22

I have a question regarding Encryption. Say an attacker stole my entire database. In that database all the data was encrypted. If the attacker took one piece of encrypted data and for some reason knew the original value of this one piece of encrypted data, could he use that knowledge to workout a way to decrypt all the other data efficiently?

user2924127
  • 887
  • 1
  • 8
  • 17

2 Answers2

39

When used correctly, no. This is one of the tests for semantic security, in fact. In another form, if an attacker can choose a plaintext to be encrypted by you, with your secret key, he should not be able to learn anything about any other data you have encrypted with the same key. This is what is known as CPA-secure (chosen plaintext attack) and AES is believed to be (as far as we can tell) CPA-secure. So not only can an attacker not decrypt other data using this knowledge, he can't even learn anything about the other data with this knowledge.

Xander
  • 35,616
  • 27
  • 114
  • 141
  • 9
    Not saying anything is wrong with Xander's answer, but feel like adding that this answer assuming AES (the block cipher encryption function) *is being used properly* then it will be CPA-secure (as far as we know). If you used AES in say ECB mode (which should never be used), then an attacker can do chosen plaintext attacks on your database by encrypting various likely plaintexts and seeing wherever it matches encrypted data. Or if you used AES in CTR mode but the same seed is used to encrypt different data, then you've lost semantic security if the attacker can do chosen-plaintext attacks. – dr jimbob Jan 08 '16 at 22:11
  • @drjimbob Definitely a good point. You would also leak a block of information if static IVs are used with CBC mode. I've edited the answer to reflect this, in general terms. – Xander Jan 08 '16 at 22:13
11

No. That's called a "known plaintext attack", and is preventing that scenario is specifically one of the goals of an algorithm designer.

John Deters
  • 33,897
  • 3
  • 58
  • 112