Name  Cryptanalysis 
Summary  Cryptanalysis is a process of finding weaknesses in cryptographic algorithms and using these weaknesses to decipher the ciphertext without knowing the secret key (instance deduction). Sometimes the weakness is not in the cryptographic algorithm itself, but rather in how it is applied that makes cryptanalysis successful. An attacker may have other goals as well, such as:
1. Total Break  Finding the secret key
2. Global Deduction  Finding a functionally equivalent algorithm for encryption and decryption that does not require knowledge of the secret key.
3. Information Deduction  Gaining some information about plaintexts or ciphertexts that was not previously known
4. Distinguishing Algorithm  The attacker has the ability to distinguish the output of the encryption (ciphertext) from a random permutation of bits
The goal of the attacker performing cryptanalysis will depend on the specific needs of the attacker in a given attack context. In most cases, if cryptanalysis is successful at all, an attacker will not be able to go past being able to deduce some information about the plaintext (goal 3). However, that may be sufficient for an attacker, depending on the context. 
Prerequisites  The target software utilizes some sort of cryptographic algorithm.
An underlying weaknesses exists either in the cryptographic algorithm used or in the way that it was applied to a particular chunk of plaintext.
The encryption algorithm is known to the attacker.
An attacker has access to the ciphertext. 
Solutions  Use proven cryptographic algorithms with recommended key sizes.
5. Picking the most appropriate cryptographic algorithm for your usage context and data 
Related Weaknesses 
CWE ID  Description 
CWE327  Use of a Broken or Risky Cryptographic Algorithm 
CWE693  Protection Mechanism Failure 
CWE719  OWASP Top Ten 2007 Category A8  Insecure Cryptographic Storage 
