Cryptanalytic Attacks
Unlock the complete study guide + 1,040 practice questions across 16 full exams.
Bundled into the existing Certified Information Systems Security Professional premium course — no separate purchase.
Included in this chapter:
- How cryptanalytic attacks are classified
- Analytic attacks: brute force, frequency, birthday, meet-in-the-middle
- Implementation attacks: side-channel and fault injection
- Protocol, credential, and ransomware attacks
- Exam-pattern recognition
Cryptanalytic attack families and their defense
| Attack | What the attacker has / does | What it targets | Primary defense |
|---|---|---|---|
| Brute force | Tries every key | Key space | Adequate key length; rate limiting |
| Ciphertext-only | Only encrypted output | Cipher weakness | Strong standardized cipher |
| Known-plaintext | Some plaintext-ciphertext pairs | Cipher weakness | Cipher resistant to known plaintext |
| Chosen-plaintext / chosen-ciphertext | Encrypts or decrypts chosen inputs | Cipher / oracle | CCA-secure scheme; authenticated encryption |
| Frequency analysis | Letter/pattern statistics | Substitution ciphers | Modern block/stream ciphers |
| Birthday / collision | Finds two inputs with same hash | Hash output length | Long-output collision-resistant hash |
| Side-channel (timing/power/EM/cache) | Measures physical leakage | Implementation | Constant-time code; masking/blinding |
| Fault injection | Induces computation errors | Implementation | Error detection; tamper response |
| MITM | Relays and alters traffic | Key exchange / channel | Mutual auth; certificate validation |
| Pass-the-hash / Kerberos exploitation | Reuses captured hash or ticket | Credential reuse | Credential hygiene; ticket protection; monitoring |
| Replay | Resends captured messages | Protocol freshness | Nonces, timestamps, sequence numbers |
| Ransomware | Encrypts victim data, demands ransom | Availability | Tested offline/immutable backups; segmentation |
Cheat sheet
Unlock with Premium — includes all practice exams and the complete study guide.
References
- NIST SP 800-107 Rev. 1: Recommendation for Applications Using Approved Hash Algorithms Whitepaper
- NIST Glossary: Collision Resistance
- NIST Glossary: Side-Channel Attack
- NIST Cryptographic Module Validation Program (CMVP / FIPS 140)
- NIST Glossary: Man-in-the-Middle Attack
- NIST Glossary: Replay Attack
- Microsoft: Implementing Least-Privilege Administrative Models (pass-the-hash)
- Microsoft Defender for Identity: Security Alerts (Kerberos golden ticket, Kerberoasting)