Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I\'ve read several articles about brute force cryptanalytic attacks, but none ex

ID: 648141 • Letter: I

Question

I've read several articles about brute force cryptanalytic attacks, but none explicitly say what algorithm is being run for each attempt, nor what criteria is used to declare an attempt a success or a failure. If one is to try every possible every possible key value, what is one feeding those keys into? A brute force attack on a block of ciphertext implies that the cryptanalyst treats the cipher as a black box. Does the cryptanalyst have the block box and are they able to drive the black box?

Say, for example, that someone uses a GUI application that takes a file and a password as input and produces an encrypted file as output. The intended use would be for the receiver to use the encrypted file and the password to get the cleartext file as output. Is this same GUI application somehow driven by the cryptanalyst's brute force application to try every possible password? Most GUI programs are not fast enough to run billions of times in a reasonable period. Add to that the fact that most encryption is compute-intensive and can be made slower to prevent such an attack

Explanation / Answer

Apparently, you are mixing two different things. Cryptography and applications that use cryptography.

In cryptography, brute-force attacks use the strategy of testing all possible values of a certain domain looking for a match. For example, if you are interested in applying a brute-force attack on the key space of a certain cipher, you must enumerate all possible keys and test its pertinence with some low-cost testing algorithm. In general, it is expected that both testing algorithm and targeted domain are made public. This comes from the fact that the security of a cryptosystem should never rely on the ignorance of the adversary with respect to the employed cryptographic algorithm. This would be an extremely naive and fragile approach.

Regarding, your application (with or w/out an interface...), to attack it using brute-force, you would need either having the encryption application or knowing which algorithm (and how it is implemented) in order to reconstruct such encryption application. In general, this should not be considered a hard task.

Related Questions

I\'ve looked into many open source software repositories, and I\'ve found some c
Question #660092
I\'ve looked it up in plenty of places like the Wikipedia page and such, and it
Question #38900
I\'ve looked through about 20 different explanations, from the most basic to the
Question #1391664
I\'ve looked through all the other similar questions, but I don\'t feel like I u
Question #649695
I\'ve looked up similar problems and the code has been wrong in 4/5 of the answe
Question #3603314
I\'ve looked up similar problems and the code has been wrong in 4/5 of the answe
Question #3603422
I\'ve looked up solutions on here to similar problems and tried plugging in my n
Question #2288495
I\'ve made a .cpp file earlier that ask the user to input an amount and then out
Question #3630393
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
I\'ve read multiple descriptions of biological/circadian clocks and they all men
Next
I\'ve read some posts here and other places about how a lot of people don\'t put

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.