Cryptography versus Cryptanalysis

Ξ November 11th, 2006 | → 0 Comments | ∇ Security, Technology |

crypto.jpgCryptanalysis is the flip side of cryptography. It is the science of cracking codes, decoding secrets, and in general, breaking cryptographic protocols. To design a robust encryption algorithm, one should use cryptanalysis to find and correct any weaknesses.

The various techniques in cryptanalysis that attempt to compromise cryptosystems are called attacks. A cryptanalyst starts from the decoded message. The cryptanalyst then tries to get this message back into its original form without knowing anything of that original message. This kind of attack is called a ciphertext-only attack. The data that a cryptanalyst needs for this attack is fairly easy to obtain, but it is very difficult to successfully recover the original message.

Manual Systems
Cryptography dates as far back as 1900 B.C., when a scribe in Egypt first carved a derivation of the standard hieroglyphics on clay tablets. Early Indian texts such as the Kama Sutra used ciphers that consisted mostly of simple alphabetic substitutions often based on phonetics. This is somewhat similar to “pig latin” (igpay atinlay), in which the first letter is placed at the end of the word and is followed by the sound “ay.” (more…)


TCP/IP Suite Weaknesses

Ξ November 11th, 2006 | → 6 Comments | ∇ Security, Technology |

syn_flood.gifCommunication on the Internet is based on the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. The TCP/IP protocol suite was developed in the mid-1970s as part of research by the Defense Advanced Research Projects Agency (DARPA). With the introduction of personal computers as standalone devices, the strategic importance of interconnected networks was quickly realized. The strategic importance of networks was first realized in the development of local-area networks (LANs) that shared printers and hard drives. The importance of networks increased in a second phase with the development of worldwide applications such as e-mail and file transfers. The globalization of business caused web applications to be developed to support customers and clients all over the world with a focus on increasing efficiency and productivity for organizations. Now TCP/IP is seen as the de jure standard for Internet communication, enabling millions of users to communicate globally. Computer systems in general communicate with each other by sending streams of data (bytes), as displayed in Figure 1. (more…)