Cryptanalysis Methods – CompTIA Security+ Lesson 20

Every time a process is invented that should be unbreakable, someone comes up with a method of breaking it. These are the cryptanalysis methods. *DUN DUN*

Did you get the law and order joke? I hope. Now let’s get started with the cryptanalysis methods:

Frequency Analysis

This method involves looking at blocks of an encrypted message to check if any common patterns exist. One of the pattern are language patterns. Which letters or even words are used the most in a language. For example in the english languague the letters e and t are really common. Also words like the, that and it.

You look for these types of pattern in encrypted text and try to deduce the full message.

This method works only on the historical ciphers. It doesn’t work on modern algorithms.

Chosen Plaintext and Related Key Attack

A difficult, but not impossible approach. You create a set of plaintext messages with the encrypted version of it to derive the key.

With related key attacks, the attacker can obtain ciphertexts encrypted under two different keys.

Brute- Force Attacks

cryptanalysis methods brute force

This is the art of just giving up on difficult techniques and instead just try every possible combination of characters that could be the key.

For example if a password is three chars long, you can try a finite number of possible combinations. Usually you do this with an application and not by hand.

Instead this is one of the cryptanalysis methods that uses a lot of computing power.

Exploiting Human Error

No matter how secure a system, encryption or hash is, the greatest weaknes remains a human one. The users.

If an email is sent using an encryption scheme, someone else could send iplaintext. An attacker who gets a hold on both message can easily do a frequency analysis on the both.