Types of Cryptographic Attacks
Cryptographic attacks are designed to subvert the security of cryptographic algorithms, and they are used to attempt to decrypt data without prior access to a key. They are part of Cryptanalysis, which is the art of deciphering encrypted data. Cryptanalysis and Cryptography (the art of creating hidden writing, or ciphers) form the science of Cryptology.
Cryptographic Attack Methods
There are six related cryptographic attack methods, including three plaintext-based methods and three ciphertext-based methods:
These methods are used as the foundation of cryptographic attacks.
Known Plaintext and Ciphertext-Only Attacks
A known plaintext attack is an attack where a cryptanalyst has access to a plaintext and the corresponding ciphertext and seeks to discover a correlation between the two. A ciphertext-only attack is an attack where a cryptanalyst has access to a ciphertext but does not have access to corresponding plaintext. With simple ciphers, such as the Caesar Cipher, frequency analysis can be used to break the cipher.
Chosen Plaintext and Chosen Ciphertext Attacks
A chosen plaintext attack is an attack where a cryptanalyst can encrypt a plaintext of his choosing and study the resulting ciphertext. This is most common against asymmetric cryptography, where a cryptanalyst has access to a public key. A chosen ciphertext attack is an attack where a cryptanalyst chooses a ciphertext and attempts to find a matching plaintext. This can be done with a decryption oracle (a machine that decrypts without exposing the key). This is also often performed on attacks versus public key encryption; it begins with a ciphertext and searches for matching publicly-posted plaintext data.
Adaptive Chosen Plaintext and Adaptive Chosen Ciphertext Attacks In both adaptive attacks, a cryptanalyst chooses further plaintexts or ciphertexts (adapts the attack) based on prior results.
Side Channel Attacks
Side channel attacks leverage additional information based on the physical implementation of a cryptographic algorithm, including the hardware used to encrypt or decrypt data.
The cryptographic attack methods previously described assume that a cryptanalyst has access to the plaintext or ciphertext (sometimes both) and possibly the cryptographic algorithm: .A side channel attack leverages additional information, such as time taken (or CPU cycles used), to perform a calculation, voltage used, and so on. Bruce Schneier wrote: “Some researchers have claimed that this is cheating. True, but in real-world systems, attackers cheat. Their job is to recover the key, not to follow some rules of conduct. Prudent engineers of secure systems anticipate this and adapt to it.”1 Many practical side channel attacks have been discovered. One example is the networkbased attack versus OpenSSL. OpenSSL uses two types of multiplication: one (called Karatsuba) for equal-sized words and normal multiplication for unequal-sized words. Karatsuba is faster, and the difference in speed can be detected via a network using an SSL TCP/IP connection. The type of multiplication in use leaks information to an attacker. Researchers at Stanford University were able to launch a side-channel timing attack to recover the 1024-bit RSA key on an OpenSSL 0.9.7 server. The attack required one million queries and took two hours.2
Brute Force Attacks
A brute force attack systematically attempts every possible key. It is most often used in a known plaintext or ciphertext-only attack. Here is an example of a brute force attack on a 4-bit key:
Given a finite key length and sufficient time, a brute force attack is always successful. Encryption algorithms can become susceptible to brute force attacks over time as CPU speeds increase. Single DES encryption has an effective key length of 56-bits, and any key can be cracked within days using specialized hardware, such as the...