Decrypt cipher texts encypted with the same one time pad key

  • I have two pieces of ciphertext encrypted with a stream cipher using the same key.

    How do I recover the plaintext of both ciphertext messages without knowing the key used?

    Start over: Do you [A] have two messages THAT ARE encrypted - and thus, two cipher texts? Or do you [B] have two messages AND two cipher texts? In cast it's [B], why are the two messages relevant?

    @medivh, obviously, I have two messages THAT ARE encrypted with only one one time time pad key. And I want decode these two -- get plain texts from them.

    And if I understand correctly, you have the encryption key, too? EDIT: That is to say, the "one stream cipher key" you mention is the one time pad that was used?

    @medivh look at my update.

    Stream ciphers and one-time-pads are mutually exclusive. One time pads are not used in real-life anymore, so it is highly unlikely that one is used here.

    "One Time Pads are not used in real life any more" eh, the messages might have been encrypted in WW2, we don't know yet. Also: I don't think you're right actually. I can't believe that we've *entirely* abandoned the only truly unbreakable encryption.

  • user10211

    user10211 Correct answer

    8 years ago

    If the two encrypted messages are using the same stream cipher and the same key,

    C1 xor C2 results in M1 xor M2 where C1 and C2 are the respective ciphertext and M1 and M2 are the corresponding plaintext.

    You can then recover the plaintext using a technique known as crib dragging. You take a common word or phrase that may appear in the plaintext (such as " the ") and xor that against the result of M1 xor M2. If one of the plaintexts had the text of the crib (" the " in our example), then the result of the xor is what the other plaintext had in that position. If neither plaintext contains the text of the crib, it is very likely that the result of the xor is just gibberish.

    You just continue this technique until you recover enough of the plaintext to intelligently fill out the rest.

    He HAS the Onetime Pad - he doesn't even have to mess with XOR. That's why I asked so many questions of the (Initially unclear) first post. EDIT: Never mind, he doesn't have the OTP. Disregard this comment while I go cry in my cave.

    does it work if the messages have different lengths?

    @MariusKavansky You can only recover as much of the key as the length of the shorter message.

    What if we have no knowledge of what any of the plaintexts had?

License under CC-BY-SA with attribution


Content dated before 7/24/2021 11:53 AM