Absent a text that says something like "This is the decrypted
text", you can't know for certain. Although the likelihood is
not huge, a given ciphertext might decode into several different
plausible plaintexts depending on the key/algorithm applied.
(See, for instance, recent news about the CIA sculpture....)
In general, any cipher may be more easily attacked if one knows
something about the plaintext. For instance, during WWII, the
British deliberately attacked and sank a buoy in order that daily
German status reports would contain some guessable text. (Earlier
in the war, they had found that 90% of German Enigma messages
contained somewhere the word "eins" (one)....)
Mathematical encryption might not be the only encoding of the
message. Assume, for instance, that you have intercepted the message
to the Japanese fleet "Climb Mount Niitaka!". Of course it was in
Japanese (nothing guarantees that the plaintext will be in English!)
and presumably encrypted, but even if you guess it means "Execute
the planned operation", there's nothing to tell you what that operation
IS.
David Gillett
-----Original Message-----
From: alexpheno@gmail.com [mailto:alexpheno@gmail.com]
Sent: Thursday, May 18, 2006 2:18 AM
To: security-basics@securityfocus.com
Subject: How to verify a decrypted cyphertext
Hello list,
Does anybody know how a computer verifies that it has
succesfully decrypted a cyphertext?
In the case of Project RC5, they have to find out a string
which is known to be readable and probably use
pattern-matching algorithms based on some sort of dictionary
(my 2 cents). But in the case of a encrypted random string
how woud one know that the solution has been found.
Thanks.
