2
$\begingroup$

Messing around on cyberchef I stumbled on some weird DES behavior. Encrypting a message with a key of “password” could also be decrypted with the key “passwosd” example. After some further investigation the following keys were also able to decrypt the message correctly:

  • passwosd
  • passwose
  • password
  • passwore
  • pasrwosd
  • pasrwose
  • pasrword
  • pasrwore
  • parswosd
  • parswose
  • parsword
  • parswore
  • parrwosd
  • parrwose
  • parrword
  • parrwore

The same behavior was observed with different plaintexts, IVs, and operating modes. Additionally, when different IVs were used substantial portions of the message were still decrypted successfully example.

I know that DES is old and outdated for a number of reasons, but does anyone know why it's possible for multiple keys to decrypt a message?

Improve this question
$\endgroup$

1 Answer 1

Reset to default
2
$\begingroup$

This is because the low-order bit of DES key bytes has no effect (though in some rare implementations, it is checked to be the complement of the exclusive-OR of the other 7 bits).

For the purpose of that, see my answer. In a nutshell: that's to make DES weaker.

Improve this answer
$\endgroup$

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.