Quote Originally Posted by fullmetalcoder View Post
My understanding was that the only way to break the code was a brute-force attack which would be very long...
There are three conditions which must be met:
  • the key must be random,
  • the key must be used only once,
  • the key must have the same length as the message

If all of them are met, this encryption scheme is unbreakable (as proved by Shannon), otherwise it's unsecure.

Quote Originally Posted by fullmetalcoder View Post
Jacek and you keep talking about "known plain-text attack" but I don't really see what you mean here... I view cryptography as a way to hide data using a key and not to hide a key in know data...
I know it sounds weird, but suppose that you send several messages that were encrypted using the same key and one of them was compromised. The attacker has a plain text and cipher text of one of the messages and he can perform a know plain-text attack on the cipher to retrieve the key and decipher the rest of messages.

Such attack is also possible if you can guess the contents of plain-text (or part of it). In case of XOR-cipher, each correct guess gives you one character of the key.

Get a copy of Schneier's Applied Crypthography or try this: http://www.cacr.math.uwaterloo.ca/hac/ (just beware, that this one requires a lot of courage as it has been written by mathematicians for mathematicians).