RE: How to verify a decrypted cyphertext

["David Gillett" <gillettdavid () fhda edu>]

  Absent a text that says something like "This is the decrypted
text", you can't know for certain.  Although the likelihood is
not huge, a given ciphertext might decode into several different 
plausible plaintexts depending on the key/algorithm applied.
(See, for instance, recent news about the CIA sculpture....)

  In general, any cipher may be more easily attacked if one knows
something about the plaintext.  For instance, during WWII, the
British deliberately attacked and sank a buoy in order that daily
German status reports would contain some guessable text.  (Earlier
in the war, they had found that 90% of German Enigma messages 
contained somewhere the word "eins" (one)....)

  Mathematical encryption might not be the only encoding of the
message.  Assume, for instance, that you have intercepted the message
to the Japanese fleet "Climb Mount Niitaka!".  Of course it was in
Japanese (nothing guarantees that the plaintext will be in English!)
and presumably encrypted, but even if you guess it means "Execute
the planned operation", there's nothing to tell you what that operation
IS.

David Gillett


> -----Original Message-----
> From: alexpheno () gmail com [mailto:alexpheno () gmail com] 
> Sent: Thursday, May 18, 2006 2:18 AM
> To: security-basics () securityfocus com
> Subject: How to verify a decrypted cyphertext
>
> Hello list,
>
> Does anybody know how a computer verifies that it has 
> succesfully decrypted a cyphertext?
>
> In the case of Project RC5, they have to find out a string  
> which is known to be readable and probably use 
> pattern-matching algorithms based on some sort of dictionary 
> (my 2 cents). But in the case of a encrypted random string 
> how woud one know that the solution has been found.
>
> Thanks.