Practical Attacks
Adaptive-chosen-ciphertext attacks were largely considered to be a theoretical concern until 1998, when Daniel Bleichenbacher of Bell Laboratories demonstrated a practical attack against systems using RSA encryption in concert with the PKCS#1 v1 encoding function, including a version of the Secure Socket Layer (SSL) protocol used by thousands of web servers at the time.
The Bleichenbacher attacks, also known as the million message attack, took advantage of flaws within the PKCS #1 function to gradually reveal the content of an RSA encrypted message. Doing this requires sending several million test ciphertexts to the decryption device (e.g., SSL-equipped web server.) In practical terms, this means that an SSL session key can be exposed in a reasonable amount of time, perhaps a day or less.
Read more about this topic: Adaptive Chosen-ciphertext Attack
Famous quotes containing the words practical and/or attacks:
“The city is always recruited from the country. The men in cities who are the centres of energy, the driving-wheels of trade, politics or practical arts, and the women of beauty and genius, are the children or grandchildren of farmers, and are spending the energies which their fathers’ hardy, silent life accumulated in frosty furrows in poverty, necessity and darkness.”
—Ralph Waldo Emerson (1803–1882)
“We are seeing an increasing level of attacks on the “selfishness” of women. There are allegations that all kinds of social ills, from runaway children to the neglected elderly, are due to the fact that women have left their “rightful” place in the home. Such arguments are simplistic and wrongheaded but women are especially vulnerable to the accusation that if society has problems, it’s because women aren’t nurturing enough.”
—Grace Baruch (20th century)