blog posts

Dangerous Attacks

Familiarity With 14 Of The Most Dangerous Attacks In The World Of Network Security

The world of security is full of deadly attacks that, if successfully implemented, have the potential to seriously jeopardize an organization’s entire infrastructure. 

Accordingly, it is important for security experts to be carefully informed about attacks that target networks and websites. In this article, we will look at some of these deadly attacks.

Replay attack

A replay attack is a type of networked attack in which a valid malicious or fraudulently motivated data transfer is repeated or delayed. The attack is carried out in such a way that the attacker intercepts the data being transmitted, removes it from the wire, and resends it after obtaining important information such as username and password or changing the information; This is usually done by replacing IP packets, such as a stream encryption attack.

For example, suppose Alice wants to prove her identity to Bob. Bob, for example, asks for Alice’s password as proof of identity, and Alice agrees.

 Meanwhile, a third person is eavesdropping and stealing, and keeping the password or hash function.

After the exchange of information is over, the attacker now replaces Alice and communicates with Bob; And when Bob asks him for proof of identity, the attacker sends Bob the password or hash function Alice he kept in front of him, and he agrees, and thus the attack is repeated.

Prevent attacks

There are several ways to prevent a replay or replay attack, including periodic security tokens, one-time passwords, nans, and another way to prevent a repetition attack is time tagging.

Collision attack

Collision attack In cryptography, an interference attack on an encrypted hash tries to find two optional inputs that produce the same amount of hash, such as a collision attack.

Unlike a preimage attack, neither the hash value nor one of the inputs are specified. Many cryptographic applications do not rely on collisions. As a result, collision attacks do not affect their safety.

For example, password hashing and HMACs are not vulnerable. For a successful attack, the attacker must control the input of the hash function.

Digital signature: Because digital signature algorithms cannot sign large amounts of data efficiently. To sign most implementations are done using a hash function (compressor) to reduce the amount of data as much as possible to reach a fixed size.

Digital signature programs are often vulnerable to hash collisions unless methods such as random hashes are used.

Note that all public-key certificates, such as SSL certificates, rely on digital signature security and are compromised by hash collisions. Attacks are typically based on the following scenario:

  1. Mallory creates two different documents A and B, which have the same hash value (collision).
  2. Mallory sends document A to Barry Ellis, and what they have agreed upon is called a document, he signs it and sends it to Mallory.
  3. And Mallory copies the signature sent by Alice in document A to document B.
  4. Then Mallory sends document B to Bob, claiming that Alice signed a different document and that because the digital signature matched the hash document, Bob’s software could not detect the change.

Passive attack

An inactive attack on an encryption system or network is an attack in which the attacker monitors the sending of data between the parties, intending to gather information sent between the parties without disturbing or indicating their presence, an act similar to There will be espionage.

Traffic Analysis Avoiding Public Analysis Monitoring Posts Relying on Encryption Prevention Different types of passive attacks include 1) Traffic analysis 2) Disclosure of the contents of exchanged messages.

Traffic analysis

In this type of passive attack, the person identifies the location of the source and destination of the data, acquires other characteristics of the interacting users, and examines the frequency and length of the messages exchanged.

And finally, with this kind of information that he obtains, he can easily identify the type of communication established between the parties.

The remarkable thing that distinguishes this type of attack from active attacks is that there will be no change or disruption in the communication and messages of the parties, and only similar espionage operations will be carried out.

Lateral channel attack

In the discussion of computer security, a side-channel attack is an attack that is based on information obtained from the implementation of a computer system to the weaknesses that exist in its implementation algorithm. (E.g. encryption and software bugs).

Scheduling information, power consumption, electromagnetic leakage, or even sound can provide a huge source of information that can be exploited and exploited. Some lateral channel attacks require technical knowledge about the internal operation of the system; Others, however, are just as effective as black-box attacks, such as differential power analysis.

According to researchers at Microsoft and Indiana University, the advent of Web 2.0 applications and software services has also made it possible for third-party attacks on the Web, even if the transmission between the web browser and the server is encrypted (e.g. over HTTPS or WiFi encryption). ).

Many powerful lateral canal attacks are based on statistical methods first proposed by Paul Kutcher. Attempting to break an encryption system by tricking or forcing people with legal access is not usually a side-channel attack: See Social Engineering and Rubber Hose Encryption.

Dictionary attack

A dictionary attack is a way to crack a password or authentication mechanism in computer network security and password analysis. This attack is done by trying to identify the key to decrypt a text or password by searching for all possible possibilities in a dictionary.

Compared to a brute force attack, in which all possible scenarios are examined; The dictionary attack only considers the situations that are most likely to succeed; Which also typically uses a dictionary.

Glossary attacks have generally been successful because most people tend to choose a password that is simple and short (7 characters or less), or choose often simple monosyllabic words that are commonly found in the same dictionaries, and are also easily predictable, such as data. Digit. as a result; Such passwords are easily cracked.

Slip attack

A slip attack is a state of cryptography analysis designed to counter the general idea that even weak crypts can become very strong by increasing the number of rounds and counteract a differential attack.

A slip attack works to make the number of rounds in a code unrelated. Instead of looking at the decryption aspects of blockchain data, the slide attack analyzes the keyword list and discovers its flaws to crack the password.

The most common are keys that are repeated in cycles.

The only requirement of this attack to work on a password is that it can be broken into several rounds associated with an f function. This probably means that it has a cyclical list for the key. The f function must be sensitive to the attack of certain unencrypted text. The slip attack is related to the key attack.

The idea for the landslide attack dates back to a 1977 article by Edna Grossman and Bryant Tuckerman. The two described the attack on a weak cryptographic block.

The attack depended on the fact that the password had the same subkey in each round. Thus, the key of a key was associated with a list of cycles involving only one key, which makes it a copy of the slip attack.

A summary of the report, including a description of the NDS blockchain and attack in encryption systems (Becker and Piper, 1982) is provided.

Distinctive attack

In cryptography, an attack distinguishes any type of cryptographic analysis on encrypted data that allows an attacker to distinguish encrypted data from random data. Today’s symmetric key encryptions are specifically designed to be safe against this type of attack.

In other words, today’s cryptographic designs are quasi-random permutations and are designed to have unrecognizable encrypted text.

If an algorithm is found that can detect output from random text faster than a comprehensive search, a breakthrough in that encryption is considered.

Another similar concept is a distinctive encryption attack, whereby the attacker knows the key and can find a structural feature in the encryption, where the conversion of the original text into encrypted text is not random.

To prove that a cryptographic function is secure, it is usually compared to a random oracle.

If an Oracle function is random, then the attacker is unable to predict any of the function outputs.

If a function is distinct from a random oracle, then it has non-random properties. In this case, there is a relationship between different outputs, or between output and input, which can be used by the attacker for example to find (part of) the input.

Explicit text attack

The known-plaintext attack is an attack model for encryption analysis, where the attacker has instances of plain text (also called a crib) and its encrypted version (encrypted text).

These can be used to reveal more confidential information, such as secret keys and codebooks. The PKZIP stream password used by older versions of the compact format is susceptible to this attack.

For example, an attacker with an encrypted zip file only needs a portion of an unencrypted file in the archive to form a “known-plaintext”.

Then, using some of the software available to the public, they can quickly estimate the key needed to decrypt the entire archive.

To obtain such an unencrypted file, an attacker could search the website for a suitable and annoying file, find it from another archive they could open, or manually equip a file name to reconstruct an Explicit text file from an encrypted archive try. However, this attack does not work on ZIP AES files.

Original text attack

The ciphertext-only attack is an attack model for encryption analysis in which the attacker can only assume that he has a set of encrypted texts. This attack is quite successful if the attacker can get a plain text or better than the key. Also, if the attacker can get the slightest information from the plain text or key, this attack is considered successful.

For example, if an attacker can distinguish between a blank message and a real message by sending traffic, he can use this to make the attack successful

. Older cryptographic algorithms, such as the Caesar code, the Visioner code, have original text attacks that can only be obtained by encrypted text and by methods such as frequency analysis or comprehensive text search attack.

The Enigma machine was able to make this attack harder.

Today, all modern algorithms are designed to protect against this attack, and if it does not have cryptographic security, it does not have high-level security.

In fact, this security is the basic level of security in cryptographic algorithms.

Algorithms such as AES have been able to make an extensive analysis of encrypted text impossible by applying permutations and operations such as matrix multiplication.

Middle man attack

A man-in-the-middle attack, also known as Bucket Brigade attack or sometimes Janus attack. In cryptography and computer security, a middle-class attack is an active form of eavesdropping in which the attacker establishes an independent relationship with the victim and broadcasts messages between them.

In a way that makes them believe that they are talking in a direct and private relationship with each other; While all their conversations are controlled by the attacker.

The attacker must be able to listen to all the messages sent between the two victims and leave a new message that will work properly in many situations.

For example, an attacker receiving a non-encrypted wireless access point could impersonate a middle man.

A middle-aged attacker can only succeed if he identifies each endpoint with the other’s consent.

This is an attack (or lack thereof) of two-way authentication. Most cryptographic protocols include some form of endpoint authentication, especially to prevent middleman attacks.

For example, Transfer Layer Security (SSL) can authenticate one or both parties using a two-way trust certificate.

Meet attack in the middle

The meet-in-the-middle attack is a type of cryptographic attack as opposed to cryptographic algorithms that rely on several consecutive encryption operations.

It is an attack tool with 256 memory and 2112 operations. A simple idea to increase the cryptographic security of a text is to encrypt it repeatedly with different keys. Consider the number of times the data is encrypted because if the information is encrypted n times with k-bit keys, it takes 2k.n to search to find all the wrong key combinations.

Decrypting and using them reduces the time it takes to find decryption keys, although this reduces the time spent using more memory.

This attack uses encrypted text and plain text combining a large number of functions (or encrypted pieces) to find the keys so that moving from the first function is the opposite of moving from the last function.

For example, although dual-device encrypts data with two 56-bit keys, it can be broken with 257 encryption and decryption operations.

Random number generator attack

The security of cryptographic systems depends on some confidential data that is known only to certain people and unknown and unpredictable to others. . Different types of randomization are used to achieve this property of unpredictability.

Modern cryptographic protocols often require the repeated generation of random values. Cryptographic attacks that weaken or disrupt this process are known as random number generating attacks.

A high-quality random number (RNG) production process is almost always required for security, and in general, poor quality creates vulnerabilities to attacks, resulting in insecurity in cryptographic systems.

The RNG process is very attractive to attackers because it is usually easy to find an isolated piece of hardware or software.

If the attacker can replace the pseudo-random bits generated predictably, security is completely compromised, yet it will be undetectable by any test.

In addition, such attacks only require single access to the compromised system, and unlike a computer virus that steals keys and then sends them to certain email locations, it does not need to send information.