Bit-flipping attack definition
A bit-flipping attack is a cryptographic attack when an attacker flips bits in the ciphertext to create predictable changes in the plaintext.
Here's how it works. Changing a bit in an encrypted message leads to a corresponding change in the plaintext — the decrypted message. If the attacker knows a portion of the plaintext, they can manipulate parts of the message by flipping bits in the encrypted message.
Imagine a coded message: ”Transfer $1000 to Alice”. If an attacker knows the structure of the message and guesses where the value ”$1000” appears, they could flip the bits in the ciphertext to change the decrypted message to ”Transfer $9000 to Alice”.
See also: exploit chain, ciphertext
Dangers of a bit-flipping attack
- Data integrity violation. Even minor alterations in data can have significant impacts. For example, changing a single bit in a flight control system's data packet might lead to entirely different commands.
- Theft. If an attacker manipulates messages pertaining to money transactions, they could lead to unauthorized or incorrect transfers.
- Data leakage. An attacker might trigger errors by strategically flipping bits to leak additional information about the system or its data.
- Bypassing controls. A bit-flipping attack could bypass safety checks or other control mechanisms if the encrypted data represents configurations or commands.
- Disruption. Corrupting packets in a network communication can lead to service outages or degradation.
- Eroding trust. If a bit-flipping attack compromises a system, it could erode trust among its users, even if no actual harm was done.
- Chaining attacks. A successful bit-flipping attack might be a step in a series of attack vectors, helping an attacker further compromise a system.
