#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2011
    Posts
    51
    Rep Power
    56

    [Cryptoanalysis] Howto find the password out of several XOR encrypted Hex-Values?


    Hi there,

    I am pretty unsure if it might be possible to find the password out of several Hex-Values which are XOR encrypted all with the same password?

    For example these are some HEX values all XOR encrypted with the same HEX password which has exactly the same length as these values:

    Code:
    a0c91eab4f88c644433311f88b733655c3d03148c25b375123545d8fb3fe7ec7
    
    b885f3cb8f529670040f3e6b15afa84a1a85ace03b108d3b410bc17747352bc3
    
    77d147fdf263471fdfb756c436c1b86911de0a1d688997cfcabc5f6d34a6e045
    
    464c506a68b73f4004e553b215c41ca9ec45c1200c4072ee940596e6760c2007
    
    860a2f619063990663d3fc15d149e6baec423f40d6dd6d5c714ae373cee05985
    
    188c1720cacc341cda9642feecfb05d89af2fe0e5e4bf560f1b85eec6a5b99e8
    
    c3c9271bcd0a295276f9fd1bca172c4be45d3bdfc437992cfdd4a6914d03bdfa
    Has any-one around here an idea how to solve that problem?

    Cheers,
    Karl-Uwe
  2. #2
  3. Contributed User
    Devshed Specialist (4000 - 4499 posts)

    Join Date
    Jun 2005
    Posts
    4,376
    Rep Power
    1871
    See this
    You start by xor-ing two messages together.
    The result is two messages xor-ed together, WITHOUT the key.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2011
    Posts
    51
    Rep Power
    56
    Thanks salem,

    now I see that it would be impossible to get the key, because the same key XOR enciphers every-time a random string - or the other way round the same text would be XOR enciphered with a random key. No way to break that.

    Cheers,
    Karl-Uwe
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2011
    Posts
    313
    Rep Power
    0
    Originally Posted by Karl-Uwe Frank
    ... No way to break that. ...
    Don't give up !...
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2009
    Posts
    9
    Rep Power
    0

    X-or operation


    This is impossible because x-or operation considers one way operation. and all the encryption algorithms depends upon this operation .if it was possible it will be easy to break any algorithm
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2011
    Posts
    51
    Rep Power
    56
    Thanks a lot debaj,

    that's exactly what I hoped to hear.

    The above mentioned HEX values have been generated with my new Encryption Algorithm (SEA1m5) and it should be nearly impossible to find the keyword out of them.

    Cheers,
    Karl-Uwe
  12. #7
  13. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2011
    Posts
    5
    Rep Power
    0

    Tools for finding XOR key


    Hi,
    if you know anything about the plain text in the string then you can use Didier Stevens XORSearch. Nice tool if you have a clue about what the plain text contains. Guess i can be used to brute-force to with creative FOR loops.

    hxxp://blog.didierstevens.com/programs/xorsearch/

    /Codepoint
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2011
    Posts
    51
    Rep Power
    56
    Thanks for the link Codepoint, I probably will give it a shot ( but need to setup a Linux PC first )

    Currently I am using CrypTool which offers a whole bunch of features.

    Cheers,
    Karl-Uwe
  16. #9
  17. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2011
    Posts
    5
    Rep Power
    0
    Originally Posted by Karl-Uwe Frank
    ( but need to setup a Linux PC first )
    No need for Linux, this is a Win32 tool. And if are used to GNU tools like grep, strings, xxd etc then GnuWin has compiled all tools for Win32 and Win64 platform.

    /Codepoint
  18. #10
  19. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2011
    Posts
    51
    Rep Power
    56
    Originally Posted by Codepoint
    No need for Linux, this is a Win32 tool.
    Well I don't use Windows only Mac and will not compile any unkown source on my machine so need to setup an old laptop with Linux first

    For the Win users this might be of interest perhaps
    https://sites.google.com/site/cryptocrackprogram/

    Cheers,
    Karl-Uwe

    P.S.: running CrypTool in a VM on my Mac with a rudimentary Win install, but will not compile any unknown source in the VM either
  20. #11
  21. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2011
    Posts
    5
    Rep Power
    0
    I'm no crypto analyst, but I found this interesting. I asumed that a password must be combinations that can be written directly form the keyboard (limiting the options).

    I then took a large password cracking wordlist and looped trough the list with XORSearch. Like this:
    for /f %i in (dict.txt) do xorsearch.exe koded.txt %i

    to filter the output i used grep regexp'ing for text and numbers

    | grep -E [a-zA-z0-9]{9}

    The xor hex values in the 0x40 to 0x45 looked like good candidates. The only value that XOR to printable output is 0x40. So my guess would be that 0x40 is the key. The passwords would then be:

    !p#yq%!"t&xx#vtttsssqq&xx"wssvuu#s$psqtx#ru"swuqrsutu$x&"s&%w%#w
    "xxu&s#"x&uryvwpptp&s%v"qu!&!xt!q!xu!#%ps"qpx$s"tqp"#qwwtwsur"#s
    ww$qtw&$&rvstwq&$&"wuv#tsv#q"xvyqq$%p!q$vxxyyw#&#!"#u&v$st!v%ptu
    tvt#upv!vx"ws&tppt%uus"rqu#tq#!y%#tu#qrpp#tpwr%%ytpuyv%vwvp#rppw
    xvp!r&vqypvsyypvvs$s&#qu$qty%v"!%#trs&tp$v$$v$u#wqt!%sws#%%puyxu
    qxx#qwrp#!##stq#$!yvtr&%%#&"pu$xy!&r&%p%u%t"&uvp&q"xu%%#v!u"yy%x

    Is this correct?

    /Codepoint

IMN logo majestic logo threadwatch logo seochat tools logo