Cryptographic systems are mostly vulnerable to brute-force attacks. In this attack many combinations of characters tried in an attempt to uncover valued key.

There are also number of other attacks that are aimed at recovering key. They include
Cipher-Text-Only Attack:
This type of attack tend to be least successful. The attacker has some cipher text but lucks corresponding plain text or the key.

Known Plaintext Attack:
The attacker has plain text and cipher text of one or more messages. This attack is very similar to brute force attack. They attacker tries to use this information to determine key in use.

Chosen Plaintext Attack:
The attacker generates corresponding cipher text to deliberately chosen plain text. Attacker feeds information into encryption system and observe the output. The attacker most likely does not know the algorithm or secret key in use.

Chosen Cipher-Text Attack:
Attacker decrypts cipher text into corresponding plain text. Attacker feeds information into decription system and abserves output. The attacker most likely does not know the algorithm or secret key in use.

Recording and Replaying traffic:
Attacker records network traffic and then retransmits information later or extract key from traffic.

Man in the middle:
Attacker gets between two users with the intent to intercept packets.

Social engineering attacks:
Attacker will try to obtain cryptographic keys from user. Users may be tricked into accepting self-signed certificates, explore vulnerability in web browsers and so on.