A cryptographic attack lets threat actors bypass the security of a cryptographic system by finding weaknesses in its code, cipher, cryptographic protocol, or key management scheme. It is also called “cryptanalysis.” Based on the definition above, cryptographic attacks target cryptographic or cipher systems, which hide data so that only a few people can view it.
Think of a cryptographic attack as thieves’ means to open a locked safe. It can either be a lockpick set, a bomb, or an electronic passcode guesser.
Read More about a “Cryptographic Attack”
Cryptographic attacks come in various types. We’ll discuss six of them below.
What Are the Kinds of Cryptographic Attacks?
When launching cryptographic attacks, the threat actors aim to break the encryption used on a file to read its content and, hopefully, obtain the secret key, which can be used to read other confidential information.
Brute-force attacks are the simplest among the cryptographic attacks. To perform them, attackers simply try to decrypt a message by guessing the secret key and checking if the decryption works. With enough time and computing resources, brute-force attacks will work since attackers are bound to find the correct key.
Modern ciphers protect against brute-force attacks by using a secret key that is long enough to make guessing impossible. The Advanced Encryption Standard (AES) has the longest available key length—256 bits. An AES key has 2,256 possible values. No computer today can search for such a key in a reasonable amount of time.
A man-in-the-middle (MitM) attack assumes that an attacker can hijack ongoing communication between two parties. Attackers can intercept all the messages (even encrypted ones) sent over the hijacked channel. In successful MitM attacks, the attackers can decrypt, read, and even possibly modify messages before these get passed on to the intended recipients.
To pull off MitM attacks, the attackers need to convince both parties that they are part of the conversation. Party 1 should think they are Party 2 and vice versa. So long as the ruse works, the MitM attack will remain undetected.
A replay attack allows attackers to replay valid sessions between legitimate users and servers. Unlike injecting themselves in ongoing communications, threat actors target servers to hijack confidential (even encrypted) data. Once that is done, the attackers can trick Party A that they are Party B and vice versa.
Using ciphers, such as random numbers to identify unique sessions, can protect against replay attacks. Each message should have a unique number, so resending Party A’s message to Party B won’t work.
A side-channel attack utilizes unintended side effects of cryptographic operations to obtain information about the plaintext or secret key being processed. In such an attack, the computer’s electrical power to perform encryption and decryption and the time it takes to perform these operations help the threat actors determine the secret key.
Power Analysis Attack
The power that computers use and for how long vary depending on their operations. How much power cryptographic algorithms use may reveal what data they are processing. That allows attackers to guess what kind of encryption was used, making guesswork faster and easier.
A timing attack exploits the fact that different algorithms take various amounts of time to run, depending on the plaintext encrypted or the secret key used. An example would be determining how much time it takes to check a password when users log in to secure systems.
What Are Examples of Cryptographic Attacks?
The Ultimate MitM attack, which used an elaborate spoofing campaign to trick a Chinese venture capital (VC) firm and rip off an Israeli startup, earned the threat actors US$1 million in December 2019. In Ultimate, the attackers intercepted a wire transfer meant to fund the emerging business. They pulled off the heist by sticking to email communications, even canceling in-person meetings.
In July 2021, authorities revealed that hundreds of enterprises in the U.S. and Europe were targeted by a massive cloud-based brute-force campaign. Attackers aimed to access protected data, including emails and valid account credentials, which were then used to exploit known vulnerabilities in Microsoft Exchange to enable remote code execution.
How Can Users Protect against a Cryptographic Attack?
We’ve seen cryptographic attacks cripple targets, but they are avoidable if users employ these best practices:
- Use strong passwords when encrypting data.
- Implement strong and redundant cryptosystems. That means encrypting data more than once.
- Implement long key spaces. That means using AES, the longest key.
Cryptographic attacks may have become commonplace and may no longer make the news much, but that doesn’t make them less destructive and costly. That makes encryption with the longest keys and password-protecting them a critical step.