Cryptographic Attacks Flashcards
What is a Birthday Attack
Used to find collisions in hashes and allows the attacker to be able to create the same hash as the user. Exploits that if the same mathematical function is performed on two values and the result is the the same, then the original values are the same.
What is a Known Plain Text Attack?
The attacker has both the plaintext and its encrypted version.
What is a Known Cipher Text Attack?
The attacker has access only to the encrypted messages.
What is a Rainbow Tables?
Large pregenerated data sets of encrypted passwords used in password attacks.
What is a Dictionary Attack?
A password attack that creates encrypted versions of common dictionary words and then compares them against those in a stolen password file. Guessing using a list of possible passwords.
What is a Brute Force Attack?
A password-cracking program that tries every possible combination of characters through A to Z.
What is an Online Attack?
Attack is against a live logon prompt
What is an Offline Attack?
The attack is working on their own independent computers to compromise a password hash.
What is a Collision Attack?
When two different inputs produce the same hash value.
What is a Downgrade Attack?
Forces a system to lessen its security, this allows for the attacker to exploit the lesser security control. It is most often associated with cryptographic attacks due to weak implementations of cipher suites. Example is TLS > SSL, a man-in-the-middle POODLE attack exploiting TLS v1.0 - CBC mode.
What is a Replay Attack?
The attacker captures network packets and then retransmits them back onto the network to gain unauthorized access.
What is Weak Implementation?
The main cause of failures in modern cryptography systems are because of poor or weak implementations instead of a failure caused by the algorithm itself.