Ver:
·
http://en.wikipedia.org/wiki/Brute_force_attack
1. Caso
particular de ataque sólo al texto cifrado en el que el criptoanalista,
cociendo el algoritmo de cifra, intenta su descifrado probando con cada clave
del espacio de claves. Si el cardinal de este último es un número muy grande,
el tiempo invertido en recorrer el citado espacio es fabuloso, y las probabilidades
de éxito escasísimas.
2. Aplicación
de una función resumen (supuesto conocida) a todos los posibles mensajes de un
espacio de ellos, para encontrar aquél cuyo resumen coincide con uno dado.
[Ribagorda:1997]
(I) A cryptanalysis technique
or other kind of attack method involving an exhaustive procedure that tries a
large number of possible solutions to the problem. (See: impossible, strength, work factor.)
[RFC4949:2007]
This attack requires trying
all (or a large fraction of all) possible values till the right value is found;
also called an exhaustive search.
http://www.rsasecurity.com/rsalabs/faq
An attacker gains
unauthorised access to the hashed or encrypted password, runs a program offline
to encrypt or hash a database of possible passwords and compares the results
with the hashed or encrypted password. The brute force attack may be conducted
through dictionary or exhaustion attacks or pre-calculated hashed or encrypted
databases. Alternatively another (and more time-consuming) attack comprises the
unauthorised user running a program online to try many passwords until a match
is found though this can be countered by limiting the number of retries allowed
A similar attack may be carried out against a file of hashed biometrics
templates though exploitation of recovered biometrics may be more difficult.
An automated process of
trial and error used to guess the secret protecting a system. Examples of these
secrets include usernames, passwords or cryptographic keys.
http://www.webappsec.org/projects/glossary/
A cryptanalysis technique or
other kind of attack method involving an exhaustive procedure that tries all
possibilities, one-by-one.
http://www.sans.org/security-resources/glossary-of-terms/