Hi

I have a file that is encrypted with an algorithm and a key that i don't
know. This file is used with a software and hardware to program a flash memory.
I have also a dump of the flash memory after programming with the device
so the file is un-encrypted.
The question is :I have the encrypted and decrypted form of a file
how can i found the algo and the key than is used?
one of my friends has told me that maybe the key is in the encrypted file
this sounds true because the decrypted file is some byte shorter than
the crypted one.
I have attached the too file to this thread,If someone could show me the path(specially Mike). the encrypted file is the one with CAS in its name.

Thanks in advance

akimp3

I haven't looked at the files yet (I've been out of town for three weeks) but unless it's a completely braindead algorithm, you'll be out of luck.

@Mike

Hi ,Thanks for your reply.
Someone told me if i get the correlation of the encrypted file
there is a table that tell the correlation of encryption algorithm
and with this i could find the algo that is used.
Do you know anything about this method?
do you think it will be helpfull if i gather more file pairs?

Thanks in advance

akimp3

Excuse me for evesdroping, but trying to deduce the algorithm, specially if you don't have the key, by comparing cyphertext and plain text can be an uphill battle. Wouldn't you have better luck reversing the decoding routine if it is present somewhere in your software?

@naides

Hi,

Thank for your help. I don't know if the encryption is done by the software
or on the hardware interface.If it was me i would certainly do encryption
on hardware to keep baby cracker away.I don't have The CAS studio software
I will download it and take a look at it maybe it will be on the software.
there was a tool called crypro kanal or something like that, that find crypto
algo in an exe I will try your suggestion.

Thanks

The only way you can do that is if you know what the key is. With some algorithms you can distinguish them from random with lots of plaintext/ciphertext pairs and no key, but even for something with a small keyspace like DES, you need around 2^47 ~= 300 trillion pairs.

I just looked at the files. There is no way the encryption is anything decent, and you have a pretty good chance of breaking it. Pop open the encrypted dump in a hex editor, set the width to 16 bytes, and look at columns. You get way too many of the same nybbles repeated. Looks to me like a weak stream cipher with a period of 16 or 32. XOR the files together and I bet you'll get an even more blatant pattern.