Practical Attacks
Adaptive-chosen-ciphertext attacks were largely considered to be a theoretical concern until 1998, when Daniel Bleichenbacher of Bell Laboratories demonstrated a practical attack against systems using RSA encryption in concert with the PKCS#1 v1 encoding function, including a version of the Secure Socket Layer (SSL) protocol used by thousands of web servers at the time.
The Bleichenbacher attacks, also known as the million message attack, took advantage of flaws within the PKCS #1 function to gradually reveal the content of an RSA encrypted message. Doing this requires sending several million test ciphertexts to the decryption device (e.g., SSL-equipped web server.) In practical terms, this means that an SSL session key can be exposed in a reasonable amount of time, perhaps a day or less.
Read more about this topic: Adaptive Chosen-ciphertext Attack
Famous quotes containing the words practical and/or attacks:
“After all, the practical reason why, when the power is once in the hands of the people, a majority are permitted, and for a long period continue, to rule is not because they are most likely to be in the right, nor because this seems fairest to the minority, but because they are physically the strongest. But a government in which the majority rule in all cases cannot be based on justice, even as far as men understand it.”
—Henry David Thoreau (1817–1862)
“The rebel, unlike the revolutionary, does not attempt to undermine the social order as a whole. The rebel attacks the tyrant; the revolutionary attacks tyranny. I grant that there are rebels who regard all governments as tyrannical; nonetheless, it is abuses that they condemn, not power itself. Revolutionaries, on the other hand, are convinced that the evil does not lie in the excesses of the constituted order but in order itself. The difference, it seems to me, is considerable.”
—Octavio Paz (b. 1914)