info@kfcipher.net

Cipher Analysis Tool

  1. Home
  2. Cipher Analysis
AES-128/192/256 • DES • 3DES • Twofish • Serpent  |  Side-channel analysis  |  Security rating

Cipher Analysis Tool

Analyse encrypted cipher text for cryptographic vulnerabilities across 7 algorithms. Get a detailed security rating, timing-attack simulation, theoretical weakness analysis and actionable improvement recommendations — all in plain English.

AES-256 requires exactly 32 characters. Key is used for simulation only and is never stored.
About this tool

The KF-Cipher Cipher Analysis Tool evaluates the cryptographic strength of your encrypted data across seven symmetric algorithms. For each analysis it produces:

  • Security Rating — a plain-English assessment of the algorithm's current security status, based on NIST guidelines and known cryptanalytic results.
  • Key Strength — the effective key space and its resistance to brute-force and quantum attacks (Grover's algorithm).
  • Timing Attack Simulation — measures the execution time difference between two cipher operations on different inputs. A large difference may indicate a non-constant-time implementation susceptible to timing side channels.
  • Theoretical Analysis — summarises the best known attacks against the algorithm and its resistance to differential, linear and quantum cryptanalysis.
  • Cipher Mode Warning — flags the use of ECB mode in the simulation and explains why it is insecure for production use.
  • Recommendations — concrete, actionable steps to improve your encryption implementation, tailored to the specific algorithm.
  • Decryption Verification — if you provide the original plain text, the tool decrypts the cipher text and verifies it matches, confirming the key and cipher text are correct.

Key length guide: AES-128 = 16 characters  |  AES-192 = 24 characters  |  AES-256 = 32 characters  |  DES = 8 characters  |  3DES = 24 characters  |  Twofish / Serpent = 32 characters.

Supported algorithms

AlgorithmKey sizeBlock sizeRoundsStatus (2025)
AES-128128-bit128-bit10Acceptable — good for most applications
AES-192192-bit128-bit12Strong — exceeds most requirements
AES-256256-bit128-bit14Excellent — NIST recommended, quantum-resistant symmetric
DES56-bit64-bit16Broken — brute-forceable in seconds. Never use.
3DES (Triple DES)112–168-bit64-bit48Deprecated (NIST 2023) — vulnerable to Sweet32 attack
Twofish256-bit128-bit16Strong — AES finalist, no known practical attacks
Serpent256-bit128-bit32Excellent — highest security margin of any AES finalist

What is a side-channel attack?

A side-channel attack exploits physical information leaked by a cryptographic implementation — not weaknesses in the algorithm's mathematics. The most common types are:

  • Timing attacks — variations in execution time between different inputs leak key-dependent branches or data-dependent table lookups.
  • Power analysis (SPA / DPA) — measuring a device's power consumption during encryption reveals key bits through correlations with intermediate values.
  • Cache-timing attacks — the CPU cache behaviour during AES T-table lookups can leak the key to a co-resident attacker (e.g. on shared cloud infrastructure).
  • Differential fault analysis — deliberately introducing hardware faults during computation and comparing faulty and correct outputs to recover the key.

Why ECB mode is insecure

ECB (Electronic Code Book) mode encrypts each block independently using the same key. Identical plaintext blocks always produce identical ciphertext blocks, which leaks patterns in the data. The famous "ECB penguin" — an image of a penguin that remains clearly visible after ECB encryption — illustrates this perfectly. Always use AES-GCM (authenticated encryption) or at minimum AES-CBC with a random IV and HMAC-SHA256 for authentication.

References

  1. NIST FIPS 197 — Advanced Encryption Standard (AES)
  2. NIST SP 800-131A Rev 2 — Transitioning Cryptographic Algorithms (2019) — Triple DES deprecated
  3. D. J. Bernstein — "Cache-timing attacks on AES" (2005)
  4. Kaliski & Yin — "On Differential and Linear Cryptanalysis of the RC5 Encryption Algorithm"
  5. B. Schneier et al. — "Twofish: A 128-Bit Block Cipher" (1998)
  6. R. Anderson et al. — "Serpent: A Proposal for the Advanced Encryption Standard" (1998)
KF-Cipher
Cryptography Tools
Post Quantum Cryptography
Encoding Tools
Security Tools
Domain Tools
Resources