Passive attack: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Sandy Harris
No edit summary
imported>Sandy Harris
No edit summary
Line 5: Line 5:
In [[cryptography]] a '''passive attack''' on a communications system is one in which the attacker only eavesdrops; he may read messages he is not supposed to see, but he does not alter messages. This contrasts with an [[active attack]] in which the attacker may forge, alter, replace or reroute messages.
In [[cryptography]] a '''passive attack''' on a communications system is one in which the attacker only eavesdrops; he may read messages he is not supposed to see, but he does not alter messages. This contrasts with an [[active attack]] in which the attacker may forge, alter, replace or reroute messages.


There are three passive attacks that will ''in theory'' break any [[block cipher]]:
There are three passive attacks that will ''in theory'' break any [[cipher]]; variants of these work for either [[block cipher]]s or [[stream cipher]]s:
* [[brute force attack]] — try all possible keys
* [[brute force attack]] — try all possible keys
* [[algebraic attack]]  — write the cipher as a system of equations and solve for the key
* [[algebraic attack]]  — write the cipher as a system of equations and solve for the key

Revision as of 01:19, 2 November 2008

This article is developing and not approved.
Main Article
Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.
For more information, see: Cryptanalysis.

Template:TOC-right

In cryptography a passive attack on a communications system is one in which the attacker only eavesdrops; he may read messages he is not supposed to see, but he does not alter messages. This contrasts with an active attack in which the attacker may forge, alter, replace or reroute messages.

There are three passive attacks that will in theory break any cipher; variants of these work for either block ciphers or stream ciphers:

However, all of those attacks are spectacularly impractical against real ciphers. Brute force and algebraic attacks require the attacker to do far too much work. For a code book attack, he needs very large amounts of storage and a large collection of intercepts, all encrypted with the same key. If the cipher user changes keys at reasonable intervals, a code book attack is impossible.

There are are whole range of other passive attacks; see cryptanalysis.