Jump to content

Oracle attack

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by The Anome (talk | contribs) at 14:34, 4 October 2013 (even a small statistical correlation with the correct go/no go result). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

In the field of security engineering, an oracle attack is an attack that exploits the aviability of weakness in the system which can be used as an "oracle" which can give a simple go/no go indication to show whether the attacker has reached, or is nearing, their goal. The attacker can then combine with oracle with systematic search of the problem space to complete their attack.[1]

The padding oracle attack, and compression oracle attacks such as BREACH, are examples of oracle attacks, as was the practice of "crib-dragging" in the cryptanalysis of the Enigma machine. An oracle need not be 100% accurate: even a small statistical correlation with the correct go/no go result can frequently be enough for a systematic automated attack.

See also

References

  1. ^ Jason Coombs (2 December 2004). "Understanding Oracle Attacks". Dr. Dobbs'. Retrieved 2013-10-04.
Stub icon

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Oracle_attack&oldid=575734158"