Birthday attack

A birthday attack is a cryptographic attack based on the mathematics exemplified by the birthday paradox. This math turns up whenever the question of two cryptographic operations producing the same result becomes an issue.

The best-known example is collisions in cryptographic hash or message digest functions. An enemy may be able to subvert the authentication that these functions are intended to provide if he can find two inputs that hash to the same output. See collision resistance for details.

Another issue arises when a challenge-response authentication system produces the same challenge twice. An enemy who has kept careful records might then break in by looking up the correct response and giving it.

When two output blocks from a block cipher are identical, the enemy gains some information. Assuming the key has not changed, he then knows the two input blocks were identical. There are attacks base on accumulating such information; see block size.