Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Knowing the plaintext, how to discover the encryption scheme used? [closed]

Tags:

algorithm

encryption

I have some char() fields in a DBF table that were left encrypted by a past developer in the project.

However, I know the plaintext result of the decryption of several records. How can I determine the function/algorithm/scheme to decrypt the original data? These are some sample fields:

For cryptext:

b5 01 02 c1 e3 0d 0a

plaintext should be:

3543921 or 3.543.921

And for cryptext:

41 c3 c5 07 17 0d 0a

plaintext should be

1851154 or 1.851.154

I believe 0d 0a is just padding. Was from data gathered in win-1252 encoding (dunno if matters)

EDIT: It's for the sake of curiosity and learning. I want to be able to undestand the encryption used(seems a simple one, although is binary data) to recover the value of the fields for the tuples whose plaintext I don't know.

EDIT 2: Added a couple samples.

like image 819
Camilo Díaz Repka Avatar asked Dec 23 '22 14:12

Camilo Díaz Repka

2 Answers

There is no easy way in general case. This question is too general. Try posting these plain + encrypted strings.

EDIT:

  • for the sake of learning you can read this article : Cryptography on Wikipedia

  • if you really beleive the encryption is simple - check if it's a byte (or word) level XOR - see the following pseudocode

    for (i in originalString) {
newString[i] = originalString[i] ^ CRYPT_BYTE;
}
like image 137
Sergey Avatar answered Dec 25 '22 04:12

Sergey

Assuming it's not something as simple as a substitution cipher (try frequency analysis) or a poorly applied XOR (e.g., reusing the key; try XORing two ciphertexts with known plaintexts and then see whether the result is the XOR of the plaintexts; or try XORing the ciphertext with itself shifted by some number of bytes), you should probably assume it's well-known stream/block cipher with an unknown key (which most likely consists of ASCII characters). If you have a big enough sample of ciphertext-plaintext pairs, you could start by checking whether plaintexts with the same first few characters/bytes have ciphertexts with the same first characters/bytes. There you might also see whether it's a block or a stream cipher and whether there is any feedback mechanism involved. Padding, if present, might also suggest that it's a block cipher rather than a stream cipher.

like image 44
Alexander Avatar answered Dec 25 '22 04:12

Alexander
Sign in to Comment

Related questions

Merge two sorted arrays into one
Most optimal way to solve multiple-source multiple-sink flow network
How to properly count occurrence in arrays?
Shortest path with a twist
Reversing stack in O(n) without extraspace is not happening
Recursively counting special nodes in a tree
Efficiency of Sieve of Eratosthenes algorithm
How to check if two matrices have an identical row?
python playlist solution, how to finish is_repeating_playlist function?
Fastest algorithm to perform N*M iterations in Python
How can I smooth the segmented blob?
atan2 for two sinusoids of arbitrary phase shift?
Comparing two arrays and finding differences
Sort array order of lower and uppercase [duplicate]
Implementing a recursive Void function (Finding height of Binary Search Tree)
How to find the substring if the substring has random characters replaced?
What is the most efficient algorithm for solving the cell-sum puzzle?
5x5 Sliding Puzzle Fast & Low-Move Solution
minimum time to change arrays to make sums of two arrays equal
Pythonic way to operate comma-separated list of ranges “1-5,10-25,27-30”

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!