Practical Attacks
Adaptive-chosen-ciphertext attacks were largely considered to be a theoretical concern until 1998, when Daniel Bleichenbacher of Bell Laboratories demonstrated a practical attack against systems using RSA encryption in concert with the PKCS#1 v1 encoding function, including a version of the Secure Socket Layer (SSL) protocol used by thousands of web servers at the time.
The Bleichenbacher attacks, also known as the million message attack, took advantage of flaws within the PKCS #1 function to gradually reveal the content of an RSA encrypted message. Doing this requires sending several million test ciphertexts to the decryption device (e.g., SSL-equipped web server.) In practical terms, this means that an SSL session key can be exposed in a reasonable amount of time, perhaps a day or less.
Read more about this topic: Adaptive Chosen-ciphertext Attack
Famous quotes containing the words practical and/or attacks:
“The cycle of the machine is now coming to an end. Man has learned much in the hard discipline and the shrewd, unflinching grasp of practical possibilities that the machine has provided in the last three centuries: but we can no more continue to live in the world of the machine than we could live successfully on the barren surface of the moon.”
—Lewis Mumford (1895–1990)
“I find that with me low spirits and feeble health come and go together. The last two or three months I have had frequent attacks of the blues. They generally are upon me or within me when I am somewhat out of order in bowels, throat, or head.”
—Rutherford Birchard Hayes (1822–1893)