Didactic Scrambled Egg Cipher

gfoot · Post by **gfoot** » Sat Oct 25, 2008 7:50 pm

It's not trivial, but I don't think the warm-up is very hard - I think the reduction in loops was a bit much, I'd have gone for restricting the bit-width of the key instead, e.g. 16 x 4-bit values or 8 x 8-bit values. I think that would have been somewhere in-between.

That said, I haven't solved it yet!

tails · Post by **tails** » Sun Oct 26, 2008 10:41 am

The warmup one is solvable!

nighthalk · Post by **nighthalk** » Wed Dec 15, 2010 10:52 pm

holy crap, i put in a solid month of man hours into the warmup solution (really only reason i solved it today was a very lucky guess) and saw this one.... impossible.... every letter is directly effected by 5-6 keys (26 - 27 bits, this doesnt count the other keys causing which key is picked)...might have had a shot if it just looped through the keys in a more predictable manner. none of my tactics from the warmups can work here....i would end up bruteforcing 10 bytes of data per egg

and honestly....even if i had the solution.... i dont think i could figure out the key's

Tron · Post by **Tron** » Thu Dec 23, 2010 8:11 pm

My solver can break the warmup (16 byte key, 3 rounds) in 0.01s, but the full 10 round challange is way out of its range.
I ran some tests: It can break a 16 byte key with 4 rounds in less than a minute. If I give it 8 bytes of the key of a 10 round/16 byte problem, then it can determine the other half of the key in about a minute till a few hours (depending on which bytes are given).
So currently my solver is too slow by a factor of about 2**64 (about 18,000,000,000,000,000,000).
Adum, I really like to know, whether you know a way how to solve this challenge.

Post by **adum** » Thu May 05, 2011 8:46 pm

i have not tried to solve this myself. this cipher is a creation of bok. he made it for actual use, not for hacker.org, so it may well be hard

Tron · Post by **Tron** » Thu May 05, 2011 9:59 pm

For real world use the cipher is weak, because it's an electronic code book. What makes it a hard challange, is that there is only extremely little cipher text to work with and we know almost nothing about it. Further it maybe is suspectible to certain advanced cryptoanalysis techniques, but they're nothing somebody could reasonably implement without being an expert in this field and even then it takes lots of effort (compared to e.g. the solving strategy to a certain game, which is equivalent to hamiltonian paths. There you can find lots of papers about it and it's reasonable to implement it.)
I suspect that bok's statement there does not hold for this challenge:

So far, we have verified that all those crypto challenges CAN be solved using resources available to anyone (you won't need to break into the NSA to use their special equipment) in a short amount of time.

I argue, that the jump from the warmup to the full challange is too big. At least there should be a challange in between.

Post by **adum** » Fri May 06, 2011 6:10 pm

well, that makes sense. i'll see if i can add a middle one with fewer rounds and a big cipher text. the full one should definitely have a big text.

trofi · Post by **trofi** » Sun Jan 12, 2014 8:57 am

Wrestling this one for a while. Minor hints on the encoded data are appreciated :]

Is it an english test there or some gibberish like hvm code/l33t$p3ak?

And firefox does not render source code correctly (code lacks proper < and & annotations).