Watermark attack

from Wikipedia, the free encyclopedia

The watermarking attack (English watermark attack ) is a method of cryptanalysis . In contrast to most cryptanalysis methods, the method does not aim to decipher the entire ciphertext , rather it is simply a matter of proving the existence of a certain pattern ( watermark ) in plain text .

scenario

The victim downloads a file to his encrypted hard drive . This file has a special, characteristic pattern (but the victim does not necessarily know this). With the watermark attack, it can be proven without knowledge of the key that the pattern is present on the hard disk, so there is a probability that this specially marked file is stored on the encrypted data carrier.

Procedure

Procedure using the example of hard disk encryption:

With hard disk encryption in CBC mode ( Cipher Block Chaining Mode ), the sector number is often used as the initialization vector (IV). Let us now take 2 consecutive sectors that differ only in the last bit and generate 2 plaintexts that also differ only in the last bit. As long as the bits are XOR encrypted, it follows from the definition that the encrypted text could also be identical.

Example:

Sektor 1:     10010000

Klartext 1:   00101100


Sektor 2:     10010001

Klartext 2:   00101101


Chiffriert 1: 10111100

Chiffriert 2: 10111100

Since the sector number and ciphertext are known, there is a high probability that successive sectors with identical ciphertext are marked with a watermark. However, this method only works if the file system is not highly fragmentable , so that files are written on successive sectors (for example with ext2 , ext3 , ReiserFS - but not necessarily with FAT).

Affected systems

Almost every current system for partition encryption or hard disk encryption (possibly including file encryption ) can be affected. This also includes earlier versions of dm-crypt , since initialization vector hashing using the ESSIV mode has only been supported since the end of 2004 .

specification