What is Cryptanalysis in Information Security?

Cryptanalysis is the decryption and inquiry of codes, ciphers or encrypted text. Cryptanalysis need numerical rule to search for algorithm susceptibility and divide into cryptography or information security systems.

The main objective of cryptanalysis is to discover weaknesses in or otherwise defeat encryption algorithms. This research can be used by cryptographers to enhance and strengthen or else restore irreparably flawed algorithms.

These type of attack exploits the nature of the algorithm to acquire the plaintext or the key being utilized from the encrypted message.

Cryptanalysis generally require a direct examination of the cryptosystem in place, frequently an advanced focused mathematical effort at decryption using data that is known about the encryption design.

These can involve intercepted encrypted messages (ciphertext), intercepted full, partial, likely, or associated initial messages (plaintext), or they can use data that is known for use adaptively in successive trials.

Computer resources needed for cryptanalysis such as time, memory, and information. There are also changeable degrees of achievement ranging from a total break of the encryption algorithm to the ascertainment of weaknesses in it.

There are various types of Cryptanalysis attacks which are as follows −

  • Ciphertext-only attacks − In this attack, the attacker has access to only some ciphertext. It attempt to discover the corresponding key and plaintext. It is considered that attacker understand the algorithm and can intercept the ciphertext.

  • Known-plaintext attack − In this attack, the cryptanalyst understand some plaintext pairs that have been collected earlier, moreover the intercepted ciphertext that it wants to break.

  • Chosen-plaintext attack − Chosen-plaintext attack is same to known-plaintext attack but the plaintext pairs have been selected by the attacker himself. This type of attack is simpler to implement but they are less likely to appear.

  • Brute force attack − This type of attack need algorithms that try to guess some possible logical set of the plaintext which are then ciphered and compared against the initial cipher.

  • Chosen-ciphertext attack − The chosen-ciphertext attack is same to the chosen plaintext. In this, the attacker select some ciphertext and decrypts it to develop a ciphertext. This attack is applicable if the attacker has access to the receiver’s computer.

  • Dictionary attack − This type of attack need a wordlist in order to discover a match of either the plaintext or key. It is generally used when attempting to crack encrypted passwords.

  • Rainbow table attack − This type of attack compares the cipher text against precomputed hashes to discover matches.

  • Man-in-the-Middle (MITM) Attack − Attack appears when two parties use message or key sharing for communication through a channel that occur secure but is generally compromised.

    Attacker employs this attack for the blocking of messages that pass through the communications channel. Hash functions avoid MITM attacks.

  • Adaptive Chosen-Plaintext Attack (ACPA) − It is similar to a CPA, this attack uses chosen plaintext and ciphertext based on data learned from past encryptions.