Decryption challenge: someone decrypt this

[KevinMU1]

Here's the crypt string: Gþ¯ùãÿ??ÿ+þÏø

It's not that complicated, it's just a simple encryption I wrote to store some info in a file, and I want to prevent "casual" abuse.

If you decrypt it, please tell me how long it took and how (basically) you did it.

Thanks in advance.

 

[FelixDeCat]

Im just guessing (applying my keen intelligence) but Ill bet it says, "How did you decrypt this?"

 

[AnthraX101]

It's too short to be able to reasonably be decrypted. Post a longer string. By the looks of it, I would guess that its some form of XOR encryption...but that is just MHO, and that's not much

AnthraX101

 

[AlwaysWong]

I have to go get my Rosetta stone replica out of the garage.

 

[Hossenfeffer]

"Bootylicious"

 

[aphex]

It says "Moooooooo"

 

[BuckleDownBen]

Why are you writing your own encryption? Why don't you download PGP and use that?

 

[KevinMU1]

OK, here's a longer string:



<< /&thorn;¯&ugrave;&yuml;&auml;&yuml;??&yuml;k&thorn;/&ugrave;?&auml;&yuml;??&yuml;{&thorn;&szlig;&ugrave;?&auml;&yuml;??&yuml;/&thorn;&ugrave;¿&aring;&yuml;??&yuml;O&thorn;¯&ugrave;¿&ccedil;&yuml;??&yuml; >>



is that long enough?

all of the wild guesses so far are no where close

As to why I'm writing my own, well, just for fun, same reason I do anything else. I just figure a little quick manipulation before inserting into the registry should be good enough, the code is about 4 lines each way, pretty simple, it does what I need, and no one knows the algorithm.

 

[KevinMU1]

ok, the above string was fixed, putting it in quotes kept it from being garbled.

 

[Ameesh]

<< Here's the crypt string: G&thorn;¯&ugrave;&atilde;&yuml;??&yuml;+&thorn;&Iuml;&oslash;

It's not that complicated, it's just a simple encryption I wrote to store some info in a file, and I want to prevent "casual" abuse.

If you decrypt it, please tell me how long it took and how (basically) you did it.

Thanks in advance. >>



why in the world would you do it yourself, if your running winxp you have accss to an encrypted file system and if you dont want to use that use pgp.

 

[KevinMU1]

I am including this encryption in some software that I am writing, so I can't rely on XP. From within my code the encryption must occur, and then resulting string written to the registry.

 

[Ameesh]

<< I am including this encryption in some software that I am writing, so I can't rely on XP. From within my code the encryption must occur, and then resulting string written to the registry. >>



there are many crypto dlls that come with windows that you can use them for free they are part of the win32 api. if your gonna be giving it to other people you should just use whats already written because those dlls are written by master programmers and have had a thorough analysis and code review by the NSA. they are really solid.

 

[Ameesh]

<<

<< I am including this encryption in some software that I am writing, so I can't rely on XP. From within my code the encryption must occur, and then resulting string written to the registry. >>



there are many crypto dlls that come with windows that you can use them for free they are part of the win32 api. if your gonna be giving it to other people you should just use whats already written because those dlls are written by master programmers and have had a thorough analysis and code review by the NSA. they are really solid. >>



oh they have functionality to do DES, 3DES and AES in them so you'd be golden to use it.

 

[KevinMU1]

Thanks, I'll look into it, but I'm still curious how good mine is.

 

[silverpig]

<<Gþ¯ùãÿ?�ÿ+þ�ø>>

Sorta looks like it's mentioning something being gay and blowing...

 

[AnthraX101]

We need something LONG. Like a letter. Any angle of incidence in this could be too easily skewed by anything. Also, it should be posted not as text, but as a binary file. Otherwise, you will get a bit of ASCII corruption.

AnthraX101

EDIT: However, bassed on what I see, I would say that you are using a psudo-random reassignment. FF (hex) is a space? Just a guess, though.

 

[KevinMU1]

AnthraX101, here's your longer string, http://www.rantitraveit.com/Encrypt.txt. It is something that is "well known," that is, it's not a passage from something that I wrote. Heck, I'll just tell everyone it's from the Bible.

FF is not a space... I am glad to see that it's nature is deceptive.

 

[Descartes]

Post the program (the binary, not the code) you used to "encrypt" this. I imagine extrapolating string literals from the binary will manifest your use of the proverbial "translation" cipher, that is, the substitution of one character (based on ascii value) for another in a lookup table. Failing that, my win32 interactive debugger will help me figure it out...

From the reoccurence of certain characters within the ciphertext, I'm also willing to bet that it's not based on a key?

 

[KevinMU1]

Descartes, the only string literals in my program are the filenames of the input and output file. Further, it is not based on a translation/substitution.

If you still want my exe I can post it, but that's kinda cheating a bit. Let me know if you still want it, despite what I just revealed.

 

[KevinMU1]

anyone up for this challenge on this slow Saturday?

 

[nd]

I wrote a simple python script to analyze your posted Encrypted.txt. Here's some of the output:

occuring chars (ascii number):
[215, 254, 15, 249, 255, 229, 145, 223, 59, 239, 252, 127, 241, 206, 35, 47, 253, 242, 203, 168, 151, 107, 31, 247, 181, 154, 51, 175, 248, 63, 227, 158, 55, 191, 137, 111, 159, 228, 138, 226, 236, 133, 123, 140, 95, 230, 79, 155, 27, 231, 71, 139, 67, 153, 209, 177, 144, 134, 211, 143, 146, 91, 207, 251, 141, 156, 147, 75, 157, 43, 178, 150, 244, 136, 119, 219, 238, 39, 83, 221, 245, 250, 99, 182, 152, 237, 171, 187, 225, 192, 166, 179, 103, 115, 142, 148, 199, 234, 3, 172, 222, 23]
number of chars used in crypted alphabet: 102
max char = 255
min char = 3
char usage count:
[0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 40, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 12, 0, 0, 0, 24, 0, 0, 0, 14, 0, 0, 0, 6, 0, 0, 0, 8, 0, 0, 0, 61, 0, 0, 0, 33, 0, 0, 0, 15, 0, 0, 0, 1, 0, 0, 0, 111, 0, 0, 0, 22, 0, 0, 0, 28, 0, 0, 0, 7, 0, 0, 0, 26, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 24, 0, 0, 0, 48, 0, 0, 0, 2, 0, 0, 0, 8, 0, 0, 0, 56, 0, 0, 0, 55, 0, 0, 0, 3, 0, 0, 0, 12, 0, 0, 0, 29, 0, 0, 0, 251, 0, 0, 0, 0, 0, 1, 23, 0, 25, 11, 26, 70, 46, 34, 1, 38, 55, 44, 25, 21, 3, 0, 50, 74, 11, 6, 111, 46, 11, 11, 75, 8, 0, 0, 0, 0, 0, 0, 1, 0, 3, 0, 0, 7, 2, 0, 0, 73, 0, 1, 4, 4, 0, 9, 5, 0, 0, 0, 0, 2, 0, 0, 0, 224, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 9, 0, 0, 1, 37, 0, 12, 0, 28, 0, 0, 0, 16, 0, 0, 0, 3, 0, 13, 1, 250, 0, 10, 62, 57, 73, 51, 89, 66, 0, 0, 2, 0, 5, 6, 4, 34, 0, 1, 21, 0, 15, 14, 0, 104, 108, 272, 6, 11, 9, 165, 407, 1648]

interesting that 0xFF (255) occurs so often, and also 0xFE. also, early on, characters only occur that are (mod 4) - 1... but the frequency of use generally increases as you go up in the ASCII table.

notice how there's 102 characters occuring in the crypted alphabet.. so that rules out a 1:1 relationship algorithm (there's only about 62 ASCII characters that are are really used in plain text).

edit: next step is to do similar analysis by 2-byte pairs or 4-byte words rather than single bytes.

 

[KthxBye]

Cryptology is neat...wish I understood more about it.

 

[Handle]

Now I'm not claiming to be an encryption expert, but this "challenge" does not demonstrate the strength of your encryption algorithm. Further, a challenge such as this does not help gauge the program's ability to stop even casual abuse.

In fact, it is possible that the encryption algorithm will become very apparent if you would simply provide the ciphertext for the following plaintext strings:

"AAAAA"
"BBBBB"
"AAAAAAA"
"BBBBBBB"
"ABCDEFGHIJ"

Now, if your encryption algorithm just shifts each character by arbitrary amounts, there is no way we could decipher it with the information you have given us. For example, if, assuming a simple ASCII system, you simply added 70 to the first character, -52 to the 2nd, 115 to the 3rd, 93 to the 4th, and so on in arbitrary fashion, we could only decipher it if you provided many, many samples for us to examine. Such a system, however, is contingent upon your algorithm and program being secret, and that is something that you can rarely assume.

 

[KevinMU1]

Well everyone, the program that uses this encryption is now live, if you really want to pull apart the program it's in and try to crack it that way, you can download the whole stinkin' thing. It's actually part of my BitWise chat client, and the "encryption" was part of the new release that just came out. If you haven't checked out BitWise and are at all interested in this sort of development project, please stop by and check it out--the link is in my sig. How you'll find the few lines that do the encrypting in all my code is another problem.

PS there are no shifts by arbitrary amounts, it is more methodical than that.

 

[KevinMU1]

Handle, I have been thinking, and you are right that some of your strings would very much reveal some weaknesses in my algorithm. That does give me something to think about. However, the needed security is not all that strong, and it's unlikely someone will care enough to try and break it in the context that I am using it.

I am reluctant to share the source, for "security" reasons, but ultimately I don't think it would matter much unless you're really into stealing PCs.