CODEWITHSUNDEEP
cryptographykeyencryptionblowfish
Petro Semeniuk
Petro Semeniuk

Reputation: 7038

How to get a Blowfish encryption key

I have a bunch of messages in encrypted and decrypted form using Blowfish with the same key. Is there any way to get key out of those messages?

References to any algorithm or tool will be highly appreciated. I have only basic knowledge of cryptography so please correct me if question is too broad and not specific enough.

Upvotes: 1

Views: 13663

Answers (3)

3ntr0py
3ntr0py

Reputation: 119

If those messages were stored in the file and the file is encrypted, you can write a script to do dictionary-based attack on those files. Of course, I am assuming that those texts are stored in the file and file is encrypted.

Sample:

$echo "Super secret" >> secret.txt; openssl enc -aes-128-cbc -in secret.txt -out secret.enc -k password

you can reverse the process, by bruting it

Upvotes: 1

Giacomo Verticale
Giacomo Verticale

Reputation: 656

You do not have many chances of getting the key. The only attacks that I see are:

  • leverage on flaws in the implementation of the encryption. Blowfish is a block cipher, as such it encrypts only blocks of fixed size. In order to encrypt variable length files, you need a mode of operation and a padding scheme. In your post you do not tell which if these have been used for your files, but some of the few successful attacks against cryptography exploit wrong choice or implementations of these.

  • if the key was derived from a password you can try to guess the password. In addition to the above, you also need to know the algorithm that was used to derive the password. You can also find in the Internet several dictionaries, which are basically long lists of possible passwords. With some work you can write a program that checks several password per second. My experience says that if you are lucky and the password is in a dictionary you can probably find it in a few days.

For the sake of completeness, trying all the possible keys requires more than the life of the universe.

Upvotes: 6

Kyle Rosendo
Kyle Rosendo

Reputation: 25277

No, cryptography uses mathematical / binary functions to create (or rather, transform) the original data into encrypted information. If it stored the key within the message, it would be rendered useless.

Here is a reference for how the Blowfish Algorithm works: Link.

Here is a reference on Symmetric-key cryptography, of which Blowfish is a part of (as a Symmetric Block Cipher): Link

Upvotes: 6

Related Questions