RE: How to verify a decrypted cyphertext

From: "David Gillett" <gillettdavid@xxxxxxxx>
Date: Mon, 22 May 2006 09:58:21 -0700

Absent a text that says something like "This is the decrypted
text", you can't know for certain. Although the likelihood is
not huge, a given ciphertext might decode into several different
plausible plaintexts depending on the key/algorithm applied.
(See, for instance, recent news about the CIA sculpture....)

In general, any cipher may be more easily attacked if one knows
something about the plaintext. For instance, during WWII, the
British deliberately attacked and sank a buoy in order that daily
German status reports would contain some guessable text. (Earlier
in the war, they had found that 90% of German Enigma messages
contained somewhere the word "eins" (one)....)

Mathematical encryption might not be the only encoding of the
message. Assume, for instance, that you have intercepted the message
to the Japanese fleet "Climb Mount Niitaka!". Of course it was in
Japanese (nothing guarantees that the plaintext will be in English!)
and presumably encrypted, but even if you guess it means "Execute
the planned operation", there's nothing to tell you what that operation
IS.

David Gillett

-----Original Message-----
From: alexpheno@xxxxxxxxx [mailto:alexpheno@xxxxxxxxx]
Sent: Thursday, May 18, 2006 2:18 AM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: How to verify a decrypted cyphertext

Hello list,

Does anybody know how a computer verifies that it has
succesfully decrypted a cyphertext?

In the case of Project RC5, they have to find out a string
which is known to be readable and probably use
pattern-matching algorithms based on some sort of dictionary
(my 2 cents). But in the case of a encrypted random string
how woud one know that the solution has been found.

Thanks.

References:
- How to verify a decrypted cyphertext
  - From: alexpheno

Prev by Date: RE: Risk Assessment
Next by Date: RE: Risk Assessment
Previous by thread: Re: How to verify a decrypted cyphertext
Next by thread: Risk Assessment
Index(es):
- Date
- Thread

Relevant Pages

Re: Conspiracy in the Surveillance Society
... (requiring brute-forcing the ... that the plaintext is independent of the encryption key. ... But the key ain't transfered in the ciphertext. ...
(rec.arts.sf.science)
Re: Using a Magic Value in Place of Authentication
... encryption functions for keys k1 and k2) share a single mapping from a specifc plaintext to a specific ciphertext. ... When did we restrict the plaintext or key of an encryption method to plain English? ...
(sci.crypt)
Re: Using a Magic Value in Place of Authentication
... the encryption functions for keys k1 and k2) share a single mapping from a specifc plaintext to a specific ciphertext. ... If the attacker had some chosen plaintext, then that would lead to a partial if not a total mapping of the key. ... Of course you could just test a single ciphertext over all possible keys and indeed determine after 2^128 encryptions that it can only be the result of a specific plaintext and key. ...
(sci.crypt)
Indistinguishability and integrity in symmetric encryption
... "The 'right' security property for general-purpose symmetric encryption". ... >symmetric encryption scheme (for which the empty plaintext is not ... A has interfaces to an encryption oracle ... It is assumed that the ciphertext returned by A is different to all those ...
(sci.crypt)
Cryptography FAQ (08/10: Technical Miscellany)
... How do I use compression with encryption? ... What does ``random'' mean in cryptography? ... WordPerfect encryption has been shown to be very easy to break. ... where the ciphertext is something like the ...
(sci.crypt)