Passive attack: Difference between revisions

Browse history interactively

← Previous edit Next edit →

Content deleted Content added

VisualWikitext

Inline

Revision as of 21:59, 14 April 2021

A passive attack on a

known plaintext attacks where both the plaintext

and its corresponding ciphertext are known.

While most classical ciphers are vulnerable to this form of attack, most modern ciphers are designed to prevent this type of attack above all others.

Attributes

Traffic Analysis

Non-evasive eavesdropping and monitoring of transmissions
Because data unaffected, tricky to detect
Emphasis on prevention (encryption) not detection
Sometimes referred to as “tapping”

The main types of passive attacks are traffic analysis and release of message contents.

During a traffic analysis attack, the eavesdropper analyzes the traffic, determines the location, identifies communicating hosts and observes the frequency and length of exchanged messages. He uses all this information to predict the nature of communication. All incoming and outgoing traffic of the network is analyzed, but not altered.

For a release of message content, a telephonic conversation, an E-mail message or a transferred file may contain confidential data. A passive attack monitors the contents of the transmitted data.

Passive attacks are very difficult to detect because they do not involve any alteration of the data. When the messages are exchanged neither the sender nor the receiver is aware that a third party may capture the messages. This can be prevented by encryption of data.

@@ Line 5: / Line 5: @@
 {{Unreferenced|date=December 2006}}
-A '''passive attack''' on a [[cryptosystem]] is one in which the cryptanalyst cannot interact with any of the parties involved, attempting to break the system solely based upon observed data (i.e. the [[ciphertext]]). This can also include [[known plaintext attack]]s where both the [[plaintext]] and its corresponding ciphertext are known.
+A '''passive attack''' on a [[cryptosystem]] is one in which the cryptanalyst cannot interact with any of the parties involved, attempting to break the system solely based upon observed data (i.e. the [[ciphertext]]).<ref name="geeks"/><ref name="book1"/> This can also include [[known plaintext attack]]s where both the [[plaintext]] and its corresponding ciphertext are known.
 While most classical ciphers are vulnerable to this form of attack, most modern ciphers are designed to prevent this type of attack above all others.
@@ Line 24: / Line 24: @@
 Passive attacks are very difficult to detect because they do not involve any alteration of the data. When the messages are exchanged neither the sender nor the receiver is aware that a third party may capture the messages. This can be prevented by encryption of data.
-==Further reading==
-*[http://vig.prenhall.com/catalog/academic/product/0,1144,0131873164,00.html Cryptography and Network Security] By [[William Stallings]]
 ==See also==
@@ Line 33: / Line 31: @@
 *[[Adaptive chosen ciphertext attack]]
 *[[Topics in cryptography]]
+==References==
+<references>
+<ref name="geeks">https://www.geeksforgeeks.org/active-and-passive-attacks-in-information-security/</ref>
+<ref name="book1">http://vig.prenhall.com/catalog/academic/product/0,1144,0131873164,00.html</ref>
+</references>
+==Further reading==
+*[http://vig.prenhall.com/catalog/academic/product/0,1144,0131873164,00.html Cryptography and Network Security] By [[William Stallings]]
 [[Category:Cryptographic attacks]]