Skip to main content

Home Bit-flipping attack

Bit-flipping attack

Bit-flipping attack definition

A bit-flipping attack is a cryptographic attack when an attacker flips bits in the ciphertext to create predictable changes in the plaintext.

Here's how it works. Changing a bit in an encrypted message leads to a corresponding change in the plaintext — the decrypted message. If the attacker knows a portion of the plaintext, they can manipulate parts of the message by flipping bits in the encrypted message.

Imagine a coded message: ”Transfer $1000 to Alice”. If an attacker knows the structure of the message and guesses where the value ”$1000” appears, they could flip the bits in the ciphertext to change the decrypted message to ”Transfer $9000 to Alice”.

See also: exploit chain, ciphertext

Dangers of a bit-flipping attack

  • Data integrity violation. Even minor alterations in data can have significant impacts. For example, changing a single bit in a flight control system's data packet might lead to entirely different commands.
  • Theft. If an attacker manipulates messages pertaining to money transactions, they could lead to unauthorized or incorrect transfers.
  • Data leakage. An attacker might trigger errors by strategically flipping bits to leak additional information about the system or its data.
  • Bypassing controls. A bit-flipping attack could bypass safety checks or other control mechanisms if the encrypted data represents configurations or commands.
  • Disruption. Corrupting packets in a network communication can lead to service outages or degradation.
  • Eroding trust. If a bit-flipping attack compromises a system, it could erode trust among its users, even if no actual harm was done.
  • Chaining attacks. A successful bit-flipping attack might be a step in a series of attack vectors, helping an attacker further compromise a system.