Join Log in
Score:1
avatar Crypto

Is it possible to find an AES key given part of the key, the ciphertext, initialization vector and mode of encryption?

es flag
user274857

The following details are given:

  • Partial Key: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX11000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011
  • Initialization Vector: E898EF8E91F8C9B201E6E29DF87EE152
  • Ciphertext Block 1: 14B8D1412766A8520BACE4598F8AFAEE
  • Ciphertext Block 2: 7E687A49015FA6F1B914635325A6361B
  • Ciphertext Block 3: 8AD191394EF79CEC4B5A256313632CD4
  • Ciphertext Block 4: 8BB4D49F3FA7A917CDF02ECCAA8C4765
  • CBC Mode No padding
  • Character set: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890⌴‛~@#$%^&*(){}[]+=-_<>,.?/!:\;’|"
  • Character set info: range [32,127), ASCII encoded, each character is 8 bits

My thinking is that somehow you will need to decrypt each ciphertext block with each of the known 32 bits of the key and work down. The problem is the first ciphertext block has an unmatched key (XXX ...)
So as a result you will get a plain text of all known characters except the first 32 bits.

159
0 + 0
aes
cbc
kelalaka avatar
in flag
kelalaka
@mti2935 yes, the question is easy ( I've missed some parts): Hint: Generate the keys, decrypt and check that the plaintext doesn't include any byte that is not in the character sets.
0
Reply
kelalaka avatar
in flag
kelalaka
Nope, You have to use CBC mode to decrypt and there is no padding means that the plaintext is the full block size. Decrypt all blocks and test it. Why do you think that 32-bit plaintext? The decryption of a block leaves 128-bit result. Do you know how a block cipher works and what is CBC mode?
0
Reply
kelalaka avatar
in flag
kelalaka
1) You can only decrypt a full block ( 128-bit for AES) 2) while searching 2) the key is given in bit-string means that you have to find the missing bits of the one 128-bit key. 3) If you want, you can only decrypt the first ciphertext block and test if passes the test then decrypt all and test again. The better decrypt all ciphertext at once and test. If you know some coding you can write this code in a coupe of hours.
1
Reply
hft avatar
ng flag
hft
@user274857 this should be tagged as homework-and-exercises if it is homework. You need to show us what you have already tried. Finally, in the future, questions like this may be better posed at the cryptography stack exchange rather than the infosec stack exchange.
0
Reply
Score:3
kelalaka avatar Crypto
in flag
kelalaka

Can one achieve to search 32-bit keyspace?

OpenSSL with AES-NI can operate 61510120 iterations for 64-byte blocks AES-128 in CBC mode per 3 seconds on my machine.

run openssl speed -evp AES128 to see in your machine.

This makes $2^{26}$ keyspace for three seconds. One needs $2^{6} =64*3$ seconds to find the key candidates with good coding.

For your cause create 3 functions;

  • $P = \operatorname{AES-Dec-CBC}(k, IV, C)$ where $C$ is the ciphertext blocks and $P$ is the decrypted plaintext under the current key $k$ of $C$.
  • $k =\operatorname{GetNextCandidateKey(current)}$ This simple increments the current and creates a key $k = current\mathbin\|1100\cdots011$ in the binary form. You need to convert this into binary to fit the standard encryption librarires
  • $b = \operatorname{CheckTheMessage}(P)$. This function gets a plaintext and checks that the bytes are in the range. If not returns 0 else returns 1

Now with these 3 functions;


current = -1

while current < 2^32 do:
    k = GetNextCandidateKey(current)
    P = AES-Dec-CBC(k, IV, C)
    b = CheckTheMessage(P)

    if b == 1
        print(current)
    current++
0 + 0
Score:1
hft avatar Crypto
ng flag
hft

Is it possible to find an AES key given part of the key, the ciphertext, initialization vector and mode of encryption?

Sometimes it is possible. Sometimes it is not possible. It depends on how much of the key you already know.

In your case you seem to know all but 33 bits of the key. So, you should be able to brute force it to figure out the rest of the key.

0 + 0
hft avatar
ng flag
hft
Look at the output of the decryption. For example, if any byte is not in the range you (or your teacher) specified [32,127) you can throw that key away and start trying another.\
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.