Deciphering “easy” ciphers without hints

Question

I've been keen on IT Security for a long time now and I've learned a lot about networking & security. However trying a "decryption challenge" I'm lacking what I think is basic encryption/decryption knowledge.

So I've got a ciphertext without knowing about the algorithm or key used encrypting the plaintext. I assume that this cipher is not "too hard" (no AES e.g.) to crack, because it would be an overkill for a simple challenge.

I want to mention that I would like to crack it on my own, but I need advice in which direction I should go - what's most likely to be used, how I can verify if some encryption algorithm is used or not, etc.

About the cipher: The Cipher contains [cghijklmnopqrsuvwxyzABCDEFGIJKLMNOPQRSTUVWYZ0-6+] without whitespaces, while some patterns are recurring (same characters are repeating in the same order a few times in the cipher). I'm also quite sure the ciphertext isn't hashed as I'm supposed to read what the result is. Cracking a 1000+ characters cipher won't be the "challenge".

What I've already done:

• I tried a frequency analysis to see if it's just substituted monoalphabetically sign for sign - without success (many results staying at ~8%, no one above 10%)

• I had a look at classic transpositioning and substitution methods which lead me to encryptions like Vigenére, Autokey, Beaufort and so on. However, those are designed to work with non-numeric alphabets as far as my understanding goes.

• I calculated the "Index of Coincidence" being about 0.06, which should tell me that problably a substitution is used (I haven't yet figured out completely how this works in detail)

• I already tried to separate the cipher at points where suspicious, recurring "words" are, just to find something that seems like separator-signs. However it's not much clearer afterwards and I'm not sure how to go on.

• I did already base64 decode as suggested, but the result was even less helpful. Looks more unrelated than before, just many special characters mixed up with periods and numbers here and there.

What I need would be a good advice on how to find out which cipher may be used as I'm currently running out of ideas what to try.

I hope somebody can help me out here as I'm really interested in the topic, but somehow stuck.

Thanks in advance!

Answer 1

I had a look at classic transpositioning and substitution methods which lead me to encryptions like Vigenére, Autokey, Beaufort and so on. However, those are designed to work with non-numeric alphabets as far as my understanding goes.

While most classical ciphers are applied to the usual alphabet (without different cases), they are not limited to that. It's perfectly fine to have exactly that alphabet you mentioned. In your cryptanalysis you will most likely use number representations of characters anyway (to use addition and modulo), then it just comes down to ordering the alphabet.

About the cipher: The Cipher contains [a-zA-Z0123456+] without whitespaces, while some patterns are recurring (same characters are repeating in the same order a few times in the cipher).

If there is structure like this, it's very likely to be Vigenere or something similar, operating in fixed "blocks". The distances from the repeating patterns will indicate the block size, as they are multiples of the blocksize.

I tried a frequency analysis to see if it's just substituted monoalphabetically sign for sign - without success (many results staying at ~8%, no one above 10%)

If you have the symbols a - z, A - Z, 0 - 6, how can 58 symbols have "many at 8%"? Still, it looks like Vigenere fits.

A few things to consider:

• Having different cases can imply, they have an alphabet of 2 * 26 (and then add the numbers), or they just use the case of the plaintext, but that should be quite obvious (the distribution is more even in the first case). Alternatively they could just have used a single alphabet and randomly used upper or lower case.
• Focus on finding out the block size first. You mentioned index of coincidence, but I guess you meant the "Friedman test". And you have to keep in mind, that your alphabet might be different than the standard one. Use the actual index of coincidence to find out the block size. As an algorithm, you can also calculate the autocorrelation directly (for shift $i=1,2,\dots$, count the positions where the text and the shifted text have the same symbol). The correct block size (and its multiples) will be a outlier(s) from what you would get from a uniform distributed alphabet (for all the wrong block sizes).

From there on, it's just frequency analysis for each position in the block.