All right now we've talked about earlier. The fact that anything that's encrypted could ultimately be decrypted. It's just a matter of time. It's a matter of work factor, which means the processing capabilities and the amount of effort you're essentially willing to put into it. And, you know,
generally speaking, if it's gonna take you 10 million years with 10,000 processors running 24 7 that's probably okay if I'm just sending you my grocery list. So the idea is, it's all about the work factor. But as an attacker, I keep trying to chip away, chip away, chip away
and what we're talking about with the attacks here on this particular slides.
Um, the idea is you're using. Perhaps a proprietary algorithm went, for instance, the government uses, you know, you're not necessarily using A S or more standards based. So when we talk about attacks on cryptography, sometimes it is about decrypting encrypted text. But other times it's it's bigger than that.
Let me break the algorithm because if I break the algorithm than I can decrypt anything
encrypted that out right, it's about finding out the key and being able to ridiculously, predictably generate the key. So
these particular cats, for instance, cipher text only attack. Um, this is the most commonly performed attack. It's also the least likely to be successful. So what this essentially means is I have gotten a sniffer, some device on your network, and I've captured
encrypted text. So you guys are transmitting an encrypted text. I've captured some. All I have is cipher text. I don't have
anything else. I don't have any other clues. So what I generally have to do is just kind of brute force it And that takes a tremendous amount of time, tremendous amount of processing capabilities and probably not may be very successful.
Where I have a better chance of being successful is to be ableto look a text in plain text and compare it to that in cipher text. And the more I can see in plain text in the more in cipher text, the better able I am to figure out patterns doesn't mean it's gonna be easy, but that's a step in the right direction.
So when we come to the known plain text attack,
I have captured something inside for tests on the network. I haven't psycho text and there is a portion of that that I also know in plain text. I don't get to choose what I do in flame text. But like, for instance, your automatic signature Very respectfully yours, Kelly hander hand.
You know, if I always signed my email messages the same way and you've captured an email message, will, you know, somewhere in there is very respectfully yours, Kelly Handwritten.
Okay, so that's a known plain text attack.
A chosen plain text attack is even better for me is an attacker. Because I get to see what I want in plain text and encrypted. And the way that works is I'm gonna be the creator of the message.
Okay? I'm gonna create this message. I'm gonna be very purposeful and careful about patterns that I use words that I choose repetitions.
And I'm gonna craft this message exactly the way I want it, and then I'm gonna send it to you.
Okay? I'm gonna say, Hey, send this out to all your team. But remember, it's important. So encrypted
now, the message came from May. So I have it in plain text and then I captured on the network. I have it in cipher text. So obviously this is much bigger than me. Just being able to read a message. I want to find out what your encryption algorithm does. What is the key due to confer this plain text to this cipher text? Because that will help me
in a much larger scheme of things.
And then the last attack on this slide chosen cipher text. That means I can see anything I want in plain text and anything I want. In cipher text. I have gained access to more system, and it's sometimes called a lunchtime or a midnight attack. What that means is you've wandered off from your work station.
I've gained access to it. Now I can see what I want.
Another attack on cryptography, and I think this one actually might be testable. It's called a meet in the middle attack, not a man in the middle attack, but a meet in the middle attack. And this isn't a tack gear to algorithms like triple does where they're multiple keys.
So, for instance, we we see encryption key one, then key tooth. And with key three
Okay, that's the way triple Dez works. Well, let me figure out the difference between what things look with encrypted with key one, and then how they look encrypted with key to And by comparing and contrasting the differences, that gives me an idea what the key is in what each he does individual.
All right, so that's called meet in the middle attacks, you know, other attacks. What? We didn't Really I don't really have an undecided but a man in the middle attack we talked about, someone steps in and actually, really, a man in the middle of that can be totally passive. Passive men in middle attack is sniffing the network right
on intercepting traffic. And I'm looking at it. But I'm not modifying.
A man in the middle of that becomes active once I start injecting myself into the stream like, for instance, a session hijack attack. So I present myself his Bank of America. I steal your session, it's session information and try to resume communications.
Ah, as Bank of America
to get information, passwords, whatever that might be. So that's a session. Hijack. Um,
man in the middle's are passive by nature, but they can be active. And when they're escalated to a man in the middle Ah, a session hijack. Hopefully that makes sense.