WEEK 4: Cryptanalysis and Steganography - M199205zn/IAS-CS4 GitHub Wiki

Cryptanalysis and Steganography

1. Cryptanalysis

Cryptanalysis is the study of analyzing and breaking cryptographic security systems to decrypt encrypted information without prior knowledge of the key. It is used to test the strength of cryptographic algorithms and ensure data protection.

Cryptanalysis Techniques
  1. Brute Force Attack
    • This involves systematically trying all possible keys until the correct one is found.
    • Example: A hacker tries all possible 6-digit PINs (000000 to 999999) to unlock an encrypted file.
    • Limitation: Computationally expensive for strong encryption.

image

  1. Ciphertext-Only Attack
    • The attacker only has access to the encrypted message (ciphertext) and attempts to decipher it without knowing the plaintext or key.
    • Example: A hacker intercepts an encrypted email but has no original message to compare.

image

  1. Known-Plaintext Attack
    • The attacker has both the plaintext and its corresponding ciphertext and tries to deduce the key.
    • Example: A hacker sees an encrypted "Hello" message and its ciphertext, then analyzes patterns.

image

  1. Chosen-Plaintext Attack
    • The attacker chooses a plaintext message and obtains its corresponding ciphertext to analyze encryption patterns.
    • Example: Testing different messages on an encryption system to detect weaknesses.

image

  1. Man-in-the-Middle Attack (MITM)
    • An attacker intercepts and alters communication between two parties.
    • Example: A hacker intercepts and alters an SSL/TLS connection between a browser and a bank’s website.

image

  1. Side-Channel Attack
    • Analyzes physical properties (like power consumption, timing, or electromagnetic leaks) to break encryption.
    • Example: Measuring CPU processing time to guess an encryption key.

image

2. Steganography

Steganography is the practice of hiding secret data inside non-secret files, such as images, videos, or text, without altering their appearance significantly.

Methods of Steganography
  1. Least Significant Bit (LSB) Substitution
    • Alters the least significant bit of pixels in an image to hide data.
    • Example: Changing pixel values slightly in a .PNG image to encode a secret message.
    • Limitation: Detectable using statistical analysis.

image

  1. Text Steganography
    • Uses spaces, font variations, or hidden characters in text files to conceal messages.
    • Example: Extra spaces between words forming a secret binary code.
    • Limitation: Easily altered if text formatting changes.

image

  1. Audio Steganography
    • Embeds secret messages in sound files by modifying inaudible frequency ranges.
    • Example: Encoding data in MP3 audio noise levels.
    • Limitation: Distortion may occur after compression.

image

  1. Video Steganography
    • Hides messages within video frames or metadata.
    • Example: A hidden QR code in one frame of a movie.
    • Limitation: Large file sizes make detection easier.

image

  1. Network Steganography
    • Encodes data within network protocols (TCP, UDP, ICMP).
    • Example: Hiding data in HTTP headers.
    • Limitation: Detectable with deep packet inspection.

image

Limitations of Steganography
  • Low Capacity: Limited data can be hidden without noticeable changes.
  • Detection Risk: Advanced steganalysis techniques can reveal hidden messages.
  • File Modification: Any compression or editing can corrupt hidden data.