CISSP · Question #42
The birthday attack is MOST effective against which one of the following cipher technologies?
The correct answer is C. Cryptographic hash. The birthday attack exploits the mathematical probability that two inputs will produce the same hash output (a collision), making cryptographic hash functions its primary target.
Question
Options
- AChaining block encryption
- BAsymmetric cryptography
- CCryptographic hash
- DStreaming cryptography
How the community answered
(59 responses)- A7% (4)
- B2% (1)
- C86% (51)
- D5% (3)
Why each option
The birthday attack exploits the mathematical probability that two inputs will produce the same hash output (a collision), making cryptographic hash functions its primary target.
Block cipher chaining modes (like CBC) are vulnerable to padding oracle and IV-reuse attacks, not birthday attacks, because their security depends on key secrecy and proper initialization rather than collision resistance.
Asymmetric cryptography is primarily threatened by attacks targeting the mathematical hardness of factoring large primes or discrete logarithm problems, not collision-finding as exploited by birthday attacks.
The birthday attack is specifically designed to find collisions in cryptographic hash functions by leveraging the birthday paradox - the statistical likelihood that in a set of randomly chosen inputs, two will share the same hash output is higher than intuition suggests. Because hash functions are supposed to produce unique digests for unique inputs, finding a collision undermines integrity verification, digital signatures, and authentication. This attack is most dangerous against weaker hash algorithms like MD5 and SHA-1, where the output space is small enough to make collision searches computationally feasible.
Stream ciphers are vulnerable to key reuse and known-plaintext attacks because they XOR a keystream with plaintext, a fundamentally different structure that is not susceptible to collision-based birthday attack methodology.
Concept tested: Birthday attack vulnerability against cryptographic hash functions
Source: https://learn.microsoft.com/en-us/azure/security/fundamentals/encryption-overview
Topics
Community Discussion
No community discussion yet for this question.