CISSP Domain 3 Review / Mind Map (8 of 9) | Cryptanalysis

hey i'm rob witcher and i'm here to help you pass the cissp exam we're going to go through a review of the major topics related to crypt analysis in domain three to understand how they interrelate and to guide your studies this is the eighth of nine videos for domain three i've included links to the other mind map videos in the description below in the last two videos we talked about all the wondrous things we can do with cryptography now let's talk about how we can break it cryptanalysis is the art and the science of understanding

how cryptosystems work so that you can find ways to defeat them or strengthen if you want to have less fun cryptanalysis is the process of decoding secrets and gaining access to encrypted messages and even forging new messages there are two major types of cryptanalysis crypto analytic attacks and cryptographic attacks the primary goal of cryptoanalytics attacks is to deduce the key find the crypto variable the key that can be used to decrypt the ciphertext remember that the primary goal of cryptanalytic attacks that i'm about to talk about is to deduce the key a brute force attack

is the simplest type of attack try every possible key until you find the right one simple but totally ineffective for algorithms that use longer keys recall the key space the total number of keys doubles every time the key length is increased by a single bit so the key space grows exponentially this becomes an insurmountable problem very quickly for algorithms that use 128 bit or especially 256 bit keys there is no system in existence now we're into the foreseeably reasonable future that could brute force a key of that length so moving on to the next type

of attack ciphertext only attacks this means that the crypta analyst the attacker only has ciphertext to work with to try and deduce the key accordingly ciphertext only attacks are very difficult known plaintext attacks means the attacker has access to both the ciphertext and the associated plaintext the attacker knows the plaintext so uh if the attacker knows the plain text then what are we doing here recall the primary goal of crypta analytic attacks is to deduce the key the attacker is using the plain text and associated ciphertext to try and deduce the encryption key used once

the attacker has the key they can decrypt all the other messages or even forge new messages the next two type of attacks have the word chosen in them chosen means the attacker has access to the machine or the algorithm which is being used to perform the encryption and decryption in a chosen plain text attack the attacker is choosing what plaintext to feed into the machine or algorithm and then looking at the resultant ciphertext to try and deduce the key a chosen ciphertext is the same idea but in the other direction the attacker is choosing what

ciphertext to feed into the machine or algorithm and then looking at the result in plain text to try and you guessed it deduce the key factoring attacks there is only one asymmetric algorithm that you need to know about that uses factoring as the hard math problem and that algorithm is of course rsa so if you see factoring attack think rsa or if you want to attack rsa think the factoring attack moving on let's now talk about cryptographic attacks cryptographic attacks are not solely focused on deducing the key some are and some aren't given that very

informative introduction into cryptographic attacks let's now talk about them man in the middle attacks are where the attacker places themselves in the middle of a conversation this allows the attacker to eavesdrop on the communications being sent back and forth and possibly alter the communications or decipher them a replay attack is a form of man-to-middle attack the attacker eavesdrops and intercepts data being sent such as intercepting a user's hashed password being sent to a server to authenticate the user in a replay attack the attacker cannot necessarily decipher the data they have intercepted but they can replay

it resend it later on to their advantage for example the attacker could resend the hash of a user's password later on to masquerade as the user and gain unauthorized access when a cryptosystem is encrypting and decrypting data temporary files are often used to temporarily store plain text ciphertext and encryption keys these temporary files may not be sufficiently secured and thus in a temporary file attack the attacker gains access to the sensitive plaintext or encryption keys by accessing these temporary files implementation attacks target weaknesses in how an algorithm cryptosystem protocol or application has been implemented a

perfect example that you should remember for the exam is wep wired equivalency protocol which implements the rc4 encryption algorithm to secure wireless traffic wep should never be used because it is horribly broken and insecure and yet the rc4 encryption algorithm is excellent wep does a terrible job of implementing rc4 the initialization vectors used are too short and a portion is static among other issues so this is a perfect example of an implementation attack side channel attacks are any type of attack where sensitive information is gathered by carefully monitoring a system that is performing some cryptographic

tasks power side channel attacks measure how much power is consumed by certain calculations timing attacks measure how long certain operations take and in side channel radiation emission attacks the electromagnetic waves that are emanated by a system are closely monitored dictionary attacks are a form of brute force attack used to find encryption keys or a user's password rather than trying every possible combination in some sequential order dictionary attacks try the most likely combinations first thus dictionary attacks can be a lot more efficient and faster method than just a simple brute force attack for example if you

want to figure out a user's password the best password to try first is the most common password in the world password or one two three four five six there are dictionaries giant data sets of the most common passwords in the world that can be used for these dictionary attacks rainbow tables are an extension of password dictionaries here's the idea a user's password should never be stored in plain text in a password database instead it is much more secure to store the hash value of a user's password this poses a problem for attackers if they steal

a password database they will just have a bunch of hashed passwords and of course hashing is one way you cannot take a hash value of a password and go backwards to determine the password ah but what you could do is hash the password one two three four five six and then compare the hash value you just generated to a hash value of a user's password if the hash values match then boom you know the user's password is one two three four five six and so devious attackers have taken these giant dictionaries of the most common

passwords in the world and then for each password they have pre-computed the hash value this is a rainbow table a giant database of the most common passwords and their associated hash values you can no doubt see how rainbow tables would help an attacker how do we defeat rainbow tables salt and pepper i created a video on salt and pepper which i've linked to below which goes into how they're used in more detail birthday attacks exploit the mathematics behind the birthday paradox in probability theory you should associate birthday attacks with finding collisions in hashing algorithms so

think hashing collisions birthday attack and the final truly excellent way of attacking a crypto system is by targeting the weakest link in any system people often the easiest way to figure out some super secure key is to bribe someone thus the purchase key attack or if the carrot approach doesn't work move on to the stick and torture someone this is rubber hose crypt analysis you torture someone to get the encryption key and on that super cheery note we have now reached the end of our review of cryptography we still have one more video in domain

3 which is focused on physical security if you found this video helpful you can hit the thumbs up button and if you want to be notified when we release additional videos in this mind map series then please subscribe and hit the bell icon to get notifications i will provide links to the other mind map videos in the description below thanks very much for watching and all the best in your studies you