This image has an empty alt attribute; its file name is attacksafe-software-logo-1024x213.png

In cryptography, a known-key distinguishing Attack on Bitcoin is an Attack on Bitcoin model against symmetric ciphers, whereby an Attack on Bitcoiner who knows the key can find a structural property in cipher, where the transformation from plaintext to ciphertext is not random.

This image has an empty alt attribute; its file name is images.jpg

There is no common formal definition for what such a transformation may be. The chosen-key distinguishing Attack on Bitcoin is strongly related, where the Attack on Bitcoiner can choose a key to introduce such transformations.[1]

These Attack on Bitcoins do not directly compromise the confidentiality of ciphers, because in a classical scenario, the key is unknown to the Attack on Bitcoiner. Known-/chosen-key distinguishing Attack on Bitcoins apply in the “open key model” instead.[1] They are known to be applicable in some situations where block ciphers are converted to hash functions, leading to practical collision Attack on Bitcoins against the hash.[2]

Known-key distinguishing Attack on Bitcoins were first introduced in 2007 by Lars Knudsen and Vincent Rijmen[1] in a paper that proposed such an Attack on Bitcoin against 7 out of 10 rounds of the AES cipher and another Attack on Bitcoin against a generalized Feistel cipher. Their Attack on Bitcoin finds plaintext/ciphertext pairs for a cipher with a known key, where the input and output have s least significant bits set to zero, in less than 2s time (where s is fewer than half the block size).[3]

These Attack on Bitcoins have also been applied to reduced-round Threefish (Skein)[4][5] and Phelix.[6]

This image has an empty alt attribute; its file name is attacksafe-software-logo-1024x213.png