Help me break my father's friend's crypto algorithm!

A friend of my father has come up with a new encryption scheme that he 
says can't be brute-force decrypted.

He sent me a 384-byte chunk of encoded binary data and two plaintext 
words that can be found in the decoded 'answer'.  He said that he would 
give me $100 if I could break his encryption algorithm.

I was going to write my own code that brute-forces a one-byte key, then 
XOR's the encrypted data with all 256 possible byte values, then try a 
2-byte key, etc... until I find the two words somewhere in the 
unencrypted string.  The length of the key is unknown.

Is this how I would go about this, or am I missing something with 
regards to decrypting text via brute-force?  I understand that there is 
a possible "scrambling" of the message that can also happen which would 
probably mess up my whole XOR brute-force method, but I'm not so sure 
that my father's friend would be smart enough to actually scramble the 
data or not.

Q: Is this a good method of brute-force decryption or am I missing 
something important here from a theoretical point of view?

Q: Is there a well-known tool to do this instead of me having to write 
something myself?  I did some google searches and some github searches 
and wasn't able to find anything except for a few single-byte XOR 
search utilities.

0
Steven
7/2/2013 9:28:21 PM
grc.techtalk.cryptography 876 articles. 0 followers. Follow

2 Replies
435 Views

Similar Articles

[PageSpeed] 44

On 7/2/2013 5:28 PM, Steven Webb wrote:
> A friend of my father has come up with a new encryption scheme that he
> says can't be brute-force decrypted.
>
> He sent me a 384-byte chunk of encoded binary data and two plaintext
> words that can be found in the decoded 'answer'.  He said that he would
> give me $100 if I could break his encryption algorithm.

>
> I was going to write my own code that brute-forces a one-byte key, then
> XOR's the encrypted data with all 256 possible byte values, then try a
> 2-byte key, etc... until I find the two words somewhere in the
> unencrypted string.  The length of the key is unknown.
>
> Is this how I would go about this, or am I missing something with
> regards to decrypting text via brute-force?  I understand that there is
> a possible "scrambling" of the message that can also happen which would
> probably mess up my whole XOR brute-force method, but I'm not so sure
> that my father's friend would be smart enough to actually scramble the
> data or not.
>

> Q: Is this a good method of brute-force decryption or am I missing
> something important here from a theoretical point of view?
>
> Q: Is there a well-known tool to do this instead of me having to write
> something myself?  I did some google searches and some github searches
> and wasn't able to find anything except for a few single-byte XOR search
> utilities.
>

I would think that having two plaintext words that are guaranteed to be 
in the encrypted string is a *huge* leg up (that normally is not 
available) but I still think you have a very large problem. The 
empirical knowledge you think you have about the encrypter's skillset 
may or may not be valid and might even mislead you!

I don't have or know of any routines out there, but there might be some 
that apply commonly-known cracking techniques... make sure you determine 
that it isn't ROT13 first... :)
0
Kerry
7/3/2013 2:22:45 PM
Hi,

You might want to check that a true one time pad wasn't used to encrypt.

If that's the case and the pad was random even having pain text won't help.

Regards

Simon

0
Simon
7/6/2013 8:58:12 PM
Reply: