Attacking Cryptography - Essay Example

ATTACKING CRYPTOGRAPHY Insert name Course/code Instructor’s name TABLE OF CONTENTS Introduction Main body Conclusion Glossary List of references Introduction Over the last couple of years, data theft has been on the increase on a global perspective. Just a few months ago, there was almost an international crisis after secret information from different United States foreign mission information leakage through “Wiki Leaks.” This is an indication that there is need to encrypt information so that in case the hardware containing the data is tampered with or lost it will be very hard or impossible to decrypt the data without the necessary passwords. Cryptography is the conversion of different kinds of data in to secret protected codes . Findings and analyses There are three main ways of encrypting data Asymmetric cryptography, Cryptographic hush functions, and Symmetric cryptography . The need to encrypt data depends on the importance of the data to the owner, the effect, or ramifications of the data if exposed to unintended persons, and the corporate, institutional, or public importance of the data. The three means identified above have different formulas for manipulating the data. This paper will aim at looking at ways through which people attempt to discover the data found in encrypted files. Professionally this is Cryptanalysis. There are many applications available for encrypting data some are free while others are available for sale online. In this case, we shall be more concerned with a particular application “TrueCrypt” and how Charlie can devise different ways of accessing data encrypted using the AES algorithm found in the program from Alice’s laptop in the workspace. Key types of cryptanalysis include combined plaintext and cipher text, Cipher text, and Linear cryptanalysis or differential cryptanalysis . TrueCrypt is a free encryption application that supports Windows, Linux, and Mac operating systems. The program functions under both parallelized and pipelined data encryption . There is no foolproof method of protecting data, thus it is necessary for people using TrueCrypt like Alice or other programs like PGP to find additional ways of protecting their information. There has been improvement Over the years, through research and development of the security provided by TrueCrypt as the vendors moved from CBC mode, to LRW mode and finally to XTS mode of operation . From the case study, it is clear that the information that Charlie is seeking is of critical importance. This is because the information will be useless within nine days. Thus, the information could contain financial results that if stolen, may cause people like Charlie assuming he has accomplices or colleagues will make huge sales in the stock market if they can access this information in advance. Thus, we can also assume that Charlie is willing to spend substantial money or use any necessary gadgets if it allows him to access the information. Since Charlie has access to Alice’s workspace for around 43 minutes, we will assume that he will utilize this time to try to access the information. In cryptography, we use Cryptographic attack, MITM attack (man in the middle attack), Physical attack, or Software attack . The main ways that Charlie can access the information either are by using a malicious code, social engineering, or perform a technical attack on Alice’s computer. Below is a representation of a possible attack tree with four levels of attacks. The above figure represents up to four levels through which Charlie can use to access the data that is stored on Alice’s laptop. The first level consists of three leaf nodes representing the three main ways that Charlie can access the information. This is the first leaf nodes of how Charlie can access the information. Depending on which mode Charlie prefers we shall look at possible ways through which he will accomplish his mission. We will structure each of these options further to see the different ways through which Charlie will succeed in attaining the information. Technical attack The technical attack has three secondary leaf nodes. These include Botnet, hack attack, and Eavesdrop. The Botnet technical attack involves the use of malicious software to gain access to the files. These may include worms and Trojans. The malicious software’s will have hidden programs that will allow Charlie to decipher the codes or passwords stored on Alice’s computer. Once Charlie achieves this, he will use them to access the information directly from Alice’s laptop. If Charlie prefers the Hack attack mode then he will not target the data directly from Alice’s computer but rather he will chose to hack the server. If he has a means of hacking in to the server then he will have direct access to the encrypted files on Alice’s workspace. Eavesdropping is also another way he can access the information. He could use special equipments like telephone hacking devices, listen to Alice’s conversation, and thus overhear the codes. Additionally he may also pretend to be passing by and oversee the password as Alice Keys in her password. This is also available from security cameras if they are zoomed to show the key strokes Alice makes for her passwords. The technical attack mode can be more easily avoidable than the other modes. This is because a technical attack follows a process that the victims are aware. In addition, the technical attack does not necessarily require the perpetrator to know the victim. However, in this scenario Charlie knows Alice. Thus, he may use some of his understanding of Alice to perform the attacks since he is aware of her schedule and probable hardware’s and software tools that he can use to his advantage. Social engineering In cryptographic attacks, social engineering refers to the human approach to conducting attacks. It is very tricky since human beings can be very cunning and in the process access the data without the victims realizing it. The best way to avoid social engineering attacks is by ensuring that the organization has a guiding policy as well as educating the company employee some ways they can employ to mitigate these attacks. Social engineering involves both technical and nontechnical means of accessing the protected data. The technical side involves phishing, vishing, spam mails, interesting software’s, and popup windows. Charlie can do this by sending emails requesting Alice to give out her details for verification so that she can continue some of the organizational resources. In the process, Charlie uses this information to access the files that Alice has encrypted. In addition, he may send her interesting software’s that will cause him to steal the information from Alice’s laptop. The success of these modes will depend on whether Alice falls in to these traps or not. Charlie may also consider blackmailing Alice to give the information. This will also depend on how Alice allows Charlie to blackmail her. If she is smart, enough Alice may detect this and thus refuse to divulge the information. The non-technical means may involve acts of impersonation or pretexting. In this way, Charlie may impersonate to be Alice’s superior and ask her for the files to compare that information to some other information given by another department. If Alice does not realize this or if she is afraid of being penalized by not following company protocol, she will go ahead and give out the information. By the time, she realizes that it was not her seniors requesting the information it will be too late. Is because Charlie will already have accessed the information he wanted and used it accordingly. Since Charlie has access to Alice’s workspace he might also decide to spy on her while she keyset her passwords. If he is successful in obtaining the password then he can later on access the information from Alice’s laptop or access the files over the organizations network. Additionally Charlie may opt to act as a technical staff. In this way he may send Alice a message asking her to give him access to her computer since he is doing some routine network maintenance. In this way, Charlie will be able to access the information he seeks from Alice’s laptop. In another version, he may pretend to be a support staff and ask Alice to leave her workspace for a limited period so that he can perform some services like cleaning. Assuming that Alice had already mounted the drive with the information Charlie will utilize this time to access the information from Alice’s laptop. Malicious code From our attack tree, we also observed that Charlie could use malicious codes to perform the attacks. This may be possible by sending files with malicious codes from the internet to Alice or by sending emails with malicious codes. If Alice goes ahead and opens these files or emails then the codes will capture the passwords and paraphrases that Alice uses and make them available to Alice. The success of this mode will also depend on the security systems that Alice has installed on her computer. The anti-virus, anti-spyware programs installed on Alice’s laptop will also prevent Charlie from using the malicious codes. Analysis of how Alice becomes a victim The diagram below shows the reverse process of how Charlie will succeed in accessing the information. This diagram shows how the process operates. From this diagram, it is clear that depending on the end means Charlie adopts then the process proceeds up to the point where the laptop is compromised and the nature of attack that achieves this. From a social engineering perspective, Alice will be vulnerable if she relays much of her information on social networking sites. This is because Charlie may personally or using a third party get the information by befriending Alice on social networking sites like Facebook, twitter, linked in, MySpace among others. Thus Alice should be very careful on the kind of information she relays on social networking sites since Charlie may use this information to his advantage . There is little Alice can do if Charlie opts for a technical attack. This is because there is no requirement for Alice’s participation either directly or indirectly. This is because Charlie will find technical means of stealing the data without Alice realizing. Even if Alice realizes it will be probably after Charlie has succeeded in his mission. By using malicious code, Charlie will have to wait and see whether Alice falls to the trap. This is because after receiving the files and emails from the internet Alice may choose to install/open them or discard them. If she discards them then Charlie will have to choose another mode of attack. Whichever mode Charlie chooses Alice should be careful and protect her computer as much as she can. This might involve disconnecting herself from the internet, locking her laptop in a safe place and ensuring that it she shuts down the laptop when not in use. Conclusion The security of any information held by any organization or employees of the organization are very vital. This is because if such information leaks to competitors or other third parties then the information could be used against the interests of the organization. From our case study, we do not know why Charlie is in need of this vital information. The security protocol and policy of the organization will go a long way in mitigating the chance of Charlie accessing the information. Depending on the number of leaf nodes necessary to complete each task, Charlie can end up as having very many leaf nodes. Thus, given the nine days period it would be advisable for Charlie to choose the easiest mode albeit expensive. Each level of the tree represents ways in which the goals of the proceeding level can be attained. Thus, the last nodes will represent the starting point of action that will lead to accessing the files on Alice’s computer. Attack tree analysis is very important in securing information. It gives potential victims a chance to prepare themselves from possible attacks since they know the possible ways that the attacker will try to use. If Charlie succeeds in stealing the information then this can lead to dire consequences not only for Alice but also for the entire company since the company’s business partners may shy away from the company since they may be afraid of such an act happening gain and thus compromise their private information to unwanted third parties. To safeguard the information held by the company and its employees the company should consider doing the following Conducting internal audits ad compliance levels Involving company employees on incident management Educating employees and performing awareness campaigns on information security Introduce a policy on securing company information Introducing or taking insurance cover on information security Glossary Cryptography The conversion of different kinds of data in to secret codes that can be sent to or across private as well as public networks (Stinson, 2006). Advanced Encryption Standard This is an encryption standard specified for the encryption of electronic data (truecrypt.org). Brute force attack A form of attack system that tests all possible keys until it deciphers the right key that produces intelligible plaintext (Schneider, 1996). Side-channel attacks These “encryption attacks” do not attack the principal cipher. They target systems that leak data. TrueCrypt This is a free software encryption application or software. It supports major operating systems Malware Malware refers to malicious software’s or applications like spyware and viruses that disrupt the normal operations of a personal computer. Attack tree This is the system that decryption follows to crack codes of encrypted information Social engineering This is the human based approach of conducting a cryptographic attack Phishing This is the use of emails appearing to be legitimate asking for verification of information. It warns of dire consequences if this is not done. The emails direct the victim to a fraudulent site where the information is used for carrying out attacks. Reference list Read More