hacker.org

Is the "print c" with or without proper 2 char padding?

Edit: Never mind... i solved it. There is proper padding (for those who are curious)

should be with... are you finding it broken?

Nope its ok That was actually alot easier than the other challenges after I thought about it

Agreed, the fundamental idea is pretty much the same, once you realize that the permutation space is limited, it boils down to simple brute force. It would be exciting to see something like TEA with a side channel flaw. Or maybe I'm just too greedy

CoreEvil wrote:Agreed, the fundamental idea is pretty much the same, once you realize that the permutation space is limited, it boils down to simple brute force. It would be exciting to see something like TEA with a side channel flaw. Or maybe I'm just too greedy

You don't need brute force. All but one character of the problem can be found without knowing the secret key.

MerickOWA wrote:

CoreEvil wrote:Agreed, the fundamental idea is pretty much the same, once you realize that the permutation space is limited, it boils down to simple brute force. It would be exciting to see something like TEA with a side channel flaw. Or maybe I'm just too greedy

You don't need brute force. All but one character of the problem can be found without knowing the secret key.

You still need to iterate over a set of possibilities to find the right match, which doesn't necessarily cover the entire sequence, at least when it comes to this challenge.

CoreEvil wrote:You still need to iterate over a set of possibilities to find the right match, which doesn't necessarily cover the entire sequence, at least when it comes to this challenge.

Nope Its possible to make on simple calculation on each character and figure out what it is, no guessing. Its as fast to decrypt as it is to encrypt. The unknown variable only really masks the first byte.

Pretty simple indeed.

Another great example for "think before you code something"

knox wrote:Pretty simple indeed.

Another great example for "think before you code something"

Yeah, of course I did not think hard enough and wondered why my brute force attack gave me 256 nearly identical answers.

hey guys

thought about it and programmed sth ...

are about 400 lines javascript ^^ but sth is wrong with the system of encoding how thought it would be done ...

few questions just to ensure that i'm right:

to encrypt a plaintext you

have to convert it to binary (over ascii and hex)
have to xor the first byte of this binary with an unknown key
have to take this solution (converted_text XOR unknown_key = this_solution) ^^ as new key
have to XOR the next byte with this new key
have to make this again and again

am i right ?

Yes, except what do you mean by "convert to binary"?

Suppose the string was "hello", and the key was 0x12. 'h' is 0x68, and 0x68 xor 0x12 is 0x7A. That's the first byte of your ciphertext. 'e' is 0x65; 0x65 xor 0x7A is 0x1F. That's the second byte of the ciphertext. Then, 'l' is 0x6C, so the third byte is 0x6C xor 0x1F = 0x73. And so on.

That would then have been written in the challenge description as 7a1f73...

I have to convert all the bytes to single bits ...

in this case its hexadecimal to binary numbers ...

beacause I never learned any programming language ...

I learned html in school and now i'm used to solve most challenges with javascript which is a very complicated way but it works ... or sould work ... in this case it isn't working ...

I'll try all 240 bytes as first key and hope that any plaintext makes sense ...

Shows that adding complexity not necessarily increases security... didactic indeed!
(Like applying rot13 twice, to make it even more unbreakable )

In case you are still on it, Javascript does have a built-in xor operator: ^
^ works on whole numbers (bit for bit), so no need to separate those numbers into single bits.
Might save a couple of those 400+ lines of code.

oh ...wtf

i'm sure that i've read that js don't have a buildt-in xor ...

so i ever tried and did write hundreds of lines to convert and reconvert and even calculate xor bitwise "manually" with giant loops ...

thank you for this hint ... it makes javascript a more acceptable speech to me than it was while learning c++ for all these feedback ciphers ...