02-08-2017, 09:02 AM

I am trying to map out how you can recover the Encryption key from a DES-OFB cipher with a known plain text attack.

As it stands I have the IV - 64 Bits, the Cipher - 64 bits and the original/plain text - 64 bits.

From what I can work out, to encrypt the original text into OFB, the DES encryption is run 8 times producing 16 bits of cipher text each time. Each time before the returned encryption is XOR with the plain text to produce the cipher text the 16 bits of data are appended to the end of the original 64 bit IV and the front 16 bits are discarded.

Long story short, I believe I only need to crack anyone of these 8 encryption cycles to produce the Encryption key but to do that I need the 64 bit input and the 64 encrypted output (prior to it being XOR to produce the cipher text).

By XOR the cipher and plain text for each position, I can reproduce the 64 bit input for any location, but I can only get the first 16 bits for all the outputs, as this is the only data that is used in the XOR to produce the cipher for that location. The remaining bits are discarded.

I wanted to use Hashcat to brute force the DES encryption but I am unable to get a full 64 bits for the plain text input required.

Am I missing a step or am I approaching this the wrong way?

As it stands I have the IV - 64 Bits, the Cipher - 64 bits and the original/plain text - 64 bits.

From what I can work out, to encrypt the original text into OFB, the DES encryption is run 8 times producing 16 bits of cipher text each time. Each time before the returned encryption is XOR with the plain text to produce the cipher text the 16 bits of data are appended to the end of the original 64 bit IV and the front 16 bits are discarded.

Long story short, I believe I only need to crack anyone of these 8 encryption cycles to produce the Encryption key but to do that I need the 64 bit input and the 64 encrypted output (prior to it being XOR to produce the cipher text).

By XOR the cipher and plain text for each position, I can reproduce the 64 bit input for any location, but I can only get the first 16 bits for all the outputs, as this is the only data that is used in the XOR to produce the cipher for that location. The remaining bits are discarded.

I wanted to use Hashcat to brute force the DES encryption but I am unable to get a full 64 bits for the plain text input required.

Am I missing a step or am I approaching this the wrong way?