Watermarking attack

The watermark attack (english watermark attack) is a method of cryptanalysis. Unlike most methods of cryptanalysis, the process is not aimed at deciphering the entire ciphertext, rather it is simply a question to prove the existence of a certain pattern (watermark) in plain text.

Scenario

The victim downloads a file on his encrypted hard drive. This file has a special characteristic pattern ( however, this does not necessarily know the victim ). The watermark attack can be detected without knowing the key that the pattern is present on the hard disk, therefore the probability is given that these specially selected file is stored on the encrypted volume.

Method

Method on the example of disk encryption:

When disk encryption in CBC mode ( Cipher Block Chaining Mode English ) is used often, the sector number as initialization vector ( IV). Now let us take two consecutive sectors that differ only in the last bit and generate two plaintexts, which also differ only by the last bit. As long as the XOR bits are encrypted, it follows from the definition that the encrypted text could also be identical.

Example:

Sector 1: 1 10010000Klartext: 00101100 Sector 2: 10010001Klartext 2: 00101101 Encrypts 1: 10111100Chiffriert 2: 10,111,100 Since sector number and ciphertext are known, there is a high probability that consecutive sectors are marked with identical ciphertext with a watermark. This process can only succeed if the file system is not strong fragmentable so that files are written to consecutive sectors (for example, ext2, ext3, ReiserFS - but not necessarily with FAT ).

Affected Systems

Almost every current system partition encryption or disk encryption (even file encryption) may be affected. These include earlier versions of dm -crypt, because only since the end of 2004 Initialisierungsvektorhashing by the ESSIV mode is supported.

Specification

  • Identification technology
  • Cryptanalysis
814306
de