Page 1 of 2

Didactic Feedback Cipher

Posted: Wed Oct 15, 2008 1:41 am
by MerickOWA
Is the "print c" with or without proper 2 char padding? ;)

Edit: Never mind... i solved it. There is proper padding (for those who are curious) :)

Posted: Wed Oct 15, 2008 1:45 am
by adum
should be with... are you finding it broken?

Posted: Wed Oct 15, 2008 1:50 am
by MerickOWA
Nope its ok :) That was actually alot easier than the other challenges after I thought about it ;)

Posted: Wed Oct 15, 2008 3:51 am
by CoreEvil
Agreed, the fundamental idea is pretty much the same, once you realize that the permutation space is limited, it boils down to simple brute force. It would be exciting to see something like TEA with a side channel flaw. Or maybe I'm just too greedy :shock:

Posted: Wed Oct 15, 2008 11:27 pm
by MerickOWA
CoreEvil wrote:Agreed, the fundamental idea is pretty much the same, once you realize that the permutation space is limited, it boils down to simple brute force. It would be exciting to see something like TEA with a side channel flaw. Or maybe I'm just too greedy :shock:
You don't need brute force. All but one character of the problem can be found without knowing the secret key.

Posted: Thu Oct 16, 2008 12:47 am
by CoreEvil
MerickOWA wrote:
CoreEvil wrote:Agreed, the fundamental idea is pretty much the same, once you realize that the permutation space is limited, it boils down to simple brute force. It would be exciting to see something like TEA with a side channel flaw. Or maybe I'm just too greedy :shock:
You don't need brute force. All but one character of the problem can be found without knowing the secret key.

You still need to iterate over a set of possibilities to find the right match, which doesn't necessarily cover the entire sequence, at least when it comes to this challenge.

Posted: Thu Oct 16, 2008 4:34 am
by MerickOWA
CoreEvil wrote:You still need to iterate over a set of possibilities to find the right match, which doesn't necessarily cover the entire sequence, at least when it comes to this challenge.
Nope :) Its possible to make on simple calculation on each character and figure out what it is, no guessing. Its as fast to decrypt as it is to encrypt. The unknown variable only really masks the first byte.

Posted: Thu Oct 16, 2008 2:35 pm
by knox
Pretty simple indeed.

Another great example for "think before you code something" :D

Posted: Wed Nov 12, 2008 10:11 am
by rmplpmpl
knox wrote:Pretty simple indeed.

Another great example for "think before you code something" :D
Yeah, of course I did not think hard enough and wondered why my brute force attack gave me 256 nearly identical answers.

Posted: Tue Nov 18, 2008 9:32 pm
by Andr3w
hey guys

thought about it and programmed sth ...

are about 400 lines javascript ^^ but sth is wrong with the system of encoding how thought it would be done ...

few questions just to ensure that i'm right:

to encrypt a plaintext you

have to convert it to binary (over ascii and hex)
have to xor the first byte of this binary with an unknown key
have to take this solution (converted_text XOR unknown_key = this_solution) ^^ as new key
have to XOR the next byte with this new key
have to make this again and again

am i right ?

Posted: Tue Nov 18, 2008 10:58 pm
by gfoot
Yes, except what do you mean by "convert to binary"?

Suppose the string was "hello", and the key was 0x12. 'h' is 0x68, and 0x68 xor 0x12 is 0x7A. That's the first byte of your ciphertext. 'e' is 0x65; 0x65 xor 0x7A is 0x1F. That's the second byte of the ciphertext. Then, 'l' is 0x6C, so the third byte is 0x6C xor 0x1F = 0x73. And so on.

That would then have been written in the challenge description as 7a1f73...

Posted: Wed Nov 19, 2008 10:43 am
by Andr3w
I have to convert all the bytes to single bits ...

in this case its hexadecimal to binary numbers ...

beacause I never learned any programming language ...

I learned html in school and now i'm used to solve most challenges with javascript which is a very complicated way but it works ... or sould work ... in this case it isn't working ...

I'll try all 240 bytes as first key and hope that any plaintext makes sense ...

Posted: Sun Dec 14, 2008 7:47 pm
by MagneticMonopole
Shows that adding complexity not necessarily increases security... didactic indeed!
(Like applying rot13 twice, to make it even more unbreakable :wink: )

@ Andr3w:

Posted: Sun Dec 14, 2008 7:51 pm
by MagneticMonopole
In case you are still on it, Javascript does have a built-in xor operator: ^
^ works on whole numbers (bit for bit), so no need to separate those numbers into single bits.
Might save a couple of those 400+ lines of code.

Posted: Sun Dec 14, 2008 9:05 pm
by Andr3w
oh ...wtf

i'm sure that i've read that js don't have a buildt-in xor ...

so i ever tried and did write hundreds of lines to convert and reconvert and even calculate xor bitwise "manually" with giant loops ...

thank you for this hint ... it makes javascript a more acceptable speech to me than it was while learning c++ for all these feedback ciphers ...