Interactive two-time pad cracker
The one-time pad is a theoretically uncrackable scheme for encrypting messages. It works by XORing a pre-shared, random key with a message, transmitting it, then XORing again with the same key to decrypt. However, for this to happen securely, the key must be truly random, kept completely secret, and never reused. In the case that key material is reused, knowing (or guessing) the plaintext of one message will give you the plaintext of a second message. This tool is meant to assist in guessing (more precisely, "crib dragging") to this end.
Note that there are some quirks to this method: if you guess, say,
" and "
for one message, revealing
" the "
at the same position in the other message,
it is entirely possible that these words were in the opposite places
in the original messages.
Most of the time, this is easy to notice, but sometimes, especially
with punctuation, it can be tricky.
More notably, this effect happens on the individual bit level,
not just for whole characters.
Due to the design of ASCII, this means that guessing the wrong case
(a
vs. A
) for one message
will result in the second message also having the wrong case.
Further reading: Stack Exchange
Ciphertext
c1
(hex):
Ciphertext
c2
(hex):
k = c1 ⊕ c2
(hex):
Show candidates:
probable
possible
all
Message 1Decrypted so far,m1 = m2 ⊕ k :
Guess a word:
Candidates for
|
Message 2Decrypted so far,m2 = m1 ⊕ k :
Guess a word:
Candidates for
|