Dissecting the Meaning of an Encrypted Message: An Approach to Discovering the Goals of an Adversary

Quantified Score

Visualization

Abstract

Secure communication over a hostile network typically involves the use of cryptographic protocols that specify the precise order in which messages should be exchanged to achieve communicative goals. There has been a great deal of literature on the formal verification of cryptographic protocols, where the emphasis is on finding attacks that compromise the security of a given protocol. However, in the context of intelligence analysis, simply determining if an attack exists is not sufficient. Even in the absence of a known security flaw, we are still interested in monitoring communication and determining the goals of individuals that attempt to manipulate a protocol. By monitoring communication at this level, we are able to predict future attacks, deny service to offending parties, and determine which pieces of information are desirable to intruders on a particular network. In order to discern the goals of an intruder, we need to understand what an agent is attempting to achieve by sending a given message. In the context of cryptographic protocols, it is particularly important to understand what an agent is attempting to achieve by encrypting a specific message with a specific key. In this paper, we study the meaning of encrypted messages using tools imported from discourse analysis and Computational Intelligence. We demonstrate that explicitly specifying the communicative acts performed by encrypted messages allows us to uncover the goals of an intruder. The utility of this information is discussed.