Attacking Cryptography Essay Example

ATTACKING CRYPTOGRAPHY

ATTACKING CRYPTOGRAPHY

TABLE OF CONTENTS

Introduction

Main body

Conclusion

Glossary

List of references

Introduction

Cryptography is the conversion of different kinds of data in to secret codes that can be sent to or across private as well as public networks (Stinson, 2006). There are three main ways of encrypting data.

  • Symmetric cryptography

  • Cryptographic hush functions

  • Asymmetric cryptography (Mollin, 2007)

These three means differ in the way the encryption and or decryption keys are used for signing, appending, or checking the data. Cryptanalysis refers to the way individuals attempt to attack, decipher or discover the encrypted text or obtaining the encryption and or decryption keys. Key types of cryptanalysis include

  • Linear cryptanalysis or differential cryptanalysis

  • Cipher text

  • Paired plaintext and cipher text (Bruen & Forcinito, 2005)

TrueCrypt is a free software encryption application or software. It supports major operating systems including Linux, windows, and Mac. TrueCrypt supports both pipelined and parallelized encryption of data depending on system devices being in use (truecrypt.org).

Just like other encryption software’s or applications, TrueCrypt is also vulnerable to attacks. Over the years the security provided by TrueCrypt has improved as the company through research and development has seen significant improvements from CBC mode, to LRW mode and finally to XTS mode of operation (truecrypt.org).

There are different ways through which we can be mount attacks on encryption software’s or applications including TrueCrypt. From our case analysis it is clear that Charlie has access to Alice’s workspace, we can also assume that Charlie has no special equipments to access the files and that he has limited resources. Thus the possible ways that Charlie can access Alice’s files are:

  • Through a private or public network

  • Direct access to Alice’s Laptop

These are the two basic ways that Charlie will access the files encrypted with TrueCrypt. Below is a representation of an attack tree and analysis of the situation.

Findings and analyses

Alice’s attack tree system

Attacking Cryptography

From the introduction above, we observed that there are three main encryption modes. Symmetric encryption is the least secure of the three (Bruen & Forcinito, 2005). However, we understand that Alice uses an advanced algorithm (AES). AES stands for advanced encryption standard. The US government approval of AES was in 2002. It was the first government approved open source encryption standard in the United States. TrueCrypt program that Alice uses is based on AES. The specific features of TrueCrypt are:

  • It creates virtual encrypted disks inside data files and then mounts them as real disks.

  • It Encrypts partitions and or storage devices

  • It provides as security plausible deniability (truecrypt.org).

We are aware that Charlie has access of the workspace for a period of 43 minutes. Thus, we can assume that Charlie has four principle ways of accessing the files. In the first case, he can steal the computer and have someone crack the codes for him before the nine days are over. He can choose to return the laptop later if he wishes but this is not our concern. From the diagram, it is clear that we have four main ways of gaining access. These are Cryptographic attack, MITM attack, Physical attack, and, Software attack (stamp, 2006). Within this level, Charlie may also opt to install malicious software in Alice’s PC so that he can divert the information to a public or private domain in which Charlie has access. Under this assumption, we shall assume Charlie will use his ingenuity to access the sensitive files. Despite the fact Charlie needs to have a decision frame based on the following characteristics

  • Whether a task is possible or not possible

  • Whether the attack needs special equipment or not

  • Whether the attack mode is expensive or not

  • The probability of succeeding in attack

We have observed four different levels of attacks in the attack tree we have (Shneider, 1996). In order for Charlie to be successful in any of the four levels he has to put in mind the characteristics we observed earlier on. The first level has the main ways through which the information can be achieved. They are the first leaf nodes from the root node, which is information access. The second level indicates ways through which the goals of the first level can be attained. For instance if Charlie steals the computer in the first level he needs to find ways through which he will access the information in the second level.

If Charlie chooses to hack the codes from a private or public network, then there should be an existing wireless network so that Charlie can link his computer to that of Alice and be in a position to view Alice’s passwords from his workspace. This would require him to link the computers from Alice’s laptop and hope that Alice will not know of this action. This can be done during one of the 43-minute sessions that Charlie can access Alice’s workspace. He can also try to access the files before they are encrypted. If this mode is chosen in level one then there will be no need for additional levels since this choice achieves the goal or root node.

The direct access mode has all the four levels we have indicated in the attack tree. The third way would be to use the “Evil maid” system. This would involve Charlie accessing Alice’s laptop and fixing the “Evil maid” USB stick. This process would involve Charlie making the boot disk and booting Alice’s Laptop with the USB present. This will help to store the password or the keys in the USB or transmit them over a private network (Mollin, 2007). After doing this, when Alice Powers her laptop after the break the loader in the USB will record the last password that Alice used. This will enable Charlie to access the information on Alice’s laptop whenever he wants without Alice ever knowing.

The fourth and most easy way to access, the information is by Charlie getting the information from Alice herself either directly or in pretence. Charlie can get access to these passwords or passphrases by eavesdropping, blackmailing, or lying to Alice. The latter would involve using any means possible to make Alice have trust in him to a point that she allows him to access the computer anytime or even give the codes and passwords to Charlie. How well Charlie will be able to do this depends on his ingenuity, innovation, or degree of his trickery (Shneider, 1996).

Another very simple way of accessing the files is through direct access. Charlie can wait for an opportune time when Alice has mounted the files. After he realizes this, he should find a way to disrupt Alice so that he can access the files easily, and quickly. Under this mode, Charlie will have to determine how he will be able to disrupt Alice after mounting the files or volume. The other mode we observed in this case is that of eavesdropping. Depending on the nature of the security system in Alice’s workspace Charlie can choose to look at the combinations from a security camera within Alice’s workspace. This will depend also, on how much access Charlie has around Alice’s workspace. If he does not have such access then he might have to risk bribing someone to do the job for him. However, this is a risky venture since the third party might chose to expose Charlie.

If Charlie chooses to eavesdrop then he will have to choose which means he will use to get the information. This might involve eavesdropping on Alice’s conversations and hear whether Alice gives the information to any of her friends. He might also try to get the information from Alice’s close colleagues that might have the information. Either way Charlie has to choose the most convenient way to achieve this.

From the above analysis and from various studies there are different ways that the encrypted information can be deciphered. Many security experts advice that it is necessary to ensure that the laptop is not physically vulnerable. In addition, EAS is prone to brute force attacks, side-channel attacks, malware distortion, among others (Shneider, 1996). From the application documentation, it is advised that a TrueCrypt user should ensure that an attacker has no physical access. Since Charlie has physical access to the PC, then we can assume that his IT skills will determine how easily or not he will access the intended information.

Conclusion

Over the years, different advancements to improve TrueCrypt have taken place. Due to sensitivity of information, it is important to improve the application from time to time to avoid illegal decryption. In the attack tree, system the root node is usually the goal of the decryption. Thus, it is necessary to ensure that any possible leaf node (attack process) is well anticipated so that software developers can devise necessary actions to mitigate the possibility of hackers succeeding.

Glossary

Cryptography

The conversion of different kinds of data in to secret codes that can be sent to or across private as well as public networks (Stinson, 2006).

Advanced Encryption Standard

This is an encryption standard specified for the encryption of electronic data.

Brute force attack

A form of attack system that tests all possible keys until it deciphers the right key that produces intelligible plaintext.

Side-channel attacks

These “encryption attacks” do not attack the principal cipher. They target systems that leak data.

TrueCrypt

This is a free software encryption application or software. It supports major operating systems Malware

Malware refers to malicious software’s or applications like spyware and viruses that disrupt the normal operations of a personal computer.

Attack tree

This is the system that decryption follows to crack codes of encrypted information

List of references

Bruen, A., & Forcinito, M. (2005). Cryptography, Information Theory and Error Correction: A Handbook for the 21st Century. Wiley.

Mollin, R. (2007). An introduction to cryptography. CRC

Schneider, B. (1996) Applied Cryptography. John Wiley & Sons, Inc.

Stamp, S. (2006). Information Security Principles and Practice. Wiley

Stinson, D. 2006). Cryptography, Theory and Practice. Third Edition. Chapman & Hall.

The official TrueCrypt website. Retrieved on 22 August 2011. Available at www.truecrypt.org.