1 2 Previous Next 16 Replies Latest reply: Nov 2, 2011 7:41 PM by 896806

# Ciphertext -> ECB

Edited by: 893803 on Oct 30, 2011 5:19 PM
• ###### 1. Re: Ciphertext -> ECB
I wonder if anyone could give me some guide - Given a cipher text which has been encrypted twice with DES, i.e a particular key K was used to encrypt the plaintext and then used again to encrypt the result. And also given five bytes of the eight-byte key. I want to find out - How we can find the full key and the plaintext? (Using mode ECB)
Do you mean DES or Triple DES? Since you mention an 8 byte key I assume it is DES. If you do two DES operations with the same key you have actually decrypted the cipher text with the second encrypt. You could try and brute force the key with 16,777,216 DES operations. My laptop does around 3.5M DES operations a second on 16 bytes according to openssl so you can see this probably wouldn't take you long. You would need to know what the plain text was but in your case you described you already have it.

Cheers,
Shane
• ###### 2. Re: Ciphertext -> ECB
safarmer wrote:
I wonder if anyone could give me some guide - Given a cipher text which has been encrypted twice with DES, i.e a particular key K was used to encrypt the plaintext and then used again to encrypt the result. And also given five bytes of the eight-byte key. I want to find out - How we can find the full key and the plaintext? (Using mode ECB)
Do you mean DES or Triple DES? Since you mention an 8 byte key I assume it is DES. If you do two DES operations with the same key you have actually decrypted the cipher text with the second encrypt. You could try and brute force the key with 16,777,216 DES operations.
Assuming that an 8 byte key is being used then since DES uses the least significant bit of each byte of the key as a parity bit then one only needs 2^21 tries at decrypting. i.e. about 2,000,000 possibilities.

A quick check on my desktop computer running Ubuntu 11.04 and JDK1.6; for one block of ciphertext this takes about 80 seconds. If one is looking for the magic number (see my comment below) then dealing with just one block of 8 bytes should be enough.
My laptop does around 3.5M DES operations a second on 16 bytes according to openssl so you can see this probably wouldn't take you long. You would need to know what the plain text was but in your case you described you already have it.
One probably only needs to be able to recognise that the decrypt is correct. If the original cleartext is known to be text then there it should be easy to recognise it. Many file formats have magic numbers at the start so if the encrypted data is known to be a file of a particular type then one just needs to know any associated magic number.

>
Cheers,
Shane
• ###### 3. Re: Ciphertext -> ECB
Edited by: 893803 on Oct 30, 2011 5:50 AM

Edited by: 893803 on Oct 30, 2011 5:51 AM

Edited by: 893803 on Oct 30, 2011 5:20 PM
• ###### 4. Re: Ciphertext -> ECB
893803 wrote:
No it is not Triple DES but DES using the ECB mode....

For example if we been given:
Ciphertext: e97e340b0f8f30f2ea08c532b0963de80385f904c89303fe
Partial Key: 7b80a3d58e******

And the cipher text has been encrypted twice with DES - Then How we can find out the full key? Also the plaintext?
Do we need to write a code for this or any software that we can use etc?
Any suggestion?
This sounds like a homework assignment and you seem to be waiting for someone to do it for you. This won't happen so start going through your notes and then start coding. It is almost trivial if one has enough a priori information about the clear-text. Without any a priori information regarding the clear-text you are pretty much stuffed since all decrypted values are valid.
• ###### 5. Re: Ciphertext -> ECB
Thanks for your feedback - I am not asking for an answer but I am asking How I am going to approach this problem.

I am new about DES / ECB and a little guide to start with would be appreciate. As I don't understand what I need to do and where to start with.

You said start with coding, but if coding isn't my best strength then what other option I can approach?

Thanks.
• ###### 6. Re: Ciphertext -> ECB
893803 wrote:
Thanks for your feedback - I am not asking for an answer but I am asking How I am going to approach this problem.
Write a program that for each possible key value decrypt the ciphertext and then checks the resulting cleartext to see if it matches what you know about the cleartext. If you know nothing then you are stuffed.

>
I am new about DES / ECB and a little guide to start with would be appreciate. As I don't understand what I need to do and where to start with.

You said start with coding, but if coding isn't my best strength then what other option I can approach?
Hire someone.
• ###### 7. Re: Ciphertext -> ECB

I thought this forum is for people who can share their knowledge and assist someone. I guess it is not.
Thanks again.

Edited by: 893803 on Oct 30, 2011 6:47 AM
• ###### 8. Re: Ciphertext -> ECB
893803 wrote:

I thought this forum is for people who can share their knowledge and assist someone. I guess it is not.
I have shared my knowledge which should assist you! I explained how you might go about this task. You write a program! It's not a big program and there are dozens of examples on the net. You imply you lack the experience to tackle this so why not hire someone. If it is not homework then I'm sure your employer will pay for someone competent.
• ###### 9. Re: Ciphertext -> ECB
Thanks, well I have seen some program online but it did not give what exactly I wanted.

As you might notice the key is only 10 instead of 16 - so I have to find the rest of them which I don't know How? Any idea How I can find the full key for a start, as I think once I know the key then I can use DESCalc to decrypt the cipher text.

Thanks.
• ###### 10. Re: Ciphertext -> ECB
893803 wrote:
Thanks, well I have seen some program online but it did not give what exactly I wanted.

As you might notice the key is only 10 instead of 16 - so I have to find the rest of them which I don't know How?
I understood all that. I have explained how. I will spell it out.

You brute force it! In other words you try every valid value for the remaining 3 bytes of the key. Now since each byte of the DES key uses the least significant bit of the byte as parity bit then you only have to worry about the remaining 7 bits. So for each key byte you are missing there are 2^7 = 128 possible values which gives a total of 2^21 (just over 2,000,000) possible values to check. You therefore need three nested loops, one for each byte you are missing, and you build the full 8 bytes of the key from the 5 fixed byte values and the 3 loop values and then use that key to decrypt the ciphertext.

For each decrypt you compare the result against information you know about the cleartext. For example, the cleartext may just be ASCII characters or it may be padded with zeros or some other character. Every time you find a decrypt that qualifies according to the information know about the cleartext you record the values. You then examine the (key,cleartext) pairs you have recorded and try to decide which one is correct.

If you have no information about the cleartext then you are stuffed since ALL decrypt values could be valid. You must know something about the cleartext.
Any idea How I can find the full key for a start, as I think once I know the key then I can use DESCalc to decrypt the cipher text.
You will obtain the cleartext and key as one of the pairs so you don't need DESCalc - you just need to write a very short program that will take about 90 seconds to go through the 2,000,000 possible key values.

I can't stress enough the need for knowing something about the ciphertext before you start. Without this information you will most likely be unable to automate the checks and you really don't want to be manually looking at 2,000,000 (key,cleartext) pairs.
• ###### 11. Re: Ciphertext -> ECB
Thanks again for your kind explanation - You said I need to brute force the cipher text. But How I can do that If i do not have enough key? If I do the guessing trail and error it will take me hours?

And I do not have the clear text - All I have been given is the cipher text and incomplete key.
By the way, can you please recommend me any online code sources etc that you think might give me some idea about this issues?
• ###### 12. Re: Ciphertext -> ECB
893803 wrote:
Thanks again for your kind explanation - You said I need to brute force the cipher text. But How I can do that If i do not have enough key? If I do the guessing trail and error it will take me hours?
I explained exactly how to do the brute force in the second paragraph of my previous reply.

>
And I do not have the clear text - All I have been given is the cipher text and incomplete key.
Then you are stuffed! You must have some way to decide whether or not the cleartext generated using a particular key is the desired clear text. Without this anything is valid!
By the way, can you please recommend me any online code sources etc that you think might give me some idea about this issues?
You cannot expect to find source to do exactly what you want; the code has to be written. You won't like this but based on your responses in this thread you don't have the aptitude to handle this project. You must hire a competent engineer to write the code but YOU must provide him with information that will allow him to recognise the cleartext.

Bye
• ###### 13. Re: Ciphertext -> ECB
You said I need to brute force the cipher text. But How I can do that If i do not have enough key? If I do the guessing trail and error it will take me hours?
Guessing every possible answer is brute force.
And I do not have the clear text - All I have been given is the cipher text and incomplete key.
You need to try each possibility.

Also, my statement about encrypting twice resulting in the clear text is only true for certain keys that result in the same subkeys internally in the cipher (implementation detail that is not important).

Cheers,
Shane
• ###### 14. Re: Ciphertext -> ECB
Thanks for you guys input.

I will try to do it in spreadsheet see if it will work. So first thing I need to do is covert the partial key into binary? or can I use it as is. As I see some of online material on here: http://orlingrabbe.com/des.htm

Thanks.
1 2 Previous Next