Cryptographic attacks — SY0-701
Master the cryptographic attacks tested on CompTIA Security+ SY0-701: collision, preimage, replay, and side-channel attacks — grounded in NIST definitions.
WHAT IT IS
Cryptographic attacks are operations performed to defeat cryptographic protection — in the words of the NIST glossary (NIST SP 800-57 Part 1 Rev. 5), this is the domain of cryptanalysis: "operations performed to defeat cryptographic protection without an initial knowledge of the key employed in providing the protection."
The attacks covered under this topic exploit weaknesses in three layers: the mathematical properties of hash functions, the design of protocols, and the physical implementation of cryptographic systems.
Mental model
Think of every cryptographic primitive as a set of security promises. Cryptographic attacks are attempts to break one of those promises. The attack type tells you which promise is being broken:
- A collision attack breaks the promise that no two distinct inputs produce the same output.
- A preimage attack breaks the promise that a hash output cannot be reversed to find a matching input.
- A replay attack breaks the promise that captured authentication data cannot be reused.
- A side-channel attack breaks the promise that the algorithm is safe when the implementation leaks physical information.
Name the promise being broken, and you name the attack type.
When to use it
The exam asks you to distinguish attack types that are frequently confused with each other. The table below maps each attack to the specific security property it targets, using NIST-grounded definitions.
| Attack | What the attacker seeks | Security property violated | NIST grounding |
|---|---|---|---|
| Collision attack | Two different inputs that produce the same hash output | Collision resistance | "Two different messages have the same message digest" — NIST SP 800-106 |
| Second-preimage attack | A different input that produces the same hash as a known message | Second-preimage resistance | "Computationally infeasible to find a second preimage of a known message digest" — NIST SP 800-107 Rev. 1 |
| Preimage attack | Any input that maps to a target hash output | Preimage resistance | "Given a randomly chosen message digest, computationally infeasible to find a preimage" — NIST SP 800-106 |
| Replay attack | Reuse of captured authentication or access-control data | Freshness / uniqueness of credentials | "Capture of transmitted authentication or access control information and its subsequent retransmission" — CNSSI 4009-2015 |
| Side-channel attack | Physical information leaked by a deployed cryptosystem | Implementation confidentiality | "An attack enabled by the leakage of information from a deployed cryptosystem" — NIST glossary |
COMMON MISCONCEPTION
Collision attack ≠ brute-force exhaustion of all inputs.
Candidates often assume a collision attack means trying every possible input until two happen to match — a purely brute-force notion. The distinction matters: collision resistance (NIST SP 800-106) means it is computationally infeasible to find a collision, which is a property violated by exploiting structural weaknesses in the hash algorithm itself, not simply by guessing. An attacker finding a collision has found something the algorithm's design failed to prevent — not just a lucky guess from an unlimited search.
A related confusion: candidates conflate a collision attack (finding any two colliding inputs) with a second-preimage attack (finding a second input that collides with a specific known message). These target different security properties and have different implications. According to NIST SP 800-106 and SP 800-107 Rev. 1, collision resistance and second-preimage resistance are separately defined expected properties of cryptographic hash functions.
A third misconception: candidates assume a replay attack requires breaking encryption. It does not — the NIST/CNSSI definition makes clear the attacker is capturing and retransmitting already-valid authentication data. The cryptographic protection of the channel can be intact; the attack exploits the absence of freshness controls, not a failure of the underlying cipher.
How it shows up on the exam
The cognitive target here is application and analysis: given a scenario description, identify the correct attack type. Signal phrases to recognize:
- "Two documents with the same hash value" — points toward a collision.
- "Attacker found a different file that hashes to the same value as the original" — points toward second-preimage resistance being broken.
- "Captured login tokens were replayed to gain access" — points toward a replay attack.
- "Power consumption or timing measurements were used to extract key material" — points toward a side-channel attack.
- "Degraded the connection to an older protocol version" — candidates should recognize this as a scenario where the security of the cryptographic protocol itself, not just the algorithm, is undermined.
A common trap: scenarios describe effects (e.g., "two files had the same integrity check value") without naming the attack. Candidates who have memorized attack names without grounding them in the underlying security property — as defined in NIST SP 800-106 and SP 800-107 — will struggle to map the scenario to the correct answer.
Related concepts
Sources
Every claim on this page traces to the public exam blueprint and official documentation: