What does Chosen-Ciphertext-Attack mean ?
The Chosen-Ciphertext-Attacke is a method of cryptanalysis. The aim is to obtain the key of an encrypted connection or single file. The attacker must be in possession of an encoded data set (Chosen Ciphertext) and the corresponding plaintext. With this knowledge, he can try keys for decoding until he obtains the correct plaintext.
What are the requirements for the Chosen-Ciphertext-Attacke?
- Powerful hardware
- Known, standardized encryption method
- Vulnerability of the method used
Tips for protection!
- Complex passwords prolong attacks exponentially by the factor of available characters
- Passwords that are as random as possible make dictionary attacks more difficult
- Update software for all devices with network access
- Establish emergency rules in case of unexplained software error messages (e.g. obligation to inform the administrator)
How does the attacker get the plaintext?
- Physical access through intrusion or negligence/loss
- Recording of network traffic and comparison with known artifacts
- Social engineering (e.g. by faking error messages)
Where is the “threat” of danger?
Asymmetric encryption methods are primarily vulnerable, since the public key must be known here and the attacker can thus encrypt known plaintext. These methods are primarily used where the key must first be exchanged or for digital signatures. Furthermore, obsolete procedures, such as SSL2, can be attacked in this way.
Do you have any more questions?