The third part of this book deals with cryptanalysis and its methods. As we mentioned in the beginning of the this book, cryptanalysis is the discipline that study the methods and ways of finding breaches within cryptographic algorithms and security systems. The final goal is to gain access to the real nature of the encrypted messages or cryptographic keys.
Cryptanalysis is a process that should be conducted by authorized persons, such as professionals (ethical hackers, information security officers, etc.). Any cryptanalysis activity outside of the legal framework is known as hacking, which covers personal and non-personal interests.
In this part, we will cover the most important methods and techniques for conducting cryptanalysis in general and in-depth. We will discuss the necessary knowledge and tools, such as software tools, methods, cryptanalysis types and algorithms, and penetration-testing platforms.
Conducting cryptanalysis can be a tricky and difficult task and many aspects must be taken into consideration before doing it. If you conduct the cryptanalysis as a legal entity, things become much easier. If the cryptanalysis is conducted by a non-legal entity , then you are dealing with a more complex process and hacking methods are involved, methods that will be covered later in our discussion. This being said, in both ways you need to get your hands dirty. The process of cryptanalysis is time-consuming and many obstacles and obstructions could occur for many reasons, such as system complexity, high size of the cryptographic key, hardware platform, access permissions, and so on.
- Informatics (computer science)
Computer networks
Programming languages
Databases
Operating systems
- Computer engineering and hardware
FPGA (Field Programmable Gateway Array)
Programming languages (e.g. VHDL)
Development platforms (Xilinx, etc.)
- Mathematics
Number theory
Algebra
Combinatorics
Information theory
Probability theory
Statistical analysis
Elliptic curve mathematics
Discrete mathematics
Calculus
Lattices
Real analysis
Complex analysis
Fourier analysis
Third Part Structure
The purpose of the third part of this book is to provide the tools for implementing and providing the methods, algorithms, implementations of attacks, and designing and implementing a cryptanalysis strategy.
Chapter 18: The chapter will introduce a classification of cryptanalysis and techniques used in association with field of cryptanalysis. We will go through the theory of algorithm complexity, statistical-informational analysis, encoding in absence of perturbation, cryptanalysis of classic ciphers, cryptanalysis of block ciphers, and more.
Chapter 19: The chapter will discuss linear and differential cryptanalysis. Their importance is quite crucial when cryptanalysis is performed.
Chapter 20: The chapter will cover the integral cryptanalytic attack, which can be applied only for block ciphers that are based over substitution-permutation networks.
Chapter 21: The chapter will study the behavior of software applications when they are exposed to different attacks and the source code is exploited.
Chapter 22: This chapter will cover the most important techniques that can be used on text characterization. We will cover the chi-squared statistic; monogram, bigram, and trigram frequency counts; quadgram statistics as a fitness measure, and more.
Chapter 23: We will cover in this chapter some case studies for implementing cryptanalysis methods.
Cryptanalysis Terms
Cryptanalysis Terms
Keyword/Term | Definition |
|---|---|
Black hat hacker | A black hat hacker is a person who has a bad intention and breaks a computer system or network. His intention is to exploit any security vulnerability for financial gain; steal and destroy confidential and private data; shut down systems and websites; corrupt network communication, and so on. |
Gray hat hacker | A gray hat hacker is a person, known as cracker, who exploits the security weak points of a computer system or software product with the goal of bringing those weaknesses to the owner’s attention. Compared to a black hat hacker, a gray hat hacker will take action without any malicious intention. The general goal of a gray hat is to provide solutions and to improve the computer systems and security of the network. |
White hat hacker/ethical hacker | A white hat hacker is an authorized person or certified hacker who is working for or employed by a government or organization with the goal of performing penetration tests and identifying loopholes within their systems. |
Green hat hacker | A green hat hacker is an amateur person, but different from a script kiddie. Their purpose is to become a full-blown hacker. |
Script kiddies | Script kiddies are the most dangerous hackers. A script kiddie is a person without many skills who uses scripts or downloads provided by other hackers. Their goal is to attack networks infrastructures and computer systems. They are looking to impress their community or friends. |
Blue hat hacker | A blue hat hacker is similar to a script kiddie. They are beginners in the field of hacking. If someone dares to mock a script kiddie, then a blue hat hacker will get revenge. Blue hat hackers will get revenge on anyone who challenges them. |
Red hat hacker | Known also as an eagle-eye hacker, their goal is to stop black hat hackers. The operation mode is different. They are ruthless when dealing with malware actions that come from black hat hackers. The attacks performed by red hat hackers are very aggressive. |
Hacktivist | They are known as online activists. A hacktivist is a hacker who is part of a group of anonymous hackers who have the ability to gain unauthorized access to files stored within government computers and networks that serve social or political parties and groups. |
Malicious insider/whistleblower | Such persons can be an employee of a company or government institution who is aware of illegal actions that take place within the institution. This could lead to a personal gain by blackmailing the institution. |
State- or nation-sponsored hackers | This type of hacker is a person who is scheduled and assigned by a government with the goal of providing information security services and gaining access to confidential information from different countries. As an example, consider the malicious computer worm Stuxnet from 2010, which was designed and engineered to bring down the Iranian nuclear program. Another example is the United States 8th Air Force, which in 2009 became the US Cyber Command. |
A Little Bit of Cryptanalysis History
A comprehensive history of cryptanalysis is very challenging so in this section we will cover some aspects and moments in time that influenced cryptanalysis as a separate field and how it evolved through different periods of history.
The history of cryptanalysis starts with Al-Kindi (801-873), the father of Arab philosophy. He discovered and developed a method based on the variations of the occurrence frequency of letters, a method that helped him analyze and exploit different ways of breaking ciphers (e.g. frequency analysis). The work of Al-Kindi was influenced by Al-Khalil’s (717-786) work. Al-Khalil wrote the Book of Cryptographic Messages, which contained permutations and combinations for all possible Arabic words (both types of words, with and without vowels).
600 B.C.: The Spartans invent the scytale with the goal of sending secret messages during their fights. The device is composed of a leather strap and a piece of wooden stem. In order to decrypt the message, the wooden stem needs to be a specific size, the size used when the message was encrypted. If the receiver or malicious person doesn’t have the same size wooden stem, the message can’t be decrypted.
60 B.F.: Julius Caesar sets the basis for the first substitution cipher, which encodes the message using shifting techniques for the characters using three spots: A will be D, B will be E, and so on. An implementation of this cipher can be seen in XXX.
1474: Cicco Simonetta writes a manual for deciphering encryptions for Latin and Italian text.
1523: Blaise de Vigenère introduces his encryption cipher, known as the Vigènere cipher.
1553: Giovan Battista Bellaso creates the basis for the first cipher using an encryption key. The encryption key is characterized as a word that is agreed upon by the sender and the receiver.
1854: Charles Wheatstone creates the Playfair Cipher. The cipher encrypts a specific set of letters instead of encrypting letter by letter. This raises the complexity of the cipher and in conclusion it becomes harder to crack.
1917: Edward Hebern creates the first electro-mechanical machine in which the rotor from the machine is used for encryption operation. The encryption key is stored within a rotating disc. It has a table used for substitution, which is modified with every character that is typed.
1918: Arthur Scherbius creates the Enigma machine. The first prototype is for commercial purposes. Compared to Edward Hebern’s machine in which one rotor is used, the Enigma machine uses several rotors. The German Military Intelligence immediately adopts his invention for encoding their transmissions.
1932: Marian Rejewski studies the Enigma machine and finds out how it operates. Starting in 1939, French and British Intelligence Services use the information provided by Poland, giving cryptographers such as Alan Turing the ability to crack the key, which changes on a daily basis. This is vital for the victory of Allies in World War II.
1945: Claude E. Shannon publishes his work entitled A Mathematical Theory of Cryptography. This is the point when the classic cryptography period ends and modern cryptography begins.
End of 1970: IBM creates a block cipher with the goal of protecting the data of the customers.
1973: The United States adopts the block cipher and sets it as a national standard, called the DES (Data Encryption Standard).
1975: Public key cryptography is introduced.
1976: The Diffie-Hellamn key exchange is invented.
1982: Richard Feynman introduces a theoretical model of a quantum computer.
1997: The DES is cracked.
1994: Peter Shor introduces an algorithm for quantum computers dedicated to integer factorization.
1998: Quantum computing is introduced.
2000: DES is officially replaced with the AES (Advanced Encryption Standard). AES won through an open competition.
2016: IBM launches the IBM Q Experience with a five qubit quantum processor.
2017: The appearance of Q# (Q Sharp) from Microsoft, a domain-specific programming language used for the implementation of quantum algorithms and cryptography applications.
This list can continue and be improved. We included the main events that contributed to the appearance of cryptanalysis as a concept, model, and framework.
Penetration Tools and Frameworks
In this section, we will cover several penetration tools and frameworks that can be used with success in the process of penetration testing, a process that is conducted by a certified professional.
- Linux hacking distributions
Kali Linux: The most advanced platform for penetration testing. It has support for different devices and hardware platforms.
BackBox: A Linux distribution for penetration testing. It also includes security assessment.
Parrot Security OS: This distribution is quite new in this sphere. Its purpose and target is the cloud environment. It provides online anonymity and a strong encryption system.
BlackArch: A penetration testing platform and security research. It is built on top of Arch Linux.
Bugtraq: An impressive platform with forensic and penetration tools.
DEFT Linux: Digital Evidence & Forensics Toolkit (DEFT) is a very important distribution for computer forensics with the possibility of running as a live system.
Samurai Web Testing Framework: The framework and distro is a very powerful collection of tools that can be used in penetration testing on the Web. It’s worth mentioning is that it comes as a virtual machine file, supported by VirtualBox and VMWare.
Pentoo Linux: Based on Gentoo, the distribution’s intent is security and penetration testing. Available as live.
CAINE: Computer Aided Investigative Environment, it is a powerful distribution that offers a serious set of system forensics modules and analysis.
Network Security Toolkit: One of the favourite tools and distributions is Network Security Toolkit, a live ISO build on Fedora. It contains a very important set of open source network security tools. It provides a professional web user interface for network and system administration, network monitoring tools, and analysis.
Fedora Security Spin: A professional distro for security audit and tests. It can be used by various types of professionals, from industry to academia.
ArchStrike: Also known as ArchAssault, it is a distro built on Arch Linux for professionals in the field of security and penetration testers.
Cyborg Hawk: Contains more than 750 tools for security professional and performing penetration tests.
Matriux: The distribution is quite promising and it can be used for penetration tests, ethical hacking, forensic investigations, vulnerability analysis, and much more.
Weakerth4n: Not well-known in the field of hacking or cryptanalaysis, Weakerth4n offfers an interesting approach to penetration tests and it is built using Debian (Squeeze).
- Penetration tools/frameworks (Windows and Linux platforms)
Wireshark: A very well-known packet sniffer. Provides a powerful set of tools for network packages and protocol analysis.
Metasploit: One of the most important frameworks for pentesting, the framework will develop and execute vulnerabilities exploitation.
Nmap: Network Mapper is a very powerful network discovery and security auditing tool for security professionals. Its goal is to exploit their targets. For each port you are scanning, you can see what OS is installed, what services are running, what firewall is installed and used, etc.
Conclusion
Understand the mission and goal of cryptanalysis
Understand the main events during the course of history and how the appearance of difference ciphers and algorithms influenced the cryptanalysis discipline
Define common terms and the differences between different types of hackers
Understand the hacking and penetration platform distributions
Understand the most important frameworks and penetration tools that can be used independently, according to the OS platform
References
- [1]
F. Cohen, “A short history of cryptography.” New World Encyclopedia, 1990. (2007). Retrieved May 4, 2009, from www.all.net/books/ip/Chap2-1.html.
- [2]
Cryptography. Retrieved May 4, 2009, from www.newworldencyclopedia.org/entry/Cryptography.
- [3]
M. Pawlan, “Cryptography: the ancient art of secret messages.” February, 1998. Retrieved May 4, 2009, from www.pawlan.com/Monica/crypto/.
- [4]
J. Rubin, “Vigenere Cipher.” 2008. Retrieved May 4, 2009, from www.juliantrubin.com/encyclopedia/mathematics/vigenere_cipher.html.
- [5]
K. Taylor, “Number theory 1.” July 31, 2002. Retrieved May 4, 2009, from http://math.usask.ca/encryption/lessons/lesson00/page1.html.
- [6]
M. Whitman and H. Mattord, Principles of information security. [University of Phoenix Custom Edition e-text]. Canada, Thomson Learning, Inc. 2005. Retrieved May 4, 2009, from University of Phoenix, rEsource, CMGT/432.
- [7]
Simon Singh, The Code Book. The Secret History of Codes and Code-Breaking. 1999
- [8]
A. Ibraham, “Al-Kindi: The origins of cryptology: The Arab contributions” in Crypto logia, vol.16, no 2 (pp. 97-126). April, 1992. www.history.mcs.st-andrews.ac.uk/history/Mathematicians/Al-Kindi.html.
- [9]
Abu Yusuf Yaqub ibn Ishaq al-Sabbah Al-Kindi. www.trincoll.edu/depts/phil/philo/phils/muslim/kindi.html.
- [10]
Philosophers: Yaqub Ibn Ishaq al-Kindi Kennedy-Day, K. al-Kindi, Abu Yusuf Ya‘qub ibn Ishaq (d. c.866–73). www.muslimphilosophy.com/ip/kin.html.
- [11]
Ahmad Fouad Al-Ehwany, “Al-Kindi” in A History of Muslim Philosophy, Volume 1 (pp. 421-434). New Delhi: Low Price Publications. 1961.
- [12]
Ismail R. Al-Faruqi and Lois Lamya Al-Faruqi, Cultural Atlas of Islam (pp. 305-306). New York: Macmillan Publishing Company. 1986.
- [13]
Encyclopaedia Britannica (pp. 352). Encyclopaedia Britannica, Inc. Chicago: William Benton. 1969.
- [14]
J.J. O’Connor and E.F. Robertson, “Abu Yusuf Yaqub ibn Ishaq al-Sabbah Al-Kindi.” 1999.