Editing Chosen-plaintext attack (section)

==In practice==

In [[World War II]] US Navy cryptanalysts discovered that Japan was planning to attack a location referred to as "AF". They believed that "AF" might be [[Midway Island]], because other locations in the [[Hawaiian Islands]] had codewords that began with "A". To prove their hypothesis that "AF" corresponded to "Midway Island" they asked the US forces at Midway to send a plaintext message about low supplies. The Japanese intercepted the message and immediately reported to their superiors that "AF" was low on water, confirming the Navy's hypothesis and allowing them to position their force to win the [[Battle of Midway|battle]].<ref name="modern">{{cite book|last1=Katz|first1=Jonathan|last2=Lindell|first2=Yehuda|title=Introduction to Modern Cryptography: Principles and Protocols|date=2007|publisher=Chapman and Hall/CRC|location=Boca Raton|isbn=978-1584885511|author-link=Jonathan Katz (computer scientist)|oclc=893721520}}</ref><ref name="Navy Midway">{{cite web |url=http://www.navy.mil/midway/how.html |title=How Cryptology enabled the United States to turn the tide in the Pacific War. |last1=Weadon |first1=Patrick D. |website=www.navy.mil |publisher=US Navy |access-date=2015-02-19 |archive-url=https://web.archive.org/web/20150131043802/http://www.navy.mil/midway/how.html |archive-date=2015-01-31 |url-status=dead }}</ref>

Also during [[World War II]], Allied codebreakers at [[Bletchley Park]] would sometimes ask the [[Royal Air Force]] to lay mines at a position that didn't have any abbreviations or alternatives in the German naval system's grid reference. The hope was that the Germans, seeing the mines, would use an [[Enigma machine]] to encrypt a warning message about the mines and an "all clear" message after they were removed, giving the allies enough information about the message to break the German naval Enigma. This process of ''planting'' a known-plaintext was called ''[[Gardening (cryptanalysis)|gardening]]''.<ref>{{Citation  | last = Morris | first = Christopher | year = 1993 | contribution = Navy Ultra's Poor Relations | editor-last = Hinsley | editor-first = F.H. | editor-link = Harry Hinsley | editor2-last = Stripp | editor2-first = Alan | title = Codebreakers: The inside story of Bletchley Park | location = Oxford | publisher = Oxford University Press | isbn = 978-0-19-280132-6 | page=235}}</ref> Allied codebreakers also helped craft messages sent by double agent [[Juan Pujol García]], whose encrypted radio reports were received in Madrid, manually decrypted, and then re-encrypted with an [[Enigma machine]] for transmission to Berlin.<ref name=BBC_News_Magazine>{{cite news|last=Kelly|first=Jon|title=The piece of paper that fooled Hitler|url=https://www.bbc.co.uk/news/magazine-12266109|publisher=BBC|access-date=1 January 2012|quote=The Nazis believed Pujol, whom they code named Alaric Arabel, was one of their prize assets|date=27 January 2011}}</ref>  This helped the codebreakers decrypt the code used on the second leg, having supplied the original [[Plaintext|text]].<ref name=MarkSeaman73>[[#Seaman|Seaman (2004)]]. "The first code which Garbo was given by the Germans for his wireless communications turned out to be the identical code which was currently in use in the German circuits"</ref>

In modern day, chosen-plaintext attacks (CPAs) are often used to break [[Symmetric-key_algorithm|symmetric ciphers]]. To be considered CPA-secure, the symmetric cipher must not be vulnerable to chosen-plaintext attacks. Thus, it is important for symmetric cipher implementors to understand how an attacker would attempt to break their cipher and make relevant improvements.

For some chosen-plaintext attacks, only a small part of the plaintext may need to be chosen by the attacker; such attacks are known as plaintext injection attacks.