attacks overview nguyen cao dat 1. bk tp.hcm outline cryptographic attacks ▫ frequency analysis...
Post on 05-Jan-2016
223 Views
Preview:
TRANSCRIPT
Attacks Overview
Nguyen Cao Dat
1
BKTP.HCM
Outline
Cryptographic Attacks▫Frequency analysis▫Brute force attack▫Meet-in-the-middle attack▫Birthday attack
Network Attacks▫Replay attack▫Man-in-the-middle attack▫Denial-of-service attack
BKTP.HCM
Frequency analysisFrequency
analysis is the study of the frequency of letters or groups of letters in a ciphertext. The method is used as an aid to breaking classical ciphers.
BKTP.HCM
Brute force attackbrute force attack is a strategy used to break the
encryption of data. It involves traversing the search space of possible keys until the correct key is found.
The amount of time required to break a 128-bit key is also daunting. Each of the 2128 possibilities must be checked. A device that could check a billion billion keys (1018) per second would still require about 1013 years to exhaust the key space.
This is a thousand times longer than the age of the universe, which is about 13,000,000,000 (1.3×1010) years.
BKTP.HCM
Meet-in-the-middle attack (1/3)
for small x, we have (1 x) ex. for small x, we have (1 x)
ex.
for small x, we have (1 x)
ex.
The attack works by encrypting from one end and decrypting from the other end, thus meeting in the middle.
Assume the attacker knows a set of plaintext and ciphertext: P and C. That is:
BKTP.HCM
Meet-in-the-middle attack (2/3)
for small x, we have (1 x) ex. for small x, we have (1 x)
ex.
for small x, we have (1 x)
ex.
The attacker can then compute EK(P) for all possible keys K and store the results in memory.
Afterwards he can decrypt the ciphertext by computing DK(C) for each K.
Any matches between these two resulting sets are likely to reveal the correct keys. (To speed up the comparison, the EK(P) set is stored in an in-memory lookup table, then each DK(C) can be matched against the values in the lookup table to find the candidate keys.)
BKTP.HCM
Meet-in-the-middle attack (3/3)
for small x, we have (1 x) ex. for small x, we have (1 x)
ex.
for small x, we have (1 x)
ex.
Once the matches are discovered, they can be verified with a second test-set of plaintext and ciphertext. If the keysize is n, this attack uses only 2n + 1 encryptions (and O(2n) space) in contrast to the naive attack, which needs 22n encryptions (but only O(1) space).
BKTP.HCM
Birthday attack (1/6)exploits the mathematics behind the birthday problem in
probability theory.What is the minimum value of k such that the probability
is greater than 0.5 that at least two people in a group of k people have the same birthday?
P(n, k) = Pr[at least one duplicate in k items, with each item able to take on one of n equally likely values between 1 and n]
we are looking for the smallest value of k such that P(365, k) 0.5
BKTP.HCM
Birthday attack (2/6)
the probability that there are no duplicates, which we designate as Q(365, k)the number of different ways is:
BKTP.HCM
Birthday attack (3/6)
P(365, 23) = 0.5073. For k = 100, the probability of at least one duplicate is 0.9999997.
BKTP.HCM
Birthday attack (4/6)
for small x, we have (1 - x) ex.
BKTP.HCM
Birthday attack (5/6)
BKTP.HCM
Birthday attack (6/6)What value of k is required such that P(n, k) 0.5?
To satisfy the requirement, we have:
For large k, we can replace k x (k -1) by k2, and we get
As a reality check, for n = 365, we get which is very close to the
correct answer of 23.
BKTP.HCM
Replay attack (1/2)Use a simple method of exploiting a captured packet or
packets, and resend that traffic to cause unexpected results.
Suppose Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Mallory is eavesdropping the conversation and keeps the password. After the interchange is over, Mallory connects to Bob posing as Alice; when asked for a proof of identity, Mallory sends Alice's password read from the last session, which Bob accepts.
BKTP.HCM
Replay attack (2/2)A way to avoid replay attacks is using session tokens,
session tokens should be chosen by a (pseudo-) random process.
Timestamping is another way of preventing a replay attack. The advantage of this scheme is that does not need to generate (pseudo-) random numbers.
BKTP.HCM
Man-in-the-middle attackThe man-in-the middle attack intercepts a communication between
two systems
Once the TCP connection is intercepted, the attacker acts as a proxy, being able to read, insert and modify the data in the intercepted communication.
Various defenses against MITM attacks use authentication technique that are based on PKI (Public Key Infrastructure)
BKTP.HCM
Denial-of-service attackDoS attack or DDoS is an
attempt to make a computer resource unavailable to its intended users.
Methods of attack▫ ICMP flood▫ Teardrop Attacks▫ Peer-to-peer attacks▫ …
top related