What is cryptographic Security
Attack?
A
cryptographic attack is a method for circumventing the security of
a cryptographic system by finding a weakness in a code, cipher, cryptographic protocol or key management scheme. This
process is also called "cryptanalysis".
Types of Security Attack in Cryptography
Figure: Classification of Security Attack in Cryptography |
Passive Attack
Release of message content:
Figure shows the release of message content passive attack.
Figure: Release of Message Content (Passive Attack) |
The goal
of the attacker is to obtain information that is being transmitted. A
telephonic conversation, an electronic mail message and a transferred file may
contain sensitive or confidential information. In this type of passive attack, message
cannot modify by attacker. Attacker just read the message and then release the
message. There may be a delay to reach message at receiver end.
For
example, B sent message to A, A receives message. But before receiving message,
message was read by unauthorized person. This kind of passive attack cannot by
recognize/identified during massage transmission. It does not affect the
system, just monitor data in network.
Traffic Analysis:
Figure shows the traffic analysis attack.
Figure: Traffice Analysis (Passive Attack) |
Intruders
checks the contents of message or other information, even if they captured the
message but could not extract the information from the message. The opponent
might observe a pattern of message to get the location, or any clue regarding
the origin of message. Passive attack is very difficult to detect, because they
do not involve any alteration of the data.
For
example, B sending message to A, at that time intruders check the pattern of
message and also check that how many numbers of messages send by sender with
same pattern.
Active Attack
Masquerade
Figure
shows masquerade attack.
Figure: Masquerade (Active Attack) |
A masquerade take place when an attacker pretends to be an authentic user. Authentication sequence can be captured & replayed after a valid authentication sequence has taken place. It generally done to gain access to a system, or steal information from system.
Replay Attack
Figure shows replay attack.
Figure: Replay Attack (Active Attack) |
Replay
involves the passive capture of data unit and its subsequent retransmission to
produce an unauthorized effect. A replay attack is also known as playback
attack where attacker repeatedly keeps on transmitting valid data again and
again to make the network jam or delayed the transmission of data.
For
example, A and C have bank account in Bank B. A send request to bank B for fund
transfer in C’s account. C capture the message produce unauthorized effect of
message and get benefits twice for fund transfer. One is from original message
and second is from unauthorized message.
Modification of Message
Figure shows modification of message attack. It is also one kind of replay attack.
Figure: Modification of Message (Active Attack) |
Some
portion message is altered, or that message is delayed or recorded to produce
unauthorized effect. When content of message modified after sender sends it but
before it reaches to concerned receiver, such type of attack is called
modification of message.
For
example, A message is “Virat will play and also captain in next match” is
modified to “Rohit will play and also captain in next match.”
Denial of Services
Figure shows the denial of services.
Figure: Denial of Service (Active Attack) |
Denial of
service attack means making the network unavailable for the user those who want
to communicate securely. Flood the entire network or server with traffic until
shutdown occurs because if overload. This attack may have a specific target. Other
form of this attack is disturbing an entire network, either by disabling the
network or by overloading with messages so as to degrade performance.
Difference between Active Attack and Passive Attack
To learn more about Passive Attack in cryptography, Click here
To learn more about Passive Attack in cryptography, Click here
To learn more Difference between active and passive attack, Click here
No comments:
Post a Comment