilized for multiples keys associated with encryption. One of examples incorporates a successful man in the middle attack against double DES. For augmenting the solidity of 56 bit DES, double DES was suggested. As man in the middle attack is associated with plain text attacks, the cryptanalyst has accessibility to plaintext and the output cipher text (Paar, Jan Pelzl, and Preneel). One of the examples incorporates plaintext is ‘passwords’ and the double DES cipher text is named as ‘ABC’. The primary objective of cryptanalyst is to retrieve two keys i.e. Key 1 and Key 2 that were utilized for encryption. Charlie will first initiate a brute force attack on Key 1 by utilizing all 256 single DES keys for encrypting the plaintext of ‘passwords’ and stores all intermediate outputs of cipher texts and every key in a table. Secondly, Charlie will impose Key 2 and decrypts ‘ABC’ for 256 times. During the process of decrypting the intermediate cipher text available in the table for the second brute force attack, objective is accomplished and both keys are now visible to the cryptanalyst. Charlie was able to attack 256 attempts to retrieve the passwords. Conclusion For attacking Alice’s workstation that is maintaining encrypted passwords via an open source tool, Charlie can deploy and execute various attack methods as discussed in the body of the paper. Some of the attack methods discussed incorporates Meet-in-the-Middle Attack, Brute Force Attacks, Side Channel Attacks, Adaptive Chosen Plaintext and Adaptive Chosen Cipher text Attacks, Chosen Plaintext and Chosen Cipher text Attacks and Known Plaintext and Cipher text-Only Attacks. Bibliography Anderson, Ross. Fast Software Encryption: Cambridge Security Workshop, Cambridge, U. K., December 9-11, 1993: Proceedings Berlin ; Springer-Verlag, c1994. "Blowfish." 2007.Network Dictionary: 71-71. Conrad, Eric, Seth Misenar, and Joshua Feldman. CISSP Study Guide Syngress. Krawczyk, Hugo. Advances in Cryptology - CRYPTO '98: 18th Annual International Cryptology Conference, Santa Barbara, California, USA, August 23-27, 1998, Proceedings (Lecture Notes in Computer Science) Springer. Popov, Dmitri. Hands on Open Source Lulu.com. Paar, Christof, Jan Pelzl, and Bart Preneel. Understanding Cryptography: A Textbook for Students and Practitioners Springer. Stinson, Douglas R. and Stafford Tavares. Selected Areas in Cryptograpy: 7th Annual International Workshop, SAC 2000, Waterloo, Ontario, Canada, August 14-15, 2000: Proceedings Berlin ; Springer, 2001. Schneider, Gary P. Electronic Commerce Course Technology. "Twofish." 2007.Network Dictionary: 500-500. Yazici, Adnan and Cevat Sener. Computer and Information Sciences -- ISCIS 2003: 18th International Symposium, Antalya, Turkey, November 3-5, 2003, Proceedings (Lecture Notes in Computer Science) Springer. Images "Complete Hacker's Handbook: Chapter Eight " , accessed 7/20/2012, 2012, http://www.telefonica.net/web2/vailankanni/HHB/HHB_CH08.htm. Glossary DES Digital Encryption Standards AES Advanced Encryption Standards CPU Central Processing Unit RSA Ron Rivest, Adi Shamir, and Leonard Adleman Read More