PDA

View Full Version : A little help in understanding some crypto


nikolatesla20
December 8th, 2004, 16:21
I was wondering if someone here (maybe Mike?) could help me with this.

Mind you, I'm not looking for the answer, or a cheat, or anything. It's just the happy folks over at hxxp://www.hackthissite.org seem to enjoy keeping everyone in the dark about crypto. I've been working on their "encryption challenges". I'm still a newb at crypto in a lot of ways tho, so I haven't gotten any of them done!

They had 3 challenges in place one was considered difficulty "insane", one "moderate", and the last "hard". Since I didn't know squat yet, I and some other users made some requests for for an easier challenge.

Yesterday challenge number 4 was posted, and it's supposed to be "easy". I've been working at it for a while but my brain is fried soon.

Look, you guys know me fairly well on this board. You know I'm not looking for a direct answer, but they don't have ANY tutorials on encryption on the site, so how am I ever supposed to learn how to start and things to look for other than groping in the dark for a millinea. I've posted on their forum about a possible tutorial for challenges that are already complete and won, but no one has answered me yet. It's getting very frustrating.

Anyway, they gave this short text for encryption challenge 4:

Code:

HTWMAA


And that's it. Now, I think this could be anything. I mean, it could be the word "ACROSS", or who knows. I just don't agree that this is "easy" since there's not enough ciphertext to really know what is going on.

In fact, if I run this thru a Crypto cracker for substition algos, I get a number of options:

Code:

1 RECALL
2 BYPASS
3 DRAGEE
4 PAYOFF
5 THRILL
6 ACROSS
7 BURGOO
8 CUTOFF
9 MORASS
10 SQUALL


Who knows which one, or if it's any? There's not context to the message..

I send the answer "ACROSS" to the encryption author but he replied that it was not correct.

So far I've tried bruting Ceaser shift, bruting Affine cipher, and also trying XORs with each character position. Perhaps it's a combination of these, so I'm still working on my bruter to try that.

Basically, what would be some other ways to cryptoanalyze this? Anyone have any more suggestions to try ? There's not enough text to do frequency analysis, and also doesn't seem enough for a Vinegire cipher, so it's got to be some math ops going on or something. But right now it's considered "easy" and I thought I've tried most of the easy approaches now..

Thanks guys.

-nt20

dELTA
December 8th, 2004, 19:42
Since the cipher text is so extremely limited, my only guess would be that they have used a simple crypto, e.g. some of the ones you mention, and then left a visible clue in the correct key. So I would try to brute the shortest key combinations of all the most simple ciphers, and look for interesting patterns/clues in the keys (or at least the ones that generate a plain text that gets a hit in a good dictionary if the number of keys to analyze needs to be reduced).

bilbo
December 9th, 2004, 03:18
nikola,

if I were you I wouldn't waste my time in such a silly thing, where hundreds of solutions are all equally correct...

Regards, bilbo

P.S. I appreciate the answer of dELTA, but I am afraid it is too intelligent for a "quite simple" challenge

nikolatesla20
December 9th, 2004, 04:37
Thanks Delta, that's a good idea, I'll try bruting for a nice looking key

-nt20

dELTA
December 9th, 2004, 10:09
Quote:
I appreciate the answer of dELTA, but I am afraid it is too intelligent
I hate when that happens.

JMI
December 9th, 2004, 11:59
And such a rare occurance also.

Regards,

jsteed
December 10th, 2004, 10:07
Maybe it's a transposition code rather than a substitution one.

cheers, jsteed

naides
December 11th, 2004, 12:07
Quote:
[Originally Posted by nikolatesla20]
Code:

HTWMAA


-nt20


Hi Nikola, A challenge is a challenge, I think you are like me, not being able to solve a puzzle just makes me try again and again in the most obsessive way..

some observations:

The only thing with Structure is the AA at the end, which assuming this is a simple substitution cypher narrows the meaning of the cyphertext AA to letters that apear in pairs in the english language: EE, FF, OO, LL, SS, TT and so on. you can test the hypothesis by guessing the algorithm that converts AA into SS for instance, and see if the other characters in the cyphertext turn into something that makes sense, when you apply the same algorithm to them

just an idea. . .

nikolatesla20
December 11th, 2004, 15:22
Yes, I've been trying that..

I thought maybe transposition, like maybe "AW MATH" but the author replied that is incorrect.

So yes I thought of double letters, like LL, EE, etc. However if this is any type of stream XOR cipher that won't hold true, since the letters will be masked..

The author has now changed the difficulty to "moderate". See, I told him it's not "easy".


-nt20

mike
December 16th, 2004, 19:51
Did they change it? HTMEQA is on the site now; this seems to have only one "cryptogram" style decryption: ISRAEL.

mike
December 16th, 2004, 20:01
Also, it might be an acronym: "hack this message encrypted quality assurance" or something.

nikolatesla20
December 17th, 2004, 12:15
Yeah mike they changed it, he said he screwed up.

As a small make up for messing up the ciphertext, the author now gave a hint that the real text (the decrypted text) is also only five characters.

So for now I was trying to imagine the text fitting in between the six characters somehow - you know, because a six-letter word has five spaces in between.

so,

H T M E Q A

is

72 84 77 69 81 65

So if the five letter word was in there:

72 X 84 X 77 X 69 X 81 X 65

Where the X's are the letters of the word. Maybe the numbers on either side are chosen by some method ...

I bruted every combo that could come between each sub-combo (like between 72-84 and 84-77, etc , for all five chars) and needless to say I still get quite a list...

Or of course one of the characters could just be null padding!

Man, so far I've tried bruting (by brute I mean I use a large dictionary, and for all 5 - 6 letter words I encrypt and then look for ciphertext of "htmeqa" or such to show I have the algo):

each char * charposition mod 26...
each char ^ charposition mod 26...
ciphertext XOR'd against 5-6 char words as the key, looking for decrypted text...yes I did get quite a few real words too !

get this, yesterday, I decided to try XOR'ing the ciphertext with every 5 or 6 letter word from a dictionary file. The script that did this would output to a new file in the format of <xor'd text> : <dictionary word (key)>

Then I have another script that loads this output file and looks to see if any of the xor'd text is a real work in the dictionary, and then collects all those it finds, so I can compare real words and keys it used. I actually get quite a few matches doing that.

Yesterday though it was funny, because I got the following sequence in this order, at the end of my dictionary brute match output. I am not kidding !

This is the <xor'd with the ciphertext output> : <original dictionary word xor'd with>

DRUGS : keycc
DYING : klehw
GRAMS : nemic
HADES : otnac

LOL!!!!

I also got

AVERY : haiti

I was using the "elcomenglish.txt" dictionary, which is from elcomsoft, they use it to attach zips and stuff.

I'm sure I'm overthinking this. So far 2 people have gotten it though.

-nt20