Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Razvan Peteanu (razvan-peteanuhome.com)
Date: Thu Oct 18 2001 - 21:33:38 CDT
You can also check the following:
"Basic Cryptanalysis" manual at http://www.umich.edu/~umich/fm-34-40-2/
"Self-Study Course in Block Cipher Cryptanalysis"
a ton of papers at
"Methods of Cryptanalysis" at
----- Original Message -----
From: "tox" <toxresponsible.com>
To: "Jeremiah Grossman" <jeremiahwhitehatsec.com>
Sent: Thursday, October 18, 2001 9:41 PM
Subject: Re: telling crypto type [off topic]
> Different schemes will permit different characters in the ciphertext.
> Frequency analysis should also lend some light as to basic classes
> of algorithm. A simple substitution cipher like rot13 will have
> a nice peak for frequently-occurring characters ("e" in
> English text, for example). Something that produces a nearly
> flat frequency curve is likely to be the product of a more
> complex (potentially stronger) algorithm.
> Levels of entropy (~randomness) in the stream will also tend to
> follow with algorithmic complexity. A quick hack of a test
> would be to try compressing the stream with your tool of
> choice (compress, gzip, pkzip, etc.). If it compresses
> significantly, it is less likely to come from a harder
> algorithm, and more likely to come from something like
> If the cyperpunks have a faq, it's likely to have some of the info
> you are looking for.
> If you've got a few hours to burn, read Simon Singh's _The Code Book_
> for a basic introduction to some of the history, approaches,
> and methods without burying you in hard math.
> If you want more of the math, look for a copy of Bruce Schneier's
> _Applied Cryptography_ for a reasonable survey of the subject
> as it was a couple of years ago.
> Jeremiah Grossman wrote:
> > but.... lets say you have serveral long strings of cipher text...
> > how can one tell the kind of cipher or encryption
> > (ROT13, DES, XOR, BASE64, etc.) is being used? If at all
> > possible...
> > Hey... for OWASP and the session vulns information,
> > perhaps this isnt off-topic.
> > Jeremiah
> Tox Gunn Security Systems Administrator, Responsible Solutions
> voice (650)780-9550 pager (888)894-7576 toxresponsible.com