The known-plaintext attack (KPA) is an attack model for cryptanalysis where the attacker has access to both the plaintext (called a crib) and its encrypted...

chosen-plaintext attack (CPA) is an attack model for cryptanalysis which presumes that the attacker can obtain the ciphertexts for arbitrary plaintexts. The...

While the attacker has no channel providing access to the plaintext prior to encryption, in all practical ciphertext-only attacks, the attacker still has...

recalculated. This allows for possible known-plaintext attacks when combined with knowledge of the underlying plaintext structure. As the first three bytes...

vulnerable to a known-plaintext attack. The slide attack is closely related to the related-key attack. The idea of the slide attack has roots in a paper...

The meet-in-the-middle attack (MITM), a known-plaintext attack, is a generic space–time tradeoff cryptographic attack against encryption schemes that rely...

can also include known plaintext attacks where both the plaintext and its corresponding ciphertext are known. While active attackers can interact with...

In a cryptographic attack a third party cryptanalyst analyzes the ciphertext to try to "break" the cipher, to read the plaintext and obtain the key so...

minutes or seconds. Originally, the weaknesses were passive attacks using the known plaintext assumption. In 2003, more serious weaknesses were identified...

dialled digit), there is a known-plaintext attack using 40 to 80 known plaintexts. For 2-byte blocks, 4 known plaintexts suffice. The "improved" CMEA...

becoming "plaintext" input for the next. Insecure handling of plaintext can introduce weaknesses into a cryptosystem by letting an attacker bypass the...

known-plaintext attack based on the non-uniform distribution of the outputs of pairs of adjacent S-boxes. It works by collecting many known plaintext/ciphertext...

especially when the attempted crack depends on successfully seeding a known-plaintext attack, which often requires an inspired guess based on how specific the...

plaintexts that give equal intermediate values in the encryption process. He presented both a chosen-plaintext attack and a known-plaintext attack; each...

"Sincerely". Today, this kind of vulnerability is referred to as a known-plaintext attack. At Bletchley Park, the Allies' codebreakers referred to these predictable...

000 was offered for the best attack on one round of REDOC-II, and $20,000 for the best practical known-plaintext attack. REDOC III is a more efficient...

Correlation attacks are a class of cryptographic known-plaintext attacks for breaking stream ciphers whose keystreams are generated by combining the output...

variable-length plaintext messages often have to be padded (expanded) to be compatible with the underlying cryptographic primitive. The attack relies on having...

cryptanalysis, gardening is the act of encouraging a target to use known plaintext in an encrypted message, typically by performing some action the target...

describes an attack requiring 100–10000 chosen plaintexts, and Sean Murphy (1990) found an improvement that needs only 20 chosen plaintexts. Murphy and...

key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (keystream). In a stream cipher, each plaintext digit is encrypted...

Unfortunately, this approach is vulnerable to the meet-in-the-middle attack: given a known plaintext pair ( x , y ) {\displaystyle (x,y)} , such that y = E K 2...

manner. If an attacker somehow obtains one plaintext corresponding to one ciphertext—a known-plaintext attack, or worse, a chosen plaintext or chosen-ciphertext...

XOR operator in any of these ciphers is vulnerable to a known-plaintext attack, since plaintext ⊕ {\displaystyle \oplus } ciphertext = key. It is also...

cryptography, a substitution cipher is a method of encrypting in which units of plaintext are replaced with the ciphertext, in a defined manner, with the help of...

port 587 was assigned as the SMTP submission port, but was initially in plaintext, with encryption eventually provided years later by the STARTTLS extension...

Systems Laboratory. Matsui, M. & Yamagishi, A. "A new method for known plaintext attack of FEAL cipher". Advances in Cryptology – EUROCRYPT 1992. Wu, Shengbao;...

Meddler-in-the-Middle (MitM) attacker removes the STARTTLS capability from the server response, they can easily downgrade the connection to plaintext. "Manipulator-in-the-middle...

store password validation data for authentication. Rather than store the plaintext of user passwords, an access control system stores a hash of the password...

an attacker knows the IV (or the previous block of ciphertext) before the next plaintext is specified, they can check their guess about plaintext of some...