Cryptanalysis

14th July 2020 | Cybrary

Cryptanalysis is the decryption and analysis of codes, ciphers or encrypted text. Cryptanalysis uses mathematical formulas to search for algorithm vulnerabilities, attempting to break into a cryptographic system. The goal of cryptanalysis is to find weaknesses in or otherwise defeat encryption algorithms. This research is used by cryptographers to improve and strengthen or else replace irreparably flawed algorithms. An example of cryptanalysis improving an encryption protocol os Transport Layer Security (aka: TLS). It has been tested and broken and fixed and upgraded from version 1.0 to 1.1 and between 2017 and 2019 to version 1.2. The older versions are no longer recommended because of their inherent flaws; however, the current version is thought to be very secure and well trusted.

It’s important to have this research done to our algorithms in the hopes of staying one step ahead of hackers who themselves are improving their techniques on cracking our encryption protocols.

Source: TechTarget, Techopedia

Additional Reading: Outdated Encryption: Is Your Data Secure?

What does this mean for an SMB?

Most SMBs who develop software products are not going to hire cryptanalysts. Cryptanalysis is typically reserved for educational institutions and classified government programs where researchers attempt to breach these algorithms and encryption schema’s. Where an SMB could improve the security of their developed software solutions is by implementing a Bug Bounty program to encourage security researchers to search for and responsibly disclose zero-day vulnerabilities in the software your SMB is developing. This is far more likely to pay important dividends to you than hiring a high-end and very costly mathematician to do cryptanalysis for your SMB.