Is it possible to determine the symmetric encryption method used by output size?Symmetric encryption mode where ciphertext size is plain text sizeUsing IV buffer after altered inside a Rijndael CBC Encryption/Decryption process as IV for next message?Exercise: Attack on a Two-Round DES CipherCommon password derivation function for different encryption methodsCracking an appliance's network protocolDetermine encryption method with input and outputSymmetric encryption vulnerable when encrypting and decrypting are the same?Is this an acceptable way to increase the block size of a block cipher?Crypto algorithm identification (reverse engineering)In BBC Sherlock's The Blind Banker, what type of cryptographic function is used by the Black Lotus?

Do I have an "anti-research" personality?

Do I have to worry about players making “bad” choices on level up?

How would one muzzle a full grown polar bear in the 13th century?

Why does processed meat contain preservatives, while canned fish needs not?

What language was spoken in East Asia before Proto-Turkic?

Was there a shared-world project before "Thieves World"?

Why does nature favour the Laplacian?

How does a program know if stdout is connected to a terminal or a pipe?

Critique of timeline aesthetic

Unexpected email from Yorkshire Bank

What makes accurate emulation of old systems a difficult task?

Don’t seats that recline flat defeat the purpose of having seatbelts?

web3.py web3.isConnected() returns false always

Binary Numbers Magic Trick

Why was Germany not as successful as other Europeans in establishing overseas colonies?

How can I place the product on a social media post better?

How to solve constants out of the internal energy equation?

How to reduce LED flash rate (frequency)

Is the 5 MB static resource size limit 5,242,880 bytes or 5,000,000 bytes?

Is the claim "Employers won't employ people with no 'social media presence'" realistic?

Real-world applications of fields, rings and groups in linear algebra.

Why other Westeros houses don't use wildfire?

A Strange Latex Symbol

what is the sudo password for a --disabled-password user



Is it possible to determine the symmetric encryption method used by output size?


Symmetric encryption mode where ciphertext size is plain text sizeUsing IV buffer after altered inside a Rijndael CBC Encryption/Decryption process as IV for next message?Exercise: Attack on a Two-Round DES CipherCommon password derivation function for different encryption methodsCracking an appliance's network protocolDetermine encryption method with input and outputSymmetric encryption vulnerable when encrypting and decrypting are the same?Is this an acceptable way to increase the block size of a block cipher?Crypto algorithm identification (reverse engineering)In BBC Sherlock's The Blind Banker, what type of cryptographic function is used by the Black Lotus?













2












$begingroup$


I'm attempting to identify the method of encryption for a black-box symmetric encryptor that produces blocks of output that are 4 bytes in length (e.g. small inputs fit in 16 bytes, then 20 bytes and 24 bytes as more input characters are added).



It's symmetric encryption and the value is always the same for the same input text. Is it possible to determine which method of encryption is used? I'm assuming it's a block cipher as a result of the blocks of output it produces.










share|improve this question









New contributor




jSherz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







$endgroup$











  • $begingroup$
    Related question on security.SE: security.stackexchange.com/questions/38797/… (I thought I remembered seeing a duplicate or at least a very similar question before on this site as well, but if so, I can't find it.)
    $endgroup$
    – Ilmari Karonen
    4 hours ago
















2












$begingroup$


I'm attempting to identify the method of encryption for a black-box symmetric encryptor that produces blocks of output that are 4 bytes in length (e.g. small inputs fit in 16 bytes, then 20 bytes and 24 bytes as more input characters are added).



It's symmetric encryption and the value is always the same for the same input text. Is it possible to determine which method of encryption is used? I'm assuming it's a block cipher as a result of the blocks of output it produces.










share|improve this question









New contributor




jSherz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







$endgroup$











  • $begingroup$
    Related question on security.SE: security.stackexchange.com/questions/38797/… (I thought I remembered seeing a duplicate or at least a very similar question before on this site as well, but if so, I can't find it.)
    $endgroup$
    – Ilmari Karonen
    4 hours ago














2












2








2





$begingroup$


I'm attempting to identify the method of encryption for a black-box symmetric encryptor that produces blocks of output that are 4 bytes in length (e.g. small inputs fit in 16 bytes, then 20 bytes and 24 bytes as more input characters are added).



It's symmetric encryption and the value is always the same for the same input text. Is it possible to determine which method of encryption is used? I'm assuming it's a block cipher as a result of the blocks of output it produces.










share|improve this question









New contributor




jSherz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







$endgroup$




I'm attempting to identify the method of encryption for a black-box symmetric encryptor that produces blocks of output that are 4 bytes in length (e.g. small inputs fit in 16 bytes, then 20 bytes and 24 bytes as more input characters are added).



It's symmetric encryption and the value is always the same for the same input text. Is it possible to determine which method of encryption is used? I'm assuming it's a block cipher as a result of the blocks of output it produces.







block-cipher symmetric blocksize






share|improve this question









New contributor




jSherz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




jSherz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 4 hours ago







jSherz













New contributor




jSherz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 5 hours ago









jSherzjSherz

1114




1114




New contributor




jSherz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





jSherz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






jSherz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











  • $begingroup$
    Related question on security.SE: security.stackexchange.com/questions/38797/… (I thought I remembered seeing a duplicate or at least a very similar question before on this site as well, but if so, I can't find it.)
    $endgroup$
    – Ilmari Karonen
    4 hours ago

















  • $begingroup$
    Related question on security.SE: security.stackexchange.com/questions/38797/… (I thought I remembered seeing a duplicate or at least a very similar question before on this site as well, but if so, I can't find it.)
    $endgroup$
    – Ilmari Karonen
    4 hours ago
















$begingroup$
Related question on security.SE: security.stackexchange.com/questions/38797/… (I thought I remembered seeing a duplicate or at least a very similar question before on this site as well, but if so, I can't find it.)
$endgroup$
– Ilmari Karonen
4 hours ago





$begingroup$
Related question on security.SE: security.stackexchange.com/questions/38797/… (I thought I remembered seeing a duplicate or at least a very similar question before on this site as well, but if so, I can't find it.)
$endgroup$
– Ilmari Karonen
4 hours ago











2 Answers
2






active

oldest

votes


















2












$begingroup$

Simply put: No.



Without knowing other details, you cannot be sure. That being said, in the case you described, the black box uses 4 bytes blocks, which is rather uncommon with modern block ciphers. AES e.g. uses 128bits (16bytes), Blowfish uses 64bits (8bytes). 4byte block ciphers are very uncommon now. Even DES, which is quite outdated and old uses 8 bytes. The only block cipher used that has 32bit block size and comes to my mind is RC5.



So as you can see, you can make an educated guess. But given just the ciphertext, this does not inform you at all about encryption used. This is one of the key aspects of cryptography btw, encrypted data should look as much as random data as possible.



You cannot even be sure that this is a block cipher. Could be a stream cipher with padding. So if the only thing you know is: "I have a box. I feed it data and it spits out data in chunks of 4 bytes" - then you know nothin', j Sherz






share|improve this answer











$endgroup$












  • $begingroup$
    Re: "This is one of the key aspects of cryptography btw, encrypted data should look as much as random data as possible": I don't really agree with this. From a security standpoint, it would be perfectly fine for an encryption scheme to always produce output that begins with, say, This message encrypted with ...; see https://... for details. In practice, however, encryption schemes don't generally do this; instead, a secure protocol will typically provide a separate (metadata) field to indicate the encryption scheme in use.
    $endgroup$
    – ruakh
    25 mins ago


















0












$begingroup$

You can try to determine the block size by modifying each byte of the input data, starting from the last one.



A typical block chipher implementation will mix the change into all other bytes in the block, and usually also to all following blocks, but not to blocks that come before it.



So if you observe e.g.:



 Plaintext Encrypted
0000 0000 2348 1234
0000 0001 2348 4292
0000 0010 2348 9823
0000 0100 2348 2149
0000 1000 2348 6785
0001 0000 8173 1437


you could be quite certain that it is a block chipher with 4-byte blocks.



For comparison, in typical applications of a stream chipher, only a single byte would usually change. If it is a stream cipher, you can obtain the keystream by encoding 000...0000, because it sounds like it doesn't have a random initialization vector.






share|improve this answer









$endgroup$













    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "281"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    noCode: true, onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );






    jSherz is a new contributor. Be nice, and check out our Code of Conduct.









    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f70113%2fis-it-possible-to-determine-the-symmetric-encryption-method-used-by-output-size%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    2












    $begingroup$

    Simply put: No.



    Without knowing other details, you cannot be sure. That being said, in the case you described, the black box uses 4 bytes blocks, which is rather uncommon with modern block ciphers. AES e.g. uses 128bits (16bytes), Blowfish uses 64bits (8bytes). 4byte block ciphers are very uncommon now. Even DES, which is quite outdated and old uses 8 bytes. The only block cipher used that has 32bit block size and comes to my mind is RC5.



    So as you can see, you can make an educated guess. But given just the ciphertext, this does not inform you at all about encryption used. This is one of the key aspects of cryptography btw, encrypted data should look as much as random data as possible.



    You cannot even be sure that this is a block cipher. Could be a stream cipher with padding. So if the only thing you know is: "I have a box. I feed it data and it spits out data in chunks of 4 bytes" - then you know nothin', j Sherz






    share|improve this answer











    $endgroup$












    • $begingroup$
      Re: "This is one of the key aspects of cryptography btw, encrypted data should look as much as random data as possible": I don't really agree with this. From a security standpoint, it would be perfectly fine for an encryption scheme to always produce output that begins with, say, This message encrypted with ...; see https://... for details. In practice, however, encryption schemes don't generally do this; instead, a secure protocol will typically provide a separate (metadata) field to indicate the encryption scheme in use.
      $endgroup$
      – ruakh
      25 mins ago















    2












    $begingroup$

    Simply put: No.



    Without knowing other details, you cannot be sure. That being said, in the case you described, the black box uses 4 bytes blocks, which is rather uncommon with modern block ciphers. AES e.g. uses 128bits (16bytes), Blowfish uses 64bits (8bytes). 4byte block ciphers are very uncommon now. Even DES, which is quite outdated and old uses 8 bytes. The only block cipher used that has 32bit block size and comes to my mind is RC5.



    So as you can see, you can make an educated guess. But given just the ciphertext, this does not inform you at all about encryption used. This is one of the key aspects of cryptography btw, encrypted data should look as much as random data as possible.



    You cannot even be sure that this is a block cipher. Could be a stream cipher with padding. So if the only thing you know is: "I have a box. I feed it data and it spits out data in chunks of 4 bytes" - then you know nothin', j Sherz






    share|improve this answer











    $endgroup$












    • $begingroup$
      Re: "This is one of the key aspects of cryptography btw, encrypted data should look as much as random data as possible": I don't really agree with this. From a security standpoint, it would be perfectly fine for an encryption scheme to always produce output that begins with, say, This message encrypted with ...; see https://... for details. In practice, however, encryption schemes don't generally do this; instead, a secure protocol will typically provide a separate (metadata) field to indicate the encryption scheme in use.
      $endgroup$
      – ruakh
      25 mins ago













    2












    2








    2





    $begingroup$

    Simply put: No.



    Without knowing other details, you cannot be sure. That being said, in the case you described, the black box uses 4 bytes blocks, which is rather uncommon with modern block ciphers. AES e.g. uses 128bits (16bytes), Blowfish uses 64bits (8bytes). 4byte block ciphers are very uncommon now. Even DES, which is quite outdated and old uses 8 bytes. The only block cipher used that has 32bit block size and comes to my mind is RC5.



    So as you can see, you can make an educated guess. But given just the ciphertext, this does not inform you at all about encryption used. This is one of the key aspects of cryptography btw, encrypted data should look as much as random data as possible.



    You cannot even be sure that this is a block cipher. Could be a stream cipher with padding. So if the only thing you know is: "I have a box. I feed it data and it spits out data in chunks of 4 bytes" - then you know nothin', j Sherz






    share|improve this answer











    $endgroup$



    Simply put: No.



    Without knowing other details, you cannot be sure. That being said, in the case you described, the black box uses 4 bytes blocks, which is rather uncommon with modern block ciphers. AES e.g. uses 128bits (16bytes), Blowfish uses 64bits (8bytes). 4byte block ciphers are very uncommon now. Even DES, which is quite outdated and old uses 8 bytes. The only block cipher used that has 32bit block size and comes to my mind is RC5.



    So as you can see, you can make an educated guess. But given just the ciphertext, this does not inform you at all about encryption used. This is one of the key aspects of cryptography btw, encrypted data should look as much as random data as possible.



    You cannot even be sure that this is a block cipher. Could be a stream cipher with padding. So if the only thing you know is: "I have a box. I feed it data and it spits out data in chunks of 4 bytes" - then you know nothin', j Sherz







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited 3 hours ago

























    answered 4 hours ago









    michnovkamichnovka

    19629




    19629











    • $begingroup$
      Re: "This is one of the key aspects of cryptography btw, encrypted data should look as much as random data as possible": I don't really agree with this. From a security standpoint, it would be perfectly fine for an encryption scheme to always produce output that begins with, say, This message encrypted with ...; see https://... for details. In practice, however, encryption schemes don't generally do this; instead, a secure protocol will typically provide a separate (metadata) field to indicate the encryption scheme in use.
      $endgroup$
      – ruakh
      25 mins ago
















    • $begingroup$
      Re: "This is one of the key aspects of cryptography btw, encrypted data should look as much as random data as possible": I don't really agree with this. From a security standpoint, it would be perfectly fine for an encryption scheme to always produce output that begins with, say, This message encrypted with ...; see https://... for details. In practice, however, encryption schemes don't generally do this; instead, a secure protocol will typically provide a separate (metadata) field to indicate the encryption scheme in use.
      $endgroup$
      – ruakh
      25 mins ago















    $begingroup$
    Re: "This is one of the key aspects of cryptography btw, encrypted data should look as much as random data as possible": I don't really agree with this. From a security standpoint, it would be perfectly fine for an encryption scheme to always produce output that begins with, say, This message encrypted with ...; see https://... for details. In practice, however, encryption schemes don't generally do this; instead, a secure protocol will typically provide a separate (metadata) field to indicate the encryption scheme in use.
    $endgroup$
    – ruakh
    25 mins ago




    $begingroup$
    Re: "This is one of the key aspects of cryptography btw, encrypted data should look as much as random data as possible": I don't really agree with this. From a security standpoint, it would be perfectly fine for an encryption scheme to always produce output that begins with, say, This message encrypted with ...; see https://... for details. In practice, however, encryption schemes don't generally do this; instead, a secure protocol will typically provide a separate (metadata) field to indicate the encryption scheme in use.
    $endgroup$
    – ruakh
    25 mins ago











    0












    $begingroup$

    You can try to determine the block size by modifying each byte of the input data, starting from the last one.



    A typical block chipher implementation will mix the change into all other bytes in the block, and usually also to all following blocks, but not to blocks that come before it.



    So if you observe e.g.:



     Plaintext Encrypted
    0000 0000 2348 1234
    0000 0001 2348 4292
    0000 0010 2348 9823
    0000 0100 2348 2149
    0000 1000 2348 6785
    0001 0000 8173 1437


    you could be quite certain that it is a block chipher with 4-byte blocks.



    For comparison, in typical applications of a stream chipher, only a single byte would usually change. If it is a stream cipher, you can obtain the keystream by encoding 000...0000, because it sounds like it doesn't have a random initialization vector.






    share|improve this answer









    $endgroup$

















      0












      $begingroup$

      You can try to determine the block size by modifying each byte of the input data, starting from the last one.



      A typical block chipher implementation will mix the change into all other bytes in the block, and usually also to all following blocks, but not to blocks that come before it.



      So if you observe e.g.:



       Plaintext Encrypted
      0000 0000 2348 1234
      0000 0001 2348 4292
      0000 0010 2348 9823
      0000 0100 2348 2149
      0000 1000 2348 6785
      0001 0000 8173 1437


      you could be quite certain that it is a block chipher with 4-byte blocks.



      For comparison, in typical applications of a stream chipher, only a single byte would usually change. If it is a stream cipher, you can obtain the keystream by encoding 000...0000, because it sounds like it doesn't have a random initialization vector.






      share|improve this answer









      $endgroup$















        0












        0








        0





        $begingroup$

        You can try to determine the block size by modifying each byte of the input data, starting from the last one.



        A typical block chipher implementation will mix the change into all other bytes in the block, and usually also to all following blocks, but not to blocks that come before it.



        So if you observe e.g.:



         Plaintext Encrypted
        0000 0000 2348 1234
        0000 0001 2348 4292
        0000 0010 2348 9823
        0000 0100 2348 2149
        0000 1000 2348 6785
        0001 0000 8173 1437


        you could be quite certain that it is a block chipher with 4-byte blocks.



        For comparison, in typical applications of a stream chipher, only a single byte would usually change. If it is a stream cipher, you can obtain the keystream by encoding 000...0000, because it sounds like it doesn't have a random initialization vector.






        share|improve this answer









        $endgroup$



        You can try to determine the block size by modifying each byte of the input data, starting from the last one.



        A typical block chipher implementation will mix the change into all other bytes in the block, and usually also to all following blocks, but not to blocks that come before it.



        So if you observe e.g.:



         Plaintext Encrypted
        0000 0000 2348 1234
        0000 0001 2348 4292
        0000 0010 2348 9823
        0000 0100 2348 2149
        0000 1000 2348 6785
        0001 0000 8173 1437


        you could be quite certain that it is a block chipher with 4-byte blocks.



        For comparison, in typical applications of a stream chipher, only a single byte would usually change. If it is a stream cipher, you can obtain the keystream by encoding 000...0000, because it sounds like it doesn't have a random initialization vector.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 28 mins ago









        jpajpa

        1614




        1614




















            jSherz is a new contributor. Be nice, and check out our Code of Conduct.









            draft saved

            draft discarded


















            jSherz is a new contributor. Be nice, and check out our Code of Conduct.












            jSherz is a new contributor. Be nice, and check out our Code of Conduct.











            jSherz is a new contributor. Be nice, and check out our Code of Conduct.














            Thanks for contributing an answer to Cryptography Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            Use MathJax to format equations. MathJax reference.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f70113%2fis-it-possible-to-determine-the-symmetric-encryption-method-used-by-output-size%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            How to create a command for the “strange m” symbol in latex? Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 23, 2019 at 23:30 UTC (7:30pm US/Eastern)How do you make your own symbol when Detexify fails?Writing bold small caps with mathpazo packageplus-minus symbol with parenthesis around the minus signGreek character in Beamer document titleHow to create dashed right arrow over symbol?Currency symbol: Turkish LiraDouble prec as a single symbol?Plus Sign Too Big; How to Call adfbullet?Is there a TeX macro for three-legged pi?How do I get my integral-like symbol to align like the integral?How to selectively substitute a letter with another symbol representing the same letterHow do I generate a less than symbol and vertical bar that are the same height?

            Българска екзархия Съдържание История | Български екзарси | Вижте също | Външни препратки | Литература | Бележки | НавигацияУстав за управлението на българската екзархия. Цариград, 1870Слово на Ловешкия митрополит Иларион при откриването на Българския народен събор в Цариград на 23. II. 1870 г.Българската правда и гръцката кривда. От С. М. (= Софийски Мелетий). Цариград, 1872Предстоятели на Българската екзархияПодмененият ВеликденИнформационна агенция „Фокус“Димитър Ризов. Българите в техните исторически, етнографически и политически граници (Атлас съдържащ 40 карти). Berlin, Königliche Hoflithographie, Hof-Buch- und -Steindruckerei Wilhelm Greve, 1917Report of the International Commission to Inquire into the Causes and Conduct of the Balkan Wars

            Category:Tremithousa Media in category "Tremithousa"Navigation menuUpload media34° 49′ 02.7″ N, 32° 26′ 37.32″ EOpenStreetMapGoogle EarthProximityramaReasonatorScholiaStatisticsWikiShootMe