PDA

View Full Version : Crack This!



CumQuaT
09-07-2003, 04:37 AM
I have FINALLY finished programming my encryption engine. I have no idea how many bit it is, I didn't really base it on anything in particular... However, although I can program encryption, I am not too good at cracking it, so I need as many people as possible to give it a go for me. If you manage to crack it, the instructions on what do do are inside the file.

Thanks all you 1337 H4X0RZ!

*ClownPimp*
09-07-2003, 06:30 AM
Its pretty impossible to "crack" just a random string of bytes. If you want to tell how secure your algorithm is you have to post the code for the algorithm itself. The practice of hiding the algorithm is thought to be a dubious method of security.

Zach L.
09-07-2003, 08:42 AM
Indeed... Show us the algorithm, and we'll get to work on it :).

Unless it is something obvious, like a substitution cipher in which letter frequency is preserved, it is unlikely to be broken with only 187 bytes of ciphertext. If the method is used often, however, the amount of information builds up, and it becomes more likely that a weakness can be exploited.

major_small
09-07-2003, 08:10 PM
if your only going to give us a line of encrypted text, it's not going to help... for all i know, you're just shifting bits in a character or something...

CumQuaT
09-08-2003, 12:07 AM
That's the point. If I was, say, Russia, and I wanted to send a secret message to Serbia, I'm not going to post my algorith on the net for all to see! I need to know if it can be cracked by itself!

I worked my butt off getting this algorithm to work! I'm not going to go posting it for you to go and find! You don't show your students the answers to a test!

It's nothing simple either! It took me 3 months to think of and 4 to program!!!

Thantos
09-08-2003, 12:43 AM
If I was, say, Russia, and I wanted to send a secret message to Serbia

The point the people are trying to make is that from the snippet you've given is not enough to start a code break.

Using your example: If I was the US and I wanted to find out what you are saying to Serbia, I would intercept a bunch of messages over a period of time. Since I can be pretty sure that you aren't using a new algorithm every time that leaves me with the key and the message.

Now if you gave the people 20 different messages we could give you a better idea of the strength.

Carlos
09-08-2003, 02:03 AM
Originally posted by CumQuaT
I worked my butt off getting this algorithm to work! I'm not going to go posting it for you to go and find! You don't show your students the answers to a test!

It's nothing simple either! It took me 3 months to think of and 4 to program!!!
See, that's the problem. Your code might be - and probably is - some kind of "reinvented wheel" (which has probably been reworked many times, improved, reached it's limits and a new algorythm already took it's place).

Guess why are all really effective algorythms open to the public (PGP, DES, etc.)? This is the only way to find it's vulnerability.

If you're shifting and XOR-ing some bits - eventually spiced with some math, or you "hired" and combined some of the above mentioned algorythms - there are good defined rules and patterns which are like fingerprints: even a cracker can recognize some redundant bits or bytes, and can figure out the algorythm behind it. Not speaking of a specialist or a team of cryptologists, equipped with the most powerful HW and SW resources - if the information you send is really precious, they will decrypt it!

So, the protection of your data is not granted if you only hide your crypt algorythm - if the information is really precious, it will be decrypted. Many algorythms where stated as unbreakable - but the time has proven they are not.

P.s.
If we won't decode your encrypted data means we are only not really interested in it ;)

Hammer
09-08-2003, 03:11 AM
CumQuat, I think you need to read this FAQ (http://www.faqs.org/faqs/cryptography-faq/research/) , particularly number 3, "What do you think of my new cryptosystem?"

XSquared
09-08-2003, 05:40 AM
...and even more particularly, #3 part J.

Carlos
09-08-2003, 05:44 AM
Originally posted by XSquared
...and even more particularly, #3 part J.

"Offering a cash reward if someone breaks your cryptosystem may help someone to be more motivated to try (and is also a good test of how much you believe in your own system)."

So, CumQuaT, your time has come! :) ;)

CumQuaT
09-08-2003, 05:53 AM
HAHAHAHAHA no.

I think I'll just read the FAQ, first.

Hmm... Yep... OK, I've read the FAQ, section 3, part J. K. I HAVE spent ages researching encryption from many, MANY sources and have tried to find any loopholes and gaps for decryption until my ears have bled. What I want to know is if it's crackable or not! I just want one of you 1337 fellows (or ladies) out there to give it a go and test your (or my) skill.

No pain, no gain, guys. This isn't some secret message I want cracked for my evil scheme to take over the world! I just want to know if it's any good! Many (and I mean MANY) of my previous attempts have failed and this one worked!

So, what? You guys want me to add a few more decrypted messages as attachments? I'll do it just in case...

Thanks guys!

CumQuaT
09-08-2003, 05:59 AM
Oh, yeah. And if you guys CAN'T or can't be bothered going through it (which is cool with me). Do you know anywhere else I could take it to be tested for "Crackability"?

Cheers!

Govtcheez
09-08-2003, 06:03 AM
> I HAVE spent ages researching encryption from many, MANY sources

If you had actually done this you'd know that security through obscurity is bunk.

FillYourBrain
09-08-2003, 06:56 AM
CumQuat, you should know that unless you never give your program to anyone your algorithm is not a secret. Ever heard of Softice? It is not the hardest thing to do. I reverse engineered autocad 2004 to find their encryption scheme and compression algorithm in a couple of weeks. That's the point of what these guys are saying to you. The algorithm has to produce uncrackable output even when someone HAS the algorithm, because rest assured, they will have it as soon as they have your program.

Carlos
09-08-2003, 06:59 AM
Originally posted by Govtcheez
> I HAVE spent ages researching encryption from many, MANY sources

If you had actually done this you'd know that security through obscurity is bunk.
Besides you could have save your time and instead of researching cryptography rather learn some rare language - preferably from the last man who speaks it, wait until he dies(!), then translate your messages to this language. Absolute encryption! You are the key (C)(R)(TM) :D

Besides, this method has proven to be far the safest during WWII, where brilliant techniques like Enigma could be descyphered, but the US Navy communication NOT!

Their secret: a few brave indians (can't remember, but maybe Dakota), who spoke a very rare language (spoken by only a few hundred people in the world )who were taught english. The original english message was translated to their own language - which has a very hard and weird grammar and pronunciation - sent it this way, then the "encoded" message was translated by the receiver - who was of course also an indian - to english.

The japanese were having hard times trying to decrypt those messages, but never managed to understand a word!

This method has also it's weakness, as the japanese could have captured one of those people, but apparently this did not happen.

Govtcheez
09-08-2003, 07:02 AM
Originally posted by Carlos
Their secret: a few brave indians (can't remember, but maybe Dakota), who spoke a very rare language (spoken by only a few hundred people in the world )who were taught english. The original english message was translated to their own language - which has a very hard and weird grammar and pronunciation - sent it this way, then the "encoded" message was translated by the receiver - who was of course also an indian - to english.

The japanese were having hard times trying to decrypt those messages, but never managed to understand a word!

This method has also it's weakness, as the japanese could have captured one of those people, but apparently this did not happen. And this was made into a terrible, terrible movie with Nicolas Cage.

Shogun
09-08-2003, 08:08 AM
actoully enigma is/was one of the safest ways to encrypt messages the only way you could break it was if you had the "keyword" which changes every day. And then there was some sovietien variant where they used telegrams (during the cold war) and jused the enryptation of how much each letter coast to sent (or somthing like that), but enigma was/is very safe.

Carlos
09-08-2003, 08:29 AM
Originally posted by Shogun
actoully enigma is/was one of the safest ways to encrypt messages the only way you could break it was if you had the "keyword" which changes every day.

I read the book last year. The weakness of the Enigma is that they sent a part of the key along with the message.

A frustrated german soled an Enigma maschine to the french, but they did not tried too hard to find out how it works.
Later a group of pole matematicians found out some of the Enigma's secrets (even managed to reconstruct such a machine). They passed their knowledge to the British and French. Finally the scientists from "Bletchley Park" managed to decrypt the Enigma-coded messages, finding out the secret actions of the german U-boats.

The german made a horrible mistake: they took it for sure that the Enigma is 100% safe and unbreakable.

Even after the messages were decrypted, and the allies knew everything about the german U-boat strategies, they did not attack them in every case, thus letting the germans think that the Enigma is still safe.

Related links:
http://www.xat.nl/enigma (http://www.xat.nl/enigma/)
http://www.bletchleypark.org.uk/


...or just perform a search on the google for Enigma.

confuted
09-08-2003, 01:58 PM
Heh, man, I'm going to give you a quick example. Decrypt this:

frlo

That's all you're given. Ummm... could be any four letter word. There have been seven different four letter words so far this post... (eight now)

niy og upi hobr piy s nimvj pg dygg. upit ,rddshr dystyd yp nrvp,r vtsvlsn;r

I'm sure that anyone here that actually really really wanted to could crack what I just did. ESPECIALLY if I had released 300 pages worth of text like that.

Short messages can't be deciphered, "but if you give a bunch of stuff, your message starts to become crackable." If you post your code, people here can tell you if it's possible to develop an algorithm which will decrypt messages whether they're supposed to be decrypted by that person or not.

Govtcheez
09-08-2003, 03:01 PM
> frlo

Look, we don't take that kind of language lightly here.

-KEN-
09-08-2003, 03:10 PM
Ujr7i you, cheez.

major_small
09-08-2003, 07:56 PM
...niard eht nwod seog emehcs noitpyrcne ruoy ,elbakaerb ylisae s'ti fi ,ti sdnif ydobemos ecno esuaceb ,dab si mhtirogla ruoy gnidih fo dohtem ruoy ,dias evah elpoep ynam ekil ,osla )...( srebmun ro srettel gnitaeper fo dnik emos ro ,)racecar( semordnilap emos ebyam ekil ,pleh fo dnik emos deen ot gniog er'ew ,dnoces ...tnaw uoy tahw tuo dnif ot selif 'tpyrc' ruoy fo erom deen ew ,tsriF ...seog ti ereh tub ,tpyrced ot fo hcum taht lla deen t'nod yllaer ruoy taht ,noitpyrcne ysae emos s'ereH





Here's some easy encryption, that your really don't need all that much of to decrypt, but here it goes... First, we need more of your 'crypt' files to find out what you want... second, we're going to need some kind of help, like maybe some palindromes (racecar), or some kind of repeating letters or numbers (...) also, like many people have said, your method of hiding your algorithm is bad, because once somebody finds it, if it's easily breakable, your encryption scheme goes down the drain...

confuted
09-08-2003, 08:26 PM
For anyone that didn't catch it, I just moved my hands over a key for my "encryption." I also quoted what I said later in the message.

CumQuaT
09-08-2003, 09:55 PM
FINE!

Someone PLEASE just tell me a place where I can send my encrypted file WITHOUT:

a) Telling me how I'm doing it wrong
b) Telling me they want my algorithm
c) Telling me to read an FAQ
d) Telling me ANYTHING unrelated to my question

I really, REALLY, REALLY appreciate the help and advice you are giving me guys, don't get me wrong on that fact, it has been absolutely invalualble and I thank you for it, but I am good friends with a well known Australian programmer and he wrote some encryption software and just sent an encrypted file off to ASEO with no algorythm at all and they gave HIM feedback!

I sent mine there and they won't get back to me!

So does ANYONE know of a place where I can send JUST AN ENCRYPTED file (or two, or more) to get it (them) tested for "crackability" if there is such a word.

PLEASE don't get me wrong. The advice you guys have given me has been FANTASTIC, but I know there are places that will have a go at cracking your encryption (other places like ASEO), but I just want some help finding them, if you guys don't want to give it a go yourselves!!!

Ok? Thanks alot guys!

*ClownPimp*
09-08-2003, 10:32 PM
Why are you so intent on hiding your algorithm? No one will believe it is secure without it being open for scrutiny.

DavidP
09-09-2003, 12:03 AM
hmm...well no matter what any of you say...I have developed the best code ever known to man...no one could ever crack the code I have created..

mwahahahaha

Carlos
09-09-2003, 02:35 AM
Originally posted by CumQuaT
So does ANYONE know of a place where I can send JUST AN ENCRYPTED file (or two, or more) to get it (them) tested for "crackability" if there is such a word.

Ever heard of S.E.T.I.? ;)

confuted
09-09-2003, 02:35 PM
Originally posted by DavidP
hmm...well no matter what any of you say...I have developed the best code ever known to man...no one could ever crack the code I have created..

mwahahahaha

I've developed a better one. It's soooo good that it can't ever be decoded. Here, have a go at it...






(BTW, that's all of Google's results to the level of twenty links encoded in a single character)

Govtcheez
09-09-2003, 02:37 PM
Originally posted by confuted
(BTW, that's all of Google's results to the level of twenty links encoded in a single character) Pfft. I knew that.

-KEN-
09-09-2003, 03:14 PM
Originally posted by confuted
I've developed a better one. It's soooo good that it can't ever be decoded. Here, have a go at it...






(BTW, that's all of Google's results to the level of twenty links encoded in a single character)

Don't lie. I decrypted it with my super-secret algocrpytosuperrythm - it's ASCII gay porn.

maes
09-09-2003, 04:13 PM
Originally posted by -KEN-
Don't lie. I decrypted it with my super-secret algocrpytosuperrythm - it's ASCII gay porn.
No Ken, you just clicked on one of your favourites in internet explorer :rolleyes:

CumQuaT
09-09-2003, 08:25 PM
Ok. S.E.T.I. Thanks guys!

(P.S. I agree with maes. Your favourites tab is a gift and a curse sometimes)

ZerOrDie
09-09-2003, 08:43 PM
Originally posted by CumQuaT
Ok. S.E.T.I. Thanks guys!

(P.S. I agree with maes. Your favourites tab is a gift and a curse sometimes)

:rolleyes: sorry to say but S.E.T.I. was a joke and people are having a good laugh at your expense

-KEN-
09-09-2003, 08:58 PM
Originally posted by maes
No Ken, you just clicked on one of your favourites in internet explorer :rolleyes:

Look, don't get angry because you couldn't think of an ASCII-Gay-Porn (AGP, for short) desrcramlbing algorithm all on your own. Go pout in the corner and STFU, maes.

RobR
09-10-2003, 05:33 AM
Originally posted by -KEN-
desrcramlbing algorithm

If that wasn't intentional, then it should have been. If it was :frlol:

DavidP
09-10-2003, 09:23 AM
oh yeah decrypt this:



Hello, World!


and trust me...it doesnt mean what you think...mwaha

Govtcheez
09-10-2003, 09:25 AM
DavidP's a terrorist!

DavidP
09-10-2003, 09:34 AM
hahahahahahha

Shogun
09-10-2003, 10:02 AM
Speaking of encryptations I found this book a while ago it was about differn't encryption metods over the time...It semed really intresting so I convinsed my brother to buy it he read it told me it was great (if you're into the history of cryptations etc etc) but I never found the time to read it...