English Peke Press
Cryptography, technology and computer science

Basic Cryptography III (attacking keys)


Overtaken explanations of cryptographic systems, modular arithmetic and finite symmetric systems (private key) and asymmetric (public key), I’ll throw to explain the types of attacks that can be made to security system.

With types of attack, I mean ways to attack a key, or get a key, I will not guide the methodology, but I’m going to what is the theory of the attacks, that is, as they are earned but not I instantiate an attack, not because I look ugly or illegal or wrong, but because I leave that to other post where you delve into a particular type of attack.

Here are some types of attacks:

  • Brute force: This is the most basic attack that can be done on a key addition in slower and possibly fruitless, can be improved with certain techniques, but basically, is to go Porbén until successes, this is done by proposing an alphabet (a series of letters, numbers and symbols) that a program, anger ordeanda ranging from a form, not skipping any, and trying to pass and see if they match, by any chance with the key. To follow some improvements:
  • A possible improvement to these systems, such as using limited alphabets, knowing the culture of the target, ie if you are attacking an Englishman, do not use the N in the alphabet, so it may seem silly can drastically reduce A number of checks.
  • Or Another theory is assumed, which is a word that makes sense, thereby testing the limits refer to the dictionary of a language, there are many fewer options to mix all the letters of an alphabet.
  • Or you can combine the latter with a replacement system of letters and numbers, such as vowels, changing A-4 E-3 I-1 O-0 U-7, for example, so that these vowels are removed and is sustituyn by those numbers.
  • In addition there are a number of common keys that can be tested, since we are at bottom little original key setting, but for this type of attack, you know the person, and it is used, dates and names, which are very common in passwords of people, if not believe me, think of your own.
  • A second type of attack is that of MIM (Man in the Middle) or known as getting in the way, now, a translation would be, man in the middle, in this case is to analyze what is transmitted between sender and receiver to guess the key, ie capture the communication and cryptograms, remove the key, est system requires that before you strain into medium to capture the frames, if desired peuden testing at home, with the WiFI at home, browsing to a computer with WiFi and capture troo, what they are doing. This requires some expertise, but sooner or Tempra colgare hare a test and a post, I did it once, and it was fun to rob me, if at the same time quite stupid.
  • Another common attack is the Denial of service (DoS Dennial of service), these attacks do not want to get the key to a system, but collapsed in the U.S. recently, users of Iphone were angered by the network service AT & T’s network and wanted to collapse, one arrancadno implementing them, which activated and generated muhas via 3G network connections so that saturate the networks tried this, but it seems a nonsense if you do one, you can saturate a data network because the collisions between each other terminals, causing a failure in the network chain. (This topic deserves a separate post, network collisions, broadcast and multicast, and broadcast areas collision networks, I will).
  • Leakage, this type of attack, is when good, do not have to be a type in itself, but when a fact is that it should go to a site, go to another where it should not, ie if my communication with a Web site should go alone to that page and it also goes to another place where it should not, may overlap with the case of Man In the Middle.
  • At last case to comment, I will talk about social engineering, although it seems that the name of a self-help book is an attack users, direct and ruthless, is when someone by fraud, leads us to provide private information, making us believe it is a Autoride entity to which we deliver these data, the typical case of the bank that sends an email to send him your information, but can be complicated further, leading to cases where a phone call from someone that poses as an employee of a company asking to open a port for working from home.
Advertisements

No Responses to “Basic Cryptography III (attacking keys)”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: