- Hashing Concepts
- Purpose: Hashing algorithms generate a fixed-length output (hash) from an input of any length, used to verify data integrity.
- Key Requirements:
- Non-fixed Length Input: Can handle inputs of varying lengths.
- Ease of Computation: Must be relatively easy to compute the hash for any input.
- One-Way Function: The hash should be irreversible, making it impossible to derive the original input from the hash.
- Common Hash Algorithms:
- MD5: Produces a 128-bit digest, but is vulnerable to collisions, making it less secure for ensuring integrity.
- SHA1: Produces a 160-bit digest, commonly used in digital signatures, though now largely replaced due to vulnerabilities.
- SHA2 and SHA3: SHA2 is still widely used, but SHA3 is the current standard for secure hashing.
- Cryptographic Attacks
- Collision: When two different inputs produce the same hash, compromising the integrity of the data.
- Traffic Analysis: Inferring information by analyzing communication patterns.
- Traffic Padding: Generating additional data units to obscure the true nature of the communication.
- Ciphertext Only Attack: Attacker has access only to the ciphertext, making it a challenging attack to perform.
- Known Plaintext Attack: Attacker knows both the plaintext and the corresponding ciphertext.
- Chosen Plaintext Attack: Attacker chooses the plaintext to be encrypted and analyzes the resulting ciphertext (e.g., lunch box attack).
- Chosen Ciphertext Attack: Attacker selects both plaintext and ciphertext to deduce the encryption key.
- Birthday Attack: Exploits the probability of hash collisions, akin to the birthday paradox.
- POODLE Attack: Exploited SSL 3.0’s vulnerabilities, leading to the adoption of TLS.
- CRIME/BEAST: Early attacks against SSL.
- STUXNET: A sophisticated worm aimed at disrupting Iran’s nuclear capabilities.
These concepts are crucial for understanding the strengths and weaknesses of various cryptographic mechanisms and the types of attacks that can compromise them.