Re: (tye)Re: xor encrypt-decrypt routine

Could you explain this one to me? I think I am missing something.
The way I see it, you have a target file which is unknown to you, and a random key which are XOR'd into the encrypted version. Wouldn't Random plus an unknown content (despite being ordered/logical) still be random?
Did you go by the fact that you knew it was source code you were decrypting so you knew to look for obvious text such as #define, or #include, or main

If I took a file, and did some alphabet substitutions on it so that it no longer had a language form, and then XOR'd it to random data, would you still be able to decipher/unobscure it?
thanks!

Comment on Re: (tye)Re: xor encrypt-decrypt routine

Replies are listed 'Best First'.

(tye)Re3: xor encrypt-decrypt routine
by tye (Sage) on Jan 23, 2001 at 04:07 UTC

Two main problems: First, the "key" is too short and so repeats a ton of times on a moderately large file so you have lots of opportunity to figure out parts of the key one place and use that knowledge a ton of other places. Second, you are xoring ASCII characters so it isn't that hard to recognize patterns.

If I wanted to do something like this I would:

Compress the clear text first.
Add a random pre-amble of random length since the compressed clear text will start with a predictable signature (see other threads here on how to get enough randomness).
Don't use the key directly. Use a MD5 hash of the key, for example.
Use the compressed clear text to modify what you are xoring with as you go.

tye

[reply]


XP is just a number
	PerlMonks