This paper focuses on the theory of cryptanalysis and various tools related to cryptanalysis. The paper also portrays the importance of cryptanalysis and other concepts associated with it. In this paper, I have explained about cryptology, cryptography and cryptanalysis. The importance is given to cryptanalysis. The main aim of cryptanalysis is to deduce the key and recover the plaintext. The cryptanalysis is a technique of breaking code or key, used by hackers to crack the key and some researchers for testing purpose. An encryption is the process of converting plaintext into cipher text. On the other hand, the decryption is the reverse process of the encryption method, which means converting cipher text into plaintext. I have put forth few existing cryptanalysis tools as an instance and cryptosystems are also discussed.
It is art of coding and decoding secret messages. The word 'Crypto' came from Greek for secret or hidden. Generally, cryptology consists of two different phases which are Cryptography (secret writing) and Cryptanalysis (breaking secret). (Writer, 1999)
What is Cryptography?
The Cryptography is a system that science of analysing and designing Cryptosystems which are used to disguise messages so that only certain people can see through the disguise. It's also branch of mathematics. The system is also refers as an important concept for maintaining vital information. In this point of view, writing a secret message is also called cryptography. Generally, the private messages are refers as cryptography. In computer security, peoples need to communicate or transfer (the data) with others. So they are using the internet. But it's highly secure while we apply the cryptography. That's why the internet has some protocols to transfer the data.
Cryptography Example (Wiziq, 2006)
It contains encryption method which refers encrypt the raw data to ciphertext. (decrypted data) encryption and decryption are used secret information, typically referred to as a key. Based on the encryption mechanism used, encryption and decryption are used the same keys, when using other mechanisms, encryption and decryption keys might be different. (X5, n.d.)
Digital Signature Algorithm (DSA):
Rosen (2006) stated that DSA is a Public key encryption algorithm which is used to solve authentication problem. The signature can't be forged or reused. DSA proves that the document or message hasn't been altered. DSA is used mainly in electronic document transfer using digital signature. In this algorithm, the secret keys are not exchanged. For instance, if X sending a message to Y, X encrypts the message with the public key (m, n) and attaches ciphertexts along with digital signature and Y decrypts the ciphertext with the public key K. Y, after decrypting the message, verifies the signature if the signature matches, the message is authenticated else the message is not valid.
Evans (2006) and Rosen (2006) stated that the cryptosystem is an important concept for maintaining vital information. All the cryptosystems has an encryption standard to encrypt the data. The following standards are example for the cryptosystem.
Types of Cryptosystem:
Codec and Ciphers
Symetric key and Assymetric key
What is Cryptanalysis?
The Cryptanalysis is science of attacking the cryptosystem that contains encrypted data and raw data. In other side, it is used by hacker as an algorithm to crack the key. Generally, breaking of cryptographic protocols is also called Cryptanalysis. (Rosen, 2006)
A problem occurred when Alice and Bob communicating each other. Because Eve listening their secrets.
Cryptanalysis example (Wiziq, 2006)
The problem solved when we apply the cryptography system. Now Alice and Bob can communicate securely. Because their messages has been highly secured with a secret key (digital key). If Eve wants to see this message, Eve should be known the secret key to decrypt the message.
Cryptanalysis example (Wiziq, 2006)
According to the cryptographic protocols, the cryptanalysis refers breaking of code or key of an encrypted data. This system has different attacking model which are ciphertext only attack, known plaintext attack, chosen plaintext attack, chosen ciphertext attack. (Rosen, 2006)
Active Attacks: The attacker sends or alters the message pretending them to be an authenticated person by defeating the cryptography authentication and cipher.
Passive Attacks: The attacker often tries to read the messages being transmitted without proper authorization by defeating the cipher without the key.
Possible Attacks without Cryptanalysis:
Denial of service attack: The attacker interrupts the communication. This attack doesn't need a cryptographic mechanism.
Traffic analysis: The attacker doesn't attack the original message but tries to track the useful content like timing and information about the sender and receiver.
Following attacks are made when the attacker knows the available data
Ciphertext only attack: The opponent holds a cipher text, b.
Known plaintext attack: The opponent holds a plaintext, a, and the corresponding ciphertext, b.
Chosen plaintext attack: The opponent has obtained temporary access to the encryption machinery. Hence, he can select a planintext, a, and build the corresponding ciphertext, b.
Chosen ciphertext attack: The opponent has obtained temporary access to the decryption machinery. Hence, he can choose a ciphertext, b, and build the corresponding plaintext, a.
Methods to break Cipher:
Carter and Magoc (2007) stated that there are few methods to break the ciphertext, some of the methods are
Frequency Analysis: It is considered to be the classic method to decrypt the ciphertext.
Relaxation Algorithm: It is a graph based technique used to decrypt the ciphertext.
Exhaustive Search: It is easy to understand and decrypt monoalphabetic ciphers.
Genetic Algorithm: It is most powerful algorithm used to crack substitution cipher.
If we try to overcome above explicated methods it would be quite difficult to break the ciphers.
Cryptanalysis Tools: (10)
Password Cracker Inc (2006) stated that the cryptanalysis tools are used to crack the lost passwords for different purpose. For example, some tools are used to recovering the password and attack the ciphertext.
Advanced Archive Password Recovery is a tool that used to recover the lost or forgotten passwords for some compression files (for ZIP, RAR, ACE archives).
Advanced Lotus Password Recovery is same that we mention above. But it is used to recover the lost and forgotten passwords for IBM/Lotus environment documents.
EverCrack is an open source cryptanalysis engine, multi language support for the user interface and cracks encryption in other language dictionaries, used to break down the complex cipher into simple components by the kernel. The kernel contains a design of algebraic (comparison and reduction) for breaking ciphers.
Proactive System Password Recovery is used to recover all of Windows passwords. For example, an administrator can recover the windows logon password, wireless encryption keys(WEP, WPA-PSK).
VisualSoft File Secure is a cryptographic tool that used to encrypt/decrypt a file or/ and folders using symmetric key mechanism. It contains dominant Blowfish algorithm for the encryption and decryption process. It is used to secure file transfer and compression using the FTP.
Advanced Office 2000 Password Recovery is used to recover the lost or forgotten password to documents/files created in Microsoft office package.
CAP is an entire tool for cryptanalysis, allows for encryption and decryption using some familiar algorithms.
Authd is a software package for verifying and obtaining user certificates which contains cryptographic signature based on RSA public key cryptography.
XOR Cipher Analyser is used to break the most easily breakable ciphers. It also includes encryption and decryption.
Nowadays, many cryptanalysis tools are available in different platform (Integrated Development Environmen) for different platforms (Operating Systems). All the cryptanalysis tools are used to discover encryption methods and decoding the encrypted messages.
National Security Agency (NSA) depicts that "Attacks always get better; they never get worse". The cryptanalysis of these three well-designed ciphers, as well as many well-designed ones, has followed a trend. Over the past few years, we have seen many cryptanalysis tools that these are still being improved and understood as they are applied to different algorithms. In future, we can't predict anything about cryptanalysis. An existence of any efficient algorithm in future might overcome the issues faced in the cryptanalysis.
In this paper, I have explained about the concepts of cryptology. My emphasis is on cryptanalysis. Furthermore, I have explicated on various tools in cryptanalysis. If we use an effective algorithm, the ciphertext can be protected from unauthorised person. The methods used by the hackers to break the ciphertext are discussed above thus if we use digital signature algorithm we can protect the ciphertext from hackers.