I have been researching cryptography and this question just came to mind, if someone intercepts a cyphertext and doesn’t know the algorithm used, then for all he knows it could be using the strongest or the weakest algorithms out there
In: 0
Example:
You receive my encrypted message and it looks random to you.
Now you want to brute force it. There are exactly 26 ways to encode it with a rotational alphabet cipher, and there are 100 trillion ways to encode it with some kind of PRNG based xor encryption.
Wich one do you try first? Exactly, you try the one with fewer possible keys. So if I use a bad encryption algorithm it’s easier to crack because you can try them all pretty quickly before you move on to the difficult ones.
And for very bad ones like the alphabet rotation the shape of the message might even give away information about the type of encryption used. (Frequency analyses reveals there are unusually many Qs in there? Well, guess we found our E)
Also it’s best practise to assume the attacker knows the encryption method you used. I mean, if you do communication with a web server he might get the hint that you use the https protocol.
Latest Answers