Attack Models for Cryptanalysis

Attacking a cipher or a cryptographic system may lead to breaking it fully or only partially. After compromising the security, the attacker may obtain various amounts and kinds of information.

Lars Knudsen, a Danish researcher, proposed the following division for determining the scale of attacker's success:

  • Total break: deducing and obtaining a secret key.
  • Global deduction: discovering an algorithm, which allows to decrypt many messages, without knowing the actual secret key.
  • Local deduction: discovering an original plaintext of the specific given ciphertext.
  • Information deduction: obtaining some information about the secret key or original message (for example, a few bits of the key or information about a plaintext format).

The best ciphers should protect against all the cipher's failures levels mentioned above. No attack should be able to reveal any information related to the secret key and plaintext messages.

Theoretical Attack Models:

Known-plaintext Attack

Book image

During known-plaintext attacks, the attacker has an access to the ciphertext and its corresponding plaintext.

Read More

Chosen-plaintext Attack

Doors image

During the chosen-plaintext attack, a cryptanalyst can choose arbitrary plaintext data to be encrypted and then he receives the corresponding ciphertext.

Read More

Ciphertext-only Attack

Label only image

During ciphertext-only attacks, the attacker has access only to a number of encrypted messages. He has no idea what the plaintext data or the secret key may be.

Read More

Chosen-ciphertext Attack

Doors image

During the chosen-ciphertext attack, a cryptanalyst can analyse any chosen ciphertexts together with their corresponding plaintexts.

Read More

Chosen-key Attack

Keys image

Chosen-key attacks intended to not just break a cipher but to break the larger system which relies on that cipher.

Read More

Cryptographic Attacks:

Brute Force Attack

Punch image

During the brute-force attack, an attacker tries all possible keys (or passwords), and checks which one of them returns the correct plaintext.

Read More


Balls image

Denial-of-Service (DoS) attacks are intended to disrupt a server and to not allow it to receive and process the requests sent by its intended users and clients.

Read More


Man in suit image

During the man-in-the-middle attack, the hidden intruder joins the communication and intercepts all messages.

Read More

Attack on Two-Time Pad

Brigde image

Using the same keystream bytes more than once for encrypting different data, makes a cipher vulnerable to the attacks on Two-Time Pad.

Read More


Octopus image

During the Key Reinstallation Attack, the attacker tries to discover the secret WPA2 key which protects evvery wireless communication.

Read More

Frequency Analysis

Frequency image

Frequency analysis is one of the known ciphertext attacks, focused on the study of the frequency of letters or groups of letters in a ciphertext.

Read More

Meet-in-the-middle Attack

Meeting image

By using meet-in-the-middle attacks it is possible to break ciphers, which have two or more secret keys for multiple encryption using the same algorithm.

Read More

Replay Attack

Stormtrooper image

During replay attacks the intruder sends to the victim the same message as was already used in the victim's communication.

Read More

Homograph Attack

Letters image

Homograph attacks are based on creating fake URL addresses, which look like genuine ones. People that open a fake website are attacked by malware scripts and viruses.

Read More

It seems to be worth mentioning that there are two more effective methods of breaking ciphers. A purchase-key attack involves using bribery for obtaining secret keys or other protected information. Whereas, in the so-called rubber-hose method blackmail, threats, and torture are the means used for obtaining the desirable secret information.