nerdexam
EC-Council

312-50V9 · Question #136

An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?

The correct answer is D. Chosen plain-text attack. When a file is encrypted with a public key, a chosen plaintext attack is feasible because the attacker can freely use the publicly available key to encrypt arbitrary plaintexts and compare results against the captured ciphertext.

Cryptography

Question

An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?

Options

  • ATiming attack
  • BReplay attack
  • CMemory trade-off attack
  • DChosen plain-text attack

How the community answered

(36 responses)
  • A
    14% (5)
  • B
    3% (1)
  • C
    6% (2)
  • D
    78% (28)

Why each option

When a file is encrypted with a public key, a chosen plaintext attack is feasible because the attacker can freely use the publicly available key to encrypt arbitrary plaintexts and compare results against the captured ciphertext.

ATiming attack

A timing attack exploits measurable differences in computation time during cryptographic operations and requires access to a live system performing decryption, not a static captured file.

BReplay attack

A replay attack involves retransmitting previously captured authentication or session data to gain unauthorized access - it does not help decrypt an encrypted file.

CMemory trade-off attack

A memory trade-off (time-memory trade-off) attack such as rainbow tables is used against hashed passwords or weak symmetric keys, not public key encrypted files.

DChosen plain-text attackCorrect

In public key cryptography, the encryption key is public, so any attacker can encrypt chosen plaintexts themselves. By systematically encrypting candidate plaintexts with the target's public key and comparing the outputs to the captured ciphertext, the attacker can identify the original plaintext. This is the defining characteristic of a chosen plaintext attack and it is a known weakness when public key systems are used without proper padding schemes such as OAEP.

Concept tested: Chosen plaintext attack against public key encryption

Source: https://csrc.nist.gov/glossary/term/chosen_plaintext_attack

Topics

#chosen plaintext attack#public key cryptography#cryptanalysis#asymmetric encryption

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice