tcp-ip-protocal-stack public-key-algorthms Continue Web Security Summary Web Security Overview

Cryptanalysis

Different cryptographic techniques are vulnerable to different forms of attack. A perfect algorithm would only be vulnerable to brute force attacks, that is attempts to try out every possible key. In practice mathematical shortcuts or implementation errors may make it possible to break a form of encryption without having to try out every single key combination.

Modern high-quality encryption methods tend to have few known flaws and are subjected to extensive attack by cryptography experts who make a living through cryptanalysis. Hence when considering what encryption to use it’s important to choose a well-known method that has been rigorously examined by the wider community. Many so-called “high-security” algorithms have turned out to be laughably insecure when their inner-workings were exposed to scrutiny.

Cryptanalysis: The science (or Art) of reading encrypted traffic without prior knowledge of the key. Is the art that will be used against you if someone is trying to break your encrypted traffic. The methods used vary, both due to the nature of the attacker and the encryption algorithm they are trying to break. However you will often find that attackers will try “Practical” Cryptanalysis on you instead - simply stealing of the required encryption key by any means necessary. For this reason you should be concerned more about physical security, staff and system security than any other factor. Attackers will often break or brazen their way in and take the private keys, without having to resort to any clever technical attacks.

Brute Force Attacks

The Brute Force attack is probably the most common technical attack in use today, simply because most modern algorithms and their implementations have few-known holes that an attacker can exploit. The success and speed of brute force attacks is a simple relationship between the length of the key you have used and the amount of computing power available to the attacker. An 8 bit key has 2^8 combinations (256) a typical pocket calculator has enough power to try out all these combinations against your ciphertext in less than a second, by comparison a 40 bit key has 2^40 combinations ( 1,099,511,627,776) but this is still computable fairly easily (see above). For true security against this sort of attack key sizes of 128 bits and above are required this gives 2^128 combinations (3.402823669209e+38) even with modern supercomputers this would take years to break.

Contents ] DNS ] p6spy ] Weblogic Tuning ] Cactus ] The Grinder ] Word to PDF ]

©1994-2006 All text and images copyright: www.abcseo.com; last updated: