Brute-Force Attack
A method used to derive or determine the value of an encryption key whereby the attacker tries to decrypt known ciphertext with all possible values of the key—although, in actuality, all possible values should not need to be tried since it is unlikely the key value is the last one that will be tried, especially if good randomization was not used. The length of time required for a Brute-Force Attack is impacted by the length of key, the computing resources available, and the randomness (or, conversely, the predictability) of the key. To minimize the possibility that Brute-Force Attacks are effective in your environment, it is critical to use encryption libraries with high quality pseudo-random number generators and key lengths that are beyond the Brute-Force Attack capabilities of currently available computing resources. Unless you have a staff of cryptographers, it is generally a best practice to track the encryption system certifications and key length recommendations of organizations like the U.S. National Institute of Standards and Technology (NIST), which are currently available athttp://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf.
- Problems
- Best Practices
- Measureable Successful Results
- Function