Example illustrating encryption using binary Exclusive-OR

This section provides an example of encryption using the binary Exclusive-OR. To make it easier to follow the steps that need to be performed with CrypTool, the example is illustrated with a number of screenshots.

We will first see how to encrypt a binary document with the Exclusive-OR and then perform a ciphertext-only attack on this method. It will be shown that with many encrypted documents it is easy to work out the key and hence the plaintext as well. However, if the plaintext is compressed prior to encryption, the key and the plaintext cannot be worked out directly with CrypTool as the frequencies of the individual characters prior to encryption (but after compressing) are not known. On the other hand, certain properties about uncompressed files, such as graphic images, are known and can therefore be utilised in the analysis.

The example provided here functions in a similar manner with a text document, although the file to be used here is in binary format. The stages involved in an example of encryption using binary addition are similar to those performed here, except that the document that is encrypted is a text document.

We will start with a screenshot of CrypTool, which is to be found in file CrypTool.bmp.

cryptool.gif

To open this document in CrypTool, select via File \ Open.

szenarioxor1.gif

Before the document is encrypted, let us have a look at the frequency distribution of the characters, the histogram.

szenarioxor1a.gif

You can see from the histogram that the character which occurs most frequently has the value 255. In hexadecimal notation this corresponds to FF. This information will be utilised later on during our attack.

To now encrypt the document using an Exclusive-OR, select Crypt/Decrypt \ Symmetric (classic) \ XOR. In the dialog box which opens, enter 12 34 56 78 as the key.

szenarioxor2.gif

This causes a window containing the encrypted document to open.

szenarioxor3.gif

A ciphertext-only attack will now be performed. To start with, the document encrypted in the last step must be the active window, Now select Analysis \ Classical \ XOR, and first of all the autocorrelation will be calculated and displayed.

szenarioxor4.gif

An Automatic Analysis window now appears, in which we are told that the key length is calculated to be 4. As we saw at the beginning, the commonest character is FF. This we enter in the Expected most common character field.

szenarioxor5.gif

With this information CrypTool has been able to find the key, as can be seen from the next screen.

szenarioxor6.gif

A click on the OK button produces a new window containing the plaintext.

szenarioxor7.gif

In this case it was no problem for CrypTool to work out the key and hence the plaintext version of an encrypted file as we knew that the file contains a graphic image, in which the character that occurs most frequently has the hexadecimal value FF. In certain types of file experience shows that certain characters occur much more frequently than others. In a graphic image in bitmap format with 16 colours, this is often the value FF. So if we know that the file contains an encrypted graphic image in bitmap format with 16 colours, we can assume that the value which will occur the most frequently will be FF.

But if the graphic image is compressed prior to encryption then we cannot draw any conclusions from the frequency distribution of the characters in the graphic image about the frequency distribution of the compressed graphic image, since the compression process not only reduces the size of a file but the frequencies of the individual characters are quite different from the frequencies of the characters in the original graphic image. This means that we do not know the commonest character and cannot help CrypTool with the analysis.

To compress the document, it must be made the active window again.

szenarioxor1.gif

It can now be compressed by selecting the menu option Compress \ Zip.

szenarioxor7a.gif

The rate of compression is displayed, following which the compressed document is displayed.

szenarioxor8.gif

One can see immediately that compression produces a quite different histogram profile from the one previously obtained for the uncompressed picture in bitmap format with 16 colours. The characters are much more evenly distributed than in the unencrypted document.

szenarioxor9.gif

While it is possible to attempt the analysis, because we do not know which character occurs most frequently in a compressed document, we cannot provide CrypTool with any help during its analysis and must therefore adopt the default value of 00.

First of all we encrypt the file, which must be made active again prior to calling the encryption function, using the same key as before, 12 34 56 78.

szenarioxor2.gif

Following input of the key and a click on the OK button, the window with the encrypted file appears as per normal.

szenarioxor10.gif

We now invoke the analysis function again and observe that the autocorrelation operation has not been able to determine the length of the key, as it was able to do with the uncompressed file.

szenarioxor11.gif

CrypTool in fact returns an incorrect key length of 12.

szenarioxor12.gif

The incorrect key length could now be changed, but – as mentioned above – we do not know which character occurs the most frequently and therefore there is no point in continuing with the analysis.

If CrypTool had been able to find the correct key, we would have had the decrypted file after the analysis. This would still have been compressed so that it would have been necessary to unpack (decompress) the file (Compress \ UnZip menu option) in order to obtain the picture in the original (uncompressed and unencrypted) form again.