Kerberos Posted August 15, 2009 Share Posted August 15, 2009 I've been trying to find anything about a Known Plaintext Attack on DES for recovering a key, but all I've been able to find is one for Tripple DES. Does anyone know if DES is weak against a Known Plaintext Attack, and if so, can you point me to some info about how to do it? :) Quote Link to comment Share on other sites More sharing options...
Sparda Posted August 15, 2009 Share Posted August 15, 2009 Triple DES is DES encryption three times... that is to say, the plain text is encrypted with DES, the encrypted text is encrypted with DES again (using the same key) then then 'double' encrypted text is encrypted again. If triple DESis vulnerable to the attack of which you speed single DES must be as well... Quote Link to comment Share on other sites More sharing options...
Brian Sierakowski Posted August 15, 2009 Share Posted August 15, 2009 What is this 3DES plaintext attack you speak of? Perhaps we can reverse engineer it for DES. But actually, DES keys are only what, 56-bit? You could crack that pretty quickly. Quote Link to comment Share on other sites More sharing options...
Kerberos Posted August 16, 2009 Author Share Posted August 16, 2009 I guess it would be nice to explain what I'm trying to do first. My bad. I had an interesting, albeit most likely pointless idea for cracking LM hashes. Since there are obvious restrictions on the key used to encrypt the constant string and generate the final hash (or more accurately, half of the final hash), I thought that there might be a usable Known Plaintext Attack on DES that could be used to crack the key (or in the case of LM, the plaintext of the one half of the LM hash since it is used as the key) since the plaintext is a known constant. I realize that rainbow tables are probably more effective, but I was just curious as to whether or not this approach might yield a cracking time that might make it a nice mid-level method sitting between the memory requirements of rainbow tables and the time requirements of pure brute force cracking. So now that that's out of the way, something popped up today on google, but the information is a little technical for the amount of time that I've spent trying to understand it so far. Maybe with a little more effort I can make something out of it. It's located here: Known Plaintext Attack on DES {PDF}. The only strange thing that I noticed is that it lists different approaches to attacking 1-round DES, 2-round DES, 3-round DES, etc. Does DES not employ 16 rounds? If so, then I guess this isn't of as much help as I thought. Although it is still possible (I think) to use a weakness in something like 5 rounds to attack a higher number of rounds, I'm not exactly an expert in cryptanalysis. Besides, if someone figured it out I'm sure we would hear of it eventually. Maybe it's just a matter of time. So...any thoughts? Oh, and as for the plain and simple cracking of the key, I'm going to go do some digging for efficient methods, but if anyone has any pointers that might help me out I'd love to hear them. As I said above, there are obvious restrictions on the key that is used so it would be trivial to narrow the range of possibilities quite dramatically. The uppercase restriction automatically cuts a huge chunk of possibilities out. Quote Link to comment Share on other sites More sharing options...
sirloins Posted November 3, 2009 Share Posted November 3, 2009 Okay I know this thread is old... but this may help for future readers.. check out CrypTool (www.cryptool.de) it has some interesting things for attacks, and learning about cryptography. Also to note, 3DES is not 3 DES encryptions, it works like so: 1 - Encrypt using First Key 2 - Decrypt using Second Key 3 - Encrypt using third Key So its actually Encrypted, Decrypted and Encrypted... but yes the decrypting with a different key is essentially encrypting it.... Quote Link to comment Share on other sites More sharing options...
hontal Posted December 2, 2009 Share Posted December 2, 2009 I have a DES coded chipertext: 1234567890ABCDEF I know the plaintext: FEDCBA0987654321 It's a simple DES, not triple DES! How it is possible to get the key from the plaintext and chipertext pair? Can somebody write on a program on this? Quote Link to comment Share on other sites More sharing options...
Kerberos Posted December 2, 2009 Author Share Posted December 2, 2009 I have a DES coded chipertext: 1234567890ABCDEF I know the plaintext: FEDCBA0987654321 It's a simple DES, not triple DES! How it is possible to get the key from the plaintext and chipertext pair? Can somebody write on a program on this? That's exactly what I was trying to do :P The only way I can think of is brute force, unless there is a weakness that could be exploited. That's why I was asking if anybody knows of any weaknesses that would allow this to be done with more efficiency than a brute force attempt.... Quote Link to comment Share on other sites More sharing options...
hontal Posted December 3, 2009 Share Posted December 3, 2009 Hi Kerberos! You may read it here the fastest one DES implementaion. There is a source code. http://www.darkside.com.au/bitslice/ Do you know an exists BruteForce program? Did you find one like this? Quote Link to comment Share on other sites More sharing options...
hontal Posted December 3, 2009 Share Posted December 3, 2009 Here is DES JavaScript example: http://people.eku.edu/styere/Encrypt/JS-DES.html Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.