## Attacks on Cryptographic Systems (Part I)

• Soft Attacks
No matter how sophisticated the attack techniques become, one must not forget that when the ultimate goal is to obtain the secret message, coercion or social engineering are often the most effective attack techniques. These attacks are based on using physical or psychological threats, robbery, bribery, embezzlement, etc. The attacks are mostly directed to human links of the data security chain.
Social Networks have become a launching pad for these kind of attacks. In a typical soft attack such as the so-called spear-phishing, e-mail addresses and information about the victims social circle is harvested from social networks and then used to send targeted e-mail with malware that cause to reveal secret information for access to secured systems.
• Brute Force Attacks
Assuming, as Kerchoff’s principle recommends, that the algorithm used for encryption and the general context of the message are known to the cryptanalyst, the brute-force attack involves the determination of the specific key being used to encrypt a particular text. When successful, the attacker will also be able to decipher all future messages until the keys are changed. One way to determine the key entails exhaustive search of the key-space (defined as the set of all possible valid keys for the particular crypto-system).
Brute force is a passive, off-line attack in which the attacker Eve passively eavesdrops the communication channel and records cipher text exchanges for further analysis, without interacting with either Alice or Bob.
To estimate the time that a successful brute-force attack will take we need to know the size of the key-space and the speed at which each key can be tested. If $N_k$ is the number of valid keys and we can test $N_s$ keys per second, it will take, on average $\frac{1}{2}(\frac{N_k}{N_s})$ seconds to find the proper key by brute-force.
The threat that a brute-force attack poses cannot be underestimated in the real world. Most financial institutions use cipher-systems based on DES. Keys of length 56-bits, such as the one used by the
standard implementation of DES, can be obtained by brute-force using computer hardware and software available since the late 1990’s. Indeed, to counter this possibility, most contemporary implementations of DES use a derivative known as Triple-DES (or 3-DES) which uses three different 56-bit keys instead of one. The effective key length for the combined 3-DES key is a more secure 168 bits.
Brute force analysis have been used in combination with other attacks as was the case for the deciphering of the Enigma. The famous bombes were an example of the brute-force approach working in combination with a mathematical method that provided an important reduction of the key-space.

To be continued…..

## Securing the Human

SANS Institute set up an excellent resource for those interested in computer security issues (who is not these days?).
OUCH! and other newsletters carry current information on the security issues and they are published now in several languages. I’ve put a permanent link with the badge in the right column.

## Fingerprinting Computers – Part I – Your browser.

Authentication is about the only big open problem in the practice of internet security. The existing encryption and hashing algorithms as well as the key generation/management protocols offer a high degree of security, barring programming/implementation errors.
Authentication technologies face serious challenges mainly because identity is difficult to establish with a 100% certainty even using physical characteristics, i.e., signatures and credentials can be forged, the physical appearance of people can be manipulated, etc.

## 2011 at its Prime

The fact that 2011 is a prime number didn’t escape the mathematical inclined minds. Moreover, as tweeted @mathematicsprof 2011 can be expressed as the sum of the 11 consecutive primes 157+163+167+173+179+181+191+193+197+199+211.

This already sets the stage for a year that, I will dare to predict, will not be easily forgotten. A confluence of processes already in motion may result in drastic changes for the world and in particular the Internet. To wit:

• Cyber-attacks can get ‘physical’ as the stuxnet virus proved,
• There is a struggle to control the internet at all levels,
• Privacy and mobile computers have compatiblility issues,
• All this against the backdrop of economical and political turmoil.

As the Chinese say “May you live in interesting times” ….

## Check the strength of passwords

A cool application for checking the strength of passwords

del.icio.us Tags: ,
,,,
,,

## Stuxnet virus demonstration

Symantec released a video showing how the Stuxnet infect a PLC module attached to an air pump. See the Stuxnet virus in action

## SSL 3.0 / TLS subjected to Man in the Middle Attack

An “Authentication Gap” was discovered in the latest version of SSL/TLS protocol.This could potentially be a huge problem. The gap is not due to some erroneous implementation, it is a property of the protocol.

Here is a list of links to websites where the issue is being followed:

http://www.phonefactor.com/sslgap/

IETF resources

Red Hat

SANS.org

## More reviews for the AMS

I have a few new reviews of papers on cryptography in my updated page. For those interested in the security of NMAC and HMAC or affiliation hiding key exchanges, I recommend reading the reviews. They include links to relevant papers.

## About the need to protect Biometric Data

An article stating the need to protect biometric data appeared in the IEEE spectrum magazine. Not a lot of new information, a good summary of the threats as biometrics are being used more and more as authenticators.

## Secure Processors, the ultimate battlefield

Continuing with the main theme my last two posts, hacking, I am going to wrap up with this post about Secure Processors.

A secure processor is meant to protect the information and the communications, validate the communications channel and be tamper-resistant, should it falls into the adversary’s hands.

Successful hacking of secrets has the duality of being a happy/sad event, depending on which team are you playing for. The design of secure processors makes this duality patent as, in practice, the most important evaluation criterion is that the resulting product should resist the designer’s best attempts at hacking it.

The current research and development efforts are guided by U.S. DoD Anti-Tamper specifications. To prevent reverse engineering, architectures of secure processors are based on a combination of hardware and encrypted software in such a way that if the hardware is captured, its exact functions cannot be guessed without knowing the encryption keys. During WWII, the capture of an ENIGMA machine paved the way for the breaking of the enciphering by the allied forces. These historical lessons are incorporated into today’s design criteria. Some design even incorporate sensors that will detect attempts at using physical means to force the hardware and destroy the critical information upon detection (often called zeroization).

A new dimension to the problem is added by procurement system. Electronic chips are nowadays a commodity and absolute control over the manufacturing of  chips is not possible. Therefore it is essential to ensure that the critical parts, that is the processors, are designed and made in controlled facilities.

The lessons learned in military applications are now being applied to commercial system. This is where the lines blurred because in the interconnected world the enemy can wreak havoc on the infrastructure without firing a shot. Communication and control networks associated with utilities will become more resistant to attacks by using computers fitted with secure processors.

Related:

###### New Chip Brings Military Security to Commercial Processors

The Hunt for the Kill Switch

Secure Processors – IBM

Acalis White Paper