Cryptanalysis and Brute-Force Attack
In my previous article, we learn basics of cryptography. Here we discuss how hackers attack the system. Hackers main objective to attack an encryption system is to recover the key in use rather than simply recovering the actual message of decrypted or ciphertext. There are two general approaches to attack the encryption system. Those are Cryptanalysis and Brute-Force Attack.
Cryptanalysis: In this method, hackers rely on the nature of algorithm and some knowledge about the plain text or some sample plaintext & ciphertext combinations. This type of attack exploits the characteristics of the encryption algorithm to find the key or to find the plain text.
There are different types of Cryptanalysis attacks based on the amount information cryptanalyst knows. Sometimes cryptanalyst or hackers know just encrypted the message (also called as ciphertext). In this situation, it is tough to find cipher key to decrypt the ciphertext into plaintext. If cryptanalyst knows encryption algorithm, cipher text, and one or more plaintext & ciphertext pairs formed with the secret key, then he can attack plaintext.
Brute-Force Attack: In this method, attackers try every possible key on a piece of ciphertext until they obtain an intelligible translation of ciphertext into plaintext. In this approach, attackers must try on average half of the possible keys to achieving success. That means if there are N possible keys then on average attacker can discover the actual key after N/2 tries. If the plain text converts into a digital file and compressed, then it is tough to find the possible keys. In brute-force approach, some knowledge about plain text is required to list out the possible keys.
