Cryptography Question Answered

By Deane Barker on August 29, 2003

A while back I posed a question about cryptography that no one could answer.

“How does a cryptologist know that he has decoded something? If he’s trying to brute force an encrypted message, he has to try umpteen different keys. So how does he know when he’s got the right key and the message is decrypted?”

After six weeks or so of it hanging out there, I emailed Bruce Schneier who is at the top of the field (he wrote the seminal book on the subject: Applied Cryptography). He directed me to this page which provides the answer:

“For example, RC4 encrypts data in bytes. Imagine a single ASCII letter as plaintext. There are 26 possible plaintexts out of 256 possible decryptions. Any random key, when used to decrypt the ciphertext, has a 26/256 chance of producing a valid plaintext. The analyst has no way to tell the wrong plaintext from the correct plaintext.

Now imagine a 1K e-mail message. The analyst tries random keys, and eventually a plaintext emerges that looks like an e-mail message: words, phrases, sentences, grammar. The odds are infinitesimal that this is not the correct plaintext.”