Encyclopedia > Dictionary attack

  Article Content

Dictionary attack

A dictionary attack refers to breaking a cipher, or obtaining a password, by running through a list of likely keys, or a list of words. For example, one can 'break' a password on a computer in an English speaking country by encrypting each of a list of English words and comparing each encryption against the stored encrypted version of users' passwords. Since users often choose inappropriate (ie, easily guessed or broken) passwords, this has historically succeeded about 4 times out of 10 when a reasonable list is used.

In the case of a cipher, if keys are suspected to be words, the same technique can be used to break messages encrypted with it.

An example of a dictionary attack occurred in the Second World War, when British codebreakers working on German Enigma-ciphered messages used the German word eins as part of a dictionary attack; eins, the word for the number one, appeared in 90% of all Engima messages, as the Enigma machine's keyboard had no numerals.

Clifford Stoll's book, The Cuckoo's Egg, contains an interesting, and unusually readable, account of a dictionary attack against the encrypted passwords kept in the passwd[?] file in Unix systems, and of the reaction to the successful attack of the man (Robert Morris Sr) who invented the encryption system used for those passwords.

See also:

Well known examples of dictionary attack software tools include John the Ripper (http://www.openwall.com/john/) and L0phtCrack (http://www.atstake.com/research/lc3/)



All Wikipedia text is available under the terms of the GNU Free Documentation License

 
  Search Encyclopedia

Search over one million articles, find something about almost anything!
 
 
  
  Featured Article
Sakhalin

... that the connexion between the Pacific and Arctic Oceans was broader than it is now. Only two rivers are worthy of mention. The Tym, 250 m. long and navigable by rafts ...

 
 
 
This page was created in 33.7 ms