Scribd Logo
Upload

Welcome to Scribd!

  • The Amazing King - Cryptanalysis 101 PDF

    Uploaded by

    sipteck
    38 views3 pages

    Original Title

    The Amazing King - Cryptanalysis 101.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    38 views3 pages

    The Amazing King - Cryptanalysis 101 PDF

    Uploaded by

    sipteck

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    9/2/2016

    TheAmazingKingCryptanalysis101

    TheAmazingKingCryptanalysis101
    Cryptanalysisisthescienceandartofattackingcryptosystems.Inmostcasesthetermspecificallyrefersto
    findingflawsinencryptionalgorithms.Theproperdesignofcipherscannotbeaccomplishedwithouthaving
    knowledgeoftheattacksagainstthem.Idon'tthinkanyothersecurityfieldrequiresthatthedefenderbethis
    goodatattacking.Newcipherdesignsmustbesubjectedtocryptanalysisbyboththeauthorandother
    researchersbeforebeingconsideredforuse.Thisofcourseisnotalwaystrueandmanyproductemploy
    whatiscalledhomegrowncrypto(attacksthatnoncryptographersnaivelycreateasanafterthought).
    Anyway,theultimategoalofanattackistorecoverthekeybeingusedtoencryptthetargetinformation.

    BruteForcevs."Breaks"

    Thereisonemethodofkeyrecoverywhichisalwaysavailable:bruteforce.Thismeanstryingevery
    possiblekeyandusingittodecryptsomecollectedciphertext.Eventuallyyouwillhitthecorrectkeyandyou
    win.Nowwhatdoes"eventually"mean?Well,theworstcasescenarioisthatthecorrectkeywillbethelast
    oneyoutest.Onaverage,thekeywillbefoundatthehalfwaymark.Thenumberofpossiblekeysiscalled
    thekeyspaceandtheamountofinformation(bits)thatistakestorepresentakeyinsidethiskeyspaceis
    calledthekeylength.Cryptanalyststrytofindbreaksinthesystem/cipher.Althoughthistermisageneral
    one(similarto"hack"butspecifictocrypto),itprettymuchmeansatricktodiscoverthekeywithgreater
    probabilityand/orinlesscomputationalworkthanbruteforce.Thisincludesidentifyingkeycandidatesthat
    aremorelikelythanothersandalsoeliminatingkeycandidatesthatarelesslikelythanothers.Theless
    workthatneedstobedonetorecoverthekeyusingthistrickisoneaspectofwhatmakessomebreaks
    moreimpressivethanothers.

    ClassifyingAttacks
    Nowthatwehavedefined"breaking"acipherinprettywideterms(i.e:findaproblem),it'stimetobroadly
    classifysomecryptanalyticattacks.Onemethodofcategorizingthemisbyasking"Whatpower/information
    isneededtoperformtheattack?"Inallofthesesituations,thesamekeyisexpectedtobeusedthroughout
    andthegoaltotorecoverit.Hereareafewofthemorecommontypesofattacks:
    BlackboxInalmosteverycryptanalyticchallenge,itisassumedthattheattackerhasfullknowledgeof
    theinnerworkingsofthealgorithminuseandlacksonlythekey.Blackboxanalysisistheexception.This
    sortofanalysisshouldnotbeusedtocertifythesecurityofanalgorithm,butitissometimesnecessaryin
    http://www.theamazingking.com/cryptoana101.php

    1/3

    9/2/2016

    TheAmazingKingCryptanalysis101

    therealworld.Also,justbecausethealgorithmisunknown,thatdoesn'tmeanthatthesituationisalsoa
    ciphertextonlyone.
    CiphertextonlyThisisaverydifficultsituationtobein:knowingonlysomeciphertext.Youcanimagine
    anattackersittingonanetworkandsniffinganencrypteddatastream.Inthiscase,hedoesn'tknowany
    ofthecoorespondingplaintextatall,butmayhavestatisicalinformationaboutit(EnglishlanguageASCII
    textforexample).Typicallythemoreofthisciphertextthatisgathered,thebetterchancethatitwill
    succeedorthelessworkwillneedtobedone.
    KnownplaintextThisoneisabitmoredifficultbutopensthedoortostrongerattacks.Ifweareableto
    collectsomeciphertextandalsosomeoftheplaintextthatcreatedit(usingthecipherandthetarget
    key),wecantryknownplaintextbreaks.Theideahereistocomparethatplaintexttotheresulting
    ciphertextandlearnstatisticalinformationabouttherelationship.Thiscanthenbeusedtonarrowthe
    keyspaceandpredictlikelykeys.Again,themoreplaintextciphertextpairswecangather:thebetter.A
    realworldexamplemightbeanenemysendingseaconditionreportsbacktoHQ.Becausewecanlook
    attheocean,itshouldbeprettyeasytoguesswhattheyaresending(theplaintext).Ifwecanalso
    intercepttheresultingencryptedradiotransmissions,aknownplaintextbreakcouldbeusedtorecover
    thekey(whichmayalsoprotectmoreimportantinformation).
    ChosenplaintextOneofthehardestlevelsofcontrolanattackercanachieveischosenplaintext:
    beingabletomaketheenemyencryptwhateverwewantwiththetargetkeyandbeabletorecoverthe
    resultingciphertext.Itisalsoallowsmorepowerfulattacksincludingdifferentialcryptanalysis.Thismay
    seemlikeaveryimprobablesituation,butgiveitathink.Wartimeexample:Bysendingalotoftanksinto
    battle,wecanprettymuchguaranteethattheenemywillreportthesituationoverencryptedradio(with
    theword"tank"intheplaintext).Dependingonhowcraftyweare,itsalmostasiftheywillsendwhatever
    welikeafterencryptingitwiththeirsecretkey.

    FrequencyAnalysis

    Cryptogrampuzzlesaresolvedforenjoymentandthemethodusedagainstthemisusuallysomeformof
    frequencyanalysis.Thisistheactofusingknownstatisticalinformationandpatternsabouttheplaintextto
    determineit.Incryptograms,eachletterofthealphabetisencryptedtoanotherletter.Thistableofletter
    lettertranslationsiswhatmakesupthekey.Becausethelettersaresimplyconvertedandnothingis
    scrambled,thecipherisleftopentothissortofanalysisallweneedisthatciphertext.Iftheattackerknows
    thatthelanguageusedisEnglish,forexample,thereareagreatmanypatternsthatcanbesearchedfor.
    Classicfrequencyanalysisinvolvestallyingupeachletterinthecollectedciphertextandcomparingthe
    percentagesagainsttheEnglishlanguageaverages.Iftheletter"M"ismostcommonthenitisresonableto
    http://www.theamazingking.com/cryptoana101.php

    2/3

    9/2/2016

    TheAmazingKingCryptanalysis101

    guessthat"E">"M"inthecipherbecauseEisthemostcommonletterintheEnglishlanguage.Thesesorts
    ofcluescanbebouncedoffeachothertoderivethekeyandtheoriginalplaintext.Themorecollected
    ciphertexttheattackerhas,thebetterthiswillwork.Astheamountofinformationincreases,itsstatistical
    profilewilldrawcloserandclosertothatofEnglish(forexample).Thissortofthingcanalsobeappliedto
    groupsofcharacters("TH"isaverycommoncombinationinEnglishforexample).Theexamplefrequency
    analysisimageabovewasperformedonthefirstthreesentencesofthisparagraphturnedintoa
    cryptogram.Asyoucansee,theEnglishlanguageisverypredictablewithregardtoletterfrequencyandthis
    canexploitedinsomesituationstobreakciphers.

    ToyCiphersandPracticing

    Aswelearnmoreaboutcryptanalysisandreadpapersaboutattacks,we'llneedawaytoactuallylearnwhat
    isread.Iliketocreatetoycipherstotryoutattacksordevelopnewones.Theseareencryptionalgorithms
    thatareinventedforthepurposeofbeingbroken.Youcanjuststringsomeciphercomponentstogetherina
    waythatmakessensefortheattackyou'dliketotry.Bystartingsimpleandnotjustcopyingwhatevercipher
    isbrokeninthepaperyou'rereading,youcanlearnalotmore.Also,morepracticecanbehadbyapplying
    techniquesagainstweakenedvariantsofrealworldciphers.Ialsofindithelpfultoshrinktheblockandkey
    sizesdownalotwhenfirsttryingsomethingnew.Thisallowssomeresultstobeworkedoutbyhandwith
    pen/paperandcanaidintroubleshootingcode.Thepaper"SelfStudyCourseinBlockCipherCryptanalysis"
    byBruceScheneirdescribessomeweakenedciphervariantsforbeginnersandmakesagoodstartingpoint.

    LinearandDifferentialCryptanalysis
    HereIwillbrieflydescribe(onlyanoverview)twoofthemostrevolutionaryanalysismethodsfor
    cryptographyinrecentyears.Agreatdealofnewresearchstemsfromthemandunderstandingthe
    methodsisimportant.Iurgethereadertotaketheirtimeastheyreadmoreintothesesubjects.Askyourself
    questions"whyisthat?","whatdoesthatmean?","howcanitestthatout?".I'mafirmbelieverthatpassively
    readingsomethingisuselesscomparedtoactivelyreadingit.Differentialcryptanalysisisanattack
    publishedbyEliBihamandAdiShamirin1990.ItwasdiscoveredearlierbybothIBM(1974)andtheNSA
    (whoknows?)butkeptsecret.Itisachosenplaintextattackthatinvolveschoosingplaintextsinpairswitha
    particularXORdifferenceandlookingforacorrespondingXORdifferenceinthepairsofciphertext
    produced.LinearcryptanalysiswasdiscoveredandpublishedbyMitsuruMatsuiin1992asanattackon
    FEAL.Itisaknownplaintextattackthatbuildsalinearapproximationofthecipher(usingXORoperations
    onvariousbits)andthencomparestheexpressiontothecollectedplaintexttoestimatethelikelykeys.

    http://www.theamazingking.com/cryptoana101.php

    3/3

    You might also like