Brute force

Trying all possible keys until the we find the correct one; we need to be able to distinguish the correct key as there might be different keys giving meaningful outcomes. With the key of length n, we have 2n possibilities and on average we are successful after 2n-1 tries.

Cryptoanalysis

Analysis of cryptosystem to decipher a message (without a key) in a more timely manner than in case of brute force. Using all possible and available information to decrease information entropy (some keys are more probable, etc.)

Ciphertext only attack – Only ciphertext is available to an attacker. In this case we assume that attacker is capable to get the ciphertext in some way.

Known plaintext attack – Attacker knows some pairs of plaintext->ciphertext which helps him when trying to find the correct key (for instance Enigma in WWII). Compared to chosen plaintext attack he cannot generate his own plaintext->ciphertext pairs.

Chosen plaintext attack – Attacker chooses the plaintext->ciphertext himself. Good example is encryption with public key. Attacker can generate infinite number of plaintext->ciphertext pairs to analyze and discover the private key for decryption.

 

Perfect Secrecy (One-time pad)

To achieve perfect secrecy the key should not be reused in the encryption of the plaintext, ie. it should be at least as long as the message itself. The key entropy is only as strong as the message entropy (no matter the length of the message). This way of encryption has its obvious practical limitations – key generation, key distribution and agreement. Used in critical low-bandwidth applications.