[Cryptoanalysis] Howto find the password out of several XOR encrypted Hex-Values?

Hi there,

I am pretty unsure if it might be possible to find the password out of several Hex-Values which are XOR encrypted all with the same password?

For example these are some HEX values all XOR encrypted with the same HEX password which has exactly the same length as these values:



Has any-one around here an idea how to solve that problem?

Cheers,
Karl-Uwe

See this
You start by xor-ing two messages together.
The result is two messages xor-ed together, WITHOUT the key.

Thanks salem,

now I see that it would be impossible to get the key, because the same key XOR enciphers every-time a random string - or the other way round the same text would be XOR enciphered with a random key. No way to break that.

Cheers,
Karl-Uwe

Don't give up !...

This is impossible because x-or operation considers one way operation. and all the encryption algorithms depends upon this operation .if it was possible it will be easy to break any algorithm

Thanks a lot debaj,

that's exactly what I hoped to hear.

The above mentioned HEX values have been generated with my new Encryption Algorithm (SEA1m5) and it should be nearly impossible to find the keyword out of them.

Cheers,
Karl-Uwe

Hi,
if you know anything about the plain text in the string then you can use Didier Stevens XORSearch. Nice tool if you have a clue about what the plain text contains. Guess i can be used to brute-force to with creative FOR loops.

hxxp://blog.didierstevens.com/programs/xorsearch/

/Codepoint

Thanks for the link Codepoint, I probably will give it a shot ( but need to setup a Linux PC first )

Currently I am using CrypTool which offers a whole bunch of features.

Cheers,
Karl-Uwe

No need for Linux, this is a Win32 tool. And if are used to GNU tools like grep, strings, xxd etc then GnuWin has compiled all tools for Win32 and Win64 platform.

/Codepoint

Well I don't use Windows only Mac and will not compile any unkown source on my machine so need to setup an old laptop with Linux first

For the Win users this might be of interest perhaps
https://sites.google.com/site/cryptocrackprogram/

Cheers,
Karl-Uwe

P.S.: running CrypTool in a VM on my Mac with a rudimentary Win install, but will not compile any unknown source in the VM either

I'm no crypto analyst, but I found this interesting. I asumed that a password must be combinations that can be written directly form the keyboard (limiting the options).

I then took a large password cracking wordlist and looped trough the list with XORSearch. Like this:
for /f %i in (dict.txt) do xorsearch.exe koded.txt %i

to filter the output i used grep regexp'ing for text and numbers

| grep -E [a-zA-z0-9]{9}

The xor hex values in the 0x40 to 0x45 looked like good candidates. The only value that XOR to printable output is 0x40. So my guess would be that 0x40 is the key. The passwords would then be:

!p#yq%!"t&xx#vtttsssqq&xx"wssvuu#s$psqtx#ru"swuqrsutu$x&"s&%w%#w
"xxu&s#"x&uryvwpptp&s%v"qu!&!xt!q!xu!#%ps"qpx$s"tqp"#qwwtwsur"#s
ww$qtw&$&rvstwq&$&"wuv#tsv#q"xvyqq$%p!q$vxxyyw#&#!"#u&v$st!v%ptu
tvt#upv!vx"ws&tppt%uus"rqu#tq#!y%#tu#qrpp#tpwr%%ytpuyv%vwvp#rppw
xvp!r&vqypvsyypvvs$s&#qu$qty%v"!%#trs&tp$v$$v$u#wqt!%sws#%%puyxu
qxx#qwrp#!##stq#$!yvtr&%%#&"pu$xy!&r&%p%u%t"&uvp&q"xu%%#v!u"yy%x

Is this correct?

/Codepoint