The most primitive of all cryptanalytic attacks is exhaustion, also known as brute force attack. It consists of a complete key search—run through the complete key space, and try key after key until you get a valid decryption. This is especially successful against shift ciphers.
The exhaustion attack applies to each cipher! [See below.]
Procedure: Write the ciphertext (or a part of it) in one row. Below it write the tentative plaintexts for all possible keys, line by line. For a shift cipher simply write the alphabet in columns below the ciphertext, begin with the siphertext letter and repeat cyclically. The correct plaintext catches the eyes.
FDHVDU GEIWEV HFJXFW IGKYGX JHLZHY KIMAIZ LJNBJA MKOCKB NLPDLC OMQEMD PNRFNE QOSGOF RPTHPG SQUIQH TRVJRI USWKSJ VTXLTK WUYMUL XVZNVM YWAOWN ZXBPXO AYCQYP BZDRZQ CAESAR DBFTBS ECGUCT
The only meaningful plaintext is CAESAR. The key is 3. Note the structure of the columns.
Because of this scheme the exhaustion method is sometimes called »generatrix method«. This notation comes from an analogy with cipher cylinders.
Prepare some vertical strips [paper strips or wooden bars] that carry the alphabet twice in vertical order. Put these side by side, and slide them against each other in such a way that one row contains the ciphertext (or a part thereof). Then one of the other rows shows the plaintext [image].
Turning the strips by 90° the arrangement looks like this:
| ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ |
Here is a prototype. Print some exemplars and cut them out [PDF].
Question: Why did we omit the letter »Z« at the end of the strips?
Use a cipher with a large effective key length. |
The effective key length measures the complexity of the exhaustion attack. It is an insufficient measure for the complexity of cryptanalysis. |
The exhaustion (or complete key search) is a cryptanalytic procedure that works against every cipher: Simply try all keys in any order until you find the correct key. You recognize it by the appearance of meaningful plaintext.
A precondition for the success is that the plaintext language is highly redundant. That means that »meaningful« texts by far outweigh random character strings. In general there is a unique solution as soon as the text length exceeds the »unity distance« of the cipher, see later.
Here is an informal algorithmic description of exhaustion: