Bit-flipping attack
|
|
A bit-flipping attack is an attack on a cryptographic cipher in which the attacker can change the ciphertext in such as a way as to result in a predictable change of the plaintext, although the attacker is not able to learn the plaintext itself. Note that this type of attack is not -- directly -- against the cipher itself (as cryptanalysis of it would be), but against a particular message or series of them. In the extreme, this could become a Denial of service attack against all messages on a particular channel using that cipher.
The attack is especially dangerous when the attacker knows the format of the message. In such a situation, the attacker can turn it into a similar message but one in which some important information, typically numerical, is altered.
When applied to digital signatures, the attacker might be able to change a promisory note stating "I owe you $10.00" into one stating "I owe you $10000".
Stream ciphers, such as RC4, can be vulnerable to a bit-flipping attack. Ciphers with good diffusion properties are generally resistant to it.