Cryptography: The area of study containing the principles and methods of transforming an intelligible message into one that is unintelligible. And then retransforming that message back to its original form.
Cryptographic systems characterized along three independent dimensions.
- The types of operations used for transforming plaintext to ciphertext. All encryption algorithms based on two general principles substitution and transposition. The basic requirement that no information lost. Most systems referred to as product system, involves multiple stages of substitutions and transpositions.
- The number of keys used. If both sender and receiver use the same key, the system is referred to as symmetric, single-key, secret-key, or conventional encryption. If the sender and receiver use different keys the system is referred to as asymmetric, two-key, or public-key encryption.
- The way in which the plaintext processed. A block cipher processes a block at a time and produces an output block for each input block. A stream cipher processes the input element continuously, producing output one element at a time, as it goes along.
Cryptanalysis and Brute-Force Attack: Cryptography
- Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus perhaps some knowledge of the general characteristics of the plaintext or even some simple plaintext-ciphertext pairs. This type of attack finds characteristics of the algorithm to find a specific plaintext or to find a key.
- Brute-force attack: The attacker tries every possible key on a piece of ciphertext until plaintext On average, half of all possible keys must tried to achieve success.
Based on the amount of information known to the cryptanalyst cryptanalytic attacks can categorize as:
- Ciphertext Only Attack for Cryptography: The attacker knows the only ciphertext only. It is easiest to defend.
- Known plaintext Attack for Cryptography: In this type of attack, the opponent has some plaintext-ciphertext Or the analyst may know that certain plaintext patterns will appear in a message. For example, there may a standardized header or banner to an electronic funds transfer message. And the attacker can use that for generating plaintext-cipher text pairs.
- Chosen plaintext: If the analyst is able somehow to get the source system to insert into the system a message chosen by the analyst, then a chosen-plaintext attack is possible. In such a case, the analyst will pick patterns that can expected to reveal the structure of the key.
- Chosen Ciphertext: In this attack, the analyst has cipher text and some plaintext-cipher text pairs. Where cipher text has been chosen by the analyst.
- Chosen Text: Here, the attacker has got cipher text, chosen plaintext-cipher text pairs and chosen cipher text-plaintext pairs.
Chosen cipher text and chosen text attacks rarely used.
- Similarly, It assumed that the attacker knows the encryption and decryption algorithms.
- Generally, an encryption algorithm designed to withstand a known-plaintext attack.
Brute-force attack: Cryptography
- This type of attack becomes impractical as the key size increases as trying all the possible alternative keys for a very large key may take a huge amount of time.
- For example, for a binary key of 128 bits, 2128 keys are possible. Which would require around 5 X1024 years at the rate of 1 decryption per microsecond (current machine’s speed).
- Moreover, The Data Encryption Standard (DES) algorithm uses a 56-bit key a 128-bit key used in AES.
- With massively parallel systems, even DES is also not secure against Brute Force attack.
- AES with its 128-bit key is secure. Since the time required to break it makes it impractical to try Brute-Force attack