In the RSA DES challenges, how did the contestants know they had found the right key considering they weren't...











up vote
2
down vote

favorite












If the contestants were given both the plaintext and ciphertext, it's straightforward. Just bruteforce all 56-bit keys until you find one that maps the given plaintext to the given ciphertext.



But from what I understand, the contestants were given only the ciphertext and the initialization vector. I'm confused as to how they cracked the challenge without any plaintext.



What I imagine they did was:




  1. Ok, we know the plaintext is less than or equal to the size of the ciphertext.

  2. Calculate all possible plaintext from 1 bit up to the bit size of the ciphertext.

  3. Calculate all possible 56-bit keys.

  4. Run each plaintext through all 56-bit keys until they found a mapping.


But this doesn't make sense given the sheer size of the possibilities.



So since they weren't given any plaintext, how did they know they'd found the right plaintext/key combination?










share|improve this question







New contributor




Bastien is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
























    up vote
    2
    down vote

    favorite












    If the contestants were given both the plaintext and ciphertext, it's straightforward. Just bruteforce all 56-bit keys until you find one that maps the given plaintext to the given ciphertext.



    But from what I understand, the contestants were given only the ciphertext and the initialization vector. I'm confused as to how they cracked the challenge without any plaintext.



    What I imagine they did was:




    1. Ok, we know the plaintext is less than or equal to the size of the ciphertext.

    2. Calculate all possible plaintext from 1 bit up to the bit size of the ciphertext.

    3. Calculate all possible 56-bit keys.

    4. Run each plaintext through all 56-bit keys until they found a mapping.


    But this doesn't make sense given the sheer size of the possibilities.



    So since they weren't given any plaintext, how did they know they'd found the right plaintext/key combination?










    share|improve this question







    New contributor




    Bastien is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.






















      up vote
      2
      down vote

      favorite









      up vote
      2
      down vote

      favorite











      If the contestants were given both the plaintext and ciphertext, it's straightforward. Just bruteforce all 56-bit keys until you find one that maps the given plaintext to the given ciphertext.



      But from what I understand, the contestants were given only the ciphertext and the initialization vector. I'm confused as to how they cracked the challenge without any plaintext.



      What I imagine they did was:




      1. Ok, we know the plaintext is less than or equal to the size of the ciphertext.

      2. Calculate all possible plaintext from 1 bit up to the bit size of the ciphertext.

      3. Calculate all possible 56-bit keys.

      4. Run each plaintext through all 56-bit keys until they found a mapping.


      But this doesn't make sense given the sheer size of the possibilities.



      So since they weren't given any plaintext, how did they know they'd found the right plaintext/key combination?










      share|improve this question







      New contributor




      Bastien is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      If the contestants were given both the plaintext and ciphertext, it's straightforward. Just bruteforce all 56-bit keys until you find one that maps the given plaintext to the given ciphertext.



      But from what I understand, the contestants were given only the ciphertext and the initialization vector. I'm confused as to how they cracked the challenge without any plaintext.



      What I imagine they did was:




      1. Ok, we know the plaintext is less than or equal to the size of the ciphertext.

      2. Calculate all possible plaintext from 1 bit up to the bit size of the ciphertext.

      3. Calculate all possible 56-bit keys.

      4. Run each plaintext through all 56-bit keys until they found a mapping.


      But this doesn't make sense given the sheer size of the possibilities.



      So since they weren't given any plaintext, how did they know they'd found the right plaintext/key combination?







      rsa des brute-force-attack






      share|improve this question







      New contributor




      Bastien is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question







      New contributor




      Bastien is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question






      New contributor




      Bastien is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 18 hours ago









      Bastien

      212




      212




      New contributor




      Bastien is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      Bastien is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      Bastien is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          1 Answer
          1






          active

          oldest

          votes

















          up vote
          5
          down vote













          One can still access the challenge rules from the archive.org




          Each contest is based on a specified cipher. A brief piece of printable ASCII text (containing byte values in hexadecimal notation from 0x20 to 0x7e) will be appended to the fixed 24-character string "The unknown message is:". The result will be padded and then encrypted with the associated cipher under a randomly-generated key.




          The message is also padded by PKCS#5 padding. Thus, the attacker has three options to test their results;




          1. Check the beginning of the message; it must start with "The unknown message is:"

          2. A valid PKCS#5 padding at he the end.

          3. And, one general rule when only ciphertexts are given; one can check the result is valid (English) language. For this, one block may not be enough, since there are many valid words in the 64-bit block. One block will result in many keys. To narrow the keys, additional ciphertexts are required. This approach can be work even 1. and 2. cases are not known. For this specific challenge the range of the characters given between 0x20 and 0x7e, i.e. between and ~




          distributed.net found this message in DES Challenge II-1;





          • The secret message is: Many hands make light work.




          Note : It is interesting that the Wikipedia says; The secret message is: where the source is lists.distributed.net, however, the RSA archives says The unknown message is:.






          share|improve this answer























            Your Answer





            StackExchange.ifUsing("editor", function () {
            return StackExchange.using("mathjaxEditing", function () {
            StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix) {
            StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["$", "$"], ["\\(","\\)"]]);
            });
            });
            }, "mathjax-editing");

            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "281"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            convertImagesToLinks: false,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            noCode: true, onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });






            Bastien is a new contributor. Be nice, and check out our Code of Conduct.










            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f64863%2fin-the-rsa-des-challenges-how-did-the-contestants-know-they-had-found-the-right%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            5
            down vote













            One can still access the challenge rules from the archive.org




            Each contest is based on a specified cipher. A brief piece of printable ASCII text (containing byte values in hexadecimal notation from 0x20 to 0x7e) will be appended to the fixed 24-character string "The unknown message is:". The result will be padded and then encrypted with the associated cipher under a randomly-generated key.




            The message is also padded by PKCS#5 padding. Thus, the attacker has three options to test their results;




            1. Check the beginning of the message; it must start with "The unknown message is:"

            2. A valid PKCS#5 padding at he the end.

            3. And, one general rule when only ciphertexts are given; one can check the result is valid (English) language. For this, one block may not be enough, since there are many valid words in the 64-bit block. One block will result in many keys. To narrow the keys, additional ciphertexts are required. This approach can be work even 1. and 2. cases are not known. For this specific challenge the range of the characters given between 0x20 and 0x7e, i.e. between and ~




            distributed.net found this message in DES Challenge II-1;





            • The secret message is: Many hands make light work.




            Note : It is interesting that the Wikipedia says; The secret message is: where the source is lists.distributed.net, however, the RSA archives says The unknown message is:.






            share|improve this answer



























              up vote
              5
              down vote













              One can still access the challenge rules from the archive.org




              Each contest is based on a specified cipher. A brief piece of printable ASCII text (containing byte values in hexadecimal notation from 0x20 to 0x7e) will be appended to the fixed 24-character string "The unknown message is:". The result will be padded and then encrypted with the associated cipher under a randomly-generated key.




              The message is also padded by PKCS#5 padding. Thus, the attacker has three options to test their results;




              1. Check the beginning of the message; it must start with "The unknown message is:"

              2. A valid PKCS#5 padding at he the end.

              3. And, one general rule when only ciphertexts are given; one can check the result is valid (English) language. For this, one block may not be enough, since there are many valid words in the 64-bit block. One block will result in many keys. To narrow the keys, additional ciphertexts are required. This approach can be work even 1. and 2. cases are not known. For this specific challenge the range of the characters given between 0x20 and 0x7e, i.e. between and ~




              distributed.net found this message in DES Challenge II-1;





              • The secret message is: Many hands make light work.




              Note : It is interesting that the Wikipedia says; The secret message is: where the source is lists.distributed.net, however, the RSA archives says The unknown message is:.






              share|improve this answer

























                up vote
                5
                down vote










                up vote
                5
                down vote









                One can still access the challenge rules from the archive.org




                Each contest is based on a specified cipher. A brief piece of printable ASCII text (containing byte values in hexadecimal notation from 0x20 to 0x7e) will be appended to the fixed 24-character string "The unknown message is:". The result will be padded and then encrypted with the associated cipher under a randomly-generated key.




                The message is also padded by PKCS#5 padding. Thus, the attacker has three options to test their results;




                1. Check the beginning of the message; it must start with "The unknown message is:"

                2. A valid PKCS#5 padding at he the end.

                3. And, one general rule when only ciphertexts are given; one can check the result is valid (English) language. For this, one block may not be enough, since there are many valid words in the 64-bit block. One block will result in many keys. To narrow the keys, additional ciphertexts are required. This approach can be work even 1. and 2. cases are not known. For this specific challenge the range of the characters given between 0x20 and 0x7e, i.e. between and ~




                distributed.net found this message in DES Challenge II-1;





                • The secret message is: Many hands make light work.




                Note : It is interesting that the Wikipedia says; The secret message is: where the source is lists.distributed.net, however, the RSA archives says The unknown message is:.






                share|improve this answer














                One can still access the challenge rules from the archive.org




                Each contest is based on a specified cipher. A brief piece of printable ASCII text (containing byte values in hexadecimal notation from 0x20 to 0x7e) will be appended to the fixed 24-character string "The unknown message is:". The result will be padded and then encrypted with the associated cipher under a randomly-generated key.




                The message is also padded by PKCS#5 padding. Thus, the attacker has three options to test their results;




                1. Check the beginning of the message; it must start with "The unknown message is:"

                2. A valid PKCS#5 padding at he the end.

                3. And, one general rule when only ciphertexts are given; one can check the result is valid (English) language. For this, one block may not be enough, since there are many valid words in the 64-bit block. One block will result in many keys. To narrow the keys, additional ciphertexts are required. This approach can be work even 1. and 2. cases are not known. For this specific challenge the range of the characters given between 0x20 and 0x7e, i.e. between and ~




                distributed.net found this message in DES Challenge II-1;





                • The secret message is: Many hands make light work.




                Note : It is interesting that the Wikipedia says; The secret message is: where the source is lists.distributed.net, however, the RSA archives says The unknown message is:.







                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited 8 hours ago

























                answered 16 hours ago









                kelalaka

                4,73121837




                4,73121837






















                    Bastien is a new contributor. Be nice, and check out our Code of Conduct.










                    draft saved

                    draft discarded


















                    Bastien is a new contributor. Be nice, and check out our Code of Conduct.













                    Bastien is a new contributor. Be nice, and check out our Code of Conduct.












                    Bastien is a new contributor. Be nice, and check out our Code of Conduct.
















                    Thanks for contributing an answer to Cryptography Stack Exchange!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    Use MathJax to format equations. MathJax reference.


                    To learn more, see our tips on writing great answers.





                    Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                    Please pay close attention to the following guidance:


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f64863%2fin-the-rsa-des-challenges-how-did-the-contestants-know-they-had-found-the-right%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    Plaza Victoria

                    Puebla de Zaragoza

                    Musa