Jump to content

Key-recovery attack

From Wikipedia, the free encyclopedia

A key-recovery attack is an adversary's attempt to recover the cryptographic key of an encryption scheme. Normally this means that the attacker has a pair, or more than one pair, of plaintext message and the corresponding ciphertext.[1]: 52  Historically, cryptanalysis of block ciphers has focused on key-recovery, but security against these sorts of attacks is a very weak guarantee since it may not be necessary to recover the key to obtain partial information about the message or decrypt message entirely.[1]: 52  Modern cryptography uses more robust notions of security. Recently, indistinguishability under adaptive chosen-ciphertext attack (IND-CCA2 security) has become the "golden standard" of security.[2]: 566  The most obvious key-recovery attack is the exhaustive key-search attack. But modern ciphers often have a key space of size or greater, making such attacks infeasible with current technology.

KR advantage

[edit]

In cryptography, the key-recovery advantage (KR advantage) of a particular algorithm is a measure of how effective an algorithm can mount a key-recovery attack. Consequently, the maximum key-recovery advantage attainable by any algorithm with a fixed amount of computational resources is a measure of how difficult it is to recover a cipher's key. It is defined as the probability that the adversary algorithm can guess a cipher's randomly selected key, given a fixed amount of computational resources.[3] An extremely low KR advantage is essential for an encryption scheme's security.

References

[edit]
  1. ^ a b Goldwasser, S. and Bellare, M. "Lecture Notes on Cryptography" Archived 2012-04-21 at the Wayback Machine. Summer course on cryptography, MIT, 1996-2001
  2. ^ Boneh, Dan. Advances in Cryptology – Crypto 2003 : 23rd Annual International Cryptology Conference, Santa Barbara, California, Usa, August 17–21, 2003, Proceedings. Berlin: Springer, 2003.
  3. ^ Goldwasser, S. and Bellare, M. "Lecture Notes on Cryptography" Archived 2012-04-21 at the Wayback Machine. Summer course on cryptography, MIT, 1996-2001
[edit]


pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy