The third part of this book will focus on cryptanalysis and its methods. As stated in the first part, cryptanalysis is defined as being the discipline that studies the methods and ways of finding breaches within cryptographic algorithms and security systems. The most important goal is to obtain access to the real nature of the encrypted message or cryptographic key.
Cryptanalysis is a process conducted by professionals (ethical hackers, information security officers, etc.). Cryptanalysis activity outside of the legal framework is known as hacking, which covers personal and non-personal interests. However, recently, the term hacking has been popularized as just writing code, hence there are people who participate in hackathons events. Hackathons generally have nothing to do with security-related programming, etc.
The mission of third part of this book is to cover the most important methods and techniques used in conducting cryptanalysis in general and in-depth. We will point out the necessary cryptanalysis tools, such as software, methods, cryptanalysis types, cryptanalysis algorithms, and penetration-testing platforms.
Performing cryptanalysis can be a tricky and difficult task. Multiple aspects must be considered before realizing the cryptanalytic process. If the cryptanalysis process is performed by a legal entity, things become easier. If the cryptanalysis process is realized by a non-legal entity, it’s a more complex process and hacking methods are involved. The hacking methods will be pointed out later in our discussion. In both ways, hands get dirty. When a cryptanalysis process is performed, take into consideration the fact that it is time consuming and many obstacles can occur because of system complexity, large size of the cryptographic key, hardware platforms, access permissions, and so on.
Informatics (computer science) : Computer networks, programming languages, databases, operating systems, theoretical cryptography
Computer engineering and hardware : FPGA (Field Programmable Gateway Array), programming languages (e.g. VHDL), development platforms (Xilinx, etc.)
Mathematics : Number theory, algebra, combinatorics, information theory, probability theory, statistical analysis, elliptic curves mathematics, discrete mathematics, calculus, lattices, real analysis, complex analysis, Fourier analysis
Third Part Structure
Chapter 19. The chapter will cover the classification of cryptanalysis techniques. We will do a quick overview regarding the theory of algorithmic complexity, statistical-informational analysis, encoding in the absence of perturbation, cryptanalysis of classic ciphers, cryptanalysis of block ciphers, etc.
Chapter 20. The chapter will cover linear and differential cryptanalysis, which are vital when cryptanalysis is performed.
Chapter 21. The chapter will cover the integral cryptanalysis attack, which is used for the block ciphers that are built on substitution-permutation networks.
Chapter 22. The chapter will discuss attacks and how they are applied in practice. A methodology with guidelines will be introduced and we will show how to design and implement real attacks using C#.
Chapter 23. The chapter will discuss the most important techniques for text characterization. Most of the methods based on text characterization count the number of characters or string occurrences. We’ll cover algorithms such as chi-squared statistic; monogram, bigram and trigram frequency counts; and quadgram statistics as a fitness measure.
Chapter 24. The chapter will present case studies for implementing cryptanalysis methods.
Cryptanalysis Terms
Cryptanalysis terms
Keyword/Term | Definition |
|---|---|
Black hat hacker | A black hat hacker is a person who has a bad intention and breaks into a computer system or network. Their intention is to exploit any security vulnerabilities for financial gain, steal and destroy confidential and private data, shut down systems and websites, corrupt network communication, and so on. |
Gray hat hacker | A gray hat hacker is a person, known as cracker, who exploits the security weak points of a computer system or software product with the goal of bringing those weaknesses to the owner’s attention. Compared with a black hat hacker, a gray hat hacker takes action without any malicious intention. The general goal of a gray hat is to provide solutions and to improve the computer systems and security of the network. |
White hat hacker / Ethical hacker | A white hat hacker is an authorized person or certified hacker who works for or is employed by a government or organization with the goal of performing penetration tests and identifying loopholes within their systems. |
Green hat hacker | A gray hat hacker is an amateur person, but different from a script kiddie. Their purpose is to become a full-blown hacker. |
Script kiddies | Script kiddies are the most dangerous form of hackers. A script kiddie is a person without too many skills who uses scripts or downloads tools provided by other hackers. Their goal is to attack networks infrastructures and computer systems. They are looking to impress their community or friends. |
Blue hat hacker | A blue hat hacker is similar to a script kiddie. They are beginners in field of hacking. If someone dares to mock a script kiddie, a blue hat hacker will get revenge. Blue hat hackers will get revenge on those who address any challenges to them. |
Red hat hacker | Also known as an eagle-eye hacker, their goal is to stop black hat hackers. The operation mode is different. They are ruthless when dealing with malware actions that come from black hat hackers. The attacks performed by red hat hackers are very aggressive. |
Hacktivist | Also known as online activist, a hacktivist is a hacker who is part of group of anonymous hackers who can gain unauthorized access to files stored within government computers and networks They act to further to social or political parties and groups. |
Malicious insider/whistleblower | Such persons can be an employee of a company or government institution who is aware of illegal actions that are taking place within the institution. This could lead to a personal gain by blackmailing the institution. |
State- or nation-sponsored hacker | A person who is scheduled and assigned by a government the goal of providing information security services and gaining access to confidential information from different countries. |
A Little Bit of Cryptanalysis History
Writing a comprehensive history of cryptanalysis is challenging, fascinating, and difficult. In this section, we will cover some of the main moments in time that impacted cryptanalysis as a separate field and how it evolved through different periods of history.
The history of cryptanalysis starts with Al-Kindi (801-873), the father of Arab philosophy. He developed a unique method using variations of the occurrence frequency of letters. This method helped him analyze and exploit different methods for breaking ciphers (e.g. frequency analysis). The work of Al-Kindi was based on Al-Khalil’s (717-786) work. Al-Khalil’s work, entitled Book of Cryptographic Messages, describes permutations and combinations for most of the possible Arabic words, with and without vowels.
600 B.C.: The Spartans create the basis of scytale. The purpose of scytale is to send secret messages during their fights. The “device” is designed from two components, a leather strap and a piece of wooden stem. To decrypt the message, the wooden stem must be of a specific size. The size must be the same as the one used for the encryption phase of the message. If the receiver or malicious person doesn’t have the same wooden stem size, the message can’t be decrypted.
60 B.F.: Julius Caesar designs the first substitution cipher, which encrypts a message using shifting techniques for the characters with three spots, in such way that A is D, B is E, and so on. An implementation of this cipher can be seen in Chapter 1.
1474: Cicco Simonetta creates a manual for deciphering encryptions for Latin and Italian text.
1523: Blaise de Vigenère creates the base for an encryption cipher, known as the Vigenère cipher.
1553: Giovan Battista Bellaso designs the first cipher based on an encryption key. The encryption key is based on a word that is commonly agreed upon by the sender and receiver.
1854: Charles Wheatstone creates the Playfair Cipher. The cipher encrypts a specific set of letters instead of encrypting letter by letter. This brings a higher complexity to the cipher, thus it’s harder to crack.
1917: Edward Hebern creates the first electro-mechanical machine based on a rotor. The rotor is used for the encryption operation. The encryption key is stored within the rotating disc. It is designed and based on a table that is used for substitution. The table is modified with every character that is typed.
1918: Arthur Scherbius invents the Enigma machine. The first model and prototype is designed for commercial purposes. The Enigma machine uses several rotors instead of one, as in Edward Hebern’s electro-mechanical machine. His invention is adopted immediately by the German military intelligence for encoding their transmissions.
1932: Marian Rejewski finds out how the Enigma machine works. In 1939, the French and British intelligence services use the information given by Poland, which helps cryptographers such as Alan Turing break the key, which was changed on a daily basis. This was crucial for the victory of the Allies in World War II.
1945: Claude E. Shannon revolutionizes cryptography and cryptanalysis with his work entitled A Mathematical Theory of Cryptography. This represents the milestone where classic cryptography ends and modern cryptography starts to gain terrain.
End of 1970: Scientists at IBM design the first block cipher. The goal is to protect the data of the customers.
1973: The block cipher is adopted by the United States and is set as a national standard, called DES (Data Encryption Standard) .
1975: Public key cryptography is introduced.
1976: The key exchange protocol Diffie-Hellamn is introduced.
1982: A theoretical model for quantum computers is introduced by Richard Feynman. At this moment, we’re on the verge of having widely available cloud-based quantum computers. These aspects and advances will have far reaching implications on many aspects of computing today and in future.
1997: DES is cracked with success.
1994: Peter Shor introduces an algorithm that can be used within quantum computers for integer factorization.
1998: Quantum computing is introduced.
2000: Officially DES is replaced with AES (Advanced Encryption Standard). AES is declared the winner in a competition that was open to the public.
This list can be improved and contains the main events in history that contribute to cryptanalysis as a concept, model, and framework.
Penetration Tools and Frameworks
The section covers several penetration tools and frameworks that are used with success during the process of penetration testing.
- Linux hacking distributions
Kali Linux represents one of the most advanced platforms for penetration testing. It can be installed on different devices and it can be used to attack multiple types of devices.
BackBox is a very powerful penetration testing distribution that includes powerful security assessment.
Parrot Security OS is a new distribution. It’s very professionally designed and implemented. Its target is cloud environments that provide online services and other types of services.
BlackArch is a very interesting penetration testing platform and security research. It is built on top of Arch Linux. As with Arch Linux, the user needs to pay attention to the installation process due to its complexity and different setup instructions.
Bugtraq is a powerful and easy-to-use platform that contains a serious set of forensic and penetration tools.
DEFT Linux (Digital Evidence & Forensics Toolkit) is a platform for computer forensics. There is the possibility of running it as a live system.
Samurai Web Testing Framework is a powerful collection of tools. It can be used for penetration testing on the Web. It comes as a virtual machine file that can be installed in VirtualBox and VMWare.
Pentoo Linux is built on Gentoo. The distribution goal is to provide fast security and penetration testing analysis. It’s available as a live distribution.
CAINE (Computer Aided Investigative Environment) is a complex set of tools that contains professional frameworks and modules for system forensics modules and analysis.
Network Security Toolkit is a popular tool and distribution. It’s easy to install and can be done as a live ISO build on Fedora. It has a powerful set of open source network security tools. It has a professional web user interface which offers important details about network and system administration, network monitoring tools, and analysis.
Fedora Security Spin is a professional distro that can be used for security audits and penetration tests. It is used by various professionals, from industry to academia.
ArchStrike is a pentesting distro build on Arch Linux that can be used by professionals in the field of security.
Cyborg Hawk has 750+ tools for security professionals and for performing penetration tests.
Matriux is quite promising. It can be used for penetration tests, ethical hacking, forensic investigations, vulnerability analysis, and much more.
Weakerth4n is not well known in the field of hacking or cryptanalysis. It offers a unique approach to penetration tests and it is built using Debian (Squeeze).
- Penetration tools/frameworks (Windows and Linux platform)
Wireshark is a very well-known packet sniffer. It provides a powerful set of tools for network package traffic analysis and communication protocols analysis.
Metasploit is one of the most important frameworks used in pentesting.
Nmap (Network Mapper) is a professional network discovery and security auditing tool for security professionals. The goal of the tool is to exploit the targets configured. For each scanned port, we can see what operating system is installed, what services are up and running, firewall details, etc.
Conclusions
The mission and goal of cryptanalysis
A quick overview of the events in history and how many ciphers and algorithms influenced the cryptanalysis discipline
Definitions of the main terms and a clear understanding of the main differences between types of hackers
A background of hacking and pentesting platform distributions
An understanding of the most important frameworks and penetration tools that are used independently, according to the user flavor operating system platform
Bibliography
- [1]
F. Cohen, “A short history of cryptography, 1990. New World Encyclopedia, 2007. Retrieved May 4, 2009, from www.all.net/books/ip/Chap2-1.html.
- [2]
Cryptography. Retrieved May 4, 2009, from www.newworldencyclopedia.org/entry/Cryptography.
- [3]
M. Pawlan, “Cryptography: the ancient art of secret messages.” 1998. Retrieved May 4, 2009, from www.pawlan.com/Monica/crypto/.
- [4]
J. Rubin, Vigenere Cipher, 2008. Retrieved May 4, 2009, from www.juliantrubin.com/encyclopedia/mathematics/vigenere_cipher.html.
- [5]
K. Taylor, K. Number theory 1, 2002. Retrieved May 4, 2009, from http://math.usask.ca/encryption/lessons/lesson00/page1.html.
- [6]
M. Whitman and H. Mattord, Principles of information security. University of Phoenix Custom Edition e-text. Canada, Thomson Learning, Inc. 2005. Retrieved May 4, 2009, from University of Phoenix, rEsource, CMGT/432.
- [7]
The Code Book. The Secret History of Codes and Code-Breaking. Simon Singh, 1999
- [8]
A. Ibraham, “Al-Kindi: The origins of cryptology: The Arab contributions”, Crypto logia, vol.16, no 2 (pp. 97-126). April 1992. www.history.mcs.st-andrews.ac.uk/history/Mathematicians/Al-Kindi.html.
- [9]
Abu Yusuf Yaqub ibn Ishaq al-Sabbah Al-Kindi, www.trincoll.edu/depts/phil/philo/phils/muslim/kindi.html.
- [10]
Philosophers: Yaqub Ibn Ishaq al-Kindi Kennedy-Day, K. al-Kindi, Abu Yusuf Ya‘qub ibn Ishaq (d. c.866–73). www.muslimphilosophy.com/ip/kin.html.
- [11]
Ahmad Fouad Al-Ehwany, “Al-Kindi” in A History of Muslim Philosophy Volume 1 (pp. 421-434). New Delhi: Low Price Publications. 1961.
- [12]
Ismail R. Al-Faruqi and Lois Lamya al-Faruqi, Cultural Atlas of Islam, pp. 305-306. New York: Macmillan Publishing Company. 1986.
- [13]
Encyclopaedia Britannica (pp. 352). Chicago: William Benton. 1969.
- [14]
J.J. O’Connor and E.F. Robertson, Abu Yusuf Yaqub ibn Ishaq al-Sabbah Al-Kindi. 1999.