NfjA9FuFo9R2M6Zl0Ls4MfO0D1lkpBk0yo0ErmKoWe9LogFntkfiRBe58A22F5k8
I've been playing with a thought of encryption for some time now. What if you could make an encryption where you only need the hashed password to crack it?
Obviously this shouldn't be used in the real world, since it would only take one person who figures it out, and then everyone can crack it.
But anyway, I thought it would be fun to challenge the people here on null byte to crack it :) Everything you need is in the hashed version ;)
24 Responses
I don't think it's possible to decrypt something if we only have a single ciphertext encrypted with an unknown algorithm.
Yeah there are many algorithms that are relatively different and will effect your decryption.
Here are some more to practice on:
KgdBakoV57gsjdn5dV8pbnmdp7c3oe96hk3dkr36797i6
Sjfbmboipo52b7wipjcf68d677f4
Wlhfbkr479dg24elkpi37dbD7v3
Kasper:
I'm sorry, but this seems like foolishness. This has nothing remotely to do with password cracking or hacking. It's more like the childhood game "guess what word I'm thinking of?".
Hello, I'm sorr,y I see your point and you are completely right. I thought this was something that people would think was fun to fiddle with, but it seems I was wrong.
And just to clarify, I would never use this in the real world, as I said in the post. I know I would never be able to come up with a strong encryption.
Don't feel bad! It would be a fun game just as a puzzle. The equivalent of a crossword or something just for fun. I like the idea and will play with it when I can
I agree 100% with OTW
When it comes to crypto algos, it's better when you DON'T reinvent the wheel. This is because a good one doesn't rely on how secret it's the algo, but the math behind. So unless you are one of that weird hardcore mathematicians in the world, you would not want to make your own.
Nonetheless, crypto games are fun. If I had some spare time, it would be good to play. Sadly free time right now it's very little
Well said, TripHat.
Encryption algorithms are well established and beyond most people's capabilities. Trying to build your own encryption algorithm is a fool's errand for most people. Learn and use the proven algorithms.
OTW, I have a question, if building encryption algorithms are a fool's errand, how are encryptions created? (I'm not trying to word this to attack your post, just genuinely curious how encryptions are created)
also, are Encryptions and Hashes the same thing?
I'll go for the latter in short, as the first is beyond my explanation capabilities...
Encryption is a function that preserves the data in its full, protecting it with a secret key. Its output lenght depends on the input. This function is reversible and when you apply the reverse (decryption) with the right key, you will get again the initial data. This is used when all the message is important and must be recovered as it was originally.
Hashing is a function that doesn't preserve data, it only makes sure that data hasn't been altered. Its output is of fixed lenght, and there is no way to get the original data starting from the hash (there is no reverse). It's useful for example, to check if something you downloaded is corrupted or tampered (linux ISOs always ask you to verify it), ZIP archives use it to ensure the data contained is valid, often passwords are hashed because it's a 'safe(r)' way to store them.
TripHat gave you a good explanation of the difference between hashes and encryption.
Encryption algorithms are developed by mathematicians. They publish their algorithms for others to test and critique. When people build their own encryption, it is invariably flawed. Being flawed, it is invariably cracked. All of the simple algorithms are easily crackable. For instance, the WEP encryption in WiFI is not a simple algorithms but when given about 500,000 packets it can be cracked.
There are literally an infinite number of algorithms. The most secure encryption is the one-time pad. It is an encryption algorithms that is changed every transmission. That is essentially what Kasper is doing here. Given a stream of data, these encryption algorithms are easy to break, but given one data set they are difficult as there are an infinite number of possibilities. Kasper is simply proving a truism that a one time pad is difficult to crack.
I hope this better explains my earlier comments.
Thank you TripHat and OTW I understand better now
Quite a few replies have been a bit bashing toward OP but I personally think that this is great! Understanding is done best by doing and trying out different and innovation way to do things is something that should be encouraged, not shunned.
Although I think that its to hard to decipher an algorithm that you have so little information on, I love that your are challenging the null byte community to grow while trying out and discovering new things in the process.
You've clearly stated in the post that you realize that this ins't a usable algorithm in the real world and you're not passing it off as such, just an interesting thought you can up with.
Saying that this is foolishness is saying that sharing ideas on a hacking topic and trying to get other peoples opinion on them is foolish and is quite the opposite of what null byte is all about.
And although it doesn't relate to password cracking per say it still has to do with cryptography and I've seen topics that are far more off topic than this one that have had lots of positive.
Now all that being said it is true that trying to solve this is virtually like a game of "guess my word" and a lot more detail would need to be given to make this a feasible challenge.
Just one man's thoughts.
Cheers,
Washu
For those who still feel like playing with this, here's a hint.
The encryptions have to be looked at in three parts.
NfjA9FuFo9R2M6Zl0Ls4MfO0D1lkpBk0yo0ErmKoWe9LogFntkfiRBe|58A22F5|k8
KgdBakoV57gsjdn5dV8pbnmdp7c3oe96hk3dkr|36797|i6
Sjfbmboipo52b7wipjcf68d|677|f4
Wlhfbkr479dg24elkpi37db|D7|v3
And again. I would never use this in real life, since I know it's unreliable. But I thought that there are people in this community who likes cryptography, so that's why I posted it. You people made me realize that I should've given more information, and thank you for that.
But there are better ways of saying it, like the way Washu did it.
I personally think this is a great idea. I've been wanting to learn the ins and outs of encryption, but I just started and i'm not even close to good enough to crack something like this. Could you do a quick tutorial or demonstration of how you decided to create this particular encryption algorithm (maybe after someone cracks it)? I would really appreciate it.
Well first of all you shouldn't learn to crack this method, and then think you can crack other passwords. I don't think this resembles any encryption you'll run into otherwise.
I'm thinking about writing the solution to this problem if nobody has tried on Sunday. If you wanna get into password hacking, OTW and Phoenix750 have made some great tutorials here
Although this extra information makes it easier, its still extremely hard to figure this out because we don't know whats the key, what is actually encrypted, are we looking for a word of for a number?
And we still have the same problem as before because we don't even know how the method of encryption, i.e. did you use 1 pass of a letter-shift or is it 6 passes of Shikata Ga Nai on a paragraph converted to hex?
You see what I mean, its extremely hard to decipher this because of the nearly endless possibilities.
I really like what your doing, just be aware that this is an extremely difficult challenge no matter how much information you give it might never get solved.
Cheers,
Washu
I figured that it was pretty much impossible, and that is some of the reason I posted it on here. Now for what method I used to encrypt, I came up with it myself.
I wanted to see if it was as tough to crack as I thought it would be, and at the same time challenge people on here.
Beale Cipher variation? Based on 'perfect'?
I have to be honest and say that I don't know the name of any decipher method. I came up with this myself, maybe it is already a known method. But as far as I know, I came up with it myself.
THIS comment, is seriously underrated.
+1
So the enigma machine is punishing people still?
i have placed a password on my trading algorithm and there's no possible way to rest the password. Is there anyone out there that can possibly hack the program and give me either the password or the code? i will provide all the necessary information to have access to the algorithm
Share Your Thoughts