Cracking Encryption using Word Patterns
---------------------------------------

By klemster | klemster@weed5.org
Visit Weed5 Computer Security Group http://www.weed5.org/ for more

First Written On: 08th August, 2002. 2:38 PM
Last Modified On: 10th August, 2002. 1:21 PM

====================================================================
Contents
--------

Cracking Encryption using Word Patterns

Disclaimer

====================================================================
Cracking Encryption using Word Patterns

    I encrypted "Hello World" with 64 bit RSA.

Private Key = 88783679  Combo Key = 47703041  Public Key = 30712895

This is what I got:
2193233+26172029+37964602+37964602+22571920+27406686+1745926+
2571920+7536034+37964602+20844760+

Let's break this up:

H = 2193233
e = 26172029
l = 37964602
l = 37964602
o = 22571920
(Space) = 27406686
W = 1745926
o = 2571920
r = 7536034
l = 37964602
d = 20844760

If you notice, both  the l's in "Hello" have the same encrypted
result, i.e. 37964602.
So, I began thinking like this:
It's just like another language, that you cannot understand.
You need a translator, but you don't need to give him some key.

I can see a pattern built by looking at that.
Then, I thought of the word "excellent".
The connection is that 'l' repeats itself continuously in the word.
So, if I have a huge encrypted file, I can take a very small part
of it and check if two numbers repeat themselves continuously.
Then, I must have a word list, and check for patterns.
Now, I'm thinking only of the word "excellent" encrypted by RSA.
Two numbers will repeat themselves due to the the repitition of 'l'
in "excellent". 
It might be like this:
1. e = 12345678
2. x = 23456789
3. c = 34567891
4. e = 12345678
5. l = 99999999
6. l = 99999999
7. e = 12345678
8. n = 77777777
9. t = 45678999
So, if i see that the 1st, 4th and 7th numbers are the same number,
and the 5th and 6th are same, then I can almost 99% be sure that
the word is "excellent".

So, practically, I can decrypt a huge encrypted message if I find
2-3 words. I can substitute the number in every part of the
encrypted message and get almost the complete message and play
"hang man" to get the actual message.
All this can be finished in around 15 min. maximum!

The dictionary contains many words that have letters repeated
continuously in them. So, I can write a program to compare
encrypted messages and these words and check for patterns in the
encrypted messages. So, I can decipher the whole thing!

I had to make the following assumptions:
1. The actual stuff is in English.
2. The message contains atleast 2-3 words that I specify.
3. The number that is repeated most frequently and consistently is
the space character.
4. The encryption is not again encrypted on the top.
5. No compression algorithm has been used.

I wrote a program to do a lot of operations including word pattern
checking and tried this out with a 500+ word paragraph that I didn't
look at and I could finish the whole thing in about 3-4 minutes.
However, a slight problem is that you have to realise that the
results for 'l' and 'L' are different. So, after you have got the
numbers for all letters, most propably the ones still ciphered are
uppercase letters.

So, regardless of how the data is encrypted, you can decipher it
without the key or password if you find specific patterns.

Now, you may be thinking that all encryption can be cracked. It is
not so! Only the raw algorithm encryptions have a chance of being
cracked. Otherwise, most of the programs first compress the message
and then encrypt it. Programs like PGP are impossible to crack in
a trillion years, using all the present technology.

====================================================================
DISCLAIMER

    There is no guarantee on the accurateness of this text and
this is subject to change anytime. This text is meant only for
educational purposes. Following or reading this text is entirely at
the choice and risk of the user. I will not be responsible for any
damages caused because of reading this directly or indirectly, or
abuse/misinterpretation of this paper.

====================================================================

klemster | klemster@weed5.org