Known Plain Text Attack Previous  Top  Next

A known plain text attack is the attempt by a cryptanalyst to break a cipher based on knowledge about the plain text of a message prior to its encryption. Simply put, if the cryptanalyst knows the method of encryption, any encryption, part or all of the plain text input to the cipher, and is able to observe the encrypted message text, he / she will likely be able to infer the key used to encrypt the message. This in turn can compromise the security of future messages sent with that key. In greatly simplified terms :

 Plain Text + Key = Cipher Text
 Cipher Text - Plain Text = Key
Consider the following scenario : Alice sends Bob an email and attaches her favorite holiday snapshot. The email is encrypted. Assume further that she sends the same holiday snapshot to her mother in plain text. Steve, who wishes to spy on Alice and Bob, was able to intercept her email to Mom and now has a copy of "myholiday.jpg". If the picture consisted of 200 Kilobytes of data (about 200,000 letters) and Alice included only a short personal message to Bob with the picture ( say 50 letters ), then Steve already knows 99% of the message contents prior to encryption and now has greatly improved chances of breaking Alice's key if he comes into possession of the corresponding cipher text.

SecExFile includes comprehensive protection against known plain text attacks.