Question

1. Suppose an attacker obtained 128 bits of ciphertext that were encrypted using an encryption algorithm whose keys are known to be 128 bits long. How effective is an exhaustive key search if the attacker does not know the encryption algorithm used?

1. Provide an example of when data integrity is more important than data confidentiality?

1. Suppose you have been asked at your new job to recommend the strength of encryption needed to protect the contents of a database. Draw up a list of some of the questions you think you will need to answer before you can meaningfully attempt to establish a notion of practical security for this application?

1. When evaluating security, how would you apply the concepts of Theoretical Security versus Practical Security?

Answer 1

A ciphertext-only attack is one of the most difficult to mount successfully (and therefore the easiest to defend against) because the attacker possesses such limited information. In some cases even the encryption algorithm is also unknown. However, the attacker may still be able to use statistical analysis to reveal patterns in the ciphertext, which can be used to identify naturally occurring language patterns in the corresponding plaintext. This method relies on exploiting the relative frequencies of letters. In the English language, for example, E is the most frequently occurring letter with a probability of about 0.12. This is followed by the letter T (probability 0.06) then A, O, I, N, S and R. Common letter sequences in natural language (e.g. TH, HE, IN, ER and THE, ING, AND and HER) may also be detected in the corresponding ciphertext.

Ciphertext only. The attacker has only a sample of ciphertext. The speed and success of such an attack increases as the size of the ciphertext sample increases, provided that each portion of the sample has been encrypted with the same algorithm and key.

Cryptanalysis is the science of breaking a cipher without knowledge of the key (and often the algorithm) used. Its goal is either to recover the plaintext of the message or to deduce the decryption key so that other messages encrypted with the same key can be decrypted.

One of the more obvious attacks is to try every possible key (i.e. the finite set of possible keys, known as the keyspace) until the result yields some intelligible data. This kind of attack is known as a brute force attack. Clearly, the greater the keyspace, the greater the immunity to a brute force attack.

A ciphertext-only attack is one of the most difficult to mount successfully (and therefore the easiest to defend against) because the attacker possesses such limited information. In some cases even the encryption algorithm is also unknown. However, the attacker may still be able to use statistical analysis to reveal patterns in the ciphertext, which can be used to identify naturally occurring language patterns in the corresponding plaintext. This method relies on exploiting the relative frequencies of letters. In the English language, for example, E is the most frequently occurring letter with a probability of about 0.12. This is followed by the letter T (probability 0.06) then A, O, I, N, S and R. Common letter sequences in natural language (e.g. TH, HE, IN, ER and THE, ING, AND and HER) may also be detected in the corresponding ciphertext.