312-50V9 · Question #136
An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?
The correct answer is D. Chosen plain-text attack. When a file is encrypted with a public key, a chosen plaintext attack is feasible because the attacker can freely use the publicly available key to encrypt arbitrary plaintexts and compare results against the captured ciphertext.
Question
An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?
Options
- ATiming attack
- BReplay attack
- CMemory trade-off attack
- DChosen plain-text attack
How the community answered
(36 responses)- A14% (5)
- B3% (1)
- C6% (2)
- D78% (28)
Why each option
When a file is encrypted with a public key, a chosen plaintext attack is feasible because the attacker can freely use the publicly available key to encrypt arbitrary plaintexts and compare results against the captured ciphertext.
A timing attack exploits measurable differences in computation time during cryptographic operations and requires access to a live system performing decryption, not a static captured file.
A replay attack involves retransmitting previously captured authentication or session data to gain unauthorized access - it does not help decrypt an encrypted file.
A memory trade-off (time-memory trade-off) attack such as rainbow tables is used against hashed passwords or weak symmetric keys, not public key encrypted files.
In public key cryptography, the encryption key is public, so any attacker can encrypt chosen plaintexts themselves. By systematically encrypting candidate plaintexts with the target's public key and comparing the outputs to the captured ciphertext, the attacker can identify the original plaintext. This is the defining characteristic of a chosen plaintext attack and it is a known weakness when public key systems are used without proper padding schemes such as OAEP.
Concept tested: Chosen plaintext attack against public key encryption
Source: https://csrc.nist.gov/glossary/term/chosen_plaintext_attack
Topics
Community Discussion
No community discussion yet for this question.