Cryptography Overview and Attacks

Jun 23, 2024

Introduction to Cryptography

Definition

  • Used frequently in daily life.
  • Often unrecognized process.
  • Purpose: Secure information during transmission.

Importance of Keys

  • Security depends on the encryption/decryption key.
  • Attackers typically lack access to these keys.
  • Attackers may try alternative methods to access data.

Examination of Cryptographic Security

  • Public protocols and algorithms.
    • Allows examination for weaknesses.
    • Unused if weaknesses found.
  • Time-tested algorithms trusted for data protection.

Focus of Modern Attacks

  • Implementation flaws, not the algorithm itself.
  • Incorrect implementation is often the weakest link.

Types of Attacks on Cryptography

Attacks on Algorithms

Birthday Attack

  • Concept similar to shared birthdays in a room of people.
  • Applied to hash collisions in cryptography.
  • Brute force method to find duplicate hashes.
  • Prevention: Use large hash output sizes.
  • Example: MD5 Hash Collision
    • MD5 algorithm published in April 1992.
    • Collisions found in 1996.
    • 2008: Researchers created misleading certificate.
    • Result: MD5 no longer recommended.

Hash Collision Example

  • Two similar plaintexts result in the same MD5 hash.
  • Minor differences in plaintexts should create different hashes.
  • Exact same hash indicates a collision.

Attacks on Implementation

Downgrade Attack

  • Target: Secure algorithm implementation.
  • Goal: Use weaker encryption or plaintext transmission.
  • Example: SSL Stripping
    • Combines on-path attack with downgrade.
    • Requires attacker to be between the communication.
    • Often downgrades HTTPS to HTTP.

SSL Stripping Process

  1. Visitor sends HTTP GET request.
  2. Attacker passes request to web server.
  3. Server suggests HTTPS.
  4. Attacker passes own HTTPS request to server.
  5. Server sends OK for HTTPS.
  6. Attacker sends OK over HTTP to visitor.
  7. Visitor logs in with credentials over HTTP.
  8. Attacker logs in to server using HTTPS.
  9. Server acknowledges login.
  10. Attacker passes acknowledgment over HTTP.
  11. Subsequent communication between visitor and attacker is HTTP.

Conclusion

  • Cryptographic security is vital.
  • Examination and correct implementation prevent potential attacks.