Practical Attacks
Adaptive-chosen-ciphertext attacks were largely considered to be a theoretical concern until 1998, when Daniel Bleichenbacher of Bell Laboratories demonstrated a practical attack against systems using RSA encryption in concert with the PKCS#1 v1 encoding function, including a version of the Secure Socket Layer (SSL) protocol used by thousands of web servers at the time.
The Bleichenbacher attacks, also known as the million message attack, took advantage of flaws within the PKCS #1 function to gradually reveal the content of an RSA encrypted message. Doing this requires sending several million test ciphertexts to the decryption device (e.g., SSL-equipped web server.) In practical terms, this means that an SSL session key can be exposed in a reasonable amount of time, perhaps a day or less.
Read more about this topic: Adaptive Chosen-ciphertext Attack
Famous quotes containing the words practical and/or attacks:
“Missionaries, whether of philosophy or religion, rarely make rapid way, unless their preachings fall in with the prepossessions of the multitude of shallow thinkers, or can be made to serve as a stalking-horse for the promotion of the practical aims of the still larger multitude, who do not profess to think much, but are quite certain they want a great deal.”
—Thomas Henry Huxley (1825–95)
“We are seeing an increasing level of attacks on the “selfishness” of women. There are allegations that all kinds of social ills, from runaway children to the neglected elderly, are due to the fact that women have left their “rightful” place in the home. Such arguments are simplistic and wrongheaded but women are especially vulnerable to the accusation that if society has problems, it’s because women aren’t nurturing enough.”
—Grace Baruch (20th century)