What is a Cryptographic Attack? Your Comprehensive Guide

What is a cryptographic attack? What role do they play in today's cyber landscape?

In today's blog, our ethical hackers expand on our original breakdown of cryptography attacks to delve further into how organizations like yours can (and should) be shielding against them.

Let's get started:

First, What is Cryptography?

Before we answer the question of, "What is a cryptographic attack?" we first have to delve into what exactly cryptography is.

Cryptography is defined as a security mechanism for storing and transmitting sensitive data such that only the sender and the intended receiver can read or understand it. A key (or multiple keys) is used to encode data (at the sender's end) and decode data(at the receiver's end.)

As a crucial part of cryptography, encryption is converting plaintext or data into ciphertext or encoded data (as in, data that is not readable to everyone). As the final component of cryptography, converting the ciphertext or encrypted data to a readable form or decoded version is called "decryption."

The History of Cryptography

The word "cryptography" is derived from the Greek word kryptos. The prefix, "crypt-", roughly translates to "hidden" in English, and the suffix "-graphy", is translated to "writing."

The origin of the first definition of cryptography is dated from approximately 2000 B.C., where it first appeared as hieroglyphics. From there, the first public usage of a modern cipher was by Julius Caesar, who reportedly crafted a system in which each character in his messages to other authority figures was replaced by a character three positions ahead of it in the Roman alphabet.

Flash forward to today: now, cryptography has evolved as a way to virtually store and transfer sensitive information.

Types of Cryptography (and Their Weaknesses)

Single-key (or symmetric-key encryption) algorithms generate a set length of bits known as a "block cipher", a hidden key that the sender or creator then uses to encrypt data and the receiver uses to decipher it.

A recent example of symmetric-key cryptography is the Advanced Encryption Standard. The AES specification was established in 2001 by the National Institute of Standards and Technology (NIST) as a Federal Information Processing Standard (FIPS 197) to safeguard sensitive data. The United States government mandates the standard and it is commonly used in the private sector.

Public-key or asymmetric-key encryption algorithms, on the other hand, use a pair of keys: a public key associated with the sender or creator used for encrypting messages, and a private key that only the originator knows that is used to decrypt said information.

Examples of public-key cryptography include:

• The RSA, which is used widely on the internet

• The Elliptic Curve Digital Signature Algorithm (ECDSA), which is used by Bitcoin

• And the Digital Signature Algorithm (DSA), which has been adopted as a Federal Information Processing Standard for digital signatures by NIST in FIPS 186-4

To maintain data integrity in cryptography, hash functions are used: hash functions determine which return is a deterministic output from an input value and which are used to map data to a fixed data size. Types of cryptographic hash functions include Secure Hash Algorithm 1, Secure Hash Algorithm 2, and Secure Hash Algorithm 3.

Four Objectives of Cryptography to Know

Modern cryptography concerns itself with the following four objectives:

1. Confidentiality: The information cannot be understood by anyone except for whom it was unintended

2. Integrity: The information cannot be altered in either storage or transit between the sender and the intended recipient without the alteration being detected

3. Non-repudiation: Either the creator or the sender of the information cannot deny at a later stage their intentions in the creation or transmission of the info

4. Authentication: Both the sender and recipient can confirm each other's identity, the origin of the info, and the destination of the info as-needed

These are especially critical to understand in relation to a cryptographic attack, as the defensive protocols that meet some or all of the above criteria are known as cryptosystems.

Cryptographic Algorithms

Cryptosystems utilize a set of procedures known as cryptographic algorithms in order to encrypt and decrypt messages to secure communications among computer systems, devices, and apps.

A cipher suite uses one algorithm for encryption, another algorithm for message authentication, and another for key exchange. This process, embedded in protocols and written in software that runs on operating systems (OSes) and networked computer systems, involves a combination of the following:

• Public and private key generation for data encryption/decryption

• Digital signing and verification for message authentication

• Key exchange

What is a Cryptographic Attack?

Now that we've outlined cryptography, it's time to move on to the core question "What is a cryptographic attack?"

A cryptographic attack permits threat actors to bypass the security of a cryptographic system by finding weaknesses in its code, cipher, cryptographic protocol, or key management scheme. This circumvention is also called “cryptanalysis.”

As such, cryptographic attacks target cryptographic or cipher systems that conceal data so that only a few people can view it. Depending on the type of cryptographic system in place and the information available to the attacker, these attacks can be broadly classified into six types:

1. Brute force attacks: In a brute force attack, the threat actor in question will attempt a variety of keys in order to decipher an encrypted message or data. If the key size is 8-bit, the possible keys will be 256 (i.e., 28). In order for this to be successful, the threat actor must know the algorithm (generally found as open-source programs) to try all the 256 possible keys in this attack technique

2. Ciphertext-only attack: In this attack vector, the threat actor will gain access to a collection of ciphertext. Although the threat actor can't access the plaintext directly, they can successfully determine the ciphertext from the collection. This vector is generally less effective than its brute-force counterpart

3. Chosen plaintext attack: Via a chosen plaintext attack, a threat actor cybercriminal can select plaintext data to obtain the ciphertext, which in turn simplifies their task of resolving the encryption key

4. Chosen ciphertext attack: In this method, the threat actor will attempt to obtain a secret key or the details about the system. By analyzing the chosen ciphertext and relating it to the plaintext, the threat actor will try to guess the key

5. Known plaintext attack: This technique can occur when a threat actor alrady knows the plaintext of some portions of the ciphertext using information-gathering techniques

6. Dual key and algorithm attack: The threat actor will attempt to recover the key used to encrypt or decrypt the data by analyzing the cryptographic algorithm

Active vs. Passive Cryptographic Attacks

Alongside these six main types of cryptographic attacks, a cryptography attack can be either passive or active.

What do we mean by that? Well:

• Passive attacks: Passive cryptography attacks are launched with the intent to gather unauthorized access to sensitive data or information by intercepting or eavesdropping on general communication. In this situation, the data and the communication remain intact and are not tampered with

• Active attacks: As a direct comparison, active cryptography attacks hinge on the modification of the data or the communication. In this case, the attacker not only gains access to the data but also tampers with it

Examples of Cryptographic Attacks in Media

When it comes to knowing what a cryptographic attack is, it can be helpful to examine examples.

One that comes to mind for many is the "Ultimate Man-in-the-Middle Attack", which used an elaborate spoofing campaign to trick a Chinese venture capital firm and steal from an Israeli startup, which earned the threat actors US$1 million in 2019.

More recently, in 2021, over hundreds of enterprises across both the United States and Europe were successfully targeted by a cloud-based brute-force campaign that exploited known vulnerabilities in Microsoft Exchange to enable remote code execution. 

How to Prevent a Cryptographic Attacks

To safeguard your organization from sophisticated cryptographic attack, it is essential to have a strong cryptographic system in place.

Here are our team's suggested actionable ways you can start doing this today:

• Regularly have your IT team update the cryptographic algorithms and protocols to ensure they are not obsolete

• Guarantee that data is appropriately encrypted so that even if it falls into the wrong hands, it cannot be read or easily tampered with

• Use unique keys for encryption

• Store all keys in a secure location

• Ensure that the cryptographic system is implemented correctly and follows best practices

• Regularly test your system for vulnerabilities

• Educate employees about cryptographic attacks and how to prevent them via ongoing Employee Awareness Training

Conclusion

"What is a cryptographic attack?" is a question we field frequently here at Packetlabs.

Looking to learn more about how to bolster your security posture ahead of the next attempted cyber breach? Contact us or download our Buyer's Guide today.