We help IT Professionals succeed at work.

Detect Encryption Algorithm

Medium Priority
5,794 Views
Last Modified: 2012-08-13
Hi,

I was wondering if it is possible to detect the encryption algorithm used, based on the original and the encrypted text?

Take care,
Leannonn
Comment
Watch Question

Hi leannonn,
usually it is not possible, unless you are talking about really simple cryptography algorithms, such as rotation-, simple-hash and XOR-ciphers. Otherwise, ciphered text should resemble, as much as possible, "white noise" (random text), and be also immune to frequency analysis.

Cheers!
Aleksandar BradarićSoftware Developer
CERTIFIED EXPERT

Author

Commented:
Hi,

> unless you are talking about really simple cryptography algorithms, such as
> rotation-, simple-hash and XOR-ciphers

So, there is no way to identify any kind of algorithm `signature`? What about XOR and hash cyphers - how could someone find out that I've used one of those? I suppose the original and the encrypted text would be compared, but what kind of similarity is there to be found? Can it be reduced somehow?

> ciphered text should resemble, as much as possible, "white noise" (random text),
> and be also immune to frequency analysis.

Would any similarity in fequency analysis for the orginal and the encrypted text, yield any clues? Would it make any difference if there were multiple pairs of original and encrypted text (same algorithm, same key) available for analysis?

Thanks :)


Take care,
Leannonn
> What about XOR and hash cyphers - how could someone find out that I've used > one of those?

Well, in those cases, breaking the code is quite simple for many reasons: I'll give you this link which is quite rich of information.
http://www.phreedom.org/solar/honeynet/scan16/scan16.html

> I suppose the original and the encrypted text would be compared, but what kind > of similarity is there to be found?

Normally, what you search for are statistical anomalies.

> Would any similarity in fequency analysis for the orginal and the encrypted text,
> yield any clues?

Yes, of course, this is how frequency analysis works.

>Would it make any difference if there were multiple pairs of original and encrypted >text (same algorithm, same key) available for analysis?

Yes, definitely. One of the factors for the success of a known-plaintext attack is in the length of the sample used for decryption. It could go even better (or worse, depending on your role in the matter) if the attacker could freely choose the text to have encrypted, in order to make a confrontation with the plaintext.
I hope I was somewhat understandable. :)

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Aleksandar BradarićSoftware Developer
CERTIFIED EXPERT

Author

Commented:
Hi,

OK, I think I got the general idea of what I should do. As there will be multiple samples of original and encrypted text available, my only chance is to use a strong algorithm which makes the encrypted text as close to random text as possible...

Thanks :) Here are the points.


Take care,
Leannonn
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.