Chosen-plaintext attack

A chosen-plaintext attack (CPA) is an attack model for cryptanalysis which presumes that the attacker can obtain the ciphertexts for arbitrary plaintexts. The goal of the attack is to gain information that reduces the security of the encryption scheme. Modern ciphers aim to provide semantic security, also known as ciphertext indistinguishability under chosen-plaintext attack, and they are therefore, by design, generally immune to chosen-plaintext attacks if correctly implemented. In a chosen-plaintext attack the adversary can (possibly adaptively) ask for the ciphertexts of arbitrary plaintext messages. This is formalized by allowing the adversary to interact with an encryption oracle, viewed as a black box. The attacker’s goal is to reveal all or a part of the secret encryption key. It may seem infeasible in practice that an attacker could obtain ciphertexts for given plaintexts. However, modern cryptography is implemented in software or hardware and is used for a diverse range of applications; for many cases, a chosen-plaintext attack is often very feasible (see also In practice). Chosen-plaintext attacks become extremely important in the context of public key cryptography where the encryption key is public and so attackers can encrypt any plaintext they choose. There are two forms of chosen-plaintext attacks: Batch chosen-plaintext attack, where the adversary chooses all of the plaintexts before seeing any of the corresponding ciphertexts. This is often the meaning intended by "chosen-plaintext attack" when this is not qualified. Adaptive chosen-plaintext attack (CPA2), where the adversary can request the ciphertexts of additional plaintexts after seeing the ciphertexts for some plaintexts. A general batch chosen-plaintext attack is carried out as follows : The attacker may choose n plaintexts. (This parameter n is specified as part of the attack model, it may or may not be bounded.) The attacker then sends these n plaintexts to the encryption oracle. The encryption oracle will then encrypt the attacker's plaintexts and send them back to the attacker.

WarpAttack: Bypassing CFI through Compiler-Introduced Double-Fetches

Privacy-Enhancing Optical Embeddings for Lensless Classification

Efficient Bootstrapping for Approximate Homomorphic Encryption with Non-sparse Keys

Efficient Bootstrapping for Approximate Homomorphic Encryption with Non-sparse Keys

Privacy-Enhancing Optical Embeddings for Lensless Classification

WarpAttack: Bypassing CFI through Compiler-Introduced Double-Fetches