Free Preparation Discussions
MENU
ISC2 Exam ISSAP Topic 1 Question 56 Discussion
Topic #: 1
In which of the following cryptographic attacking techniques does the attacker pick up the information to be encrypted and take a copy of it with the encrypted data?
This is used to find patterns in the cryptographic output that might uncover vulnerability or reveal a cryptographic key.
Answer option D is incorrect. In a ciphertext only attack, the attacker obtains encrypted messages that have been encrypted using the same
encryption algorithm. For example, the original version of WEP used RC4, and if sniffed long enough, the repetitions would allow a hacker to
extract the WEP key. Such types of attacks do not require the attacker to have the plaintext because the statistical analysis of the sniffed log
is enough.
Answer option A is incorrect. In a chosen ciphertext attack, the attacker can choose the ciphertext to be decrypted and can then analyze the
plaintext output of the event. The early versions of RSA used in SSL were actually vulnerable to this attack.
Answer option B is incorrect. In a known plaintext attack, the attacker should have both the plaintext and ciphertext of one or more
messages. These two items are used to extract the cryptographic key and recover the encrypted text.
Currently there are no comments in this discussion, be the first to comment!