Cryptanalysis is the study of methods for obtaining the meaning of encrypted information, without access to the secret information that is normally required to do so. Typically, this involves knowing how the system works and finding a secret key. In non-technical language, this is the practice of codebreaking or cracking the code, although these phrases also have a specialised technical meaning. Cryptanalysis refers to the study of ciphers, cipher text, or cryptosystems with a view to finding weaknesses in them that will permit retrieval of the plaintext from cipher text, without necessarily knowing the key or the algorithm. This is known as breaking the cipher, cipher text or cryptosystem. Cryptanalysis is the art of deciphering encrypted communications without knowing the proper keys.

Types of Cryptanalytic Attacks

Cryptanalytic attacks vary in potency and how much of a threat they pose to real-world cryptosystems. A certificational weakness is a theoretical attack that is unlikely to be applicable in any real-world situation; the majority of results found in modern cryptanalytic research are of this type. Essentially, the practical importance of an attack is dependent on the answers to the following four questions:

  • What knowledge and capabilities does the attacker need?
  • How much additional secret information is deduced?
  • How much computation is required? (What is the computational complexity?)
  • Does the attack break the full cryptosystem, or only a weakened version?

Usefulness of Cryptanalytic Attack Results

The results of cryptanalysis can also vary in usefulness. Various types of attack on block ciphers according to the amount and quality of secret information that was discovered:

  • Total break — the attacker deduces the secret key.
  • Global deduction — the attacker discovers a functionally equivalent algorithm for encryption and decryption, but without learning the key.
  • Instance (local) deduction — the attacker discovers additional plaintexts (or ciphertexts) not previously known.
  • Information deduction — the attacker gains some Shannon information about plaintexts (or ciphertexts) not previously known.
  • Distinguishing algorithm — the attacker can distinguish the cipher from a random permutation.

Various Types of Cryptanalysis Attacks

  • Classical cryptanalysis:
    • Frequency analysis
    • Index of coincidence
    • Kasiski examination
  • Symmetric algorithms:
    • Boomerang attack
    • Brute force attack
    • Davies’ attack
    • Differential cryptanalysis
    • Impossible differential cryptanalysis
    • Improbable differential cryptanalysis
    • Integral cryptanalysis
    • Linear cryptanalysis
    • Meet-in-the-middle attack
    • Mod-n cryptanalysis
    • Related-key attack
    • Sandwich attack
    • Slide attack
    • XSL attack
  • Hash functions:
    • Birthday attack
    • Rainbow table
  • Attack models:
    • Chosen-ciphertext attack
    • Chosen-plaintext attack
    • Ciphertext-only attack
    • Known-plaintext attack
  • Side channel attacks:
    • Power analysis
    • Timing attack
  • Network Security Attacks:
    • Man-in-the-middle attack
    • Replay attack
  • External attacks:
    • Black-bag cryptanalysis
    • Rubber-hose cryptanalysis