Solution: OTP



The one-time pad is a theoretically uncrackable scheme for encrypting messages. It works by XORing a pre-shared, random key with a message, transmitting it, then XORing again with the same key to decrypt. However, for this to happen securely, the key must be truly random, kept completely secret, and never reused. In the case that key material is reused, knowing (or guessing) the plaintext of one message will give you the plaintext of a second message.

To crack a pair of one-time pad messages that use the same key, first compute k = m1 XOR m2. Next, guess a word that may appear in the plaintext, for example " flag ". XOR this word with k in all possible positions. Anything that reveals legible text is likely correct. Repeat the process; you can guess words that may appear in either plaintext.

plaintext 1: 66696e642074686520666c6167206279206775657373696e67
    "find the flag by guessing"
plaintext 2: 74776963655f69735f746f6f5f6d7563685f4c6a5858364461
key:         a789b56f16f3fafb773f654dc7943e267e0a243d06560840b5

The flag:


Online tools: