Cryptanalysts are a very technical and specialized workforce. Your organization already has a workforce of security engineers (SEs). Cryptanalysts could be added to support part of the operation and maintenance functions of the enterprise key management system. Conduct research on the need, cost, and benefits of adding cryptanalysts to the organization’s workforce. Determine if it will be more effective to develop the SEs to perform these tasks. Discuss alternative ways for obtaining cryptanalysis if the organization chooses not to maintain this new skilled community in-house.
a. Cryptanalysis refers to the techniques used by attackers to get access to encrypted data. According to Elaine Barker of the National Institute of Standards and Technology, cryptanalysis is “the study of mathematical techniques for attempting to defeat cryptographic techniques and information system security. This includes the process of looking for errors or weaknesses in the implementation of an algorithm or in the algorithm itself.”
b. The two main types of cryptanalysis techniques are differential and linear. Differential cryptanalysis uses comparison of key pair combinations to find information about the key, whereas linear cryptanalysis uses laws of probability to find relationships between the original data and encrypted data.