Attacks on cryptosystems-cryptography, Computer Network Security

Attacks on Cryptosystems
Attacks are attempts to achieve unauthorized access to secure communications have characteristically used brute force attacks. Attacker may alternatively conduct known plaintext attack or selected plaintexts attach schemes.
The different methods of attacks are as follows:

Man-in-the-Middle Attack
This technique is designed to intercept transmission of public key or insert known as key structure in place of requested public key. From victims’ perception, encrypted communication appears to be taking place normally, but actually attacker receives each encrypted message, decodes, encrypts, and sends it to originally intended recipient. Establishment of public keys with the digital signatures can prevent traditional man in the middle attack Correlation Attacks

Collection of brute force methods which attempt to deduce statistical relationships between structure of unknown key and ciphertext is called as correlation attacks. Differential and linear cryptanalysis has been used to mount successful attacks. Only defense organization is the selection of strong cryptosystems, by key management, and strict adherence to finest practices of cryptography in frequency of changing keys.

Dictionary Attacks
In the dictionary attack, attacker encrypts every word in a dictionary by using same cryptosystem used by target. Dictionary attacks can become successful if ciphertext consists of relatively few characters (for instance usernames, passwords).

Timing Attacks
Attacker eavesdrops through victim’s session is sometimes called timing attacks which uses statistical analysis of user’s typing patterns and inter keystroke timings to discern sensitive session information.

It is used to gain information about encryption key and possibly cryptosystem in use. Once encryption is broken successfully, attacker may launch a replay attack (an attempt to resubmit recording of deciphered authentication for entry into secure source).

Defending From Attacks
Does not matter how sophisticated encryption and cryptosystems have become, if key is revealed, message can be determined easily. Key management is not so much management of technology but instead management of people.

Posted Date: 10/9/2012 2:43:05 AM | Location : United States







Related Discussions:- Attacks on cryptosystems-cryptography, Assignment Help, Ask Question on Attacks on cryptosystems-cryptography, Get Answer, Expert's Help, Attacks on cryptosystems-cryptography Discussions

Write discussion on Attacks on cryptosystems-cryptography
Your posts are moderated
Related Questions
Problem: (a) Use a simple example to explain what is meant by a finite state machine. (b) Describe the time limit problem in an interrupt-driven system. (c) A certain m

Benchmarking An alternative approach to risk management is Benchmarking. It is process of seeking out and studying practices in other organizations which one’s own organization de

LEGAL, ETHICAL AND PROFESSIONAL ISSUES To minimize liabilities and reduce risks, information security practitioner should: •    to understand current legal environment •    to s

i want to detec and classify network anomaly detection based on KDD99 data set using swarm intelligence

You are hired as a consultant to help design a digital library in which books are scanned and stored digitally and made available to users of the World Wide Web. Assume that the li

QUESTION (a) Define and distinguish between Electronic Commerce and Electronic Business (b) According to you what are the benefits that Electronic Commerce can brings to org

Question: a) There are two basic approaches to dealing with errors in the presence of pipelining. One way is Go-Back-N and the other strategy is Selective Repeat. i. Explain

- Alice, Bob and Charlie have a secret key a=3, b=4, c=5, in that order. - They would like to find a common secret key using Diffie-Hellan key exchange protocol (with g=2, p=5).

CRC in matlab

Techniques for combating Spam mails Many anti spam products are commercially available in market. But it should also be noted that no  one technique is a complete solution to