• Ciphertext-only attack
    a ciphertext-only attack (COA) or known ciphertext attack is an attack model for cryptanalysis where the attacker is assumed to have access only to a...
    5 KB (665 words) - 01:31, 2 February 2025
  • Adaptive chosen-ciphertext attack
    chosen-ciphertext attack (abbreviated as CCA2) is an interactive form of chosen-ciphertext attack in which an attacker first sends a number of ciphertexts to...
    6 KB (730 words) - 13:38, 20 May 2025
  • Chosen-ciphertext attack
    A chosen-ciphertext attack (CCA) is an attack model for cryptanalysis where the cryptanalyst can gather information by obtaining the decryptions of chosen...
    9 KB (1,105 words) - 22:21, 9 March 2025
  • Chosen-plaintext attack
    A chosen-plaintext attack (CPA) is an attack model for cryptanalysis which presumes that the attacker can obtain the ciphertexts for arbitrary plaintexts...
    11 KB (1,432 words) - 01:09, 2 June 2025
  • Thumbnail for Ciphertext
    Ciphertext
    cryptography, ciphertext or cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Ciphertext is also known...
    9 KB (1,133 words) - 21:23, 27 July 2025
  • Thumbnail for Frequency analysis
    Frequency analysis (category Cryptographic attacks)
    plaintext are preserved in the ciphertext, and these patterns have the potential to be exploited in a ciphertext-only attack. In a simple substitution cipher...
    16 KB (1,663 words) - 21:40, 19 June 2025
  • Ciphertext indistinguishability
    distinguish pairs of ciphertexts based on the message they encrypt. The property of indistinguishability under chosen plaintext attack is considered a basic...
    15 KB (1,917 words) - 15:42, 16 April 2025
  • Akelarre (cipher)
    of IDEA with ideas from RC5. It was shown to be susceptible to a ciphertext-only attack in 1997. Akelarre is a 128-bit block cipher with a variable key-length...
    4 KB (333 words) - 15:02, 26 January 2024
  • Differential cryptanalysis (redirect from Differential attack)
    however, extensions that would allow a known plaintext or even a ciphertext-only attack. The basic method uses pairs of plaintexts related by a constant...
    13 KB (1,677 words) - 11:30, 9 March 2025
  • Madryga
    attack requiring only 16 chosen-plaintext pairs, and then demonstrated that it could be converted to a ciphertext-only attack using 212 ciphertexts,...
    5 KB (717 words) - 21:33, 16 March 2024
  • A5/2
    In 2003, Elad Barkan, Eli Biham and Nathan Keller presented a ciphertext-only attack based on the error correcting codes used in GSM communication. They...
    5 KB (561 words) - 22:00, 6 July 2023
  • Thumbnail for Cryptanalysis
    Cryptanalysis (redirect from Cryptanalytic attack)
    Ciphertext-only: the cryptanalyst has access only to a collection of ciphertexts or codetexts. Known-plaintext: the attacker has a set of ciphertexts...
    44 KB (5,206 words) - 14:03, 20 July 2025
  • Thumbnail for Cryptography
    Cryptography
    a ciphertext-only attack, Eve has access only to the ciphertext (good modern cryptosystems are usually effectively immune to ciphertext-only attacks)....
    101 KB (11,138 words) - 15:26, 1 August 2025
  • Attack model
    common attack models are: Ciphertext-only attack (COA) - in this type of attack it is assumed that the cryptanalyst has access only to the ciphertext, and...
    11 KB (1,437 words) - 05:55, 30 January 2024
  • Thumbnail for DES-X
    DES-X
    plaintexts and 287.5 time of analysis. Moreover the attack is easily converted into a ciphertext-only attack with the same data complexity and 295 offline time...
    4 KB (533 words) - 09:53, 31 October 2024
  • A5/1 (section Known-plaintext attacks)
    passive attacks using the known plaintext assumption. In 2003, more serious weaknesses were identified which can be exploited in the ciphertext-only scenario...
    23 KB (2,725 words) - 00:35, 9 August 2024
  • Thumbnail for Block cipher mode of operation
    Block cipher mode of operation (redirect from Ciphertext feedback mode)
    They affect only the specific bit intended. Specific bit errors in more complex modes such (e.g. CBC): adaptive chosen-ciphertext attack may intelligently...
    52 KB (5,830 words) - 02:15, 29 July 2025
  • Thumbnail for GSM
    GSM
    both algorithms: it is possible to break A5/2 in real-time with a ciphertext-only attack, and in January 2007, The Hacker's Choice started the A5/1 cracking...
    40 KB (4,609 words) - 07:26, 25 July 2025
  • COA
    RADIUS codes Children of Alcoholics/Children of Addicts Ciphertext-only attack, where an attacker only has encrypted data to use in deciphering text Collaboration-oriented...
    3 KB (457 words) - 12:32, 23 October 2024
  • Thumbnail for Dennis Ritchie
    Dennis Ritchie
    1970s, Ritchie collaborated with James Reeds and Robert Morris on a ciphertext-only attack on the M-209 US cipher machine that could solve messages of at least...
    35 KB (3,319 words) - 02:48, 2 August 2025
  • Classical cipher
    can be broken even if the attacker only knows sufficient ciphertext and hence they are susceptible to a ciphertext-only attack. Some classical ciphers (e...
    15 KB (2,528 words) - 18:09, 11 December 2024
  • Running key cipher (section Ciphertext appearing to be plaintext)
    aid cryptanalysis: for example, William F. Friedman suggested a ciphertext-only attack during WWI against most frequent letters encoded by other most frequent...
    10 KB (1,298 words) - 08:50, 11 November 2024
  • RSA cryptosystem (redirect from Branch prediction analysis attacks)
    multiplicative property, a chosen-ciphertext attack is possible. E.g., an attacker who wants to know the decryption of a ciphertext c ≡ me (mod n) may ask the...
    68 KB (8,447 words) - 02:37, 31 July 2025
  • Coppersmith's attack
    speed of decryption, see CRT-RSA. Encryption of a message M produces the ciphertext C ≡ M e ( mod N ) {\displaystyle C\equiv M^{e}{\pmod {N}}} , which can...
    8 KB (1,466 words) - 22:47, 1 May 2025
  • Padding oracle attack
    cryptography, a padding oracle attack is an attack which uses the padding validation of a cryptographic message to decrypt the ciphertext. In cryptography, variable-length...
    15 KB (1,812 words) - 16:33, 23 March 2025
  • Thumbnail for M-209
    M-209
    described a 1970s collaboration with James Reeds and Robert Morris on a ciphertext-only attack on the M-209 that could solve messages of at least 2,000–2,500 letters...
    19 KB (2,670 words) - 19:22, 2 July 2024
  • Thumbnail for Caesar cipher
    Caesar cipher
    in a ciphertext-only scenario. Since there are only a limited number of possible shifts (25 in English), an attacker can mount a brute force attack by deciphering...
    19 KB (2,076 words) - 00:10, 17 July 2025
  • Stream cipher attacks
    C(K) xor "$9500.00", is what our ciphertext would have been if $9500 were the correct amount. Bit-flipping attacks can be prevented by including message...
    7 KB (1,029 words) - 22:13, 9 July 2025
  • Semantic security
    secure cryptosystem is one where only negligible information about the plaintext can be feasibly extracted from the ciphertext. Specifically, any probabilistic...
    14 KB (1,435 words) - 10:02, 20 May 2025
  • Index of cryptography articles
    Acoustic cryptanalysis • Adaptive chosen-ciphertext attack • Adaptive chosen plaintext and chosen ciphertext attack • Advantage (cryptography) • ADFGVX cipher...
    66 KB (2,911 words) - 02:58, 27 July 2025