Cryptographic Attacks

Sep 16, 2024

Cryptography and Security

Importance of Cryptography

  • Cryptography is a technology used daily, often without users realizing.
  • Ensures secure data transmission.
  • Security often hinges on the encryption key.

Public Algorithms and Protocols

  • Cryptographic protocols and algorithms are public for transparency.
  • Aim: Identify vulnerabilities and improve security by discontinuing flawed cryptography.

Focus on Implementation

  • Algorithms are generally secure, but implementation can be weak.
  • Attackers often exploit poor implementation to access data.

Types of Cryptographic Attacks

Birthday Attack

  • Based on the probability principle similar to birthday paradox.
  • Involves hash collisions where different plaintexts produce the same hash.
  • Example: MD5 algorithm found to have hash collisions.
    • MD5 published in 1992; collisions found in 1996.
    • By 2008, collisions used to forge CA certificates.
  • Prevention: Use large hash output sizes to avoid collisions.

Downgrade Attack

  • Uses secure algorithms but exploits poor implementation.
  • Objective: Force devices to use weaker encryption or none.

SSL Stripping

  • A specific type of downgrade attack.
  • Involves an on-path attacker sitting between client and server.
  • Attacker downgrades secure HTTPS to unsecured HTTP.

SSL Stripping Process

  1. Initial Request:

    • User sends HTTP GET request to server.
    • Attacker intercepts, allowing SSL stripping by not redirecting to HTTPS.
  2. Proxy Role:

    • Attacker passes initial HTTP request to web server.
    • Server suggests HTTPS, but attacker suppresses this from reaching user.
  3. Encrypted Communication:

    • Attacker uses HTTPS with server, has full data access.
    • Attacker sends unencrypted HTTP OK response to user.
  4. User Login:

    • User sends credentials over HTTP.
    • Attacker captures and uses credentials to access HTTPS server.
  5. Ongoing Communication:

    • Continues between user and attacker in clear text.
    • Attacker maintains encrypted link with server.
    • Allows attacker to view, capture, and modify data.

Summary

  • Cryptographic security is crucial and complex.
  • Attacks often exploit algorithm weaknesses or implementation flaws.
  • Awareness and correct implementation are vital for data protection.