Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What does the information of XOR of two cipher texts in one-time pad gives me?

Tags:

c

cryptography

cryptanalysis

So, we're told to not use the same key for one-time pad, because if an attacker knows the two cipher texts, he can get the XOR of the two plain texts. For example:

Plain Text1: 0001011
Key        : 1010110
Ciphertext : 1011101

Plain Text2: 0110011
Key        : 1010110
Ciphertext : 1100101

XOR of ciphertexts
1011101
1100101
0111000

XOR of plaintexts (which of course match)
0001011
0110011
0111000

But what advantage exactly this information gives an attacker? What can he do with the XOR of the two plain texts?

like image 654
good_evening Avatar asked Mar 23 '23 05:03

good_evening

2 Answers

I guess there will be a lot of other answers, but you can do the following - try guessing that a known word is in either text at a given position and xor that position with the word. If the value looks reasonable (statistically looks like the plaintext you're interested in), then you know part of both plaintexts.

Let's say you have the following xor of plaintexts (or ciphertexts, it's the same for the situation described in the question where ciphertext == plaintext xor OTP):

"\x10\x00\x1f\x17E\x0c\x00H\r\x1dR\x06\x0bK\x0c\x0e\x03\x1aE\x01\rR\x1a\x1a\x06P\x04\x00RE"

now you try to match words from a dictionary and find that if you xor this string with "correct" at position 1, you get:

some ot

Ok, so your plaintexts are most likely:

correct.....
some ot.....

Now try to xor words starting with "ot..." with the xor and find out that for "other" you get (along with known beginning):

correct ho

So your plaintexts are:

correct ho....
some other....

etc. Continue this way and you can recover both complete strings. For plaintexts that are not English words this will be harder of course, but still possible. And you don't need to know the OTP contents at any point.

like image 146
viraptor Avatar answered Apr 06 '23 12:04

viraptor

The xor of two plaintexts is very useful for an attacker. Just as an example, space characters (ascii 32) when xored with alphabetic characters, just change their case. So if one plaintext has lots of spaces in it, you can just read off the other plaintext by inverting the case.

like image 35
Keith Randall Avatar answered Apr 06 '23 11:04

Keith Randall
Sign in to Comment

Related questions

Finding out if a binary file has been compiled with stack smashing protection
how to prevent corruption in concurrent lifo stack implemented with atomic compare and swap
number followed by capital L
atexit considered harmful?
Indefinite for loop not working in C
Different cache miss count for a same program between multiple runs
K&R Exercise 1-16 clang - conflicting types for getline
cython segmentation fault handling
Whats the appropriate place to define a lookup table?
How to wrap a C++ class in a C based dll or a CLI based dll?
why gdb show wrong variable value? [duplicate]
How to clear input buffer after fgets overflow?
Can i use pointer in scanf to take input in an array?
Is This "Type Punning" Well-Defined?
Socket Programming in C(Client Server Example)
C Array loop through
Valgrind Address is on Thread's 1 stack
How to identify a specific socket between User Space and Kernel Space?
Header for scanf_s function
fgets doesn't wait for the keyboard input

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!