A Look at Cryptic Writer, version 1.1.1
As Told To:
Joe Peschel
Cryptic Writer 1.1.1, by Ben Janusch, is a freeware MS DOS program that one of my readers came across at the Simtel Site. The Cryptic Writer author apparently uploaded it on July 4. This was the author's description of his upload:
"Cryptic Writer v1.1.1 is a command line driven, 'public key' encryption/decryption program.
This program will encrypt and decrypt files of any type and any size (although larger files
take a while) with the use of a simple numeric key and sub-key."
My reader, who wishes to remain anonymous, writes:
"I saw recently on one of the MSDOS software newsgroups announcing a free public key crypto
program. It sounded too good to be true, so I downloaded it. After reading the first
paragraph of the program's documentation, I realized that the author doesn't know what
public key crypto means; needless to say, his program wasn't using public key crypto -
it was yet another secret-algorithm, secret-key crypto program. What's more, it's dead
slow. Encrypting a 50k file takes a few seconds or so. Anyway, after encrypting a few
plaintexts, I figured out the method it was using (Caesar-style simple substitution) and
within two hours of downloading the program, I had implemented a ciphertext-only cracker
that recovers an equivalent key and, optionally, decrypts the file."
In the Crypt Writer documentation Janusch writes:
"First off, encrypting a file is simply formatting that file so that,
in theory, only desired people can view that file's contents. I
assume you know that, unless you just downloaded this because the
name sounded cool. 'Public key' encryption is simply a program that
uses a key, such as the number 23, to modify the data and structure
of a file. Anyone obtaining an encrypted file could possibly decrypt
this file if they knew the method at which it was encrypted and the
numeric key. Personally, I do not like the label of 'public key'.
It is the most commonly used title for this type of encryption, but
the key is not designed to be public. For all intensive purposes,
you should want your key to remain private. The only drawback to
'public key' encryption is the fact that you better not forget that
key."
Entertaining isn't it!
This is the approach my reader took in cracking Cryptic Writer:
"The technique I used to find out the encryption method was fairly routine
stuff: encrypt a file of zero bytes to see if the cipher exhibits patterns
in the ciphertext, encrypt a file of non-zero bytes to see how the
plaintext is mixed with the keystream, encrypt a 256-byte file containing
all the ASCII characters to determine the substitution mapping. I noticed
that the cipher effected a substitution cipher by
C = P + K (mod 256)
where K is an even integer. So the effective keylength is 7 bits. This is
significantly shorter than the claimed potential keylength of 231 bits.
To write a cracker, I needed to find out a relationship between K and the
(key, subkey) pair that the program uses. I encrypted the 256-byte file
with a few test keys and checked the ciphertext for the amount of shift
that the key caused. It didn't take long to find that equivalent keys can
be found from K by
(key, subkey) = (257, K/2+1)
This is enough information to write a known-plaintext cracker. However,
since the cipher is just a simple substitution, the byte frequencies of
the plaintext are preserved in the ciphertext. This fact can be exploited
for a ciphertext-only attack, which I implemented in the Crackcw
cryptanalysis program."
I think the Cryptic Writer author is pretty young and just learning about crypto so I won't bother attacking his lack of crypto knowledge, but I will congratulate him on learning about classical ciphers.
In the Cryptic Writer documentation he adds also,
"If you have encrypted a file and deleted the original, then you had better remember that key
or you will never get the contents of that file back unless you are good at cracking codes."
My reader is good at it, and you may click here for Crackcw.
Joe
July 1998