Quiz Entry - updated: 2026.07.14
True or false: "There is fundamentally only one type of brute-force attack."
False — there are two fundamentally different brute-force attacks: exhaustive key search and table lookup. They sit at opposite ends of the time-memory spectrum.
| Exhaustive Key Search | Table Lookup | |
|---|---|---|
| Type | Known-plaintext attack | Chosen-plaintext attack |
| Time | $k$ (test every key) | 1 (instant lookup) |
| Storage | 1 (negligible) | $k$ (store every result) |
| When it runs | During the attack (online) | Precomputed before attack (offline) |
The key distinction:
- Key search trades time for zero storage — you grind through keys one by one
- Table lookup trades massive storage for zero online time — you do all computation upfront
And there's a third category: The Time-Memory Tradeoff (TMTO) sits between them, using $k^{2/3}$ of each. Meet-in-the-middle is a specific TMTO technique (not to be confused with man-in-the-middle, which is a completely different network attack).
Go deeper:
Brute-force attack (Wikipedia) — key search vs precomputed tables.