216.73.217.50

T1600.001: Reduce Key Space

View on MITRE ATT&CK The MITRE Corporation · Published 19/10/2020 21:03 · Modified 27/03/2026 01:09

Essential information

MITRE technique ID
T1600.001
Confidence
100/100
Revoked
No
Published
19/10/2020 21:03
Modified
27/03/2026 01:09
Author / Source
The MITRE Corporation

Aliases

T1600.001

Platforms

Network Devices

Description

Adversaries may reduce the level of effort required to decrypt data transmitted over the network by reducing the cipher strength of encrypted communications.(Citation: Cisco Synful Knock Evolution) Adversaries can weaken the encryption software on a compromised network device by reducing the key size used by the software to convert plaintext to ciphertext (e.g., from hundreds or thousands of bytes to just a couple of bytes). As a result, adversaries dramatically reduce the amount of effort needed to decrypt the protected information without the key. Adversaries may modify the key size used and other encryption parameters using specialized commands in a [Network Device CLI](https://attack.mitre.org/techniques/T1059/008) introduced to the system through [Modify System Image](https://attack.mitre.org/techniques/T1601) to change the configuration of the device. (Citation: Cisco Blog Legacy Device Attacks)

Kill chain phases

Kill chainPhase
mitre-attack defense-evasion

Marking (TLP)

TLP:CLEAR Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references