Free Essay

Vulnerability of a Cryptosystem

In: Computers and Technology

Submitted By tonyclyma2002
Words 313
Pages 2
Vulnerability of a Cryptosystem

In cryptography, a collision attack on a cryptographic hash tries to find two inputs producing the same hash value, i.e. a hash collision. In contrast to a preimage attack (tries to find a message that has a specific hash value.) the hash value is not specified. There are roughly two types of collision attacks. The first is a Collision attack where it finds two different messages that produce the same hash value. Second one is a Chosen-prefix collision attack: Much like symmetric-key ciphers are vulnerable to brute force attacks, every cryptographic hash function is inherently vulnerable to collisions using a birthday attack. Due to the birthday problem, these attacks are much faster than a brute force would be. A hash of n bits can be broken in 2n/2 time (evaluations of the hash function). Using a Cisco ASA that utilizes hash cryptography for verification of file integrity is susceptible to a brute force or dictionary attack. If the ASA is compromised it opens up the entire network to be compromised. Since the ASA by default signs it own certificates for clients and systems, it would allow a hacker to have complete access to the network. The system is still usable, however for it to be better secured a better encryption protocol needs to be used such as SHA2. There are plenty of tools and programs available on the open internet for hacking the MD5 hash algorithms. With a little bit of cost this can be rectified by using a different hashing protocol. When you look at the cost of replacing a device, getting licensed to use a different algorithm is much cheaper. MD5 was broken years ago and there are people who look for these vulnerabilities.

"How exactly is MD5 vulnerable to collission attacks?." cryptography. N.p., 1 July 2013. Web. 5 Apr. 2014. .…...

Similar Documents

Premium Essay

Window of Vulnerability

...2 Assignment 1: Calculate the Window of Vulnerability A security breach has been identified in which the SMB server was accessed by an authorized user due to a security hole. The hole was detected by the server software manufacturer the day before. A new patch will be available in three days. However the LAN administrator needs at least a week to download the software, test it, and then install the patch. Based on this information, the window of vulnerability at the very least is eight days. A network worm called Spida was detected through the MS-SQL server software package. A default installation of MS-SQL was installed into Windows desktops in which each server did not have a password on the system account. This gave access to anyone on the network to run random commands. Spida configures a ‘guest’ account to allow file sharing and be able to uploads itself to the target. It then creates copies of itself using the password-less account, therefore creating infection. This worm was not found until the day after installation and it will take three days restore the network. The window of vulnerability of this situation is four days. A user opened an email that contained a virus and notified her manager. The manager then notified the IT department, and they immediately began to work at the problem. It took the IT team one day to resolve the issue and completely remove the virus and the restore the network. The window of vulnerability was one day. Lastly, an employee who......

Words: 319 - Pages: 2

Premium Essay

Security Vulnerabilities and the

...Employee’s Security Vulnerabilities and the Affects on Organization’s Information Technology University Maryland University College Employee’s Security Vulnerabilities and the Affects on Organization’s Information Technology Cyber security vulnerabilities and threats are real and constant. Information technology breakthroughs have given our adversaries cheaper and often effective cyber weapons to harm U.S. computer networks and systems (Gen Alexander, 2011). Unfortunately, our adversaries are not our greatest vulnerability to cyber security or cyber space. Cyber security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. Cyber space is a domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data via networked systems and associated physical infrastructures. (Ruquet, 2011). The government has been coordinating with private organizations and the public sector to protect information technology. They have been working to detect, prevent, and mitigate cyber threats and vulnerabilities. There are multiple vulnerabilities which adversely affect information technology but this paper will focus on the human factor. ......

Words: 2131 - Pages: 9

Premium Essay

Windows of Vulnerability

...Vulnerability labels a condition or a set of conditions that create a weakness in systems or networks that can potentially be manipulated. Think of vulnerability as the susceptibility of a system or network to be attacked and possibly damaged or disrupted. Vulnerabilities take many forms: ▪ Easily guessable logon passwords ▪ Poorly configured access controls ▪ Exploitable programming flaws ▪ Incorrect security implementations ▪ Non-exploitable disruptive design flaws, such as denial of service (DoS) ▪ Undocumented maintenance or debugging backdoors in software or systems All of these problems and many others can exist simultaneously across numerous systems and devices. Threats, risks, and vulnerabilities negatively impact the confidentiality, integrity, and availability (CIA) triad. Confidentiality is breached when an attacker discloses private information, integrity is broken when an attacker modifies privileged data, and availability is ruined when an attacker successfully denies service to a mission-critical resource. The length of time these vulnerabilities are present creates a window of vulnerability (WoV), the period within which defensive measures are reduced, compromised, or lacking. The WoV covers a timeline from the moment a vulnerability is discovered and identified by the vendor. It also includes the time taken to create, publish, and finally apply a fix to the vulnerability. Problems arise as fixes can be disruptive to......

Words: 276 - Pages: 2

Premium Essay

Windows of Vulnerability

...Joy Davis (15538292) Prof. Redd IT 255 Intro to ISS October 20, 2013 Unit 2 Assignment 1: Calculating the Window of Vulnerability WOV or Window of Vulnerability is the time it takes the attack to start all the way to when the attack is found and removed or fixed. As problems arise in IT infrastructure of an organization, providing a fix to the problem can disrupt daily operations and the time it takes between discovering the problem and patching it will leave a window open for an intruder to attack. Once that happens, it is officially a breach of security and any confidential information can be accessed and tampered with. In this particular case, the security breach has been identified and an unauthorized user accessed the SMB server due to an open window of time. The day before the attack, the server software manager detected a hole in security. On the day the hole was detected, it started the timeline of calculating the window of vulnerability. Day 0 is when the vulnerability was discovered. The software company will be releasing a patch however it will take three days to be available, thus adding to the timeline. We are now at day 4 when the LAN administrator communicates that we will need an additional week to download, test and install the patch when it arrives. The final timeframe from the point of discovery to the point that the patch is installed is roughly 11 days. Going further, the patch may need to be deployed companywide to all machines that access the......

Words: 315 - Pages: 2

Free Essay

Window of Vulnerability

...The Window of Vulnerability The window of vulnerability is a time frame within which defensive measures are reduced, compromised or lacking. When trying to calculate the window of vulnerability you need to look at least 4 different things before being able to figure out the entire vulnerability. Those four things are discovery-time, exploit time, disclosure time and patch time. Discovery time is when someone discovers that a product has security or survivability implications, the flaw then becomes vulnerable. Hopefully it was found before an attacker found the vulnerability and exploited it. Exploit time is the time between the discovery and the patch time. It is when most, if not all, attacks will occur on a network. When attackers find vulnerabilities they can break through the security relatively quickly, and if they are not stopped they can damage a network extremely. Disclosure time is the vulnerability is disclosed when the discoverer reveals details of the problem to a wider audience. Disclosure time and exploit time can be occurring at the same time, it just depends on when the vulnerability was discovered and by whom. Patch time takes the longest because of all the code that needs to be fixed in order to close the vulnerability. Patches can take a few days to fix the problems or can take longer than 3 weeks, it all depends on how bad the vulnerability is and how badly the attackers want to get into the network. Even with patches and other fixes to networks there...

Words: 275 - Pages: 2

Free Essay

Vulnerability

...Vulnerability Assessment Scan Using Nessus CNT 4403 Anthony de Cardenas Patricia McDermott-Wells 1. Zenmap GUI is a multi-platform application that provides advanced experience network mapping. It would be used by beginners to understand how the network functions. The software probes computer networks by sending packets and analyzes its responses. It is useful when you want to understand the system’s vulnerabilities or detect specific services running on the network. 2. When describing the risks and vulnerabilities of an information system, it has to start where security of data is compromised. Protecting the user names and passwords of a system is vital. When there are vulnerabilities, the system’s sensitive data is at risk. That is the reason you need to secure your information when transferred through the network. 3. The application that is used for Step 2 in the hacking process is Nessus. 4. If you are to conduct an ethical hacking, you have to make sure that you have the proper authorization. Without it, any probing could be considered malicious and would be subject to prosecution. 5. A CVE, or a Common Vulnerabilities & Exposure, is a list of all the known vulnerabilities in the system. They also provide a way to close or patch them up to limit the risk of security leaks. The CVE database is sponsored by the Mitre Corporation under the control of Homeland Security. 6. The Zenmap GUI can definitely detect the operating system......

Words: 328 - Pages: 2

Premium Essay

Window of Vulnerability

...Window Of Vulnerability (WoV) Window of Vulnerability (WoV) is calculated from the time the attack started to when the attack is found removed or fixed. In this case the attack was found but just referred to as the previous day and the detection was found by the server software. We will say that the attack was on a Monday morning. The software company will be releasing a patch for the attack in three days. We should receive the patch on Thursday then. When we get the patch we will need to install and test the patch, this will take generally according to the size of the computer and the # of end users any part of one week to complete the testing before putting it into production. Once the testing is done on all workgroups & end users devices the patch will need to be installed which is considered into production. The update will be company-wide to all machines that access the network. We will need to send out notification office wide via memo and/or email message to all employees. We should request that all end user’s leave the PC’s or devices on so that we can remotely install the updates or for all of the end users that contain windows 7 which most companies do have the upgrade from XP since it will soon be unsupported, you can use Microsoft Deployment Toolkit (MDT) to automate the update to reduce the Desktop support time & cost to do each and every machine. From the day we found the security hole to the the time we fix the security hole, according to......

Words: 296 - Pages: 2

Free Essay

Vulnerability of a Cryptosystem

...Unit 2 Assignment 2 Vulnerability of a Cryptosystem What this vulnerability is doing is creating a rogue CA certificate, creating an MD5 collision on your next work. According to Microsoft this threat is not a major issue will no reports of this attack being used. Form the rewind that I have doesn’t I did not see any tools that were used to create this attack. I thin g that the system that they currently have still can be used by making some changes. N the system cannot be changed easily based on the size of the infrastructure. The exploit has not been released due to the fact that there are no reports of this attach being used. The likely hood of this being used is very small. I do not think that attacks would be conducted and the results would be crashing of sites and resources. This system is widely used for the University, and if it would become attacked the system its self would still be trustworthy you just need to change the algorithm to SHA-1. The information for eh technical audience is what is conveyed via the links. They need to know about the issues and be informed in order to determine if the change from MD5 to SHA-1 needs to be made. The nontechnical audience doesn’t really need to know anything about this attack. If the university is making the change the impacts will be very minimal and not affect them. If you are talking to management all you need to say is that you found a vulnerability and it can be taken care of with very minimal impact....

Words: 275 - Pages: 2

Free Essay

Unit 2 Assignment 2: Vulnerability of a Cryptosystem

...Unit 2 Assignment 2: Vulnerability of a Cryptosystem 09-27-2014 ITT Technical Institute Unit 2 Assignment 2: Vulnerability of a Cryptosystem This assignment gives us a job at a University as a Security analyst. One of the first things that was placed on our plate as a responsibility was getting the cryptosystem up to date. A high risk vulnerability has been identified and they have asked me to make recommendations on how to remedy the situation. There is a few websites that I have been advised to read as they may assist in my decision making process. After reading further I have been asked a large number of questions. I am planning to read up so I know about the cryptosystem then go into answering the provided questions. When we think about MD5 hashing we have to consider the hash and its long history of collisions on the network. When we were doing the practice labs in class the other night we say a number of student using the MD5 hashing and getting the same hash out of different text documents. This is not a good sign that this is the best type of hashing algorithm to use. I would advised using the latest greatest out with a known history of being secure. Asking if the threat is significant is an easy question to answer. Any organizations documentation at some level needs to be protected so it is not used in the wrong way. Yes, of course the cryptosystem being vulnerable is something that needs to be addresses right away. Modifying the hardware and software......

Words: 1643 - Pages: 7

Premium Essay

Vulnerability in Information

...CHAPTER 1 Vulnerabilities, Threats, and Attacks Upon completion of this chapter, you should be able to answer the following questions: ■ ■ What are the basics concepts of network security? What are some common network security vulnerabilities and threats? ■ ■ What are security attacks? What is the process of vulnerability analysis? Key Terms This chapter uses the following key terms. You can find the definitions in the glossary at the end of the book. Unstructured threats Structured threats External threats Internal threats Hacker Cracker Phreaker Spammer Phisher page 21 page 21 page 21 page 21 page 21 page 20 page 20 page 20 page 21 White hat Black hat page 21 page 21 page 28 page 28 Dictionary cracking Brute-force computation Trust exploitation Port redirection page 28 page 29 page 30 Man-in-the-middle attack Social engineering Phishing page 30 page 30 2 Network Security 1 and 2 Companion Guide The Internet continues to grow exponentially. Personal, government, and business applications continue to multiply on the Internet, with immediate benefits to end users. However, these network-based applications and services can pose security risks to individuals and to the information resources of companies and governments. Information is an asset that must be protected. Without adequate network security, many individuals, businesses, and governments risk losing that asset. Network security is the process by which digital information......

Words: 13317 - Pages: 54

Premium Essay

Security Vulnerability

... Matrix Of Vulnerability Attributes And System Object Types Student name Professor Date of submission Matrix of Vulnerability Attributes and System Object Types   | Object of Vulnerability | | Physical | Cyber | Human/Social | Enabling Infrastructure |   |    Attributes | Hardware (datastorage,input/output,clients,servers),networkandcommunications,locality |  Software,data,information,knowledge | Staff,command,management,policies,procedures,training,authentication |  Ship,building,power,water,air,environment | Design/Architecture | Singularity |  Network and communications affected | Software as well as data has been compromised |  Centralized management system as well as procedures and authentication needed to access | Hardware and software | | Uniqueness |  Was not thoroughly taken care of leading to the vulnerability of the system |  Result of a vulnerability |   |   | | Centrality |  Centralized control system |  Fed from a centralized system of control |  Centralized management of the organization |   | | Homogeneity |  Vulnerabilities requiring patches happen from time to time |  Occurences such as this have never been witnessed before |   |   | | Separability |  Can be easily separated from the system |  Cannot be easily isolated from the system |  One with the system as they need each other to perform |   | | Logic/......

Words: 1132 - Pages: 5

Free Essay

Wireless Vulnerabilities

...Wireless Vulnerabilities DUE DATE: 01/10/2016 ISSC 680 BY: TAMMY BATTLE PROFESSOR: Dr. Louay Karadsheh Introduction What is vulnerability? Vulnerabilities are shortcomings in the physical design, association, strategies, work force, administration, organization, equipment, or programming that might be misused to make hurt framework. The objective of the preparatory helplessness evaluation is to add to a rundown of framework vulnerabilities (defects or shortcomings) that could be misused by a potential danger. For new frameworks, the quest for vulnerabilities ought to concentrate on security arrangements, arranged methodology, framework necessities definitions, and security item examination. For operational frameworks, break down specialized and procedural security highlights and controls used to ensure the framework. Weakness investigation includes the accompanying five security control territories: (FAA) * Technical – the computer hardware and software, modes of communication, and the system architecture. * Operational - methods that individuals perform as for as information system * Administrative - feeble countermeasures in the authoritative methodology that influence the information systems. * Physical - frail countermeasures in the physical design of, and access to, offices and fenced in areas where computerized data frameworks are house. * Personnel - feeble countermeasures in approach, procedure, and methods utilized for security......

Words: 2588 - Pages: 11

Premium Essay

Vulnerability

...conduct vulnerability assessments is of the upmost importance if a company or organization has information that is confidential or vital in nature. The need to conduct penetration testing should be an ongoing task for organizations as new technologies emerge. Even with security measures in place hackers continue to find ways around the roadblocks which are put in place to secure our networks. Just this month alone the Federal Bureau of Investigation’s network was compromised as a hacker was able to penetrate the emails of one of the organization’s special agents (Brito, 2012). The FBI has some of the most sophisticated computer security measures in place known to man and if their systems can be hacked I assure you that no one is safe. In order to properly examine a computer network for vulnerabilities a company’s information systems manager needs to determine whether such testing can be completed in house or should be outsourced to a penetration testing contractor. It is my belief that penetration testing is best left to contractors whose sole function is in conducting these types of tests, as they are better equipped with the tools and knowledge needed to get an accurate overview of a business network. However, penetration testing should be completed periodically by a business internal IT staff as they can apply updates to prevent vulnerabilities throughout the year and can assist a third party vendor in getting the best snapshot of a network’s vulnerabilities. ......

Words: 1998 - Pages: 8

Premium Essay

Vulnerabilities of a Workgroup

...There are several vulnerabilities that exist for any workgroup but the five I have chosen are a remote code execution, an elevation of privileges, an uninitialized memory corruption, a hacker could hijack an active OWA session, information disclosure vulnerability. Several of the vulnerabilities include privilege elevation. This is a very serious type of attack because if a person can elevate there privileges they could completely take over your system and do some serious damage. This particular attack is a remote code execution vulnerability which could allow an attacker to remotely take over your system. The vulnerability is caused by a memory corruption error while handling malformed strings in a Microsoft Office document. The attacker would create specially crafted MS Office files send them as email attachments, or they could host a web site and lure you into visiting by simply clicking on a link. Opening the email attachment could corrupt the system memory and allow the attacker to execute arbitrary code. The workaround for this attack is do not open or save files received from unknown sources or that come unexpectedly from trusted sources. The cure is to apply appropriate patches. The next attack is in Outlook Web Access and it could allow Elevation of Privileges. The attacker could hijack the OWA session and perform actions on behalf of the authenticated user without the user’s knowledge. This vulnerability affects Microsoft exchange server 2000, 2003, 2007 so......

Words: 350 - Pages: 2

Premium Essay

Vulnerability

...Article on Vulnerablity Nur 440 August 22, 2011 Vulnerability Article As cited by De, and Anderson (2008), according to Aday (2001), “vulnerable populations are those at risk for poor physical, psychological, or social health. Anyone can be vulnerable at any given point in time as a result of life circumstances or response to illness or events” (p. 3). This particular article will look at the groups who are vulnerable to influenza. As stated by Hutchins, Truman, Merlin, and Redd (2009) “the US national strategy for pandemic influenza preparedness and response assigns roles to governments, businesses, civic and community-based organizations, individuals, and families” (para. 1). Looking at the group that would have a greater risk there are many barriers. One of the barriers is ensuring that all levels from government, right down to the individual act efficiently and swiftly with the plan of action. Others may be transportation, lack of insurance, lack of knowledge, and the list goes on. There are many vulnerable groups when looking at containing or minimizing an outbreak of influenza. Some of the top groups are newborn’s/infants, poverty/poor class of society (no insurance), and the elderly (>65 years-old). A person then can break the groups down even more and say; anyone within these groups that are compromised with other health problems may be at an even greater risk. With influenza very easily contracted from person to person along with looking at these......

Words: 427 - Pages: 2