Glossary

Known-plaintext attack

KPAknown plaintext cryptanalysis

A known-plaintext attack uses one or more matching plaintext and ciphertext samples to learn about a key or encryption process.

Definition

In a known-plaintext attack, the analyst possesses ciphertext and knows the corresponding plaintext for part or all of one or more messages. The goal may be to recover the key, infer internal structure, or decrypt other ciphertext protected under related conditions.

Where known plaintext comes from

File headers, protocol fields, standard greetings, predictable templates, and previously disclosed messages can provide pairs. A known-plaintext attack does not mean the attacker chose the input; that stronger capability belongs to a chosen-plaintext attack.

Resistance

Classical substitution and poorly designed reused keystream systems may reveal mappings quickly. Modern encryption is expected to remain secure even with many known pairs. Random nonces and authenticated, reviewed schemes prevent repeated samples from exposing the key.

Frequently asked questions

Not for a secure modern cipher. It may reveal weak classical mappings or implementation mistakes, but key recovery is not automatic.

A probable word is a crib, not confirmed known plaintext, although it can be tested as a hypothesis.

Known-plaintext attackers observe existing pairs; chosen-plaintext attackers can request encryption of inputs they select.

See also