A dictionary attack is an attack that tries to guess at the key of a ciphertext by attempting many different common passwords and possible passwords that are likely to be used by humans. A dictionary attack makes use of what is called a dictionary, which stores common English words, phrases, and passwords ready to guess as the key. Dictionary attacks are more efficient than a Brute Force Attack as they don’t have to try nearly as many combinations – but with the downside that if the key is not contained in the dictionary, it will never successfully find it.
For example, let’s say that Bob encrypted his hard drive with the password “hunter2”. Alice then uses a dictionary attack to try every possible word in the dictionary. If “hunter2”, Bob’s password, is in the dictionary – then Alice will have the key and be able to get access to Bob’s hard drive.
However, if Bob’s password was “ahiuhf23fg23tg8902g”, a phrase that is unlikely to be in Alice’s dictionary (which generally contain a variety of english words, variations, and common passwords) – Alice would never be able to gain access to his hard drive, and eventually would exhaust her dictionary without a positive match.