0

I'm trying to decrypt a message that has been encrypted using a one-time pad with a repeated key. The encryption technique involves using the same key twice. We know the message was encrypted with $k = k_0 \ ||\ k_0$ and that the length of the subkey $k_0$ is half the length of the complete key. We also know that the encoding is 8-bit ASCII and the plaintext is in English.

I tried to use the fact that

$$ (M_1 \oplus k) \oplus (M_2 \oplus k) = M_1 \oplus M_2 $$

to split the encrypted message into two parts, XOR them, and convert the result to ASCII, but this approach hasn't yielded a correct plaintext. Additionally, I've tried matching the frequencies of the bytes in the XORed message to the frequencies of English letters, but this method also failed to provide a satisfactory result.

Is there a proper way to decrypt the message under these conditions?

crypTOl23
  • 1
  • 2
  • "one-time pad with a repeated key" is a contradiction in terms, much like bicycle with single wheel. I suggest XOR with repeated key instead. The "formula used for encryption" has little to do with how encryption is performed, and further is strange on two acounts: we are left wondering both if it was intended $(M_1⊕k)⊕(M_2⊕k)=M_1⊕M_2$ (which at least would be algebraically sound), and if $k_0$ was used two or four times in the available ciphertext. I can tell "encoding is 8-bit ASCII" is not enough of an assumption on the plaintext, it must have some redundancy (like being English text). – fgrieu Mar 20 '24 at 17:35
  • @fgrieu-modelectionending thanks for the comments, I have updated the question to take them into account – crypTOl23 Mar 20 '24 at 17:47
  • If your search the crypto stackexchange for "one-time pad key reuse", you will find many similar questions which may hold the answer you are looking for. – lamontap Mar 20 '24 at 20:43
  • XOR-ing the ASCII chars together obviously is not likely to give back ASCII plaintext, for instance if you XOR A with A then the result is obviously 0x00 (assuming 8 bits per character). For good frequency analysis and such you need quite a few bits of plaintext. As fgrieu mentioned: it is possible that there is more repetition and a smaller key size, which gives you more to work on, because basically you get a $n \times (n - 1) \over 2$ possible combinations. Every-time you guess a character (and thus a key) the other location of key reuse may result in a less likely character. – Maarten Bodewes Mar 20 '24 at 22:05
  • @lamontap In my case, I only have one cipher text. Can I assume that splitting the cipher would result in two valid ciphers encrypted with the same key? Then I can split the cipher, XOR the two parts together, and try to XOR that again with frequent words/letters to find parts of the plaintext. Does what I'm saying make sense? – crypTOl23 Mar 20 '24 at 22:08
  • @crypTOl23 What you are saying makes sense to me. – Mark Schultz-Wu Mar 21 '24 at 00:39

0 Answers0