Lab 0 - Crypto Challenge
Update 25/7: Fixed the leaking keys on challenge 6.
Update 10/8: Hall of Fame.
==> Visit the Hall of Fame.
This is not a real lab, but a fun exercise for you to attempt over the first half of this course. Your mission, should you choose to accept it, is to decrypt a number of enciphered messages that have inadvertantly been captured by a civil security information enhancement program named RANK. While some early messages appear to have been encrypted by someone using rather old-fashioned means, later messages use modern computer-based ciphers.
In return for completing (some of) the crypto challenge you will win the acknowledgement and respect of your peers, along with a warm feeling of accomplishment inside. There are no marks up for grabs, but we will publish a list of those brave folks who manage to decrypt some or all of these insidious messages.
The challenges are arranged in a rough order of difficulty.
Submission
Submit your answers by email to alexn DOT challenge AT cse.unsw.edu.au. You must submit the key used to encipher your message, not the plaintext itself, and (for challenges 1-4) the name of the cipher used. If you can't name the cipher then a short description will suffice. You must send your submission email from your CSE account.
You'll need to be logged in to a CSE lab machine or login server (wagner, weill) to get your ciphertext for these exercises.
Once you find the answer to a challenge, please don't tell anyone your result or how you arrived at it. You can feel free to work in small groups while attacking the problems though, particularly the later ones.
Part 1: textual ciphers
Until the advent of computer, most common ciphers scrambled text by substitution and/or permutation of the letters, i.e. the character was the smallest unit of information (compared with the bit in part 2). These ciphers all use character-based encryption. You can probably work them out with a pencil and paper, but a computer could be of use. Note that there are no punctuation or other non-alphabetic characters in the text of these messages. We're not telling you what any of the ciphers used are; you have to work that out too. They are all simple and well-known algorithms though, so just try a few if nothing jumps out at you.
The ciphertexts for these challenges are all single messages, each encrypted with a different key. You will get a different key for each message to everyone else (but the same decrypted plaintext, so don't share!).
Challenge 1
Run
/home/cs3441/bin/challenge 1
To get your ciphertext. Work out the corresponding plaintext.
Challenge 2
Run
/home/cs3441/bin/challenge 2
To get your ciphertext. Work out the corresponding plaintext.
Challenge 3
Run
/home/cs3441/bin/challenge 3
To get your ciphertext. Work out the corresponding plaintext.
Challenge 4
Run
/home/cs3441/bin/challenge 4
To get your ciphertext. Work out the corresponding plaintext. (This one is significantly harder than the three previous).
Part 2: Block ciphers
Modern ciphers operate at the bit level, substituting and permuting individual bits rather than characters. The following challenges all use bit manipulation to achieve diffusion and confusion. You will probably need to write code to decrypt these messages (perhaps in order to attempt brute force?)
Challenge 5
Run
/home/cs3441/bin/challenge 5
To get your ciphertext. Work out the corresponding plaintext. Hint: the cipher used is a really simple symmetric block cipher.
Challenge 6 - RC4
This challenge uses the (alleged) RC4TM stream cipher, as implemented by OpenSSL. RC4 is a strong algorithm but is frequently misused in cryptosystems such as WEP. Your task is to recover the static 128-bit key used in our implementation via a chosen plaintext attack (RC4 is in fact breakable under much weaker conditions).
Run
/home/cs3441/bin/challenge 6 < plaintext > ciphertext
to invoke the cipher. You can execute the cipher multiple times; the same key will be used each time. To see if you have the correct answer you can run RC4 with a key of your choice. Run
/home/cs3441/bin/challenge 6 < plaintext > ciphertext-1
/home/cs3441/bin/challenge 6 1234567890abcdef1234567890abcdef < plaintext > ciphertext-2
diff ciphertext-1 ciphertext-2
substituting your key (as 16 hex-encoded bytes) for the dummy one give above. If you have the right key there should be no differences.
Challenge 7
Possibly not coming soon after all. Any suggestions?
Challenge 8 - FEAL-4
Coming soon.
N.B.: It's probably possible for you to get some help by working around the challenge program and finding out details of our implementation of the ciphers. That would basically be cheating, so please don't do it. We've made some effort to make sure you can't accidently find out a plaintext or your key, but if you try really hard you probably could. That won't be nearly as fun.