Cryptographic Attacks - 2.4

Attacks aimed specifically at encryption technologies or how their implementation is handled by an organization.

Downgrade Attack

  • Forces a system to downgrade to a less secure version or protocol.
  • Example: SSL Stripping

Collision Attack

  • Exploitation of a hash collision, where two unique inputs return the same hash (e.g., MD5).

Birthday Attack

  • The likelihood that in a large set of data, two different inputs will produce the same hash value. This concept is based on the Birthday Paradox in probability theory. Without proper hashing and salting, an attacker can exploit these collisions to find matching passwords in a database.