Attacks on Cryptosystems
Attacks are attempts to achieve unauthorized access to secure communications have characteristically used brute force attacks. Attacker may alternatively conduct known plaintext attack or selected plaintexts attach schemes.
The different methods of attacks are as follows:
Man-in-the-Middle Attack
This technique is designed to intercept transmission of public key or insert known as key structure in place of requested public key. From victims’ perception, encrypted communication appears to be taking place normally, but actually attacker receives each encrypted message, decodes, encrypts, and sends it to originally intended recipient. Establishment of public keys with the digital signatures can prevent traditional man in the middle attack Correlation Attacks
Collection of brute force methods which attempt to deduce statistical relationships between structure of unknown key and ciphertext is called as correlation attacks. Differential and linear cryptanalysis has been used to mount successful attacks. Only defense organization is the selection of strong cryptosystems, by key management, and strict adherence to finest practices of cryptography in frequency of changing keys.
Dictionary Attacks
In the dictionary attack, attacker encrypts every word in a dictionary by using same cryptosystem used by target. Dictionary attacks can become successful if ciphertext consists of relatively few characters (for instance usernames, passwords).
Timing Attacks
Attacker eavesdrops through victim’s session is sometimes called timing attacks which uses statistical analysis of user’s typing patterns and inter keystroke timings to discern sensitive session information.
It is used to gain information about encryption key and possibly cryptosystem in use. Once encryption is broken successfully, attacker may launch a replay attack (an attempt to resubmit recording of deciphered authentication for entry into secure source).
Defending From Attacks
Does not matter how sophisticated encryption and cryptosystems have become, if key is revealed, message can be determined easily. Key management is not so much management of technology but instead management of people.