You are on page 1of 20

Attack

References: 1. Bruce, Applied Cryptography 2. William Stallings, Cryptography and Network Security
1

23/12/2013

Outlines
Brute force attack Avalanche effect Statistical attack
2
23/12/2013

Brute Force Attack


3

23/12/2013

Brute Force Attack (1)


Cryptanalysis
Cryptanalytic attacks rely on the nature of the algorithm plus perhaps some knowledge of the general characteristics of the plaintext or some sample plaintext-ciphertext pairs. This attack exploits the characteristics of the algorithm to deduce a specific plaintext or to deduce the key being used.
23/12/2013

Brute Force Attack


The attacker tries every possible key on a piece of ciphertext until the plaintext is meaningful.
4

Brute Force Attack (2)


Brute force attack is one of ciphertext-only attack. Attacker tries every possible key one by one until the resulting plaintext is meaningful. On average, half of all possible keys must be tried to achieve success.
23/12/2013

Brute Force Attack (3)


In Caesar Cipher, a brute force cryptanalysis is easily performed simply try all the 25 possible keys.
23/12/2013

Brute Force Attack (4)


23/12/2013

Three important characteristics of this problem enabled us to use a brute force cryptanalysis:
1. The encryption and decryption algorithms are known.

2. There are only 25 keys to try.


3. The language of the plaintext is known and easily recognizable.

Brute Force Attack (5)


The 3DES that makes use of a 168-bit key gives a key space of 2168 or greater than 3.7 x 1050 possible keys.
23/12/2013

The use of an algorithm that employs a large number of keys makes brute force cryptanalysis impractical.

If the language of the plaintext is unknown, then plaintext output may not be recognizable.
The input may be compressed in some fashion, again making recognition difficult.

Brute Force Attack (6)


23/12/2013

This figure shows a portion of a text file compressed using an algorithm called ZIP. If this file is then encrypted with a simple substitution cipher (expanded to include more than just 26 alphabetic characters), then the plaintext may not be recognized when it is uncovered in the brute force cryptanalysis.

Brute Force Attack (7)


23/12/2013

The greater security is achieved by greater resistance to brute force attack and greater confusion. If attack succeeds in deducing the key, the effect is CATASTROPHIC all the future and past messages encrypted with that key are compromised.

10

Avalanche Effect
11

23/12/2013

Avalanche Effect (1)


A small change in either the plaintext or the key should produce a significant change in the ciphertext. A one-bit change of key should produce a radical change in the ciphertext using the same plaintext. A one-bit change of plaintext should produce a radical change in the ciphertext using the same key. In particular, a change in one bit of the plaintext or one bit of the key should produce a change in many bits of the ciphertext.
12
23/12/2013

Avalanche Effect (2)


In DES algorithm: By allowing one bit to affect two substitutions (S-Box Substitution and P-Box Substitution), the dependency of the output bits on the input bits spreads faster.
23/12/2013

After five rounds every ciphertext bit is a function of every plaintext bit and every key bit.
After eight rounds the ciphertext was essentially a random function of every plaintext bit and every key bit.
13

Avalanche Effect (3)


DES example
23/12/2013

14

Avalanche Effect (4)


23/12/2013

15

Avalanche Effect (5)


Avalanche effect in DES change in plaintext
23/12/2013

16

Avalanche Effect (6)


23/12/2013

The fourth bit of the plaintext is changed, so that the plaintext is 12468aceeca86420. The second column of the table shows the intermediate 64-bit values at the end of each round for the two plaintext. The third column shows the number of bits that differ between the two intermediate values. The table shows that, after just three rounds, 18 bits differ between the two blocks. On completion, the two ciphertexts differ in 32 bit positions.

17

Avalanche Effect (7)


Avalanche effect in DES change in key
23/12/2013

18

Avalanche Effect (8)


23/12/2013

The fourth bit of the key is changed, so that the key is 0f1571c947d9e859 (original key: 1f1571c947d9e859). The results show that about half of the bits in the ciphertext differ and the avalanche effect is pronounced after just a few rounds.

19

HAPPY LEARNING!

20

23/12/2013