Discover published sets by community

An attack that analyzes the time taken to execute cryptographic algorithms and determine information about the keys used. Defended against by using constant-time algorithms and avoiding timing variability.

An attack forcing a system to abandon a high-quality security mode in favor of a low-quality one. Defended against by not supporting outdated protocols and implementing proper version checking.

A concept in cryptography stating that a system should be secure even if everything about the system except the key is public knowledge. Systems following this principle are defended against by ensuring key secrecy.

Occurs when an attacker intercepts communication between two parties, impersonating them to gain access to information. Defended against by using mutual authentication and encryption protocols like TLS.

A method of attacking symmetric key ciphers using a linear approximation to describe the behavior of the block cipher. Defended against by constructing ciphers that have provable resistance to linear approximations.

An attacker induces faults in a cryptographic device and analyzes the faulty outputs to infer secrets like encryption keys. Defended against by using error detection/correction mechanics and secure hardware design.

An attack that reduces the complexity of brute forcing a double encryption by half, using a time-memory trade-off. Defended against by using triple encryption or increasing key sizes.

An attack where a valid data transmission is maliciously or fraudulently repeated or delayed. Defended against by using timestamps and sequence numbers to make each session unique.

Occurs when an attacker manipulates a cryptographic primitive (like a decryption oracle) to reveal additional information about the encrypted data. Defended against by preventing oracle access and reducing information leakage.

An attack that attempts to crack encryption by trying every possible key until the correct one is found. Defended against by using longer key lengths to increase the number of potential keys.

An attack model where the attacker can choose ciphertexts to decrypt and has access to the corresponding decrypted plaintexts. Defended against by designing algorithms to be CCA secure and using proper padding schemes.

A type of encryption using pairs of keys: one public key for encryption and one private key for decryption. Defended against by ensuring the private key remains secret and using strong, mathematically hard problems like factoring large numbers or computing discrete logarithms.

This type of attack focuses on tampering with the data integrity rather than directly uncovering the encryption key. Defended against by using cryptographic hash functions and digital signatures to detect unauthorized changes.

A tongue-in-cheek term for extracting cryptographic secrets (such as encryption keys) through coercion or torture. Defended against by implementing coercion-resistant protocols or plausible deniability features like hidden volumes.

An attempt to find two distinct inputs that hash to the same output in a hash function. Defended against by using cryptographic hash functions resistant to collisions.

This is a chosen plaintext attack that examines the differences in the output that result from differences in the input. Defended against by designing cryptographic algorithms resistant to this form of analysis.

Attempts to break a password by systematically entering each word in a pre-arranged list of likely passwords. Defended against by implementing account lockouts and using complex passwords beyond simple dictionary words.

This attack aims to find an input that hashes to a specific output, defeating the one-way property of hash functions. Defended against by using hash functions with a large enough output to make preimage attacks impractical.

This attack uses precomputed tables of hash chains to reverse cryptographic hash functions. Defended against by using salted hashes, which require attackers to compute a new table for each salt.

A defensive property of an encryption system that ensures even if the private keys are compromised, past session keys cannot be retrieved and past communications remain secure. Achieved through key-agreement protocols like Diffie-Hellman.

A statistical phenomenon that makes finding collisions (two distinct inputs that produce the same hash output) easier than brute force. Defended against by using hash functions with a larger output space.

A type of side-channel attack based on monitoring power consumption while a device processes cryptographic operations. Defended against by using power analysis resistant algorithms and carefully designing cryptographic hardware.

A mathematical algorithm that converts an arbitrary amount of data into a fixed-size bit string. Defended against collisions and preimages by ensuring the hash function properties: fast computation, preimage resistance, second preimage resistance, and collision resistance.

A form of social engineering where attackers trick individuals into providing sensitive information. Defended against through user education and security-awareness training.

An attack based on information gained from the physical implementation rather than weaknesses in the implemented algorithm. Defended against by employing timing attack resistant algorithms and reducing information leakage.

A method whereby two or more parties can establish shared secrets over a public channel. Defended against eavesdropping by using protocols ensuring the secrecy of key establishment, such as Diffie-Hellman.

An attack where the cryptanalyst has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. Defended against by implementing algorithms secure against adaptive chosen plaintext attacks.

An attack where the attacker has access to both the plaintext and its corresponding encrypted ciphertext and aims to find the key. Defended against by using encryption algorithms that do not reveal key information even with some known data.