Jump to content

Encryption and Decryption


trustme

Recommended Posts

Hey

I was wondering if anyone had any suggestions as to how to decrypt a text file.

My Java teacher is having us build a .jar that can encrypt words from a text file/ copy and pasted into the running program.  Obviously, your tool has to decrypt your encrypted text as well.  My partner is working on that component and when he's done I'll add the gui on top of his code.

The question I have relates to decrypting other's encrypted output.  Basically, everyone will post their encrypted text to a web page, where if you're interested you can try and decrypt it.  So I was wondering if theres a tool or some method to go about doing this?  I don't know how complex the encrypted text will be, but some kid decrypted 6 or 7 other kids projects last year, so I figure there must be an easy solution.

Thanks in advance.

Link to comment
Share on other sites

Decrypting stuff from within Java is dead easy. Problem is that you still need the two items any decryption needs: The decryption key and the algorithm used.

Given the fact that this is a school project the encryption is likely to be weak and the keys used even weaker, so you could try to use a dictionary attack against the ciphertext.

Are you guys using BouncyCastle, or whatever's present in the standard JVM?

Link to comment
Share on other sites

Since it is Java someone could easily utilize the AES libraries and then everybody is screwed :)

But it sounds like it's a beginners course in cryptography, which should mean that most will probably go for a simple substitution cipher which are easy to break. If someone goes a bit advanced they will probably at most do a polyalphabetic cipher with some form of rearrangement, but still the methods for breaking those are fairly well documented (you might need to find some app or write one to do the analysis since it's a pain to do by hand). Wikipedia has a wealth of knowledge about different classical cryptos and how to break them. Even if anyone uses binary operations to encrypt the same methods of breaking applies (frequency analysis and such) as long as they don't use advanced methods.

If you get access to the encryption part of the others programs you can often figure things out about how it works by encrypting data with small changes in content and length.

Link to comment
Share on other sites

I won't have access to their program (their source or .jar), as this would make it very easy to crack (even for me) at the level of encryption they'll be capable of doing.

Yeah he talked about substitution ciphers in class, so some people might go for that.

I'll look around for a program to do it for me, anyone have any suggestions?

Thanks for the response.

Link to comment
Share on other sites

I won't have access to their program (their source or .jar), as this would make it very easy to crack (even for me) at the level of encryption they'll be capable of doing.

Yeah he talked about substitution ciphers in class, so some people might go for that.

I'll look around for a program to do it for me, anyone have any suggestions?

Thanks for the response.

Well for cracking substitution ciphers you can do a letter frequency analysis to guess which letter each substituted letter is likely to be, and then swap around the letters and compare the decrypted words to words from a list of English words until the decrypted text has the greatest number of words matching ones in your list. The text does have to be a decent length for this to work though. You can combine other techniques for guessing too (e.g. a single letter word is likely to be a, two letter words will be on, to, is, in, etc).

Link to comment
Share on other sites

I won't have access to their program (their source or .jar), as this would make it very easy to crack (even for me) at the level of encryption they'll be capable of doing.

Yeah he talked about substitution ciphers in class, so some people might go for that.

I'll look around for a program to do it for me, anyone have any suggestions?

Thanks for the response.

If it is on the basic level and you really want to learn how it all works I would really recommend doing the analysis either by hand or using tools you write yourself. Not trying to be demeaning or anything, I just know that most learn better by doing things themselves and some damaged people (like me) actually find manual crypto analysis quite interesting/satisfying/fun. If you are interested and have the time I would recommend reading The Code Book by Simon Singh. But if you just want to get through the course without thinking there is always pages like this that one can find with some googling.

Link to comment
Share on other sites

THat hardest part will be trying to figure out what they are using to encrypt the text. Md4,5, sha1, etc. Once you figure out that part, then you can try a brute force using a dictionary attack, but if they salt the passwords then you would also need to know this as well.

Usually the length of the encrypted output can be a hint as to what they are using. If it si the same length as their original password, then chances are it will be really easy to crack and is probably not secure. Best thing to do is ask some of the classmates what they were experimenting with and then start looking up those specifics to work with. A little social engineering would probably be in place to get the job done.  :wink:

Hell, if you can ocial engineer the password, then it doesn't matter how secure their encryption is. Even if they don't tell you the password out right, with enough questions, you might be able to get an idea of what they are using.

Link to comment
Share on other sites

I'd hope they aren't using MD4, MD5 or SHA1 to encrypt their data, what with those being one-way hash algorithms. It would be kind of useless encryption too, it being impossible to get your data back again. Trying to brute force seems impractical as well, since you are basically trying to brute force the entire plain text. You wouldn't even know when you had the correct plain text, because 1 in every 2^bits (e.g. 2^128 for MD5) possible plain texts will have the same hash; since there is an unlimited number of possible plain texts that can produce the same hash, you will be brute forcing for exactly ? hours to get them all.

It is the case though that if they do use any modern decent encryption the only way it's gonna be cracked with the ciphertext alone is brute forcing the key. Which will take a long long time. Like very long.

Link to comment
Share on other sites

About the MD4 and the like encryption schemes, its important to note that they can only use a scheme if they designed it theirselves.  We're in high school, in a java class, and this is just a side project, you do however win a Twix bar from a team if you crack their encryption by decrypting their encrypted text...

All you have to do is to be able to tell what their original text was.

The passages will prolly be about the length of this post or twice the size, no more than that.

Also, any suggestions as what to encrypt for our text?  Preferably something humorous.

Thanks

Heres the first sample someone gave me, it may have some errors when I typed it.  Should only be one sentence.  The new lines are supposedly breaks...which may be in the middle of words.

RRMQQQNUPNRMQQQRPUQRRMQURUNRQMURQQURRVNRPPRRRRPUQUNRQNNRQMRNVVQ

PUPQNUUNRUURUNRQMRNUUQRPUQQUMUNUPQMRRPUQUNRQMRMNVRRQPQMQNU

RUURRPPQPRNUMQQNURRQPRMNPQRQMRUUUQNUMRQQNUPQRQPQ

Link to comment
Share on other sites

I'm guessing he used the double letter rectangular cipher because groups of 2 letters per letter seem to make sense, but it may be to long if this is the case to fit a single sentence as he described.  Any suggestions?  I tried to use a link I found earlier to try to predict the letters based on frequency, but I couldn't find it again.

Should I ask for a longer sample tomorrow?

Link to comment
Share on other sites

Since it only uses a limited set of characters it has to be using more than one character in the encrypted text for each clear text character. If you didn't make a mistake while writing it down there is a problem though, you've got an uneven number of characters.

I found this lump of Javascript I created a while back for a similar course, it's not automatic in any way but it does speed up simple frequency analysis. It lets you count characters or groups of character and also replace characters. The first field is for the crypto text, the second one is for the length of the character groups and the third one is for replace instructions ("AB=a C=b").

Link to comment
Share on other sites

It could possible be 3 letters per real character, only because I made something similar myself to read "kenny speak" which is the alphabet to read words spoken by Kenny on southpark.

http://www.twistedpairrecords.com/Files/kennytranslator1.exe

I made this a few years ago, and while it won't decrypt your message, you may be able to figure out the text count and go from there. He may be using things like the q as just padding spaces, but like I said, if he is making his own alphabet, you need to figure out his weather his grouping 2 per  letter, 3 per letter, etc, then work to get each character in his alphabet.

Do they provide any clues? Maybe google a phrase out of his sentence and see if he is using a premade formula(which you said was somethign theywerent supposed to do, but hey, you never know).

Link to comment
Share on other sites

here is the kenny alphabet:

mmm mmp mmf mpm mpp mpf mfm mfp mff pmm pmp pmf ppm ppp ppf pfm pfp pff fmm fmp fmf fpm fpp fpf ffm ffp
a   b   c   d   e   f   g   h   i   j   k   l   m   n   o   p   q   r   s   t   u   v   w   x   y   z

Maybe it can help you?

Link to comment
Share on other sites

Looks like it can be divided equally by three so that may be the way to go:

RRM QQQ NUP NRM QQQ RPU QRR MQU RUN RQM URQ QUR RVN RPP RRR RPU QUN RQN NRQ MRN VVQ PUP QNU UNR UUR UNR QMR NUU QRP UQQ UMU NUP MRR PUQ UNR QMR MNV RRQ PQM QNU RUU RRP PQP RNU MQQ NUR RQP RMN PQR QMR UUU QNU MRQ QNU PQR QPQ

Link to comment
Share on other sites

Got a real submission for y'all:

M&,yhnk6*W$&(K`x'|!k1;1;&"$8H+1#tz3t{bV~pr}B/* ~p""q10Sx-%dlv!Zc ayvTCt}WjOkU>n",n !C2@.Y'x~:t0- A|6mU01S"&ImWjw+uh@{Tz~`jXO%[z{2Q-o"2("9OY1c7 z9wXzD>uA3@wWyg&"qd`;mi{wM+B+{8jSH{lis'fe4.{zbuD,Uz!^5>O>O!9Ely?7 v=e D_tPi&=fHg"/.m@2("mK;s= N7*9T6kHAlj6u e"HW=v[c/`Y8+~vsSz:0x%ICg;!(8|T'"In)een~#l~)<,pfVz#2iW:} pc~hEx)"7=s/tE'pH$@7i|;e*ivnt_*bddDu+JCy408De{r8"AJ>@){=(w5*X

This includes spaces within and whatnot.

Link to comment
Share on other sites

Got a real submission for y'all:

M&,yhnk6*W$&(K`x'|!k1;1;&"$8H+1#tz3t{bV~pr}B/* ~p""q10Sx-%dlv!Zc ayvTCt}WjOkU>n",n !C2@.Y'x~:t0- A|6mU01S"&ImWjw+uh@{Tz~`jXO%[z{2Q-o"2("9OY1c7 z9wXzD>uA3@wWyg&"qd`;mi{wM+B+{8jSH{lis'fe4.{zbuD,Uz!^5>O>O!9Ely?7 v=e D_tPi&=fHg"/.m@2("mK;s= N7*9T6kHAlj6u e"HW=v[c/`Y8+~vsSz:0x%ICg;!(8|T'"In)een~#l~)<,pfVz#2iW:} pc~hEx)"7=s/tE'pH$@7i|;e*ivnt_*bddDu+JCy408De{r8"AJ>@){=(w5*X

This includes spaces within and whatnot.

I'd like to see his/her formula to reverse it back to plain text. That's pretty good...it almost looks like a form of l33t text. (dare I say l33t) but I wouldn't begin to guess what it says. Me thinks some teen has way too much time on their hands...

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...