Brute Force Attacks...

When talking about brute-force attacks two important distinction need to be made. Cryptoanalysis against Public key systems is much more effective than against Private key algorithms and public keys have a much longer life compared to private keys. A document signed with a 1024 bit Public key may need to remain secure for 20 years!

Some other possible attack methods -

Chosen-plaintext

Attacks were you trick someone into encrypting known plaintext (either that you have selected or that you have knowledge of) with their key.

Known and Probable Plaintext Attack

The enemy has one or more pairs of ciphertext and a known or suspected plaintext encrypted with the same key. These pairs can be used to aid cryptanalysis

Eavesdropping

The attacker watches flowing encrypted traffic. Usually used to gain information to be used for later attacks.

Man-in-the-middle

An attacker sits on the communications links between two parties and impersonates them to one another.

Replay

Storing a legitimate message and then re-using it later on.

Time Attacks

In protocols that use the current time or are time-synchronised the attacker tries to confuse one or other party about what the real time is. Alternatively a combination of replay attack and time attack can be used to convince someone that an old replayed message is new and valid.

Active Attack

In active attacks the attacker inserts messages and possibly deletes or modifies legitimate messages.

Birthday Attack

An attack specifically aimed at hash functions (as often used for message authentication) where you aim to find two messages which have the same hash value. You can then replace the original message without the change being detected.

[ Contents ] [ DNS ] [ p6spy ] [ Weblogic Tuning ] [ Cactus ] [ The Grinder ] [ Word to PDF ]