Security Encyclopedia

Cryptanalysis

Cryptanalysis is the art, science, or exercise of decrypting encrypted messages. Cryptanalysis assumes the cryptologists, mathematicians, and other scientists engaged in the process lack the secret key used for encryption and decryption. This kind of examination to reveal weaknesses in a cryptosystem differs from a brute force attack.  

Cryptanalysis often entails a direct examination of the cryptosystem in place, basically an advanced focused mathematical effort at decryption using information that is known about the encryption scheme. These could include intercepted encrypted messages (ciphertext), intercepted full, partial, likely, or related original messages (plaintext), or they can use information (encrypted or original) that is known for use adaptively in successive trials. 

Computer resources required for cryptanalysis include time, memory, and data. There are also varying degrees of success ranging from a total break of the encryption algorithm to the uncovering of weaknesses in it. 

Increasingly, there has been a growth in indirect attacks on the cryptosystem called side-channel attacks. These are ones on a system’s implementation and related or dependent resources.

Example:

“The practice of breaking encryption through direct analysis of the encrypted messages, or parts thereof, is called cryptanalysis. Today this practice is being influenced by more indirect methods of attaining the goal, such as side-channel attacks that reveal weaknesses in the cryptosystem’s implementation.”