# Notes - Computer Security MT24, Cryptographic attack models

> Source: https://ollybritton.com/notes/uni/part-b/mt24/computer-security/notes/cryptographic-attack-models/ · Updated: 2024-12-19 · Tags: uni, notes

- [Course - Computer Security MT24](https://ollybritton.com/notes/uni/part-b/mt24/computer-security/)
	- [Notes - Computer Security MT24, Symmetric key ciphers](https://ollybritton.com/notes/uni/part-b/mt24/computer-security/notes/symmetric-key-ciphers/)

### Flashcards
@Define Kerckhoff's Principle.::

You must assume that the attacker knows the encryption and decryption functions. (i.e. there should be no security through obscurity, a cipher which relies on the secrecy of its operation is not secure).

@Define a ciphertext only attack (COA).::

An attack on a cipher where the enemy only has access to a number of ciphertexts (but maybe can use the recognisable plaintext assumption).

@Define the recognisable plaintext assumption in COA.::

In a COA, the attacker only has access to a number of ciphertexts and no corresponding messages. But they might know something about the possible messages, such as:

- The messages consist of English words encoded in ASCII
- The message contains an email, which has recognisable headers
- ...

@Define a known plaintext attack (KPA).::

An attack on a cipher where the enemy has access to a limited number of plaintext-ciphertext pairs.

@Define a chosen plaintext attack (CPA), describing the two possible variants.::

An attack on a cipher where the enemy is able find out the encryption of any plaintext they want, *limited by their computation power (so can't e.g. encrypt every possible plaintext)*. Variants:

- Plain version: They have to decide on the plaintexts they want encrypted all at once.
- Adaptive version: The attacker is able to use the results of previous encryptions to choose future plaintexts to encrypt.

@Define a chosen ciphertext attack (CCA), describing the two possible variants.::

An attack on a cipher where the enemy is able to decrypt any ciphertext they want, as long as it is not the ciphertext they are trying to break. Variants:

- Plain version: They have to decide on the ciphertexts they want decrypted all at once.
- Adaptive version: The attacker is able to use the results of previous decryptions to choose future ciphertexts to decrypt.

There are several attack models in cryptography:

- COAs, Ciphertext only attacks
- KPAs, Known plaintext attacks
- CPAs, Chosen plaintext attacks
- CCAs, Chosen ciphertext attacks

What is the minimum requirement for a symmetric key cipher to be considered secure?::

It is secure against at least the CPA.

What is an exhaustion attack?::

Where an enemy tries all possible keys.

---
Olly Britton — https://ollybritton.com. Machine-readable index: https://ollybritton.com/llms.txt