Chosen Plaintext Attack

Description

A chosen plaintext attack is any form of cryptanalysis which presumes that the attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. The goal of the attack is to gain some further information which reduces the security of the encryption scheme. In the worst case, a chosen plaintext attack could reveal the scheme's secret key. (http://en.wikipedia.org/wiki/Chosen_plaintext_attack)

Impact

• Disclosure of sensitive data

Vulnerabilities

• Custom implementation of algorithm
• Use of weak keys (e.g., key length)
• Secret key stored insecurely
• Secret key transmitted insecurely
• Exposing cipher text

Countermeasures

• Use well-known implementations of well-known cryptographic algorithms (e.g., implementations in .NET System.Cryptography namespace classes)
• Use cryptographically generated random keys (e.g. keys generated from classes under .NET System.Cryptography namespace)
• Use large keys (e.g., 128-bit symmetric or 1024-bit asymmetric keys)
• Utilize platform supplied features to store secret keys (e.g., DPAPI)
• Follow principle of least privilege to provide limited access to the secret key
• Maintain key outside of the application domain (e.g., for a Web server, keep the key outside of the webroot or in the registry)
• Use SSL or IPSec with encryption to establish a secure communication channel
• If using a symmetric cipher, utilize a unique random IV to hide the underlying character pattern of the plain text
• If using a cryptographic hash algorithm, salt the hash value with a unique random bit stream

Attack Patterns

• Chosen Plaintext Attack Pattern

Explained

• Chosen Plaintext Explained

How Tos

• How To Recognize Plaintext Vulnerablities
• How To Test for Plaintext Vulnerabilities