Computer Science Emerging Threats and Counters Measures Discussion
Malicious individuals have discovered several methods to attack and defeat cryptosystems. It's important that understand the threats posed by cryptographic attacks to minimize the risks to your network systems.
Identify one cryptographic attack and how you can protect against it.
Please make your initial post and two response posts substantive.
answer these 2 peer posts 1) Cryptography is a way to protect the data in transmission. Encryption is the technique used in cryptography to protect the information, enabling only the sender and receiver to view the content. The main idea of cryptography is to convert a plain text to an unreadable format, called "Ciphertext. The symmetric or asymmetric encryption algorithm is used for conversion. In symmetric encryption, the same key is used to encrypt and decrypt the data. Whereas, in an asymmetric, two different keys are used to encrypt and decrypt the data. I highly use OAuth in the current project that I'm working on. OAuth is an emerging technology that many organizations like Facebook, Twitter, Google, and much other e-commerce and social media sites are using for authorization.Brute Force Attacks Against the Authorization Server in OAuthAn attacker with access to the network will be able to eavesdrop on the traffic and gain access to the specific request parameters and attributes such as oauth_signature, consumer_key, oauth_token, signature_method (HMAC-SHA1), timestamp, or custom parameter data (Khash, 2016). In the OAuth workflow, the authorization server validates the user credentials and issues an authorization code. When an attacker can get hold of the request parameter and OAuth attributes, he can predict the authorization code to access the client server's protected resources and steal sensitive information. Countermeasure to protect against brute force attacks As we have seen, the OAuth signature methods were primarily designed for insecure communications, mainly non-HTTPS. Therefore, TLS/SSL is the recommended approach to prevent any eavesdropping during the data exchange (Khash, 2016). Using a secure transport layer can minimize the attacks. When a secure transport layer cannot be used, make sure to use a long client secret to restrict the attacks. The authorization code's length also should be long enough to prevent attackers from identifying code generation patterns (Ldapwiki, 2020). Make sure to set the expiration code for the authorization code. In my current project, we set this value to 5 minutes.References:Kianim Khash, Four Attacks on OAuth - How to Secure your OAuth Implementation. Retrieved December 8, 2016 from https://www.sans.org/readingroom/whitepapers/appli...Ldapwiki: OAuth 2.0 security considerations. (n.d.). Ldapwiki: Main. Retrieved September 7, 2020, from https://ldapwiki.com/wiki/OAuth%202.0%20Security%2...2) Cryptographic attack Cryptography is the technique used to protect and secure communications where the message delivered the only participants to view the content of the message are the sender and the intended receiver. In this case the message is encrypted using a secret key and the encoded data and the secret key is send to the receiver of the message for decryption. Today cryptography is used to provide secrecy and integrity of data and authentication of communications (Mishra, P.., 2020). Cryptographic attack is a method for circumventing security in the encrypted systems by finding the weakness of a code or finds the key for managing the encrypted data. There are different types of attacks in the cryptography. They include; brute force attack, replay attack, man in the middle attack, implementation attacks and statistical attack among other attacks in the encrypted data. Brute force attack in simple definition is a dictionary attack where the attacker works through the possible passwords and tries them all. In this case the attacker tries every single key equivalent to the user’s password until he reaches to the correct one. They attack encrypted data by trying different combinations. The attackers let the computer to do everything on their own (Farik, M., 2015). There are various ways in which one can defend and protect against the brute force attack. In order to defend, one should increase the time required for success beyond technical possibilities. One should also increase password lengthy where more character will take time for the attacker to come up with the password. Should also increase the password complexity and limit login attempt where if the trial for logging in after several time the machine or the system automatically locks itself. The user should also make complex passwords and use multi- factor authentication where this adds a second layer of security to each attempt to log in (Huang, Z., 2015).