1.4Cryptographic attacks

Question 1

Birthday

Answer 1

Used to find collisions in hashes and allows the attacked to be able to create the same hash as the user. Exploits that if the same mathematical function is performed on two values and the result is the same then the original values are the same

Question 2

Know plain text/cipher text

Answer 2

I. Plain text- The attacker has both the plain text and the encrypted version
II. Cipher text- The attacker has access only to the encrypted message

Question 3

Rainbow tables

Answer 3

Large pregenerated data sets of encrypted passwords used in password attacks

Question 4

Dictionary

Answer 4

A password attack that creates encrypted versions of common dictionary words and then compares them against those in the stolen password file. guessing using a list of possible passwords

Question 5

Brute Force

Answer 5

A password crasking program that tries every possible combination of characters A-Z

Question 6

Online vs. offline

Answer 6

I. Online- is against a live logon prompt

II. Offline- The attack is working on their own independent computers to compromise a password hash

Question 7

Collision

Answer 7

When two different inputs produce the same has value

Question 8

Downgrade

Answer 8

Forces a system to lessen its security, this allows the attacker to exploit the lesser security control. it is often associated with cryptographic attacks due to weak implementations of cipher suites. i.e. TLS>SSL, a man in the middle POODLE attacks exploiting TLS v1.0 - CBC mode

Question 9

Replay

Answer 9

The attacker captures network packets and the retransmits them back to the network to gain unauthorized access

Question 10

Weak implimentations

Answer 10

The main cause of failures in modern cryptography systems are because of poor or weak implementations instead of a failure caused by the algorithm itself