Rating:

## Challenge
> This time Fady learned from his old mistake and decided to use onetime pad as his encryption technique, but he never knew why people call it one time pad!

> [msg](msg)

## Solution

The challenge description states that Fady is using [OTP encryption](https://en.wikipedia.org/wiki/One-time_pad). As the name implies, the secret key in OTP encryption can only be used once, otherwise the complete key and plaintext can be recovered using a [many time pad attack (aka crib drag)](http://travisdazell.blogspot.nl/2012/11/many-time-pad-attack-crib-drag.html). Assuming that each line in the msg file is a line of text encrypted with the same OTP key, we can begin the crib drag by xor-ing 2 lines together and guessing possible letters.

I used the [cribdrag tool from SpiderLabs](https://github.com/SpiderLabs/cribdrag) to recover the plaintext.


$python xorstrings.py 0529242a631234122d2b36697f13272c207f2021283a6b0c7908 2f28202a302029142c653f3c7f2a2636273e3f2d653e25217908 2a01040053321d06014e09550039011a07411f0c4d044e2d0000$ python cribdrag.py 2a01040053321d06014e09550039011a07411f0c4d044e2d0000
0 __________________________
0 __________________________


After a couple dozen guesses, I was able to decrypt the message as such.


0 Dear Friend, This time I u
0 nderstood my mistake and u


Now that we have some plaintext, we can recover the key by simply xoring a plaintext string together with it's corresponding ciphertext. This can be done by modifying xorstrings.py slightly.


s1 = "0529242a631234122d2b36697f13272c207f2021283a6b0c7908".decode('hex')
s2 = "Dear Friend, This time I u"

s3 = sxor(s1, s2)

print s3


Running the modified xorstring.py script produces the flag: **ALEXCTF{HERE_GOES_THE_KEY}**.