nerdexam
EC-Council

312-50V11 · Question #776

What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a sin

The correct answer is B. Meet-in-the-middle attack. The meet-in-the-middle attack demonstrates that double DES (2DES) provides negligible security improvement over single DES by attacking the intermediate encryption value from both ends.

Cryptography

Question

What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?

Options

  • AMan-in-the-middle attack
  • BMeet-in-the-middle attack
  • CReplay attack
  • DTraffic analysis attack

How the community answered

(35 responses)
  • A
    6% (2)
  • B
    71% (25)
  • C
    17% (6)
  • D
    6% (2)

Why each option

The meet-in-the-middle attack demonstrates that double DES (2DES) provides negligible security improvement over single DES by attacking the intermediate encryption value from both ends.

AMan-in-the-middle attack

A man-in-the-middle attack is a network interception attack where an attacker positions themselves between two communicating parties, not a cryptanalytic technique applied to symmetric key exhaustion.

BMeet-in-the-middle attackCorrect

The meet-in-the-middle attack works by encrypting all plaintexts with every possible first key to build a table of intermediate values, then decrypting the ciphertext with every possible second key and comparing results for matches. This reduces the effective key search space from 2^112 to approximately 2^57, making 2DES nearly as weak as single DES. It is a known-plaintext attack because the attacker must possess at least one plaintext-ciphertext pair to execute it.

CReplay attack

A replay attack involves capturing a legitimate transmission and retransmitting it to gain unauthorized access, which is unrelated to symmetric cipher key space analysis.

DTraffic analysis attack

Traffic analysis is a passive attack focused on inferring information from communication patterns and metadata, not on breaking symmetric encryption keys through plaintext-ciphertext pairs.

Concept tested: Meet-in-the-middle attack against double DES

Source: https://csrc.nist.gov/glossary/term/meet_in_the_middle_attack

Topics

#meet-in-the-middle attack#DES#double DES#cryptanalysis

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice