Key-recovery_attack Knowpia

A key-recovery attack is an adversary's attempt to recover the cryptographic key of an encryption scheme. Normally this means that the attacker has a pair, or more than one pair, of plaintext message and the corresponding ciphertext.^[1]^: 52 Historically, cryptanalysis of block ciphers has focused on key-recovery, but security against these sorts of attacks is a very weak guarantee since it may not be necessary to recover the key to obtain partial information about the message or decrypt message entirely.^[1]^: 52 Modern cryptography uses more robust notions of security. Recently, indistinguishability under adaptive chosen-ciphertext attack (IND-CCA2 security) has become the "golden standard" of security.^[2]^: 566 The most obvious key-recovery attack is the exhaustive key-search attack. But modern ciphers often have a key space of size $2^{128}$ or greater, making such attacks infeasible with current technology.

KR advantage edit

In cryptography, the key-recovery advantage (KR advantage) of a particular algorithm is a measure of how effective an algorithm can mount a key-recovery attack. Consequently, the maximum key-recovery advantage attainable by any algorithm with a fixed amount of computational resources is a measure of how difficult it is to recover a cipher's key. It is defined as the probability that the adversary algorithm can guess a cipher's randomly selected key, given a fixed amount of computational resources.^[3] An extremely low KR advantage is essential for an encryption scheme's security.

References edit

^ ^a ^b Goldwasser, S. and Bellare, M. "Lecture Notes on Cryptography" Archived 2012-04-21 at the Wayback Machine. Summer course on cryptography, MIT, 1996-2001
^ Boneh, Dan. Advances in Cryptology – Crypto 2003 : 23rd Annual International Cryptology Conference, Santa Barbara, California, Usa, August 17–21, 2003, Proceedings. Berlin: Springer, 2003.
^ Goldwasser, S. and Bellare, M. "Lecture Notes on Cryptography" Archived 2012-04-21 at the Wayback Machine. Summer course on cryptography, MIT, 1996-2001

External links edit

cseweb.ucsd.edu paper MIT Lecture Notes on Cryptography Archived 2012-04-21 at the Wayback Machine

[GoldwasserBellare-1] Goldwasser, S. and Bellare, M. "Lecture Notes on Cryptography" Archived 2012-04-21 at the Wayback Machine. Summer course on cryptography, MIT, 1996-2001

[2] Boneh, Dan. Advances in Cryptology – Crypto 2003 : 23rd Annual International Cryptology Conference, Santa Barbara, California, Usa, August 17–21, 2003, Proceedings. Berlin: Springer, 2003.

[3] Goldwasser, S. and Bellare, M. "Lecture Notes on Cryptography" Archived 2012-04-21 at the Wayback Machine. Summer course on cryptography, MIT, 1996-2001

[1]

[2]

[3]

Summary

KR advantage edit

References edit

External links edit