Build

Since ancient times, the encryption of messages has caused attention, especially in the military field, from simple cesarean blades to the German puzzle machine. With the increase in the number and complexity of the zeros, as well as interest in decoding the encryption, which in turn has created more advanced encryption methods.

With the appearance of computers, the encryption has become wide, as users also sought to maintain the privacy of their data. While in the past encryption it relied on replacing the message, information, revenge, and false chickenpox are transmitted today, using bilateral instructions that consist of zeros and individuals.

One of the simplest ways to encrypt your message is implementation xor The process on your message is in a dual form, also known as as Exclusive or.

Take the xor input process (A = 0 || 1, b = 0 || 1) It returns 1 If the arguments are different and 0 If it is the same:

How to encrypt xor our message? Let’s take the word “cat” – In bilateral acting, this word looks:

We will use the message “your” ((01101011) As a key. Xor byte app by byte, with the key periodically repeated:

00001000 0000101011111 – The resulting encrypted message, or Encrypted.

One of the main advantages of Xor is Reflection. That is, if we apply XOR between encrypted and key text, we will recover the original message:

In addition, XOR supports multiple keys for Association:

M = DK2 (DK1 (EK2 (EK1 (M)))))))

In the Xor app, let’s look at the following example:

We take the previously obtained encrypted text and apply XOR with a key that only consists of those.

Now, we apply xor between the original key your And the key that consists of each of them.

Now, we apply XOR between the new key and the encrypted text to restore the original message.

As a result, we recall the original message “cat” once again. Because of this feature, Xor is widely used in various encryption protocols. But why not use XOR instead of common encryption algorithms? Let’s analyze protection Xor Insrypted text.

Xor encrypted text analysis

In this example, we will examine one of the methods of breaking xor’s encryption if the length of the key is known.

Suppose we have an encrypted text (encrypted text):

H 1010111111111111101101110 0010110 000110 0010110 001111 0000000000

Assuming that the original message consists only of small Latin letters (AZ) And spaces, and The length of the key is 3 by.

Knowing this, we can Divided Cheerful text in three groups, and this means the encrypted text corresponding to each of the key from the key:

• The first group (I 3 % == 0):

H

• The second group (I 3 % == 1):

00001101 01000101 01000101 0010110 0000000000000000000010101 0011101 00001000 0010110 0000000000 00001010 00000000 000010101010101 01000101010110 00000000

• And the third group (I 3 % == 2):

0010000000010000000010011 001101 01011001 0000101011101 00001101 0011100 0011000 01011001 00001011 0010111 0011101 0010110 0011101 0010110

Since the Latin letters and spaces are coded in one byte, each byte can take one of 256 values, we can move the potential keys values.

If the group that is decoded contains letters and distances from A to Z only, we can assume the presence of the corresponding key.

Example Python to find the key:

def binaryToChar(binary_str):
   return chr(int(binary_str, 2))


def xorWithByte(binaryStr, keyByte):
   result = ""
   for i in range(8):
       bit = int(binaryStr[i])
       keyBit = (keyByte >> (7 - i)) & 1
       result += str(bit ^ keyBit)
   return result


def isCorrectByte(binaryGroup, keyByte):
   for byteAsString in binaryGroup.split():
       resultBinary = xorWithByte(byteAsString, keyByte)
       resultChar = binaryToChar(resultBinary)
       if resultChar != ' ' and not ('a' <= resultChar <= 'z'):
          return False
   return True


binaryGroup1 = "00011111 00011000 00011000 00011110 01001011 00011111 00011111 00001110 01001011 00011000 00001100 00001101 01001011 00001000 00001110 00011001 00001110 00001111"
binaryGroup2 = "00001101 01000101 01000101 00010110 00000100 00000000 01000101 00011101 00001000 00010110 00000000 00001010 00000000 00001010 01000101 01000101 00000110 00000000"
binaryGroup3 = "00010000 00010000 00010011 00001101 01011001 00001010 00001101 00001101 00011100 00011000 01011001 00001011 00010111 00011101 00010110 00011101 00010110"


key = ""


for binaryGroup in [binaryGroup1, binaryGroup2, binaryGroup3]:
   neededKeyByte = 0
   for keyByte in range(256):
       if isCorrectByte(binaryGroup, keyByte):
           neededKeyByte = keyByte
           break


   keyBitAsString = ''
   for i in range(8):
       keyBit = (neededKeyByte >> (7 - i)) & 1
       keyBitAsString += str(keyBit)


   key += keyBitAsString + ' '


print(key)

As a result, we get the key 01101011 01100101 01111001Who is compatible with the series “key”.

After applying XOR to the encrypted text with this key, we recover the original message:

This is just a text message for encryption or decoding

Given that in Ascii coding, one byte corresponds to one letter, brute force attacks are relatively easy. However, what if the original message was in UTF-8 or UTF-32 and contains emoji or symbolic symbols?

When the text is encrypted in the codes unlike ASCII (for example, UTF-8 or UTF-32), brute power attacks become more complicated, as one letter can be formed from multiple bittate.

One of the methods of analyzing such an encrypted text is to create a byte dictionary for each letter. For example, the serial letter “ш” is coded at UTF-8 11010010 10101000.

If, while decoding, we get these bitules (or parts of it), we can assume that deciphering the transparency is going in the right direction. However, the final confirmation is only possible after analyzing the entire sequence.

If encrypted data is a file, it can help its structure decipher. Many file formats (for example, PNG, PDF, Zip) contain distinctive heads, which help determine the start of the file and possible patterns in the encrypted text. This makes deciphering much easier if the key is reused.

However, if the length of the key matches the length of the original message and used only once, decoding becomes impossible. For example, if the word “cat” is encrypted using the “dog” key:

Since the key has never been reused, an attacker CEste select the original message – it can be “cat”and “Yes”and “Run”Or any other mixture of the same length. The only information that can be concluded is the length of the message (24 -bit). However, if the key is used more than once, the Cryptanalysis analysis becomes possible, which is why the one -time plate plate (OTP) remains only safe when following the strict rules of use. The method of encryption is known as the key is equal in length and is known only once as One -time pillow. This method was first suggested by Gilbert Verneam and Joseph Mobourgen in 1917.

As we see, knowing the length of the key allows us to break the encrypted text. But the question that arises – how can we determine this length?

Of course, we can still rely on brute force, repetition through the switch lengths from 1 to 100 byte, but there are more elegant ways. Let’s explore the length of the key using Haming distance.

The hamming distance is a scale of the difference between two series of equal length, indicating the number of letters in one chain that must be changed to get the other.

Simply put, the number of places where the strings differ.

For example, the distance of the gel between the strings 10101010 and 10001110 It is 3, because it differs in three parts.

How does this help? When encrypting with frequent byte, patterns appear, causing similar symbols short distances.

The algorithm works as follows:

1. Select the length of the default key N (For example, from 1 to 40).
2. Divide the encrypted text into blocks according to the length of the key.
3. Calculate the distance of the gel between the blocks and calculate the average distance.
4. To compare the different keys, normalize the gel distance by dividing it over the size of the mass.
5. The length of the switch in which the natural distance is the minimum is the length of the most likely key.

However, the gel distance method does not always provide an accurate result. Let’s take a look at a symbol excerpt calculating the distances of the gel for different keys:

strBinary = '00011111 00001101…00000000'
binaryByByte = strBinary.split()


distance_map = {}


def hammingDistance(byte1, byte2):
   return sum(bit1 != bit2 for bit1, bit2 in zip(byte1, byte2))


for keyLen in range(1, 40):
   count = 0
   totalDist = 0
   for i in range(len(binaryByByte)):
       for j in range(i + 1, len(binaryByByte)):
           if (j - i) % keyLen == 0:
               totalDist += hammingDistance(binaryByByte[i], binaryByByte[j])
               count += 1
   distance_map[keyLen] = totalDist / count if count else 0


sortedMap = {k: v for k, v in sorted(distance_map.items(), key=lambda item: item[1])}


print(sortedMap)

wherestrBinary It is the previously described encrypted text.

The output will look like this:

{39: 2.0, 36: 2.411764705882353, 21: 2.441860465116279, 18: 2.4423076923076925, 12: 2.4456521739130435, 6: 2.519230769230769, 24: 2.5294117647058822,3: 2.5361990950226243, 27: 2.5384615384615383, 9: 2.576923076923077,23: 2.6216216216216215, …}

As we know, the key to the actual key is not 39 or 36, and the eighth place in the minimum value does not correspond to the minimum distance of the minimum. So, what happens here?

To understand this, let’s first consider a “ideal” coded text to analyze the distance.

Serial purification: dogdogdogdogdogdogdogdogdogdogdogdogdogdog Using the key key.

The program will appear to be directed to calculate the distance of the gel from this encrypted text:

{3: 0.0, 6: 0.0, 9: 0.0, 12: 0.0, 15: 0.0, 18: 0.0, 21: 0.0, 24: 0.0, 27: 0.0, 30: 0.0, 33: 0.0, 36: 0.0, 39: 0.0, 1: 1.36 …

In fact, the key key Corresponding keykeyand keykeykeyAnd so on (after XOR an algorithm). The distance of the gel in this case will be 0, because with a frequent key, each part of Xors the key with the same normal part at a time.

With the arbitrary text, each byte of Xors key with different metals of encrypted text, causing small differences in the hamming distance. However, the “false keys” (repeated NNN times the key) will continue to produce minimum gel distances, even if they are not the length of the real key. solution: Using the greatest shared division (GCD). To eliminate the effect of false keys, we can calculate the greatest joint division (GCD) for the first few distances of the gel. If the encrypted text is long enough, the real length of the key will be divided into values ​​with lower distances. In our case, GCD 39, 36, 21, etc. is 3, which matches the actual key.

The algorithm is effective when the length of the encrypted text is much larger than the length of the key. However, if the text is short, the probability of errors, and the GCD may lead to 1, which makes it difficult to determine the length of the key. This happens because the main number of repetition decreases, which reduces the patterns available for analysis, which makes the detection of the length of the key more challenging.

Other ways to determine the length of the key also depend on the XOR encryption feature using a repetitive key. Therefore, the only truly safe way to encrypt data using XOR is to use one -time panel (OTP). Modern encryption algorithms, although they use XOR, avoid the main repetition, which makes them resistant to such attacks. An example Aesand Chaacha20And others. The basic techniques to prevent the frequent keys are:

• In mass encryption (AES) – different keys are used for each block, derived from the primary key.
• In the encryption (CHACHA20) – a unique key is created, also dependent on the primary key.

A detailed description of these algorithms outside the scope of this article.

Thus, XOR is still an important tool for encryption, but its safety depends on the correct use. Modern encryption algorithms represent their weaknesses and the implementation of more sophisticated encryption plans.