SecurityDatabase\Encrypt\Encryption Brute Forcing |

Attack Pattern ID: 20 (Standard Attack Pattern Completeness: Complete) | Typical Severity: Low | Status: Draft |

SecurityDatabase\Encrypt\Encryption Brute Forcing |

Attack Pattern ID: 20 (Standard Attack Pattern Completeness: Complete) | Typical Severity: Low | Status: Draft |

Summary

An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext.

Attack Execution Flow

Determine the ciphertext and the encryption algorithm.

Perform an exhaustive brute force search of the keyspace, producing candidate plaintexts and observing if they make sense.

Ciphertext is known.

SecurityDatabase\Encrypt\Encryption algorithm and key size are known.

Description

In 1997 the original DES challenge used distributed net computing to brute force the encryption key and decrypt the ciphertext to obtain the original plaintext. Each machine was given its own section of the keyspace to cover. The ciphertext was decrypted in 96 days.

**Skill or Knowledge Level: ** Low

Brute forcing encryption does not require much skill.

A powerful enough computer for the job with sufficient CPU, RAM and HD. Exact requirements will depend on the size of the brute force job and the time requirement for completion. Some brute forcing jobs may require grid or distributed computing (e.g. DES Challenge).

On average, for a binary key of size N, 2^(N/2) trials will be needed to find the key that would decrypt the ciphertext to obtain the original plaintext.

Obviously as N gets large the brute force approach becomes infeasible.

Use commonly accepted algorithms and recommended key sizes. The key size used will depend on how important it is to keep the data confidential and for how long.

In theory a brute force attack performing an exhausitve keyspace search will always succeed, so the goal is to have computational security. Moore's law needs to be taken into account that suggests that computing resources double every eighteen months.

Nature | Type | ID | Name | Description | View(s) this relationship pertains to |
---|---|---|---|---|---|

ChildOf | Attack Pattern | 112 | Brute Force | Mechanism of Attack (primary)1000 | |

ParentOf | Attack Pattern | 97 | Cryptanalysis | Mechanism of Attack1000 |

Submissions | ||||
---|---|---|---|---|

Submitter | Organization | Date | ||

Eugene Lebanidze | Cigital, Inc | 2007-02-26 |

Modifications | |||||
---|---|---|---|---|---|

Modifier | Organization | Date | Comments | ||

Sean Barnum | Cigital, Inc | 2007-03-01 | Review and revision of content | ||

Richard Struse | VOXEM, Inc | 2007-03-26 | Review and feedback leading to changes in Description, Resources Required and Context Description | ||

Sean Barnum | Cigital, Inc | 2007-04-13 | Modified pattern content according to review and feedback |

**Security-Database** help your corporation foresee and avoid any security risks that may impact your IT infrastructure and business applications.

28 June 2016