Hello,

I=B4m trying to get me into AES. I don=B4t know whether I understand it
right, but I think there is an input string and a key which is passed
to the encryption algorithm. Then I get back the encrypted string. To
decrypt it, I have to supply the key and the encrypted string.

Now, how do I find out the key if I have an input value, and an output
value (in fact, I can generate more and with any content)?
Are there tools or Ruby/Perl/Python/PHP snippets that let me do this?
Or, just give me some theoretical info.

Thanks!
sokrAtes

sokrAtes wrote:


> Now, how do I find out the key if I have an input value, and an output
> value (in fact, I can generate more and with any content)?


Since AES is secure so far, your best chance to simply try all possible
keys. Since they're so many (2^keylength), this is infeasible.

> Are there tools or Ruby/Perl/Python/PHP snippets that let me do this?


Sure, it's trivial to write.

On 28 Nov., 22:46, "Sebastian G." <se... [at] seppig.de> wrote:
> Sure, it's trivial to write.

Can you point me to an adress where I can find information on how to
do it?
I=B4m not finding anything useful when searching with $searchengine$...

On Nov 30, 10:49 am, sokrAtes <JS.Sokra... [at] googlemail.com> wrote:
> On 28 Nov., 22:46, "Sebastian G." <se... [at] seppig.de> wrote:
>
> > Sure, it's trivial to write.
>
> Can you point me to an adress where I can find information on how to
> do it?
> I=B4m not finding anything useful when searching with $searchengine$...

As Sebastian says, given the input and output, the only way to derive
the key is to try every single one, so what you need to do is
IMPLEMENT aes encryption, then try every key.

of course, it's going to take you until the end of the universe to do
that, so why bother starting?

S.

On 30 Nov., 18:42, SafeBoot Simon <hunt.si... [at] gmail.com> wrote:
> end of the universe

Now, what if the key is 10 chars long...
They would be 2^10 = 1024 possible keys, which is not really much to
try out.

sokrAtes wrote:

> On 30 Nov., 18:42, SafeBoot Simon <hunt.si... [at] gmail.com> wrote:
>> end of the universe
>
> Now, what if the key is 10 chars long...
> They would be 2^10 = 1024 possible keys, which is not really much to
> try out.


Excuse me, I though you meant 2^(10*ld(possible chars)), so typically this
turns out to be 2^60, which still is a lot.

On Nov 30, 5:00 pm, "Sebastian G." <se... [at] seppig.de> wrote:
> sokrAtes wrote:
> > On 30 Nov., 18:42, SafeBoot Simon <hunt.si... [at] gmail.com> wrote:
> >> end of the universe
>
> > Now, what if the key is 10 chars long...
> > They would be 2^10 = 1024 possible keys, which is not really much to
> > try out.
>
> Excuse me, I though you meant 2^(10*ld(possible chars)), so typically this
> turns out to be 2^60, which still is a lot.

I think AES only works at 128 bit minimum keys, so even 2^60's not
going to help...

SafeBoot Simon wrote:


> I think AES only works at 128 bit minimum keys, so even 2^60's not
> going to help...


We're talking about a reduced keyspace with an efficient key preprocessing.