The ciphertext-only attack scenario assumes that the attacker has only passive capability to listen to the encrypted communication. The attacker thus only knows ciphertexts \(C_i, i=1,\ldots, N\), but not the corresponding plaintexts. He may however rely on certain redundancy assumptions about the plaintexts, for example that the plaintext is ASCII encoded English text. This scenario is the weakest in terms of capabilities of the attacker and thus it is the most practical in real life applications. In certain cases conversion of a known plaintext attack [2] or even chosen plaintext attack [1] into a ciphertext-only attack is possible.
This is a preview of subscription content, log in via an institution to check access.
References
Biryukov, A. and E. Kushilevitz (1998). “From differential cryptanalysis to ciphertext-only attacks.” Advances in Cryptology—CRYPTO'98, Lecture Notes in Computer Science, vol. 1462, ed. H. Krawczyk. Springer-Verlag, Berlin, 72–88.
Matsui, M. (1993). “Linear cryptanalysis method for DES cipher.” Advances in Cryptology—EUROCRYPT'93, Lecture Notes in Computer Science, vol. 765, ed. T. Helleseth. Springer-Verlag, Berlin, 386–397.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 International Federation for Information Processing
About this entry
Cite this entry
Biryukov, A. (2005). Ciphertext-Only Attack. In: van Tilborg, H.C.A. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA . https://doi.org/10.1007/0-387-23483-7_62
Download citation
DOI: https://doi.org/10.1007/0-387-23483-7_62
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-23473-1
Online ISBN: 978-0-387-23483-0
eBook Packages: Computer ScienceReference Module Computer Science and Engineering