发表新帖
发表新帖

How to identify encryption algorithm used in ciphertext?

后端 未结
关注
5 645
忘掉有多难
忘掉有多难 2021-02-01 09:36

Is there any ways to try to guess encryption algorithm used to encrypt the ciphertext?

相关标签:
5条回答
  • 时光说笑
    2021-02-01 10:03

    It depends if you're talking about "raw encrypted data" (in that case you can use methods such as listed by "gs" in the other answer) or an encrypted file in some standard format (the most common are CMS/PKCS#7 and OpenPGP); in the latter case the encryption algorithm is explicitly indicated in the metadata contained in the very file.

    For CMS you need an ASN.1 decoder such as command-line dumpasn1 program or my own web-based Javascript decoder while for OpenPGP you can use pgpdump.

    0 讨论(0)
  • 醉梦人生
    2021-02-01 10:19

    Quite often this information is readily available - in a good encryption scheme, only the key needs to be secret, not the algorithm used.

    There are analyses you can can perform to test for particular encryptions, consult a textbook on cryptanalysis for details!

    0 讨论(0)
  • 情书的邮戳
    2021-02-01 10:21

    Yes. There are some differences:

    • Is it a block cipher or not can be guessed from the length.
    • Block length
    • Entropy of the output (are all characters equally present? / can patterns be found?)
    • Recurrences (CBC or not...)

    The entropy of the string is probably the best hint. A simple method to determine it is probably trying to compress it. Some methods can be found here: http://www.random.org/statistics/ They use them to make sure their numbers are as random as possible.

    I've got no idea if it's really possible to determine the encryption using these methods.

    0 讨论(0)
  • 闹比i
    2021-02-01 10:21

    You can try fbcrypt which will scan for known hash & crypto signatures: http://fwhacking.blogspot.com/2011/03/bfcrypt-crypto-scanner.html

    For now it supports MD5, CRC32, Blowfish, DES and SHA256, but more will be added soon. Anyway as the source is available you can also add your own.

    0 讨论(0)
  • 南笙
    2021-02-01 10:24

    Tools to see it:

    • PEiD with the Krypto Analyzer (KANAL) plugin
    • IDA Pro with the Findcrypt plugin
    • OllyDbg with the SnD Crypto Scanner
    • x3chun's Crypto Searcher
    • Keygener Assistant
    • Hash & Crypto Detector (HCD)
    • Draft Crypto Analyzer (DRACA)

    but all to executables. found here : http://fwhacking.blogspot.com.br/2011/03/bfcrypt-crypto-scanner.html

    0 讨论(0)
 看不清?
提交回复
热议问题