IT | Cryptographic Attacks, Explained

Cryptographic solutions are used to encrypt data transmission over wireless or wired protocols. Unfortunately, these techniques have proved to be vulnerable to attacks and data can be stolen. This article explores the various means to strengthen encryption techniques to protect network infrastructures including methods using FOSS-based solutions.

By Prashant Pathak 


Cryptographic solutions are used to encrypt data transmission over wireless or wired protocols. Unfortunately, these techniques have proved to be vulnerable to attacks and data can be stolen. This article explores the various means to strengthen encryption techniques to protect network infrastructures including methods using FOSS-based solutions.

IT | Cryptographic Attacks, Explained

As we all know, the heart of cryptographic network communication is public-key cryptography (PKI), which is used to encrypt the TCP/IP communication between two network end-points. PKI uses various encryption algorithms to ensure data security. The whole idea behind encryption is to make it a very difficult, time-consuming task to try out all possible keys. For example, if a message is encrypted using an 8-bit key, it means that 256 different combinations of the key need to be tried to decrypt the data. Any computer can perform this task in less than a second. However, if the key length is extended to 32, it would need 65,536 combinations to be tried, needing a few seconds. Extending this, the number of combinations for a 256-bit key would need literally many years for even a powerful computer to crack.

While the key length is an important factor, the mathematical algorithm used for processing encryption and decryption is also equally important. The algorithm is supposed to quickly perform the action, while maintaining necessary data and key security. There are many algorithms, such as SHA1, 3DES, etc. There are two types of keys symmetric and asymmetric. The symmetric types use only one key for encryption and decryption, while for asymmetric keys, there are two different keys, which are complementary to each other. Please refer to Figure 1, which shows the basic cryptography functionality, which is designed with the objectives of data confidentiality, integrity and authentication in mind.

It is important to understand what cryptography means to the Internet. The Internet is blessed with SSL (Secure Socket Layer) and TLS (Transport Layer Security) protocols, which perform the job of encrypting and decrypting the data sent, so as to enable users to securely exchange personal information, credit card numbers, etc. SSL and TLS are based on asymmetric keys exchange. There are two demands here that the data must be encrypted for security reasons, and that the website must be known to be legitimate. The latter is important because attackers may host websites to steal personal information. To ensure legitimacy, the Web server has an SSL certificate, which enables traffic via the HTTPS protocol, using TCP port 443 for communication. This SSL certificate is provided or signed by a trusted certification authority such as Verisign or Thawte, which ensures that the SSL certificate holder is a genuine party, will adhere to security standards, and is eligible to obtain a certificate and install it on their servers. The SSL certificate is tied to the domain name, such as abcd.com.

To understand all the security concerns, we need to first study how certificates work. Digital certificates using asymmetric PKI have two keys, a public key and a private key. The private key is installed on the Web server where the website URL is supposed to be secured using SSL. The public key is shipped with all browsers that support SSL. To support multiple certificate authority vendors, browsers are equipped with their public keys, as well as various ciphers (the encryption and decryption algorithms). Each public key has an expiration date and needs to be updated once it nears expiration. When we install a digital certificate on a Web server, we are essentially installing the private key, which is specifically created by the trusted certification-providing authority.

Now let’s see how this mechanism works at a higher level, for a browser. When a person tries to access an SSL-secured website, the browser first challenges the server by sending its own cipher strength. In response, the server does the same, and also sends a copy of its own installed SSL certificate (for the hosted website URL). At this point, the browser checks the validity and authenticity of the certificate, by using the set of public keys on it. On finding it to be acceptable, the browser sends back a digitally signed response to the server to initiate further secure communication. If the server certificate cannot be verified for authenticity, the browser alerts the user about this situation. It’s important to note that while SSL helps achieve security, there is an overhead, since TCP/IP by default does not provide any security adding the encryption layer onto the existing protocol frame can result in bigger TCP packets.

Types of Cryptographic Attacks:

Network administrators commonly invest time and money to design security around applications, servers and other infrastructure components, but tend to take cryptographic security less seriously. Before going into the various attacks, let’s understand first that cryptography is all about keys, the data, and the encryption/decryption of the data, using the keys. A few cryptographic attacks try to decipher the key, while others try to steal data on the wire by performing some advanced decryption. Let’s take a look at a few common attacks on cryptography.

The SSL MITM attack: In this case, the attackers intrude into the network and establish a successful man-in-the-middle connection. The attackers silently watch the HTTPS traffic on the wire, and wait for the targeted website to respond to some browsers HTTPS request. As we learnt earlier, the server is supposed to send its digital certificate to the browser as a part of the SSL handshake process. The attackers grab this certificate, and note down various details such as the domain name, expiration date, cipher strength, etc. The attackers then create their own certificate (also called a self-signed certificate), containing the same information as that of the captured certificate. From this point on, the man-in-the-middle attackers intercept each browser request and respond with the fake certificate. As a normal response to such a situation, the Web browser pops up a warning to the user, which in most cases is ignored, and thus the attackers are successful. Further, on the server side, the attackers establish a separate HTTPS connection to complete the request, and the result of the response is fed back into the browser on the connection already established. This gives the attackers complete control on the SSL traffic, and helps them steal the personal information. Since this attack involves a real intrusion into the network, it is less likely to happen, but can result in serious data loss. Also, since the attackers are not breaking the request-and-response chain, it becomes tough to detect the data theft.

The SSL MITB attack: Similar to the attack mentioned above, in this case, the attackers inject a JavaScript code snippet into the browser to create a man-in-the-browser situation. This snippet monitors all SSL activities and records the session. While this is happening, the attackers also record the encrypted version of the same session, and programmatically try to find out the cipher strength and the key, besides stealing data. This attack is becoming more popular of late, due to multiple open source browsers, and the various security vulnerability problems with each of them.

Key hijacking: This is another intrusive type of attack, whereby the attackers gain access to the Web server hosting the website (by using one of the many intrusion techniques already discussed in previous articles of this series). Once the server is compromised, the attackers use an elevated privilege attack to gain access to the certificate store, from where the private key can be obtained. The attackers then use packet sniffing to download an entire HTTPS session, and store it for offline decryption. The decryption process needs the private key, which is already stolen; and the public key, which is available in the browser’s trusted authority key store. The data set so deciphered might reveal vital personal information such as user IDs, addresses, credit-card numbers, etc, assuming that the targeted website sells goods online using e-commerce technology.

The birthday SSL attack: This attack relies on a mathematical theory called the birthday problem, which says that statistically, in a set of randomly selected people, some pairs of people will have the same birthday. The probability increases as the number of people grows. In cryptography, the data integrity is established using a hash or checksum, which is calculated at both ends of the transmission, to ensure that the data is not tampered with. Birthday attacks target the hash, and need multiple attackers coming together, who individually capture chunks of data and share it among themselves. Each chunk is then programmatically analysed to create an additional set of data in such a way that the hash of it matches that of the data chunk. In other words, for a given chunk of data and hash combination, the mathematical algorithm creates a clone data set. Further processing of the original data chunk and the resultant data set helps derive the encryption key. This attack is very time-consuming and technically complex, but can be accomplished by using multiple powerful computing machines and software programs.

Chosen dataset attacks: As discussed earlier, attackers always aim for data as well as the key, in order to completely compromise a cryptographic system. A chosen dataset method consists of two different types. In the first case, called chosen plaintext, it is assumed that the attackers have access to the original data and the encrypted version of it. The attackers then apply multiple encryption keys to the original data, and each time the output is compared with the already encrypted version. If the result is positive, it means the key is derived. In the second type of attack, called chosen cipher text, attackers have the cipher text and also the decrypted version of it. Again, the attackers try multiple keys until the output matches that of the decrypted version obtained already. These attacks are a bit less time-consuming, but need the attacker to gain an enormous amount of data and computational power for the desired results.

The SSL brute-force attack: Here, the attackers send very small data sets to be encrypted by the SSL protocol. The attackers capture the result and store it against the transmitted dataset. By doing this for lots of data chunks, a key can be eventually derived. This process is very slow, and can take days to decipher the key, and it has been found that such attacks often originate from within the firm’s network. To speed up the process, this method is usually combined with the group key decipher attack.

Group key deciphering: As learnt earlier, key-based encryption is dependent on the length of the key; a bigger key requires more time to decipher. In a group key deciphering attack, multiple attackers come together each one with a powerful machine. Unlike brute force attacks, where a lot of data is captured, in the group method only a given set of data is captured and used. This data is subjected to all possible permutations of keys to try decrypting the data. Since 256-bit encryption can take many years to decipher, using multiple powerful computing machines can bring that time down. Attackers also use statistical grouping of keys to be tried from different machines, to further quicken the process. In the past, a few such experiments showed that cracking a 128-bit key required only a few days. With improving CPU speeds and throughputs, unfortunately, cracking a 1024-bit key quickly can become a reality soon.


Compromised key attacks: Cryptography is all about trust, whereby a trusted certificate-providing authority signs a certificate. The provider itself is supposed to be extremely secure. Unfortunately, in the past, the certificate-providers own private key has either been exposed or stolen by attackers, who then have used this private key to sign certificates created for a domain name, which is their own site. Any browser lured to this website will not suspect such a website, because the certificate will pass the authenticity test. This happens because the public key of such certificates will already be present in the browser certificate store. This can, and in the past has, resulted in loss of personal information.

SSL DoS attacks: An attacker’s main aim is usually to steal data. Since it is a troublesome and highly technical process in cryptography, a few attackers tend to use legacy methods, such as denial of service attacks. SSL negotiation adds an overhead to the TCP protocol, slowing down the communication to achieve security. In an SSL denial of service attack, the attackers establish SSL communication through a browser, and then send multiple bogus packets with varying lengths on that channel. Each packet is decrypted and processed on the server side, thus eventually exhausting CPU power, resulting in service outage. In another form, which takes place at OSI Layer 3, TCP port 443 is bombarded with bogus fragmented packets, creating a similar effect.

Protecting FOSS systems

In the FOSS world, cryptography is mainly used on Web servers by implementing the SSL protocol. Besides, open source developers can digitally sign the code before sending it to a trusted party, to prevent wire-tapping. On a Web server, the very first step is to use a digital certificate from a trusted authority. It should also have the latest and strongest cipher algorithm, and the key length should at least be 256 bits. The second step is to protect the certificate store that crucial area on the Web server where the websites private key is stored. Only administrators and network managers should have access to it. To protect FOSS networks from brute-force attacks, other network security protection should be in place (this has already been discussed in previous articles in this series). While most critical infrastructures implement a firewall, a UTM device and powerful antivirus or anti-Trojan software, it is also imperative to have an intrusion detection system (IDS) in place. IDS systems are capable of intercepting denial of service and brute-force attacks, and also help stop other critical anomalies. In case of Linux workstations, cryptography can be used to encrypt a file or entire disk too.

About The Author:

Prashant Pathak has experience of over 20 years in the field of IT hardware, networking, Web technologies and IT security. For the past 11 years, he has worked at Merrill Lynch, New York. He handled technology verticals such as solution architecture, operations and support, cyber security etc., and led a global team supporting mission-critical business applications running on a finance trading platform. Recently, Prashant started his own firm, Valency Networks, in India.


Source: OpenSource4U
Name

-51,1,3D Technology,2,5G,9,Abkhazia,2,Academics,10,Accidents,21,Activism,1,Adani Group,4,ADB,12,ADIZ,1,Adults,1,Advertising,31,Advisory,2,Aerial Reconnaissance,13,Aerial Warfare,35,Aerospace,5,Afghanistan,88,Africa,111,Agile Methodology,2,Agriculture,20,AI Policy,1,Air Crash,10,Air Defence Identification Zone,1,Air Defense,6,Air Force,29,Air Pollution,1,Airbus,5,Aircraft Carriers,5,Aircraft Systems,5,Al Nusra,1,Al Qaida,4,Al Shabab,1,Alaska,1,ALBA,1,Albania,2,Algeria,3,Alibaba,1,American History,4,AmritaJash,10,Antarctic,1,Antarctica,1,Anthropology,7,Anti Narcotics,12,Anti Tank,1,Anti-Corruption,4,Anti-dumping,1,Anti-Piracy,2,Anti-Submarine,1,Anti-Terrorism Legislation,1,Antitrust,2,APEC,1,Apple,2,Applied Sciences,2,AQAP,2,Arab League,3,Architecture,2,Arctic,6,Argentina,7,Armenia,30,Army,3,Art,3,Artificial Intelligence,81,Artillery,2,Arunachal Pradesh,2,ASEAN,12,Asia,70,Asia Pacific,23,Assassination,2,Asset Management,1,Astrophysics,2,ATGM,1,Atmospheric Science,1,Atomic.Atom,1,Augmented Reality,7,Australia,56,Austria,1,Automation,13,Automotive,129,Autonomous Flight,2,Autonomous Vehicle,3,Aviation,63,AWACS,2,Awards,17,Azerbaijan,16,Azeri,1,B2B,1,Bahrain,9,Balance of Payments,2,Balance of Trade,3,Balkan,10,Balochistan,2,Baltic,3,Baluchistan,8,Bangladesh,28,Banking,52,Bankruptcy,2,Basel,1,Bashar Al Asad,1,Battery Technology,3,Bay of Bengal,5,BBC,2,Beijing,1,Belarus,3,Belgium,1,Belt Road Initiative,3,Beto O'Rourke,1,BFSI,1,Bhutan,13,Big Data,30,Big Tech,1,Bilateral Cooperation,19,BIMSTEC,1,Biography,1,Biotechnology,3,Birth,1,BISA,1,Bitcoin,9,Black Lives Matter,1,Black Money,3,Black Sea,2,Blockchain,32,Blood Diamonds,1,Bloomberg,1,Boeing,21,Boko Haram,7,Bolivia,6,Bomb,3,Bond Market,2,Book,11,Book Review,24,Border Conflicts,11,Border Control and Surveillance,7,Bosnia,1,Brand Management,14,Brazil,104,Brexit,22,BRI,5,BRICS,20,British,3,Broadcasting,16,Brunei,3,Brussels,1,Buddhism,1,Budget,4,Build Back Better,1,Bulgaria,1,Burma,2,Business & Economy,1193,C-UAS,1,California,5,Call for Proposals,1,Cambodia,7,Cameroon,1,Canada,54,Canadian Security Intelligence Service (CSIS),1,Carbon Economy,9,CAREC,1,Caribbean,9,CARICOM,1,Caspian Sea,2,Catalan,3,Catholic Church,1,Caucasus,9,CBRN,1,Cement,1,Central African Republic,1,Central Asia,81,Central Asian,3,Central Eastern Europe,48,Certification,1,Chad,2,Chanakya,1,Charity,2,Chatbots,2,Chemicals,7,Child Labor,1,Child Marriage,1,Children,4,Chile,10,China,576,Christianity,1,CIA,1,CIS,5,Citizenship,2,Civil Engineering,2,Civil Liberties,5,Civil Rights,2,Civil Society,5,Civil Unrest,1,Civilization,1,Clean Energy,5,Climate,66,Climate Change,22,Climate Finance,2,Clinical Research,3,Clinton,1,Cloud Computing,44,Coal,6,Coast Guard,3,Cocoa,1,Cognitive Computing,12,Cold War,5,Colombia,15,Commodities,4,Communication,11,Communism,3,Compliance,1,Computers,40,Computing,1,Conferences,1,Conflict,107,Conflict Diamonds,1,Conflict Resolution,48,Conflict Resources,1,Congo,1,Construction,5,Consumer Behavior,4,Consumer Price Index,4,COP26,4,COP28,1,Copper,2,Coronavirus,107,Corporate Communication,1,Corporate Governance,4,Corporate Social Responsibility,4,Corruption,4,Costa Rica,2,Counter Intelligence,15,Counter Terrorism,81,COVID,9,COVID Vaccine,6,CPEC,8,CPG,3,Credit,2,Credit Rating,1,Credit Score,1,Crimea,4,CRM,1,Croatia,2,Crypto Currency,16,Cryptography,1,CSTO,1,Cuba,7,Culture,5,Currency,8,Customer Relationship Management,1,Cyber Attack,7,Cyber Crime,2,Cyber Security & Warfare,115,Cybernetics,5,Cyberwarfare,16,Cyclone,1,Cyprus,5,Czech Republic,3,DACA,1,DARPA,3,Data,9,Data Analytics,36,Data Center,2,Data Science,2,Database,3,Daughter.Leslee,1,Davos,1,DEA,1,DeBeers,1,Debt,12,Decision Support System,5,Defense,12,Defense Deals,8,Deforestation,2,Deloitte,1,Democracy,22,Democrats,2,Demographic Studies,1,Demonetization,6,Denmark. F-35,1,Denuclearization,1,Diamonds,1,Digital,39,Digital Currency,1,Digital Economy,10,Digital Marketing,6,Digital Transformation,11,Diplomacy,14,Diplomatic Row,2,Disaster Management,4,Disinformation,2,Diversity & Inclusion,1,Djibouti,2,Documentary,3,Doklam,2,Dokolam,1,Dominica,2,Donald Trump,48,Donetsk,2,Dossier,2,Drones,14,E-Government,2,E-International Relations,1,Earning Reports,3,Earth Science,1,Earthquake,7,East Africa,2,East China Sea,9,eBook,1,ECB,1,eCommerce,11,Econometrics,2,Economic Justice,1,Economics,43,Economy,108,ECOWAS,2,Ecuador,3,Edge Computing,2,Editor's Opinion,51,Education,65,EFTA,1,Egypt,27,Election Disinformation,1,Elections,42,Electric Vehicle,15,Electricity,7,Electronics,8,Emerging Markets,1,Employment,19,Energy,316,Energy Policy,28,Energy Politics,27,Engineering,24,England,2,Enterprise Software Solutions,8,Entrepreneurship,15,Environment,47,ePayments,13,Epidemic,6,ESA,1,Ethiopia,3,Eulogy,4,Eurasia,3,Euro,6,Europe,13,European Union,229,EuroZone,5,Exchange-traded Funds,1,Exclusive,2,Exhibitions,2,Explosives,1,Export Import,6,F-35,6,Facebook,9,Fake News,3,Fallen,1,FARC,2,Farnborough. United Kingdom,2,FATF,1,FDI,5,Featured,1352,Federal Reserve,2,Fidel Castro,1,FIFA World Cup,1,Fiji,1,Finance,18,Financial Markets,58,Financial Planning,1,Financial Statement,2,Finland,5,Fintech,14,Fiscal Policy,14,Fishery,3,Five Eyes,1,Food Security,27,Forces,1,Forecasting,2,Foreign Policy,13,Forex,4,France,33,Free Market,1,Free Syrian Army,4,Free Trade Agreement,1,Freedom,3,Freedom of Press,1,Freedom of Speech,2,Frigate,1,FTC,1,Fujairah,97,Fund Management,1,Funding,22,Future,1,G20,10,G24,1,G7,4,Gaddafi,1,Gambia,2,Gaming,1,Garissa Attack,1,Gas Price,23,GATT,1,Gaza,13,GCC,11,GDP,13,GDPR,1,Gender Studies,2,Geneal Management,1,General Management,1,Generative AI,7,Genetics,1,Geo Politics,105,Geography,2,Geoint,14,Geopolitics,8,Georgia,11,Georgian,1,geospatial,9,Geothermal,2,Germany,67,Ghana,3,Gibratar,1,Gig economy,1,Global Perception,1,Global Trade,95,Global Warming,1,Global Water Crisis,11,Globalization,3,Gold,2,Google,20,Gorkhaland,1,Government,128,Government Analytics,1,GPS,1,Greater Asia,170,Greece,13,Green Bonds,1,Green Energy,3,Greenland,1,Gross Domestic Product,1,GST,1,Gujarat,6,Gulf of Tonkin,1,Gun Control,4,Hacking,4,Haiti,2,Hamas,10,Hasan,1,Health,8,Healthcare,72,Heatwave,1,Helicopter,12,Heliport,1,Hezbollah,3,High Altitude Warfare,1,High Speed Railway System,1,Hillary 2016,1,Hillary Clinton,1,Himalaya,1,Hinduism,2,Hindutva,4,History,10,Home Security,1,Honduras,2,Hong Kong,7,Horn of Africa,5,Housing,16,Houthi,12,Howitzer,1,Human Development,32,Human Resource Management,5,Human Rights,6,Humanitarian,3,Hungary,3,Hunger,3,Hydrocarbon,3,Hydrogen,4,IAEA,2,ICBM,1,Iceland,2,ICO,1,Identification,2,IDF,1,Imaging,2,IMEEC,2,IMF,76,Immigration,19,Impeachment,1,Imran Khan,1,Independent Media,72,India,653,India's,1,Indian Air Force,19,Indian Army,7,Indian Nationalism,1,Indian Navy,27,Indian Ocean,24,Indices,1,Indigenous rights,1,Indo-Pacific,4,Indonesia,19,IndraStra,1,Industrial Accidents,4,Industrial Automation,2,Industrial Safety,4,Inflation,10,Infographic,1,Information Leaks,1,Infrastructure,3,Innovations,22,Insider Trading,1,Insurance,3,Intellectual Property,3,Intelligence,5,Intelligence Analysis,8,Interest Rate,3,International Business,13,International Law,11,International Relations,9,Internet,53,Internet of Things,34,Interview,8,Intra-Government,5,Investigative Journalism,4,Investment,32,Investor Relations,1,iPhone,1,IPO,4,Iran,202,Iraq,54,IRGC,1,Iron & Steel,4,ISAF,1,ISIL,9,ISIS,33,Islam,12,Islamic Banking,1,Islamic State,86,Israel,142,ISRO,1,IT ITeS,136,Italy,10,Ivory Coast,1,Jabhat al-Nusra,1,Jack Ma,1,Jamaica,3,Japan,88,JASDF,1,Jihad,1,JMSDF,1,Joe Biden,8,Joint Strike Fighter,5,Jordan,7,Journalism,6,Judicial,4,Justice System,3,Kanchin,1,Kashmir,8,Kaspersky,1,Kazakhstan,25,Kenya,5,Khalistan,2,Kiev,1,Kindle,700,Knowledge Management,4,Korean Conflict,1,Kosovo,2,Kubernetes,1,Kurdistan,8,Kurds,10,Kuwait,7,Kyrgyzstan,9,Labor Laws,10,Labor Market,4,Land Reforms,3,Land Warfare,21,Languages,1,Laos,2,Large language models,1,Laser Defense Systems,1,Latin America,80,Law,6,Leadership,3,Lebanon,10,Legal,11,LGBTQ,2,Li Keqiang,1,Liberalism,1,Library Science,1,Libya,14,Liechtenstein,1,Lifestyle,1,Light Battle Tank,1,Linkedin,1,Littoral Warfare,2,Livelihood,3,Loans,9,Lockdown,1,Lone Wolf Attacks,2,Lugansk,2,Macedonia,1,Machine Learning,7,Madagascar,1,Mahmoud,1,Main Battle Tank,3,Malaysia,12,Maldives,13,Mali,7,Malware,2,Management Consulting,6,Manpower,1,Manto,1,Manufacturing,15,Marijuana,1,Marine Engineering,3,Maritime,50,Market Research,2,Marketing,38,Mars,2,Martech,10,Mass Media,29,Mass Shooting,1,Material Science,2,Mauritania,1,Mauritius,2,MDGs,1,Mechatronics,2,Media War,1,MediaWiki,1,Medicare,1,Mediterranean,12,MENA,6,Mental Health,4,Mercosur,2,Mergers and Acquisitions,18,Meta,2,Metadata,2,Metals,3,Mexico,13,Micro-finance,4,Microsoft,12,Migration,19,Mike Pence,1,Military,110,Military Exercise,10,Military Service,1,Military-Industrial Complex,3,Mining,15,Missile Launching Facilities,6,Missile Systems,56,Mobile Apps,3,Mobile Communications,11,Mobility,4,Modi,8,Moldova,1,Monaco,1,Monetary Policy,6,Money Market,2,Mongolia,11,Monkeypox,1,Monsoon,1,Montreux Convention,1,Moon,4,Morocco,2,Morsi,1,Mortgage,3,Moscow,2,Motivation,1,Mozambique,1,Mubarak,1,Multilateralism,2,Mumbai,1,Muslim Brotherhood,2,Mutual Funds,1,Myanmar,30,NAFTA,3,NAM,2,Namibia,1,Nanotechnology,4,Narendra Modi,2,NASA,13,National Identification Card,1,National Security,5,Nationalism,2,NATO,33,Natural Disasters,14,Natural Gas,33,Natural Language Processing,1,Nauru,1,Naval Base,5,Naval Engineering,23,Naval Intelligence,2,Naval Postgraduate School,2,Naval Warfare,50,Navigation,2,Navy,23,NBC Warfare,2,NDC,1,Nearshoring,1,Negotiations,2,Nepal,12,Netflix,1,Neurosciences,7,New Delhi,4,New Normal,1,New York,5,New Zealand,7,News,1246,News Publishers,1,Newspaper,1,NFT,1,NGO,1,Nicaragua,1,Niger,3,Nigeria,10,Nikki Haley,1,Nirbhaya,1,Non Aligned Movement,1,Non Government Organization,4,Nonproliferation,2,North Africa,23,North America,53,North Korea,58,Norway,5,NSA,1,NSG,2,Nuclear,41,Nuclear Agreement,32,Nuclear Doctrine,2,Nuclear Energy,4,Nuclear Fussion,1,Nuclear Propulsion,2,Nuclear Security,47,Nuclear Submarine,1,NYSE,1,Obama,3,ObamaCare,2,OBOR,15,Ocean Engineering,1,Oceania,2,OECD,5,OFID,5,Oil & Gas,382,Oil Gas,7,Oil Price,73,Olympics,2,Oman,25,Omicron,1,Oncology,1,Online Education,5,Online Reputation Management,1,OPEC,129,Open Access,1,Open Journal Systems,1,Open Letter,1,Open Source,4,OpenAI,2,Operation Unified Protector,1,Operational Research,4,Opinion,688,Opinon Poll,1,Optical Communications,1,Pacific,5,Pakistan,181,Pakistan Air Force,3,Pakistan Army,1,Pakistan Navy,3,Palestine,24,Palm Oil,1,Pandemic,84,Papal,1,Paper,3,Papers,110,Papua New Guinea,2,Paracels,1,Partition,1,Partnership,1,Party Congress,1,Passport,1,Patents,2,PATRIOT Act,1,Peace Deal,6,Peacekeeping Mission,1,Pension,1,People Management,1,Persian Gulf,19,Peru,5,Petrochemicals,1,Petroleum,19,Pharmaceuticals,14,Philippines,17,Philosophy,2,Photos,3,Physics,1,Pipelines,5,PLA,2,PLAN,4,Plastic Industry,2,Poland,8,Polar,1,Policing,1,Policy,8,Policy Brief,6,Political Studies,1,Politics,52,Polynesia,3,Pope,1,Population,6,Portugal,1,Poverty,8,Power Transmission,6,President APJ Abdul Kalam,2,Presidential Election,30,Press Release,158,Prison System,1,Privacy,18,Private Equity,2,Private Military Contractors,2,Privatization,1,Programming,1,Project Management,4,Propaganda,5,Protests,11,Psychology,3,Public Policy,55,Public Relations,1,Public Safety,7,Publications,1,Publishing,7,Purchasing Managers' Index,1,Putin,7,Q&A,1,Qatar,114,QC/QA,1,Qods Force,1,Quad,1,Quantum Computing,3,Quantum Physics,4,Quarter Results,2,Racial Justice,2,RADAR,2,Rahul Guhathakurta,4,Railway,9,Raj,1,Ranking,4,Rape,1,RBI,1,RCEP,2,Real Estate,6,Recall,4,Recession,2,Red Sea,5,Referendum,5,Reforms,18,Refugee,23,Regional,4,Regulations,2,Rehabilitation,1,Religion & Spirituality,9,Renewable,17,Report,4,Reports,47,Repository,1,Republicans,3,Rescue Operation,1,Research,5,Research and Development,24,Restructuring,1,Retail,36,Revenue Management,1,Rice,1,Risk Management,5,Robotics,8,Rohingya,5,Romania,2,Royal Canadian Air Force,1,Rupee,1,Russia,311,Russian Navy,5,Saab,1,Saadat,1,SAARC,6,Safety,1,SAFTA,1,SAM,2,Samoa,1,Sanctions,5,SAR,1,SAT,1,Satellite,14,Saudi Arabia,129,Scandinavia,6,Science & Technology,392,Science Fiction,1,SCO,5,Scotland,6,Scud Missile,1,Sea Lanes of Communications,4,SEBI,3,Securities,2,Security,6,Semiconductor,18,Senate,4,Senegal,1,SEO,5,Serbia,4,Services Sector,1,Seychelles,2,SEZ,1,Shadow Bank,1,Shale Gas,4,Shanghai,1,Sharjah,12,Shia,6,Shinzo Abe,1,Shipping,11,Shutdown,2,Siachen,1,Sierra Leone,1,Signal Intelligence,1,Sikkim,5,Silicon Valley,1,Silk Route,6,Simulations,2,Sinai,1,Singapore,16,Situational Awareness,20,Small Modular Nuclear Reactors,1,Smart Cities,7,Social Media,1,Social Media Intelligence,40,Social Policy,40,Social Science,1,Social Security,1,Socialism,1,Soft Power,1,Software,7,Solar Energy,15,Somalia,5,South Africa,20,South America,46,South Asia,467,South China Sea,35,South East Asia,74,South Korea,58,South Sudan,4,Sovereign Wealth Funds,1,Soviet,2,Soviet Union,9,Space,46,Space Station,2,Spain,9,Special Forces,1,Sports,3,Sports Diplomacy,1,Spratlys,1,Sri Lanka,23,Stablecoin,1,Stamps,1,Startups,43,State of the Union,1,Statistics,1,STEM,1,Stephen Harper,1,Stock Markets,23,Storm,2,Strategy Games,5,Strike,1,Sub-Sahara,3,Submarine,16,Sudan,5,Sunni,6,Super computing,1,Supply Chain Management,47,Surveillance,13,Survey,5,Sustainable Development,18,Swami Vivekananda,1,Sweden,4,Switzerland,6,Syria,112,Taiwan,30,Tajikistan,12,Taliban,17,Tamar Gas Fields,1,Tamil,1,Tanzania,4,Tariff,4,Tata,3,Taxation,25,Tech Fest,1,Technology,13,Tel-Aviv,1,Telecom,24,Telematics,1,Territorial Disputes,1,Terrorism,77,Testing,2,Texas,3,Thailand,11,The Middle East,649,Think Tank,316,Tibet,3,TikTok,1,Tobacco,1,Tonga,1,Total Quality Management,2,Town Planning,2,TPP,2,Trade Agreements,14,Trade War,10,Trademarks,1,Trainging and Development,1,Transcaucasus,19,Transcript,4,Transpacific,2,Transportation,47,Travel and Tourism,13,Tsar,1,Tunisia,7,Turkey,74,Turkmenistan,10,U.S. Air Force,3,U.S. Dollar,2,UAE,139,UAV,23,UCAV,1,Udwains,1,Uganda,1,Ukraine,110,Ukraine War,22,Ummah,1,UNCLOS,7,Unemployment,1,UNESCO,1,UNHCR,1,UNIDO,2,United Kingdom,82,United Nations,28,United States,754,University and Colleges,4,Uranium,2,Urban Planning,10,US Army,12,US Army Aviation,1,US Congress,1,US FDA,1,US Navy,18,US Postal Service,1,US Senate,1,US Space Force,2,USA,16,USAF,21,USV,1,UUV,1,Uyghur,3,Uzbekistan,13,Valuation,1,Vatican,3,Vedant,1,Venezuela,19,Venture Capital,4,Vibrant Gujarat,1,Victim,1,Videogames,1,Vietnam,24,Virtual Reality,7,Vision 2030,1,VPN,1,Wahhabism,3,War,1,War Games,1,Warfare,1,Water,17,Water Politics,7,Weapons,11,Wearable,2,Weather,2,Webinar,1,WeChat,1,WEF,3,Welfare,1,West,2,West Africa,19,West Bengal,2,Western Sahara,2,White House,1,Whitepaper,2,WHO,3,Wholesale Price Index,1,Wikileaks,1,Wikipedia,2,Wildfire,1,Wildlife,3,Wind Energy,1,Windows,1,Wireless Security,1,Wisconsin,1,Women,10,Women's Right,11,Workers Union,1,Workshop,1,World Bank,35,World Economy,32,World Peace,10,World War I,1,World War II,3,WTO,6,Wyoming,1,Xi Jinping,9,Xinjiang,2,Yemen,28,Yevgeny Prigozhin,1,Zbigniew Brzezinski,1,Zimbabwe,2,
ltr
item
IndraStra Global: IT | Cryptographic Attacks, Explained
IT | Cryptographic Attacks, Explained
Cryptographic solutions are used to encrypt data transmission over wireless or wired protocols. Unfortunately, these techniques have proved to be vulnerable to attacks and data can be stolen. This article explores the various means to strengthen encryption techniques to protect network infrastructures including methods using FOSS-based solutions.
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTSwYGCwBWSWzXBI7AENUM0XkTKaRcQjyBrHWU3C8jCI8RjMLZ_J9KFJEzgjec152zra1t-DIMlkdKLHuUG2zlZZlDQNutjpjc1qk15djX4EdjCzChdrmL4M9AMKHFY64R74Hf58gk1Cr9/s640/Cryptography.jpg
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTSwYGCwBWSWzXBI7AENUM0XkTKaRcQjyBrHWU3C8jCI8RjMLZ_J9KFJEzgjec152zra1t-DIMlkdKLHuUG2zlZZlDQNutjpjc1qk15djX4EdjCzChdrmL4M9AMKHFY64R74Hf58gk1Cr9/s72-c/Cryptography.jpg
IndraStra Global
https://www.indrastra.com/2016/01/IT-Cryptographic-Attacks-Explained-002-01-2016-0076.html
https://www.indrastra.com/
https://www.indrastra.com/
https://www.indrastra.com/2016/01/IT-Cryptographic-Attacks-Explained-002-01-2016-0076.html
true
1461303524738926686
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy Table of Content