WRITEUP – DEFCAMP2015 – Crypto 50

In this challenge a text file is given with 11 rows. Each row is an encrypted hex string. The given hint was that each of the 11 ciphertexts were encrypted using the same stream cipher. A quick search for weaknesses in stream ciphers reveals a key reuse attack. In stream ciphers the plaintexts are xor'd with a key stream. If one uses the same key for all plaintexts it means that all plaintexts were xor'd with the same key stream. This means by xoring the ciphertexts with each others we get

E(Message_A) = Message_A xor Keystream
E(Message_B) = Message_B xor Keystream
E(Message_A) xor E(Message_B) = Message_A xor Keystream xor Message_B xor Keystream
                              = Message_A xor Message_B

Thus, by xoring two ciphertexts with each other, we get the result of the xor-operation of the used plaintexts. If we knew one of the messages we could easily extract the other message. But we do not know any message so we have to use a technique called crib dragging.

In crib dragging we try to guess some word which might be in one of the messages. Then we xor this word with each position of Message_A xor Message_B. If at some position we find some other word or part of a word, we know that this word is in there.

For example, I guessed that " the " is in one of the messages. So I xor'd the last ciphertext which we want to decrypt with the first ciphertext. Than I xor'd " the " with each position of the result. At one position the result was "trans". So I guessed that this could be part of another word. So I tried the same thing with "transmission" and again at one position I got more of the message.

This tool helped a lot: https://github.com/SpiderLabs/cribdrag With xorstrings.py you can xor the ciphertexts and with cribdrag.py you could interactively guess words.

If I got stuck with one ciphertext I chose the next one as every plaintext was encrypted with the same keystream and repeated the process with my new findings. So I could slowly extend the 11. plaintext it is: "when using stream cipher, never use the key more than once!"