Score:0

Decrypt a ciphertext knowing of a pattern of key repetition

in flag

I have two ciphertexts (I do not know which encryption algorithm was used to create them) which both starts with the same 3-characters long word. This led me to believe that the same key was used for both of them and that I could exploit that to decipher it.

I thought that one-time pad was used there, so I tried to XOR them together to get the XORed plaintexts, but I cannot decipher it so I think some other cipher was used.

What are other probable ciphers that could have been used which are vulnerable to key repetition?

edit: Thanks for the feedback. The characters are ASCII characters, there is no header and it is not a file, just encrypted plain text.

SAI Peregrinus avatar
si flag
It's also possible the repeated characters (bytes? Windows UCS-2-style 16-bit characters? UTF-8 extended grapheme clusters? "character" is ambiguous) at the start are just a header, and no key has been repeated.
Score:0
in flag

I have two ciphertexts (I do not know which encryption algorithm was used to create them) which both starts with the same 3-characters long word. This led me to believe that the same key was used for both of them and that I could exploit that to decipher it.

Are you sure that they are explicitly ciphertext? The reason that I ask is that quite often ciphertext are part of a file format or protocol. These protocols may contain other data than just the direct results of the cipher. They may e.g. be a Tag and Length in front of a ciphertext string as part of a TLV structure, or they may be a file magic, part of a non-random nonce etc. etc. etc.

Of course it could be that they are part of a ciphertext. In that case they may be generated using an identical key stream, and this key stream may be generated as part of a stream cipher. In that case you can try to solve it by looking up a many time pad as you currently do. However, it could also be that a plaintext aware stream cipher was used, and in that case you'll need to look at techniques to break the cipher.

If the ciphertext only contains printable characters (and not just hex or base 64) then that might hint at a classical cipher, which usually operates on one or a few characters at a time. Again, the analysis depends on the cipher though. Note that a stream cipher (with a randomized key stream) that uses XOR cannot just output printable characters, unless the result was explicitly converted to printable characters afterwards.

Finally, the chance that you get the same 3 bytes (not printable characters) is one in $2^{24}$ (about one in 16 million). It seems unlikely that this was generated by a (pseudo)-random function by chance, if this is indeed ciphertext. However, it is possible to deliberately cherry pick ciphertext if someone wanted to confuse you.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.