2

I received an interesting challenge today from my teacher(the problem can be solved). The only thing i have is a 1MB AES-encrypted file and i have to decrypt it and find some information within. I assume the mode used was ECB-128, because from what i read it is the only aes mode that can be cracked due to the repeated use of the same key, but i'm not sure if i'm on the right path. What is the best way to approach such a challenge?

EDIT: One of the hints we got is that the password contains "2014" either at the beginning or at the end of the key(not sure if it helps very much, the key space is still very big). But because the file is so large, i'm really thinking it could be an image, so i'll try reconstructing the header and reading the image, maybe i'll discover something.

Țurcanu Ștefan
  • 65
  • 1
  • 8
  • "But i'm not sure if i'm on the right path" Can you let us know what you've come up with so far? It's best if we can provide feedback on your thought process instead of coming up with something new from scratch for you. – Sal Oct 22 '18 at 15:12
  • Well because i know the problem can be solved, i assume it is ecb, because it is the weakest mode and it reuses the same key for every block. And because my file is very large, i am thinking on some attack like two time pad, but i'm not sure if it is possible. – Țurcanu Ștefan Oct 22 '18 at 15:18
  • is it a picture? – kelalaka Oct 22 '18 at 17:02
  • I thought about it after Rob Napier's answer, but it's not(it could have been pretty interesting if it was). I'm trying actually some analysis on the image. We received a hint, that the password contains "2014" at the end or at the start, so i'm trying some analysis using cryptool. – Țurcanu Ștefan Oct 22 '18 at 17:36
  • It is better if you post the full question? not the ciphertext. – kelalaka Oct 22 '18 at 18:12
  • Not sure i'm getting you. I edited the post. Because of it's size, i'm really thinking it could be an image. I tried constructing a jpg header as a 640*640 image, and i see many similarities. I can't see any text yet, but i have a hunch that it's the right direction. – Țurcanu Ștefan Oct 22 '18 at 18:48
  • try to change the size. How many blocks you have? – kelalaka Oct 22 '18 at 20:07
  • Yes, this is what i'm trying(65536x16 blocks) but i'm not exactly sure, it also could be a .bmp or a .gif Or maybe it isn't even an image :) Anyway, thanks for your help. – Țurcanu Ștefan Oct 22 '18 at 21:24
  • For the picture alignment, the size is important. To find it, factor the number of blocks and produce possible sizes. – kelalaka Oct 22 '18 at 22:04
  • "*One of the hints we got...*".... can you please post *all of the hints*? A hint may also be in a way the question is phrased. – rustyx Oct 23 '18 at 07:52
  • I was thinking about bit-flipping attack (https://en.wikipedia.org/wiki/Bit-flipping_attack) as you even know the size of the blocks already. But you need to encrypt using the same cipher (and a 1MB file seems to be laborious). You can't with just the ciphertext. However, some research may help you to understand how ECB does work and i found it interesting to share. – Kianii Oct 23 '18 at 08:09
  • @rustyx Actually this is the only thing. This file was in an archive, and the hint says that all the keys used for this challenge contain string `2014` at the begging or at the end of the key. The archive's password was 2014test for example. But i'm not sure this is the right path, the key's space is still very large. – Țurcanu Ștefan Oct 23 '18 at 11:05
  • @Kianii i think this attack doesn't apply in this context, because i have to find a password in this file. I think i'll try the kelalaka 's approach and to find possible sizes and format. The file is very large, so i dont think it is a text file, maybe an archive, but i doubt it. An image file is most likely. – Țurcanu Ștefan Oct 23 '18 at 11:09
  • How does the beginning of the file look like in hex? – rustyx Oct 23 '18 at 11:24
  • @Turcanu_Stefan Yeah, it's not appliable but not for the reason you think. This method is totally usable to find a password in a text file. – Kianii Oct 23 '18 at 12:13
  • @rustyx the first block is `A4 A2 72 C6 FD A1 E5 20 4B 9D C3 24 35 1A 55 8F 2D`, but i'm not sure it will help you. The entire file is encrypted, so i can't be sure what header could it be. – Țurcanu Ștefan Oct 23 '18 at 14:45

1 Answers1

4

In ECB mode, identical blocks of plaintext are encrypted to identical blocks of ciphertext. So typically you're looking for patterns of identical blocks of ciphertext (aligned to 16-byte boundaries). The ECB Penguin is probably the most famous demonstration of the problem and should point you in the right direction for exploring the data you have.

Rob Napier
  • 286,113
  • 34
  • 456
  • 610