Been here working on a black box.

Known input .... and cipher text out.

Am not able to play with the input.

All the output lengths are fixed and the values contain a-Z 0-9.

Output values are always very different from the previous line.

but, each line of cipher text contains some posistional patterns.

The pattern positions correspond to all output lines. Just
the values are consistently different.

been bugging me trying figure out what this cipher is.

Not that I am expecting anyone to figure it out for me.... just
got me thinking on how to tell one cipher text string from
another.

Got some great data to work with.

Thanks!

Mark Curphey wrote:

> I have seen some cookies hashed with md5 or sha-1...pretty easy to tell
> apart...nice property of hash functions is arbitrary input and fixed length
> output. 128 bits for md5, 160 bits for sha
>
> -----Original Message-----
> From: tox [mailto:toxresponsible.com]
> Sent: Thursday, October 18, 2001 6:41 PM
> To: Jeremiah Grossman
> Cc: www-mobile-codesecurityfocus.com
> Subject: Re: telling crypto type [off topic]
>
> Different schemes will permit different characters in the ciphertext.
>
> Frequency analysis should also lend some light as to basic classes
> of algorithm. A simple substitution cipher like rot13 will have
> a nice peak for frequently-occurring characters ("e" in
> English text, for example). Something that produces a nearly
> flat frequency curve is likely to be the product of a more
> complex (potentially stronger) algorithm.
>
> Levels of entropy (~randomness) in the stream will also tend to
> follow with algorithmic complexity. A quick hack of a test
> would be to try compressing the stream with your tool of
> choice (compress, gzip, pkzip, etc.). If it compresses
> significantly, it is less likely to come from a harder
> algorithm, and more likely to come from something like
> rot13.
>
> If the cyperpunks have a faq, it's likely to have some of the info
> you are looking for.
>
> If you've got a few hours to burn, read Simon Singh's _The Code Book_
> for a basic introduction to some of the history, approaches,
> and methods without burying you in hard math.
>
> If you want more of the math, look for a copy of Bruce Schneier's
> _Applied Cryptography_ for a reasonable survey of the subject
> as it was a couple of years ago.
>
> Tox
>
> Jeremiah Grossman wrote:
> >
> > but.... lets say you have serveral long strings of cipher text...
> >
> > how can one tell the kind of cipher or encryption
> > (ROT13, DES, XOR, BASE64, etc.) is being used? If at all
> > possible...
> >
> > Hey... for OWASP and the session vulns information,
> > perhaps this isnt off-topic.
> >
> > Jeremiah

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]