All About Data Security – A Definitive Guide !! (Types Of Attacks In Information Security)

We daily spend a huge amount of time online. There is no doubt an innumerable bit of data transfer taking place each second over the internet. However hardly around 70 – 80 % of total people do really cares about data privacy and security in the real world.

This ignorance further encourages spammers/hackers to exploit the vast amount of unprotected data over the internet. In this post, we will cover a brief overview of the Data security in the true sense 

In this post, we will basically dive into the data security basics and the various types of cryptographic attacks that are most common in the data security field. So just sit back and read further . 

What Exactly Is Data Security ?

Information security consists of methods used to protect data or information being transmitted for preserving the integrity, availability, and confidentiality of the information. Following are the different types of security goals also called as principals of security :

1. Confidentiality

Confidentiality is the most common aspect of information security. Confidentially is defined as the contents of a message are accessed only by intended person.
Aim of confidentially is that only the sender and his intended receiver should be able to access the contents of a message.

2. Integrity

The principle of integrity states that the contents of the message should not be modified until it reaches to authorized person.
In this case change in the information need to be done only by an authorized person and through authorized mechanisms only. Integrity gives assurance that data received exactly as sent by an authorized entity .

3. Authentication

Authentication provides a way of verifying the identity of the user. In other words, Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be.
The authentication of users prevents unauthorized users from gaining access to information systems.

What Is Cryptography In Data Security ?

Cryptography is the art as well as the science of secret writing of information/message and makes them nonreadable. The process of transformation/conversion of plain text message into cipher text message is called as encryption and the process of transformation / conversion of ciphertext message into plain text message is called as Decryption.

The term encryption and decryption is also called as encipherment and decipherment. The process of encryption and decryption are controlled by cryptographic keys.

Note : We will cover Cryptography in detail in later posts . So just stay tuned . 

What Are Cryptanalysis Attacks In Data Security ?

Cryptographic attacks are designed to discover the loop falls in cryptographic algorithms, these attacks are designed to decrypt data without prior permission and without access to a key.

This is the job of Cryptanalysis to find the weakness into the algorithm used for encryption and decryption of data and then decipher the data.

Note : The person who studies encryption and decryption methods and finds contents of hidden message called as cryptanalyst/cryptanalysis. OR The process of studying methods of breaking ciphertext message is known as cryptanalysis 

Before studying different attacks against Data Encryption Standard we must know different types of cryptographic attack methods.

What Are The Various Cryptographic Attacks In Data Security ?

There are five cryptographic attack methods that include plain text-based as well as cipher text-based attacks. 

1. Known Plaintext attack 

In this type of attack, the cryptanalyst tries to access plain text and its corresponding ciphertext. He/she will find if there any correlation between plain text and cipher text produced such type of attack is called known plain text attack.

2. Cipher text attack only 

In this type of attack, cryptanalyst has only access to ciphertext but doesn’t have access to corresponding plain text such type of attack is called a Cipher text attack only . 

3. Chosen Plaintext attack 

In this type of attack, a cryptanalyst can encrypt the plain text of his own choice (guess) and later on find ciphertext obtained from corresponding plain text such type of attack is called chosen plain text attack.

4. Chosen cipher text attack 

In this type of attack, the cryptanalyst chooses a ciphertext and attempts to find a matching plaintext. Such type of attack generally associates with decryption process because cryptanalyst may get temporary access to decryption process.

5. Side channel attack

In this type of attack cryptanalyst always try to find out which technology used to design cryptographic algorithms and which are the different software or hardware and keys used during encryption and decryption process.

In computer and computer networks an attack is any attempt to alter, disable, and destroy or gain unauthorized access of confidential information.

6. Passive Attacks 

A passive attack makes an attempt to collect information from the system but does not modify or alter the system data or resources. Eavesdropping or monitoring of information is an example of passive attacks. The goal of the opponent is to gain information that is being transmitted.

7. Active Attacks 

Active attacks involve modification of a data stream or creation of a false stream of messages. Attacker aim in such type of attack is to corrupt or destroy the data as well as the network itself.

Finally we have reached the end of this post regarding the various attacks in the data security mechanism . Stay tuned for more interesting stuff and various security techniques in data security .