Encyclopedia > Dictionary attack

  Article Content

Dictionary attack

A dictionary attack refers to breaking a cipher, or obtaining a password, by running through a list of likely keys, or a list of words. For example, one can 'break' a password on a computer in an English speaking country by encrypting each of a list of English words and comparing each encryption against the stored encrypted version of users' passwords. Since users often choose inappropriate (ie, easily guessed or broken) passwords, this has historically succeeded about 4 times out of 10 when a reasonable list is used.

In the case of a cipher, if keys are suspected to be words, the same technique can be used to break messages encrypted with it.

An example of a dictionary attack occurred in the Second World War, when British codebreakers working on German Enigma-ciphered messages used the German word eins as part of a dictionary attack; eins, the word for the number one, appeared in 90% of all Engima messages, as the Enigma machine's keyboard had no numerals.

Clifford Stoll's book, The Cuckoo's Egg, contains an interesting, and unusually readable, account of a dictionary attack against the encrypted passwords kept in the passwd[?] file in Unix systems, and of the reaction to the successful attack of the man (Robert Morris Sr) who invented the encryption system used for those passwords.

See also:

Well known examples of dictionary attack software tools include John the Ripper (http://www.openwall.com/john/) and L0phtCrack (http://www.atstake.com/research/lc3/)



All Wikipedia text is available under the terms of the GNU Free Documentation License

 
  Search Encyclopedia

Search over one million articles, find something about almost anything!
 
 
  
  Featured Article
BBC News 24

... first only cable television subscribers could view it. In 1999, with the advent of digital television in the UK, satellite viewers were able to view the service. The BBC ...

 
 
 
This page was created in 44.2 ms