Substitution ciphers involve taking a clear text "this is a message" and substitut-
the identity of each clear text letter with a cipher symbol [while retaining the
position of the letter] "zyxw xw vutwwvst". Monoalphabetic ciphers involve only
using one alphabet [out of (26! - 1) possible alphabets] to encipher the message.
That is, if 't' enciphers to 'z' in the cipher text, no other clear letter will berepresented by 'z' and 't' will always encipher to 'z'. Uniliteral ciphers involve using only one cipher symbol to represent a single clear
symbol ['t' becomes 'z' rather than 'zg' in multiliteral ciphers [see Uniliteral Ciphers].
The form of cipher that EverCrack cracks is a weak cipher, it just utilizes a very
efficient method. Such a cipher still could be encrypted using one of (26! -1)
possible alphabets: 403, 291, 461, 126, 605, 635, 584, 000 ,000 possible alphabets.
Even with a modern computer, brute-forcing [trying every possible alphabet] would
take years and years to achieve. EverCrack does it in miliseconds because of its
kernel design. Since monoalphabetic ciphers do not use keys, the encryption itself
is the attack target [the possible alphabets] - this effectively makes the pool of
possible alphabets the key.
attack. By boolean-algebraic, I mean it performs a process of comparison and re-
duction to generate all possible internally consistent, valid decodes. The decodes
may have no semantic value, but they represent the smallest pool [based on the dic-
tionary set] of decodes in which each cipher symbol represents a clear-text symbol
[and this sometimes includes gibberish].
The first step involves gathering information about the cipher text:-the number of cipher words
-the length of the cipher words
-the relative redundancy of the cipher words
Using this information, EverCrack resequences the cipher words from the longest toshortest [see Optimizations].
Then, EverCrack catalogs which cipher words contain the most unique symbols
and uses these cipher words during the cryptanalytic attack [see Optimizations].
This optimization loop can run several times because the next step may render one or
more of this pool of cipher words as unusable [flagging it as SKIP].
The next step involves determining the list of clear words to use for decoding each
cipher word. If the cipher word is "zxyyzw", it uses the list [in the big dictionary]
"6P2.TXT". The '6' represents the number of letters in the cipher word. The 'P'
represents the fact that the cipher word has a pattern and the '2' represents the
pattern [2 repetitive letters]. As these lists are determined EverCrack checks to
see if such a list exists, if not, the cipher word is flagged as SKIP and the
optimization loop runs again.
Lets take a sample message: zxzyvyuvw vytsruquptoza upp vnsmzya
Firstly, the length and pattern [letter redundancy] of each word is stored and
EverCrack sorts the cipherwords by length: vytsruquptoza zxzyvyuvw vnsmzya upp
[the original order is stored in the int array seq[WORDS] as a global].Then the appropriate plain word list is assigned to that word [i.e., "zxzyvyuvw"
is a word of 9 letters with 3 repetitions so the plain word list is 9P3.TXT].
Next, EverCrack chooses which cipher words to flag as DUP - this is to reduce the
redundancy in the cipher text. Starting with the longest word, each word is checked
to see if it possesses any unique letters [letters not present in other cipher words
- if a longer word does, it is the word kept]. Words flagged as DUP will use the
letter-decodes of cipher words flagged as USE [default - see PartialDecrypt()].In this case, "upp" is flagged as DUP because 'u' and 'p' are present in "vytsruquptozs".
So now the message is: "vytsruquptozs zxzyvyuvw vnsmzys".
|Word||Word List||Words in List|
Why ordered by length? Look up at the listing where the number of words per
list is noted. If EverCrack performed a comparison for each word you would have:
124 x 797 x 2485 = 245,587,580 comparisons to perform
and if we used the cipher word "upp":124 x 797 x 2485 x 50 = 12,279,379,000 [which had 50 word list matches].
By ordering by length, I push the words with the smallest list to the right
[yet words with high redundancy] so there are more likely to be invalid
results at the *start* of the lists eliminating many potential comparisons
further down the lists.
By eliminating the cipher words which do not have unique cipher symbols[preferring the longest of those that do] I effectively reduce the amount
of cipher text that must be cryptanalyzed to roughly 10% - which further
reduces the number of comparisons EverCrack must perform. This was probablythe milestone design optimization that made EverCrack fast. In fact, this
optimization made EverCrack quicker as the size of the input cipher text
increased [though leveling off at a certain amount]. On this particular
cipher, we have reduced the comparisons to: 2,487!
not limited to:Atbash Ciphers Caesar Ciphers Affine Ciphers The Caesar Cipher Cracker is a specific implementation cipher cracker - it only cracks displacement ciphers [out of the broader class of monalphabetic substitution ciphers]. EverCrack is a general-implementation cipher cracker - it cracks all those ciphers [attacking the broader algorithmic concept] which fall under the class of monoalphabetic substitution ciphers.