In the RSA DES challenges, how did the contestants know they had found the right key considering they weren't...
up vote
2
down vote
favorite
If the contestants were given both the plaintext and ciphertext, it's straightforward. Just bruteforce all 56-bit keys until you find one that maps the given plaintext to the given ciphertext.
But from what I understand, the contestants were given only the ciphertext and the initialization vector. I'm confused as to how they cracked the challenge without any plaintext.
What I imagine they did was:
- Ok, we know the plaintext is less than or equal to the size of the ciphertext.
- Calculate all possible plaintext from 1 bit up to the bit size of the ciphertext.
- Calculate all possible 56-bit keys.
- Run each plaintext through all 56-bit keys until they found a mapping.
But this doesn't make sense given the sheer size of the possibilities.
So since they weren't given any plaintext, how did they know they'd found the right plaintext/key combination?
rsa des brute-force-attack
New contributor
add a comment |
up vote
2
down vote
favorite
If the contestants were given both the plaintext and ciphertext, it's straightforward. Just bruteforce all 56-bit keys until you find one that maps the given plaintext to the given ciphertext.
But from what I understand, the contestants were given only the ciphertext and the initialization vector. I'm confused as to how they cracked the challenge without any plaintext.
What I imagine they did was:
- Ok, we know the plaintext is less than or equal to the size of the ciphertext.
- Calculate all possible plaintext from 1 bit up to the bit size of the ciphertext.
- Calculate all possible 56-bit keys.
- Run each plaintext through all 56-bit keys until they found a mapping.
But this doesn't make sense given the sheer size of the possibilities.
So since they weren't given any plaintext, how did they know they'd found the right plaintext/key combination?
rsa des brute-force-attack
New contributor
add a comment |
up vote
2
down vote
favorite
up vote
2
down vote
favorite
If the contestants were given both the plaintext and ciphertext, it's straightforward. Just bruteforce all 56-bit keys until you find one that maps the given plaintext to the given ciphertext.
But from what I understand, the contestants were given only the ciphertext and the initialization vector. I'm confused as to how they cracked the challenge without any plaintext.
What I imagine they did was:
- Ok, we know the plaintext is less than or equal to the size of the ciphertext.
- Calculate all possible plaintext from 1 bit up to the bit size of the ciphertext.
- Calculate all possible 56-bit keys.
- Run each plaintext through all 56-bit keys until they found a mapping.
But this doesn't make sense given the sheer size of the possibilities.
So since they weren't given any plaintext, how did they know they'd found the right plaintext/key combination?
rsa des brute-force-attack
New contributor
If the contestants were given both the plaintext and ciphertext, it's straightforward. Just bruteforce all 56-bit keys until you find one that maps the given plaintext to the given ciphertext.
But from what I understand, the contestants were given only the ciphertext and the initialization vector. I'm confused as to how they cracked the challenge without any plaintext.
What I imagine they did was:
- Ok, we know the plaintext is less than or equal to the size of the ciphertext.
- Calculate all possible plaintext from 1 bit up to the bit size of the ciphertext.
- Calculate all possible 56-bit keys.
- Run each plaintext through all 56-bit keys until they found a mapping.
But this doesn't make sense given the sheer size of the possibilities.
So since they weren't given any plaintext, how did they know they'd found the right plaintext/key combination?
rsa des brute-force-attack
rsa des brute-force-attack
New contributor
New contributor
New contributor
asked 18 hours ago
Bastien
212
212
New contributor
New contributor
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
5
down vote
One can still access the challenge rules from the archive.org
Each contest is based on a specified cipher. A brief piece of printable ASCII text (containing byte values in hexadecimal notation from 0x20 to 0x7e) will be appended to the fixed 24-character string "The unknown message is:". The result will be padded and then encrypted with the associated cipher under a randomly-generated key.
The message is also padded by PKCS#5 padding. Thus, the attacker has three options to test their results;
- Check the beginning of the message; it must start with "The unknown message is:"
- A valid PKCS#5 padding at he the end.
- And, one general rule when only ciphertexts are given; one can check the result is valid (English) language. For this, one block may not be enough, since there are many valid words in the 64-bit block. One block will result in many keys. To narrow the keys, additional ciphertexts are required. This approach can be work even 1. and 2. cases are not known. For this specific challenge the range of the characters given between
0x20
and0x7e
, i.e. betweenand
~
distributed.net found this message in DES Challenge II-1;
The secret message is: Many hands make light work.
Note : It is interesting that the Wikipedia says; The secret message is:
where the source is lists.distributed.net, however, the RSA archives says The unknown message is:
.
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
return StackExchange.using("mathjaxEditing", function () {
StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix) {
StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["$", "$"], ["\\(","\\)"]]);
});
});
}, "mathjax-editing");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "281"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Bastien is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f64863%2fin-the-rsa-des-challenges-how-did-the-contestants-know-they-had-found-the-right%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
5
down vote
One can still access the challenge rules from the archive.org
Each contest is based on a specified cipher. A brief piece of printable ASCII text (containing byte values in hexadecimal notation from 0x20 to 0x7e) will be appended to the fixed 24-character string "The unknown message is:". The result will be padded and then encrypted with the associated cipher under a randomly-generated key.
The message is also padded by PKCS#5 padding. Thus, the attacker has three options to test their results;
- Check the beginning of the message; it must start with "The unknown message is:"
- A valid PKCS#5 padding at he the end.
- And, one general rule when only ciphertexts are given; one can check the result is valid (English) language. For this, one block may not be enough, since there are many valid words in the 64-bit block. One block will result in many keys. To narrow the keys, additional ciphertexts are required. This approach can be work even 1. and 2. cases are not known. For this specific challenge the range of the characters given between
0x20
and0x7e
, i.e. betweenand
~
distributed.net found this message in DES Challenge II-1;
The secret message is: Many hands make light work.
Note : It is interesting that the Wikipedia says; The secret message is:
where the source is lists.distributed.net, however, the RSA archives says The unknown message is:
.
add a comment |
up vote
5
down vote
One can still access the challenge rules from the archive.org
Each contest is based on a specified cipher. A brief piece of printable ASCII text (containing byte values in hexadecimal notation from 0x20 to 0x7e) will be appended to the fixed 24-character string "The unknown message is:". The result will be padded and then encrypted with the associated cipher under a randomly-generated key.
The message is also padded by PKCS#5 padding. Thus, the attacker has three options to test their results;
- Check the beginning of the message; it must start with "The unknown message is:"
- A valid PKCS#5 padding at he the end.
- And, one general rule when only ciphertexts are given; one can check the result is valid (English) language. For this, one block may not be enough, since there are many valid words in the 64-bit block. One block will result in many keys. To narrow the keys, additional ciphertexts are required. This approach can be work even 1. and 2. cases are not known. For this specific challenge the range of the characters given between
0x20
and0x7e
, i.e. betweenand
~
distributed.net found this message in DES Challenge II-1;
The secret message is: Many hands make light work.
Note : It is interesting that the Wikipedia says; The secret message is:
where the source is lists.distributed.net, however, the RSA archives says The unknown message is:
.
add a comment |
up vote
5
down vote
up vote
5
down vote
One can still access the challenge rules from the archive.org
Each contest is based on a specified cipher. A brief piece of printable ASCII text (containing byte values in hexadecimal notation from 0x20 to 0x7e) will be appended to the fixed 24-character string "The unknown message is:". The result will be padded and then encrypted with the associated cipher under a randomly-generated key.
The message is also padded by PKCS#5 padding. Thus, the attacker has three options to test their results;
- Check the beginning of the message; it must start with "The unknown message is:"
- A valid PKCS#5 padding at he the end.
- And, one general rule when only ciphertexts are given; one can check the result is valid (English) language. For this, one block may not be enough, since there are many valid words in the 64-bit block. One block will result in many keys. To narrow the keys, additional ciphertexts are required. This approach can be work even 1. and 2. cases are not known. For this specific challenge the range of the characters given between
0x20
and0x7e
, i.e. betweenand
~
distributed.net found this message in DES Challenge II-1;
The secret message is: Many hands make light work.
Note : It is interesting that the Wikipedia says; The secret message is:
where the source is lists.distributed.net, however, the RSA archives says The unknown message is:
.
One can still access the challenge rules from the archive.org
Each contest is based on a specified cipher. A brief piece of printable ASCII text (containing byte values in hexadecimal notation from 0x20 to 0x7e) will be appended to the fixed 24-character string "The unknown message is:". The result will be padded and then encrypted with the associated cipher under a randomly-generated key.
The message is also padded by PKCS#5 padding. Thus, the attacker has three options to test their results;
- Check the beginning of the message; it must start with "The unknown message is:"
- A valid PKCS#5 padding at he the end.
- And, one general rule when only ciphertexts are given; one can check the result is valid (English) language. For this, one block may not be enough, since there are many valid words in the 64-bit block. One block will result in many keys. To narrow the keys, additional ciphertexts are required. This approach can be work even 1. and 2. cases are not known. For this specific challenge the range of the characters given between
0x20
and0x7e
, i.e. betweenand
~
distributed.net found this message in DES Challenge II-1;
The secret message is: Many hands make light work.
Note : It is interesting that the Wikipedia says; The secret message is:
where the source is lists.distributed.net, however, the RSA archives says The unknown message is:
.
edited 8 hours ago
answered 16 hours ago
kelalaka
4,73121837
4,73121837
add a comment |
add a comment |
Bastien is a new contributor. Be nice, and check out our Code of Conduct.
Bastien is a new contributor. Be nice, and check out our Code of Conduct.
Bastien is a new contributor. Be nice, and check out our Code of Conduct.
Bastien is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Cryptography Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
Use MathJax to format equations. MathJax reference.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f64863%2fin-the-rsa-des-challenges-how-did-the-contestants-know-they-had-found-the-right%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown