Standardlikelihood: Lowseverity: LowDraft

CAPEC-20Encryption Brute Forcing

Abstraction
Standard
Status
Draft
Likelihood
Low
Severity
Low

Description

An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext. Metadata: standard CAPEC pattern, status draft, likelihood low, severity low. Underlying weaknesses: CWE-326, CWE-327, CWE-693, CWE-1204. Related CAPEC patterns: [object Object], [object Object].

Related weaknesses· 4

CWE-326CWE-327CWE-693CWE-1204

Related attack patterns· 2

CAPEC-112 (ChildOf)CAPEC-668 (CanPrecede)

Exploits4

TypeTargetConfidenceTier
WeaknessInadequate Encryption Strengthcwe-326100%live
WeaknessProtection Mechanism Failurecwe-693100%live
WeaknessGeneration of Weak Initialization Vector (IV)cwe-1204100%live
WeaknessUse of a Broken or Risky Cryptographic Algorithmcwe-327100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Brute Force
CAPEC
Password Brute Forcing
CAPEC
Cryptanalysis
CAPEC
Dictionary-based Password Attack
CAPEC
Drop Encryption Level
CAPEC
Exploiting Incorrectly Configured SSL/TLS
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.