Cryptographic attacks

Question 1

Used to find collisions in hashes and allows the attacker to be able to create the same hash as the user. Exploits that if the same mathematical function is performed on two values and the result is the same - then the original values are the same.

Answer 1

Birthday

Question 2

Known plain/cipher text

The attacker has both the plaintext and its encrypted versions

Answer 2

Plain text

Question 3

Known plain/cypher text

The attacker has access only to the encrypted messages

Answer 3

Cipher text

Question 4

Large pregenerated data sets of encrypted passwords used in password attacks.

Answer 4

Rainbow tables

Question 5

Password attack that creates encrypted versions of common dictionary words and then compares them against those in a stolen password file. Guessing using a list of possible passwords.

Answer 5

Dictionary

Question 6

Password-cracking program that tries every possible combination of characters A to Z.

Answer 6

Brute force

Question 7

Online vs Offline

Against a live logon prompt

Answer 7

Online

Question 8

Online vs Offline

The attack is working on their own independent computers to compromise a has password.

Answer 8

Offline

Question 9

When twuo different inputs produce the same hash value

Answer 9

Collision

Question 10

Forces a system to lessen its security thus allowing for the attacker to exploit the lesser security controls. . It is most often associated with cryptographic attacks due to weak implementations of cipher suites. Example is TLS > SSL, a man-in-the-middle POODLE attack exploiting TLS v1.0 - CBC mode.

Answer 10

Downgrade

Question 11

The attacker captures network packets and then retransmits them back onto the network to gain unauthorized access.

Answer 11

Replay

Question 12

The main cause of failures in modern cryptography systems are because of poor or weak implementations instead of a failure caused by the algorithm itself.

Answer 12

Weak implementations