Introduction
Storage, transmission, and transformation of information are subjected to various attacks. Adversaries, opponents, interceptors, and enemies are all vulnerable to attacks. The primary security violations are disclosure of information values, loss of confidentiality, modification without authorization, or illegal loss of access to those assets. A passive attack is an action in which the adversary has no ability to modify transmitted messages. Under a passive attack, it is only possible to intercept sent messages, decrypt them and analyze the traffic (Kumar et al., 2018). The opponent can change transmitted messages in an active attack and even contribute his own messages. Thus, it is advisable to research cryptographic attacks and defenses against them.
The Types of Cryptographic Attacks
Cryptanalysis of any cipher is impossible without considering the characteristics of the text messages to be encoded. The simple features of texts used in cryptanalysis are the repetition of letters, pairs of words and n-grams, the combination of numbers of letters, the alternation of vowels and consonants, and some others. Such properties are studied based on observations of rather considerable length texts. The cryptographic attacks can be categorized according to the amount and type of data available for cryptanalysis by the adversary. Accordingly, it is possible to distinguish such attacks as an encrypted-text-based approach. It occurs when the adversary has ciphertexts of different unknown open texts encrypted with the same key. The task of the cryptanalyst is to obtain the open text of more messages or accept the key used in the encryption (Zimba et al., 2020). The received code will then be applied to decrypt other messages.
In addition, the cryptographic attack is based on a known public text. It is performed when the cryptanalyst acquires some unencrypted code appropriate to the previously transmitted encrypted messages. By comparing the text-crypto text pairs, the opponent attempts to discover the secret key to use to decrypt all subsequent messages (Zimba et al., 2020). It may be quite challenging for an adversary to gain possession of multiple text-ciphertext pairs.
In fact, obtaining such pieces of open and cipher text is almost certainly possible. The cryptanalyst can have details about the format of the encrypted file, for example, knowing that it is a JPEG image file or a Word or Excel document; they all contain specific standard headers or fragments. Thus, the expert in cryptanalysis will be capable of generating the essential data for an attack based on the known exposed text. An attack based on the selected exposed text is a possibility even more serious option for the transmitting parties (Kumar et al., 2018). In this case, the cryptanalyst is enabled to use the “text-cryptotext” pairs provided to him and form the texts he needs himself and encrypt them with the specific key he intends to detect.
Defense Against Attacks
For a long time, developers of cryptosystems attempted to ensure that their encryption algorithms were invulnerable to ciphertext attacks only and to provide an organizational impossibility of attacks on the open or selected text. In order to achieve it, they maintained secrecy about encryption algorithms and encryption machine devices and thoroughly tested the reliability of personnel who had access to cryptosystems. However, already in the XIX century, experts in the field of cryptography suggested that the secrecy of encryption algorithms is not a guarantee against hacking (Lou et al., 2021). Moreover, it was realized that a truly reliable encryption system should remain secure even if an opponent fully recognizes the cryptographic algorithm.
The privacy of the code should be adequate to maintain the worthy cipher resistant to attacks. This fundamental principle was first formulated in 1883 by Kerckhoffs and is commonly known as the Kerckhoffs method; it is a rule of cryptographic system design (Lou et al., 2021). The encryption code key is contained in a classified form, and the other parameters of the encryption system can be disclosed without reducing the algorithm’s strength. Otherwise, it is reasonable to assume that the adversary knows everything about the encryption system in use except the applicable keys when assessing encryption security. The Kerckhoffs principle focuses on establishing the security of algorithms and protocols independently of their secrecy; openness cannot affect safety (Lou et al., 2021). The majority of widely used encryption systems, according to the Kerckhoff approach, use known, non-secret cryptographic procedures.
In modern cryptography, considerable attention is devoted to developing cryptographic protocols, that is, procedures or algorithms for the interaction of subscribers using cryptographic means. The protocol is based on several rules governing the implementation of cryptographic transformations. The protocols may include confidential messaging reports, authentication and identification protocols, key distribution protocols, and electronic digital signature protocols (Lou et al., 2021). Currently, many specialists have comprehensively studied the encryption algorithms being created and evaluated according to various indicators, including the ability to withstand attacks on the selected text.
Conclusion
Hence, while attacking an encryption algorithm, the adversary usually has two primary goals, searching for the secret code or discovering the open text that meets the encryption code. Most cryptographic systems depend on warning as the only way to protect themselves. Cryptography saves people from fraud, which is why defense should never be limited. A strong system also attempts to identify evidence of malicious activity and restrict the effect of any attacks. Accordingly, it is essential to detect such an attack and then limit it to be assured that the damage caused will be minimized.
References
Kumar, S., Kumar, M., Budhiraja, R., Das, M. K., & Singh, S. (2018). A cryptographic model for better information security. Journal of Information Security and Applications, 43, 123-138.
Lou, X., Zhang, T., Jiang, J., & Zhang, Y. (2021). A survey of microarchitectural side-channel vulnerabilities, attacks, and defenses in cryptography. ACM Computing Surveys, 54(6), 1-37.
Zimba, A., Wang, Z., Mulenga, M., & Odongo, N. H. (2020). Crypto mining attacks in information systems: An emerging threat to cyber security. Journal of Computer Information Systems, 60(4), 297-308.