Re: [Full-disclosure] Cipher detection



I'm trying to figure out what kind of cipher was used in this:

GGobQ2bsqd64PXVAmaDiDBg=

Looks like Base64, but it's not. The original string is:

dummy@xxxxxxxxxxx

Thanks all!


As Thor mentioned, since the ciphertext is not a multiple of a common
block cipher's block size (8 or 16 bytes), then an XOR might be in
use. This points to either a block cipher in CFB, OFB, or similar
modes, or a stream cipher (RC4?), or some hack someone put together
that involves XORing some secret with the email address.

Your next step should be to have several different plaintexts
encrypted, then XOR away the plaintext from the ciphertext to get your
keystream for each. If you see duplication across key streams, then
you might be looking at a bad hack or use of a cipher which reuses the
same IV for each email address, which is also a big no-no.

HTH,
tim

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • SOBER-128: stream cipher and MAC primitive
    ... There is a need for a primitive stream cipher ... Message Authentication Code, and allows full ... SOBER-128 is a synchronous stream cipher designed ... The ciphers SOBER-t16 and SOBER-t32 ...
    (sci.crypt)
  • Re: Stream cipher against block cipher
    ... [Constructing block ciphers from stream ciphers.] ... `block cipher', ... used in counter mode to construct an additive stream cipher. ... block ciphers -- differential and linear cryptanalysis, ...
    (sci.crypt)
  • Re: A poormans block encryption algorithm
    ... Block ciphers operate with a fixed transformation on large blocks ... transformation on individual plaintext digits. ... A stream cipher is simply any cryptographically secure ...
    (sci.crypt)
  • Re: convert stream ciphers into block ciphers
    ... For instance, secure ... like a four-round Feistel construction required, to make a stream cipher ... A four-round Feistel construction involves using the stream cipher four ...
    (sci.crypt)
  • Re: Needle in a haystack--or is this just stupid?
    ... > CryptoSMS implements a stream cipher in between two block ciphers, ... ECB mode (stateless crypto system) using a key derived from the cryptographic ... My first thought is that only the stream cipher provides statefulness, ...
    (sci.crypt)