Cryptographic attacks
Network administrators commonly invest time and money to design security around applications, servers and other infrastructure components, but tend to take cryptographic security less seriously. Before going into the various attacks, OHW’V undHUVWDnd fiUVW WKDW FUySWRJUDSKy LV DOO DERuW NHyV, WKH data, and the encryption/decryption of the data, using the keys. A few cryptographic attacks try to decipher the key, while others try to steal data on the wire by performing some advanced decryption. Let’s take a look at a few common attacks on cryptography.
The SSL MITM attack: In this case, the attackers intrude into the network and establish a successful man-in-the-middle FRnnHFWLRn. TKH DWWDFNHUV VLOHnWOy wDWFK WKH HTT36 WUDIfiF Rn the wire, and wait for the targeted website to respond to some browser’s HTTmS request. As we learnt earlier, the server LV VuSSRVHd WR VHnd LWV dLJLWDO FHUWLfiFDWH WR WKH EURwVHU DV D part of the SSL handshake process. The attackers grab this FHUWLfiFDWH, Dnd nRWH dRwn vDULRuV dHWDLOV VuFK DV WKH dRPDLn name, expiration date, cipher strength, etc. The attackers WKHn FUHDWH WKHLU Rwn FHUWLfiFDWH (DOVR FDOOHd D VHOI-VLJnHd FHUWLfiFDWH), FRnWDLnLnJ WKH VDPH LnIRUPDWLRn DV WKDW RI WKH FDSWuUHd FHUWLfiFDWH. )URP WKLV SRLnW Rn, WKH PDn-Ln-WKH-PLddOH attackers intercept each browser request and respond with the IDNH FHUWLfiFDWH. AV D nRUPDO UHVSRnVH WR VuFK D VLWuDWLRn, WKH Web browser pops up a warning to the user, which in most cases is ignored, and thus the attackers are successful. Further, on the server side, the attackers establish a separate HTTmS connection to complete the request, and the result of the response is fed back into the browser on the connection already established. This gives the attackers complete control on the 66/ WUDIfiF, Dnd KHOSV WKHP VWHDO WKH SHUVRnDO LnIRUPDWLRn. Since this attack involves a real intrusion into the network, it is less likely to happen, but can result in serious data loss. Also, since the attackers are not breaking the request-and-response chain, it becomes tough to detect the data theft.
The SSL MITB attack: Similar to the attack mentioned above, in this case, the attackers inject a gavaScript code snippet into the browser to create a man-in-the-browser situation. This snippet monitors all SSL activities and records the session. While this is happening, the attackers also record the encrypted version of the same session, and SURJUDPPDWLFDOOy WUy WR find RuW WKH FLSKHU VWUHnJWK Dnd WKH key, besides stealing data. This attack is becoming more popular of late, due to multiple open source browsers, and the various security vulnerability problems with each of them.
Key hijacking: This is another intrusive type of attack, whereby the attackers gain access to the Web server hosting the website (by using one of the many intrusion techniques already discussed in previous articles of this series). Once the server is compromised, the attackers use an elevated SULvLOHJH DWWDFN WR JDLn DFFHVV WR WKH FHUWLfiFDWH VWRUH, IURP where the private key can be obtained. The attackers then uVH SDFNHW VnLIfinJ WR dRwnORDd Dn HnWLUH HTT36 VHVVLRn, Dnd VWRUH LW IRU RIflLnH dHFUySWLRn. TKH dHFUySWLRn SURFHVV needs the private key, which is already stolen; and the public key, which is available in the browserDs trusted authority key store. The data set so deciphered might reveal vital personal information such as user IDs, addresses, credit-card numbers, etc, assuming that the targeted website sells goods online using e-commerce technology.
The birthday SSL attack: This attack relies on a mathematical theory called the birthday problem, which says that statistically, in a set of randomly selected people, some pairs of people will have the same birthday. The probability increases as the number of people grows. In cryptography, the data integrity is established using a hash or checksum, which is calculated at both ends of the transmission, to ensure that the data is not tampered with. Birthday attacks target the hash,