What are cryptographic attacks?

Home / Hacking, News, Security / What are cryptographic attacks?

August 25, 2008 PlanetCreator 0 Comments 0 tags

Cryptographic attacks are methods of evading the security of a cryptographic system by finding weaknesses in such areas as the code, cipher, cryptographic protocol or key management scheme in the cryptographic algorithm. The following are the cryptographic attacks usually performed by an attacker:

* Known plaintext attack: In a known plaintext attack, an attacker should have both the plaintext and ciphertext of one or more messages. These two items are used to extract the cryptographic key and recover the encrypted text.
* Ciphertext only attack: In this attack, an attacker obtains encrypted messages that have been encrypted using the same encryption algorithm. For example, the original version of WEP used RC4, and if sniffed long enough, the repetitions would allow a hacker to extract the WEP key. Such types of attacks do not require the attacker to have the plaintext because the statistical analysis of the sniffed log is enough.
* Man-in-the-middle attack: In this form of attack, an attacker places himself in the middle of the communications flow between two parties. Once an attacker enters the communications flow, he is able to perform a ciphertext only attack, exchange bogus keys, etc.
* Replay attack: In this type of attack, an attacker tries to repeat or delay a cryptographic transmission. A replay attack can be prevented using session tokens.

* Chosen plaintext attack: In a chosen plaintext attack, an attacker somehow picks up the information to be encrypted and takes a copy of it with the encrypted data. This is used to find patterns in the cryptographic output that might uncover a vulnerability or reveal a cryptographic key.
* Chosen ciphertext attack: In this type of attack, an attacker can choose the ciphertext to be decrypted and can then analyze the plaintext output of the event. The early versions of RSA used in SSL were actually vulnerable to this attack.

Explore More

Introduction on benchmarking attacks

Affected operating systems: ————————— Windows XP Pro Windows 2003 Windows Vista Windows 2008 (all service packs…) And probably some UNIX/Linux systems with some variants… Look by yourself. ================================================== ================================================== Abstract:

Critical Blind SQL Injection and Persistent XSS Vulnerability in Airmandalay http://www.airmandalay.com

PlanetCreator has reported another Critical Blind SQL Injection and Persistent XSS Vulnerability in Myanmar (Burma) Domestic and International Airline, Myanmar Domestic Flight http://www.airmandalay.com Cross-site scripting (XSS) is a type of

BLINK HACKER GROUP HACKED Khitlunge

A hacker group named themselves BLINK HACKER hacked http://www.khitlunge.net.mm and it’s a social and news site for Myanmar Latest News, Myanmar Breaking News, Myanmar Update News. I don’t know how

[webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
on May 6, 2025 at 12:00 am
Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
[webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
on May 6, 2025 at 12:00 am
Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
[webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
on May 6, 2025 at 12:00 am
ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
[local] Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
on May 1, 2025 at 12:00 am
Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
[local] Daikin Security Gateway 14 - Remote Password Reset
on May 1, 2025 at 12:00 am
Daikin Security Gateway 14 - Remote Password Reset