Cryptographic attacks are methods of evading the security of a cryptographic system by finding weaknesses in such areas as the code, cipher, cryptographic protocol or key management scheme in the cryptographic algorithm. The following are the cryptographic attacks usually performed by an attacker:

* Known plaintext attack: In a known plaintext attack, an attacker should have both the plaintext and ciphertext of one or more messages. These two items are used to extract the cryptographic key and recover the encrypted text.
* Ciphertext only attack: In this attack, an attacker obtains encrypted messages that have been encrypted using the same encryption algorithm. For example, the original version of WEP used RC4, and if sniffed long enough, the repetitions would allow a hacker to extract the WEP key. Such types of attacks do not require the attacker to have the plaintext because the statistical analysis of the sniffed log is enough.
* Man-in-the-middle attack: In this form of attack, an attacker places himself in the middle of the communications flow between two parties. Once an attacker enters the communications flow, he is able to perform a ciphertext only attack, exchange bogus keys, etc.
* Replay attack: In this type of attack, an attacker tries to repeat or delay a cryptographic transmission. A replay attack can be prevented using session tokens.

* Chosen plaintext attack: In a chosen plaintext attack, an attacker somehow picks up the information to be encrypted and takes a copy of it with the encrypted data. This is used to find patterns in the cryptographic output that might uncover a vulnerability or reveal a cryptographic key.
* Chosen ciphertext attack: In this type of attack, an attacker can choose the ciphertext to be decrypted and can then analyze the plaintext output of the event. The early versions of RSA used in SSL were actually vulnerable to this attack.

Explore More

Tips and Tricks about Gmail

While Web-based email is nothing new, Gmail introduces some new and unique concepts. Managing email has become very easy while at the same time having powerful tools to find and

How to Remove Windows Genuine Advantage Notifications

Windows genuine advantage notifications occur when your computer hasn’t passed the validation test. The validation test can be failed due to being sold a pirated (non-genuine) copy of XP, or

Critical SQL Injection in GK Power System (Myanmar)

PlanetCreator reported another Critical SQL injection (vulnerability) on GK Power System (Myanmar) URL : http://www.gkmyanmar.com/ SQL injection is a code injection technique that exploits a security vulnerability occurring in the