Code book attack

From Citizendium
Revision as of 22:27, 1 November 2008 by imported>Sandy Harris (new page)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

In a code book attack on a block cipher, the attacker tries to build up a "code book", a table saying which ciphertexts correspond to which plaintexts.

The Internet Key Exchange protocol automates re-keying for IPsec. It can be set to re-key after a fixed time or after a fixed amount of data is transferred, or both limits can be set and it will re-key when either is reached. Generally, an administrator sets one or both limits and re-keying is fairly frequent. However, there is a default built in so that, even if the administrator muffs it, the cipher is always re-keyed after 232 packets.

Code book attacks can be used against any block cipher mode of operation. Take the widely used CBC mode as an example. In that mode, the ciphertext from the previous block is XORed into the plaintext before encryption, so — using p for plaintext, c for the corresponding ciphertexts, e() for encryption, and ^ for XOR — two encryptions might be:

cn = e(pn ^ cn-1)
cm = e(pm ^ cm-1)

If cn = cm, then the attacker knows that:

pn ^ cn-1 = pm ^ cm-1

which he can re-arrange to:

pn ^ pm = cn-1 ^ cm-1

but the ciphertexts are known if he has intercepted them, so the right side is known. This gives him:

pn ^ pm = a known constant

This easily breakable. See the stream cipher article for details.