Stream Ciphers and Defense in IKE
Stream ciphers work by using a combination of plaintext data, an encryption key, and a nonce. It is usually just a random number, but it can also come from plaintext data or another source that is typically outside the scope of what is being encrypted. Encryption algorithms operate on a bit-by-bit or block-by-block basis; however, stream ciphers use a variable amount of bits at any given time. This allows for the encryption to continue bit by bit as each new plaintext byte comes in.
What is Codebook Attack?
The codebook attack is a very common password hacking technique where the hacker guesses the passwords of a user by using common phrases and words as password phrases. Hackers always use this method when a dictionary attack has not been able to retrieve any meaningful results. Codebooks are usually data stored in files on the web server, which contain nothing but common words used as passwords by users. The most popular codebook is a list of passwords that can be recovered through John The Ripper software utility. At some point, someone will start to suspect that they have been the target of a codebook attack. This is when a hacker has exfiltrated sensitive data, often in the form of an encrypted file, and is holding it for ransom in exchange for money. In order to decrypt this file, an individual must send them $USD or another cryptocurrency. The best way to protect against a codebook attack is not by paying them off but by researching and implementing stronger encryption practices at your company. The longer an attacker has had access to your system and data, the greater the chance that they are able to compromise it further.