HOME

TheInfoList



Click Here for Items Related To - Bit-flipping Attack
OR:
Bit-flipping Attack on:   [Wikipedia]   [Google]   [Amazon]

A bit-flipping attack is an attack on a
cryptographic Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or '' -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adve ...
cipher In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. An alternative, less common term is ''encipherment''. To encipher or encode i ...
in which the
attacker In some team sports, an attacker is a specific type of player, usually involved in aggressive play. Heavy attackers are, usually, placed up front: their goal is to score the most possible points for the team. In association football, attackers a ...
can change the
ciphertext In cryptography, ciphertext or cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Ciphertext is also known as encrypted or encoded information because it contains a form of the original plaintext ...
in such a way as to result in a predictable change of the
plaintext In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms. This usually refers to data that is transmitted or stored unencrypted. Overview With the advent of comp ...
, although the attacker is not able to learn the plaintext itself. Note that this type of attack is not—directly—against the cipher itself (as
cryptanalysis Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic sec ...
of it would be), but against a particular message or series of messages. In the extreme, this could become a
Denial of service attack In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connect ...
against all messages on a particular channel using that cipher. The attack is especially dangerous when the attacker knows the format of the message. In such a situation, the attacker can turn it into a similar message but one in which some important information is altered. For example, a change in the destination address might alter the message route in a way that will force re-encryption with a weaker cipher, thus possibly making it easier for an attacker to decipher the message. When applied to
digital signature A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created b ...
s, the attacker might be able to change a
promissory note A promissory note, sometimes referred to as a note payable, is a legal instrument (more particularly, a financing instrument and a debt instrument), in which one party (the ''maker'' or ''issuer'') promises in writing to pay a determinate sum of ...
stating "I owe you $10.00" into one stating "I owe you $10,000".
Stream cipher stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (keystream). In a stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystream ...
s, such as
RC4 In cryptography, RC4 (Rivest Cipher 4, also known as ARC4 or ARCFOUR, meaning Alleged RC4, see below) is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, ren ...
, are vulnerable to a bit-flipping attack, as are some
block cipher In cryptography, a block cipher is a deterministic algorithm operating on fixed-length groups of bits, called ''blocks''. Block ciphers are specified cryptographic primitive, elementary components in the design of many cryptographic protocols and ...
modes of operation. ''See''
stream cipher attack Stream ciphers, where plaintext bits are combined with a cipher bit stream by an exclusive-or operation ( xor), can be very secure if used properly. However, they are vulnerable to attacks if certain precautions are not followed: *keys must neve ...
. A keyed
message authentication code In cryptography, a message authentication code (MAC), sometimes known as a ''tag'', is a short piece of information used for authenticating a message. In other words, to confirm that the message came from the stated sender (its authenticity) and ...
,
digital signature A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created b ...
, or other authentication mechanism allows the recipient to detect if any bits were flipped in transit.


References


External links


Wireless LAN Security White Paper
{{DEFAULTSORT:Bit-Flipping Attack Cryptographic attacks