Crypto-IT Logo
ου γαρ εστιν κρυπτον ο ου φανερον γενησεται ουδε αποκρυφον ο ου γνωσθησεται και εις φανερον ελθη
Wersja PL ENG Version

Chosen-Ciphertext Attack

During the chosen-ciphertext attack, a cryptanalyst can analyse any chosen ciphertexts together with their corresponding plaintexts. His goal is to acquire a secret key or to get as many information about the attacked system as possible.

The attacker has capability to make the victim (who obviously knows the secret key) decrypt any ciphertext and send him back the result. By analysing the chosen ciphertext and the corresponding received plaintext, the intruder tries to guess the secret key which has been used by the victim.

Chosen-ciphertext attacks are usually used for breaking systems with public key encryption. For example, early versions of the RSA cipher were vulnerable to such attacks. They are used less often for attacking systems protected by symmetric ciphers. Some self-synchronizing stream ciphers have been also attacked successfully in that way.

Adaptive-Chosen-Ciphertext Attack

The adaptive-chosen-ciphertext attack is a kind of chosen-ciphertext attacks, during which an attacker can make the attacked system decrypt many different ciphertexts. This means that the new ciphertexts are created based on responses (plaintexts) received previously. The attacker can request decrypting of many ciphertexts.

There exist rather few practical adaptive-chosen-ciphertext attacks. This model is rather used for analysing the security of a given system. Proving that this attack doesn't break the security confirms that any realistic chosen-ciphertext attack will not succeed.