What Is Cryptanalysis? – Attackers may implement various cryptography attacks in oreder to evade security of a cryptographic system by exploiting vulnerabilities in a code, cipher, cryptographic protocol, or key management scheme. This process is known as **cryptanalysis**.

Cryptanalysis is the study of cipher, cipher text, or cryptosystems with the ability to identify vulnerabilities in tehem that allows to extract plaintext from teh cipher text even if teh cryptographic key or algorithm used to encrypt the plaintext is unknown.

This section deals with various cryptography attacks uses to compromise crytographic system and various cryptanalysis techniques and tools that help in breaching cryptographic security.

Post Contents

## Cryptanalysis Methods

*There Are Three Types of Cryptanalysis Methods:-*

**Linear Cryptanalysis **

Linear Cryptanalysis is based on finding affine approximations to the action of a cipher. it is commonly used on block ciphers. This technique was invented by Mitsarue Matsui. it is a known plaintext attack and uses a linear approximation to describe the behavior of the block cipher.

Given enough pairs of plaintext and corresponding ciphertext, bits of information about the key can be obtained. Obviously, the more pairs of plaintext and ciphertext one has, the greater the chance of success.

Remember cryptanalysis is an attempt to crack cryptography. Eg With the 56-Bit data encryption standard (DES) key brute force could take up to 256 attempts. Linerar cryptanalysis will take 2^{43} known plaintexts. This is better than brute force, but still impractical for most situations. The math may be a bit complex for beginning cryptographers, but let’s look at the basics of it.

With This method, a linear equation expresses the equality of two expressions which consists of binary variables XORed. For Example, in the following equation, XORs sum of the first and third plaintext bits, and the first ciphertext bit is equal to the second bit of the key:-

**P1XP3XC1=K2**

You can use this method to slowly re-create the key that was used.

After doing this for each bit, you will have an equation of the form:

**P _{i1}X P_{i2} X…..X C_{j1}X C_{j2}X….=K_{k1}X K_{k2} X…..**

You can then use **Matsui’s Algorithm 2,** using known plaintext-ciphertext pairs, to guess at the values of the key bits involved in the approximation. For each set of values of the key bits on the right-hand side (referred to as a partial key), count how many time the approximation holds true over all the known plaintext-ciphertext pairs; call this count T.

The partial key whose T has the greatest absolute difference from half the number of plaintext-ciphertext pairs is designated as the most likely set of values of those key bits.

### Differential Cryptanalysis

Differential Cryptanalysis is a form of cryptanalysis applicable to symmetric key algorithms. This was invented by Eli Biham and Adi Shamir. Essentially, it is the examination of differences in an input and how that affects the resultant difference in the output. it originally worked only with chosen plaintext. It Could also work with known **Plaintext** and **Ciphertext.**

### Integral Cryptanalysis

Integral Cryptanalysis was first described by Lars Knudsen. this attack is particulary useful against block ciphers based on substitution-permutation networks as an exentsion of differential cryptanlysis. Differential analysis looks at pairs of inputs that differ in only one-bit position, with all other bits being identical. Integral analysis, for block sizeb, holdsb-k bits constant and runs the other k through all 2k possibilities. For K=1, this is just differential cryptanalysis, but with k>1, it is a new technique.

**Code Breaking Methodologies**

One can measure the strength of an encryption algorithm using various code-breaking techniques, some of which are as follows;

### Brute Force

Code-Breakers or Cryptanalysts work to recover the plaintext of a message without knowing the required key in advance. They may first try to recover the key, or they may go after the message itself. A common cryptanalytic technique is a brute-force attack, or exhaustive search, in which the keys are determined by trying every possible combination of characters.

The efficiency of a brute-force attack depends on the hardware configuration. Use of faster processors means testing more keys per second. Cryptanalysis carried out a successful brute-force attack on a DES encryption method that effectively made DES obsolete.

### Frequency Analysis

Frequency analysis is the study of the frequency of letters or groups of letters in a ciphertext. Frequency analysis of letters and words is another method used to attack ciphers. It works on the fact that, in any given stretch of written language, certain letters and combinations of letters occur with variying frequencies.

This technique examine the number of times that a particular symbol comes up in a ciphertext. For example, the letter “**e**” is a common letter in the English language. If the letter **“k”** appears commonly in a cipher text, it can be reasonably concluded that **“k”** in the encrypted language is equivalent to **“e”** in English.

Encrypted source code is more vulnerable to these types of attacks because words like “**#define**,” “**struct**“, “**else**” and **“return”** are repeated frequently in code. Sophisticated cryptosystems are required to maintain the security of messages against frequecy analysis.

**Trickery and Deceit**

Trickery and Deceit requires a high level of mathematical and cryptographic skills. it involves the use of social engineering techniques to extract cryptography keys.

Example: it is fairly easy to decrypt an entire message if the user known some of its content.

An attacker can use social engineering techniques to trick or brive someone to encrypt and send a known message, which, when intercepted, could then be eaisly decrypted using standard cryptanalysis techniques.

### One-Time Pad

One can crack any cipher if provided with sufficient time and resources. However, there is an exception called o one-time pad, which the users assume to be unbreakable even with infinite resources.

A one-Time pad contains mostly a non-repeating set of letters or numbers, which the system chooses randomly. the user writes them on small sheets of paper and then pastes them togethar in a pad.

**Example of One-Time Pad Usage:**

Sender encrypts only one plaintext character using each key letter on the pad, and the receiver decrypts each letter of the ciphertext using an idetical pad. Once the letter uses a page, he or she tears it off the pad and securely discards it, thus it got the name One-Time Pad.

**Drawback:** The key length is same as that of the message, thus making it impossible to encrypt and send large messges.

What Is Cryptanalysis?

## Cryptography Attacks

Attackers conduct cryptography attacks assuming that the cryptanalyst has access to the encrypted information. Cryptography attack or cryptanalysis involes study of various principles and methods of decrytpting the ciphertext back to the plaintext without knowledge of the key.

*The Following are various types of cryptography attacks:*

### Ciphertext-Only Attack

Ciphertext-Only is less effective but much more likely for the attacker. the attacker only has access to a collection of cipher texts. This is much more likely than known plaintext but also the most difficult. the attack is completely successful if the corresponding plaintext can be deduced, or even better, the key.

The ability to obtain any information at all about the underlying plaintext is still considered a success. so what does the attacker do with the ciphertexts he has accumulated? You can analyze them for patterns, trying to find something that would give you a hint as to the key that was used to crack them, often, the result of this attack is just a partial break and not a complete break.

**Adaptive Chosen-Plaintext Attack**

In This Type of attack, an attacker has a complete access to the plaintext message including its encryption, and he/she can also modify the content of the message by making series of interactive queries, chossing subsequenct plaintext blocks based on the information from the previous encryption queries and functions. To Perform this attack, an attacker needs to interacts with the encryption device.

What Is Cryptanalysis?

### Chosen-Plaintext Attack

Chosen Plaintext attack is a very effective type of cryptanalysis attack. In This Attack, the attacker obtains the ciphertexts corresponding to a set of plaintexts of his own choosing. This can allow the attacker to attempt to derive the key used and thus decrypt other messages encrytped with that key. basically, since the attacker knows the plaintext and the resultant ciphertext, he has a lot of insight into the key used. This technique can be difficult but is not impossible.

### Related-Key Attack

The Related-key attack is similar to the chosen plaintext attack, expect the attacker can obtain ciphertexts encrypted under two different keys. This is actually a very useful attack if you can obtain the plaintext, and matching ciphertext. The attack requres that the differing keys be closely related, for example, in a wireless environment where subsequent keys might be derived from previous keys. then, while the keys are different, they are close. Much like the cipher text-only attack, this one is most likely only going to yield a partial break.

### Dictionary Attack

In This attack, the attacker consturcts a dictionary of plaintext along with its corresponding ciphertext that he/she analyzed and obtained for a certain period of time. After building the dictionary, if an attacker obtains the ciphertext, her/she uses the already, built dictionary to find the corresponding plaintext. Attackers use this technique to decrypt keys, passwords, passphrases, and ciphertext.

### Known-Plaintext Attack

In This attack, the only information available to the attacker is some plaintext blocks along with corresponding ciphertext and algorithm used to encrypt and decrypt the text. Using this information, the key used to generated ciphertext that is deducated so as to decipher other messages. This attack works on block ciphers and is an example of linear cryptanalysis. The Known plaintext blocks are generated using a series of intelligent guesses and logic and not through accessing the plaintext over a channel.

What Is Cryptanalysis?

### Choosen-Ciphertext Attack

Attacker obtains the plaintexts corresponding to an arbitrary set of ciphertexts of his own choosing. Using this information, the attacker tries to recover the key used to encrypt the plaintext. To Perform this attac, the attacker must have access to communication channel between the sender and the receiver.

*There are two variants of this attack:-*

- Lunchtime or Midnight attack: In this attack, the attacker can have access to the system for only a limited amount of time or can access only few plaintext-ciphertext pairs.
- Adaptive Chose-Ciphertext Attack: In This attack, the attacker selects a series of ciphertexts and then observes the resulting plaintext blocks.

### Rubber Hose Attack

Attackers extract cryptographic secrets (e.g the password to an encrypted file) from a person by coercion or torture. generally people under pressure cannot maintain security, and they will reveal secret keys or passwords used to encrypt the information.

### Chosen-Key Attack

In This Type of attack, an attacker not only breaks a cipher text but also breaks into a bigger system, which is dependent on that ciphertext. Attacker usually breaks into a bigger system, which is dependent on that ciphertext. Attacker usually breaks an n bit key cipher into 2 ^{n/2 }Number of operations. Once, an attacker breaks the cipher, he gets access to the system, he can control the whole system, access the confidential data, and can perform further attacks.

What Is Cryptanalysis?

### Timing Attack

It is based on repeatedly measuring the exact times of modular exponentiation operations. Attacker tries to break the ciphertext by analyzing the time taken to execute the encryption and decryption algorithm for various inputs. In a computer, the time taken to execute a logical operation may vary based on the input given. An Attacker by giving varying inputs tries to extract the plaintext.

### Man-In-The-Middle Attack

This attack is performed against a cryptographic protocol. Here, an attacker intercepts the communication between a client and server and negotiates the cryptographic parameters. Using this attack, an attacker can decrypt the encrypted content and obtain confidential information such as system passwords.

An attacker can also inject commands that can modify the data in transit. Attacker usually performs MITM attack on the public key cryptosystems where key exchange is requred before communication takes place.

Attacker performs this attack on the public key cryptosystms where key exchange is required before communication takes place.

## Cryptanalysis Tools

Attackers use cryptanalysis tools to analyze and break the ciphers. Discussed below are some of the cryptanalysis tools:-

### CrypTool

Download Tool :- Click Here

The CrypTool Project develops e-learining programs in the area of cryptography and cryptanalysis. It Consists of e-learning software (CT1, CT2 ,JCT, And CTO).

#### CrypTool 1 (CR1)

It is written in c++ and Is a Windows program.

**Features:-**

- Supports classic and modern cryptographic algorithms (encryption and decryption, key generation, secure passwords, authentication, secure protocols, etc.)
- Visualization of several algorithms (Caesar, Enigma, RSA, Diffie-Hellman, Digital Signatures, AES, etc.)
- Cryptanalysis of several algorithms (Vigenere, RSA, AES, etc.)
- Cryptanalysis measurement methods (entrophy, n-grams, autocorrelation, etc.)
- Related auxiliary methods (primality tests, Factorization, base64 encoding, etc.)

#### CryTool 2 (CT2)

Supports visual programming GUI and execution of cascades of cryptographic procedures. It runs under Windows.

#### JCrypTool (JCT)

Allows comprehensive cryptographic experimentation on Linux, MAC OS X, and Windows. It also allows users to develop and extend its platform in various ways with their own crypto plu-ins.

#### CrypTool-Online (CTO)

Runs in a browser and provides a variety of encryption methods and analysis tools.

**Some Of the Additional Cryptanalysis Tools Are Listed Below:**

- CryptoBench
- Cryptol
- Ganzua
- EverCrack
- Alphapeeler
- Mediggo
- SubCypher