Cryptography Reference
In-Depth Information
encryption algorithms also involve large quantities of corresponding plaintext
and ciphertext pairs being used during the cryptanalysis. There are generally two
types of break:
1. A method of determining the decryption key directly is found. This is the most
powerful type of break, since obtaining knowledge of the decryption key allows
decryption of all other ciphertexts that were generated using the corresponding
encryption key.
2. A weakness in the encryption algorithm is discovered that leads directly to
a plaintext being deduced from the corresponding ciphertext without first
determining the decryption key.
Determining the decryption key is the most common, and most natural, way of
breaking an encryption algorithm, so we will focus on this type of break in the
subsequent discussion.
It is very important to be aware of the fact that the term 'break' comes with a
substantial health warning. Deciding when a method of determining the plaintext
from a ciphertext is actually feasible (or relevant) is subjective and depends, to an
extent, on what it is reasonable to expect an attacker to be able to do. It is thus
highly plausible that an encryption algorithm that is regarded as 'broken' with
respect to one application might still be suitable for another.
Another point, which we will make repeatedly, is that the most likely point of
failure in any cryptosystem is in the management of the cryptographic keys. If a
decryption key is inadequately protected then the cryptosystem becomes useless,
regardless of the strength of the underlying encryption algorithm. It is surprisingly
common for key management failures to be confused with breaks of encryption
algorithms, especially in the media.
1.6.4 Exhaustive key searches
There is one important method that can be used to 'break' almost all known
encryption algorithms (we will discuss the only exception in Section 3.1.3). This
attack is so important that it provides a security 'benchmark' against which the
effectiveness of other attacks can be measured.
CONDUCTING AN EXHAUSTIVE KEY SEARCH
An exhaustive key search can be conducted by an attacker who is in possession of
a target ciphertext that has been encrypted using a known encryption algorithm.
The attacker:
1. selects a decryption key from the keyspace of the cryptosystem;
2. decrypts the target ciphertext using that decryption key;
3. checks to see if the resulting plaintext 'makes sense' (we discuss this concept
in a moment);
 
Search WWH ::




Custom Search