Complex Cipher
"Those who sent cipher answers: Thx for amazing response. Lots right. Lots wrong. We will mail everyone by end week 2 confirm which they r!"
Hmm.. I have enough difficulty trying to decode that!
Enthusiasts claim to have already solved the first test in the Cyber Security Challenge UK hunt for would-be cyber-security experts. The challenge, consisting of a series of online and face-to-face competitions, was launched by UK security minister Baroness Neville-Jones on Monday. It is intended to inspire talented …
The = at the end of the cipher was a massive giveaway, the fact the opening part of the resulting file had JFIF in it was the clue it was a JPG file, and loaded it up.
It's trivial though if you recognise the clues... no way I'm going to do the real challenge though!
"Those who sent cipher answers: Thx for amazing response. Lots right, lots wrong"
Yep, totally easy. Looked like base64, used online decoder and bam it had a JFIF header. I expect they will have received many small jokes in the form of an image.
Has anyone gone a little further to see if there's any other hidden information, steganography techniques anyone ?
There is more to the puzzle:
1. Convert the base 64 into binary and obtain the comic.
2. The comic has weird on/off bits on the edges that should be converted into binary.
3. The binary should be converted into ascii.
4. The ascii should be transformed with ROT13.
5. The resulting string is a URL of: https://cybersecuritychallenge.org.uk/834jtp.html
6. The URL contains hex string that is the 'Real' code to be broken.
7. Use substitution and frequency analysis on two-letter combination of the alpha-numeric code... i.e. ac=E
8. The resulting message is below, I omitted the code that you are supposed to send.
C O N G R A T U L A T I O N S ! Y O U ' V E F O U N D A N D C O M P L E T E D T H E R E A L C H A L L E N G E . Y O U R W I N C O D E I S (OMITED BY ME) P L E A S E E M A I L T H I S C O D E T O O U R T E A M A T M E D I A @ C Y B E R S E C U R I T Y C H A L L E N G E . O R G . U K . I F Y O U ' R E T H E F I R S T P E R S O N T O D O S O , A N D C A N P R O V E Y O U M E E T T H E E L I G I G I L I T Y C R I T E R I A ( B R I T I S H C I T I Z E N C U R R E N T L Y R E S I D E N T I N T H E U K ) W E W I L L G E I N T O U C H T O A D V I S E H O W T O C L A I M Y O U R P R I Z E . W E L L D O N E A N D G O O D L U C K I N T H E C Y B E R S E C U R I T Y C H A L L E N G E C O M P E T I T I O N S T A K I N G P L A C E T H R O U G H O U T T H E R E S T O F T H E Y E A R .
I am not eligible for the contest, so I did not send.
- Gilgamesh
There were loads of people who thought that the solution was the xkcd image, it wasnt.
Around the border of that image was a binary message which when decoded gave you a url to the second half of the puzzle with new cyphertext
solving *that* part gave you the code you had to submit to 'win'
:)
concerns an electronic gizmo which was put together to waste the Russians time, thus preventing them from analysing other Allied technology as well as working on their own.
It was some sort of mock-circuit which combined all the electronic oddities known, and was supposed to be the heart of a new-age radar system.
I wonder .......
Sussed out the binary border in the image pretty easily, downloaded the string and analyzed it.
The real result can only be arrived at by computing the algorithm, but it is not DES3 or RSA.
I don't want to spoil anyone else's fun, but I can say that it contains a h4ck3d phr4se.
I'll post my solution when they announce a winner.
Andy.
I did the registration and got a 'thanks we will get back to you' page but so far there has been no sign of any kind of confirmation email that I would normally expect, having just given over my personal details.
The site itself isn't exactly a shining light of guaranteed secureness either.
When I saw this challenge appear on the news my main reaction was "but they did this one, ages ago" - but that was just the pre-announcement I was remembering. So I didn't rush, and when I got home the next day I ended up having to STFW for it since neither CPNI nor MI5 websites had any mention of it whatsoever, and (what is supposed to be) the main gov PR service was also lacking in usefulness on the subject.
Aside from the clearly non-functioning RSS, was there a mailing-list somewhere, or was this spammed all over security-related websites (that I didn't see) a few days in advance so anyone interested would be aware of it? By the time I got to the site there was a tw*tter message on the page saying 'all submissions received' so I figured I was too late to have a go since it looked like world+dog had already solved it anyway. Turns out they were still accepting entries but by then I had already gone beyond the 'meh' stage.
Thing is, if you're having to do code-breaking then your cybersecurity has already failed - someone got in and scrambled your files and you are desperately trying to get them back. Either that or your staff can't be trusted and that isn't a cybersecurity problem anyway. Personally I'm sticking with my theory that they have staff shortages at the spook farm.
On the upside this was only driven by curiosity, not 'gizza job'.
But "Bah! Humbug!" anyway because there are 'lessons to be learned'.
Dear Gary
Congratulations on successfully solving the first test of the Cyber Security Challenge UK. We can confirm your submission was correct!
Whilst we’re afraid you were not the first to send in your win code, very few people solved the cipher so well done on getting it right.
We intend to post a new cipher in about a month – something a bit trickier to really push you to the limits. In the mean time, please keep a watch on our website, our Twitter profile, or our Facebook page for updates and news. For all those looking for a new way to test their skills – why not sign up to one of the competitions that form part of the full Cyber Security Challenge UK: https://cybersecuritychallenge.org.uk/candidates/registration.html
We hope you enjoyed this first test – we can assure you there are many more to come.
Congratulations again on solving our first puzzle.
The Cyber Security Challenge Team
------------------------------------------------------
So i've done it, and i've done it right. But someone else got there first... well what does that mean?
Does the image give you a different URL each time it is loaded??? I guess if you've got nothing better to do than sit up all night until its complete, then you win?
Now they've published the solution, here's mine:
#!/usr/bin/perl
$_='68edcdec4e2c8eae8d2c8e2dedcd6e04d2042fedae52ceac0
4ccedaecd8c042ccd8c046cedad0e8dac8eac8c048e0dac044aa8
2889046c0d2c8d8daccdecacc5042bedae4e04ee2dcd046ced8ca
c042d6e04046c2f4c664ea76e666cae4e268e2f456c0d088d8d66
cdecac6546c6a506e6a546062606c504a141a1410a8dac2c6eac0
4acad2c2d8d048e0d2d6e046ced8cac048eed04edae4e048eac2c
ad042c8e04adac8c2d2c086c2f4cac4e6eac6cae4e2d8e2f6c0d2
c8d8daccdecacc5ed4eecc5ae6dc50429cc042fedae524eac048e
0dac04cc2d4e6e8e040eac4e6eedcd048eed048ced046eed85042
ccd8c046c2ccd040e4eedceac042fedae04adacac8e048e0dac04
ac8d2dec2d4c2d8d2d8e2f046c4e2d8eac4e2d2c0405484e2d8e2
d6e0d046c2d8e2d4faccd046cae4e4eaccd8e8d2f044eac6e2d8c
accd8e042dcd048e0dac04aa692504eeac04ee2d8d8d044cac042
dcd048eedae6c0d048eed042c8cce2d6eac040dedee048eed046c
8d2c2dad042fedae4e040e4e2d4facc504eaac8d8d048cedcdac0
42ccd8c04eceded8c048dae6c6d042dcd048e0dac04682f4cac4e
046aac6cae4e2d8e2f04680d2c8d8daccdecac046cedad0eac8e2
d8e2dedcd6e048e2c6d2dcdec040e8d2c6cac048e0d4eedaeec0d
edae8e048e0dac044eac6e8e04edcc048e0dac042fac2c4ec5';s
/(.\s*.)\s*/pack('C',hex($1)<<3|hex($1)>>5)/eg;print;
I solved the last bit completely differently (and much more long-windedly):
- by analysing letter frequency this gave you the space, then filling these in and looking at the most common 3-letter word indicated strongly that this was 'the', giving you the t, h and e to fill in to the rest of the string.
- contextual information about letter placing gave you alot of the other letters, but you needed the whole ascii set to get the win code.
- i ordered the ascii set in excel by the 2nd hex character, then 1st and put in all the characters i knew. This effectively showed that their 'map' used every other character 0-255 to map the original 0-127. By ordering them in this way, every other character mapped to the 0-127 characters in order so i just filled them in, and decoded the string against my map.
This only left the d2 character (the one after Congratulations) as not being mapped, but i submitted it anyway and they said it is right.
Question is, if you decode it as they suggest, does the d2 map to something?
Points for creativity? No? I'll get my coat.
Gary.
How I solved it too, checked for compressibility, used photoshop to look for patterns and frequency distribution which revealed it was a substitution method, but probably not of Enigma quality!
Once I saw "the" in a couple of places, I knew I was on to something, and got the rest of the letters using a hex viewer and a perl program to do the translation.. however, some of the chars in the win code were unique, so we needed the translation relationship which had to be 1:1. The lowest 'to' charcodes were 8x the 'from' charcodes. (<<3). As the source numbers increased, this pattern changed abuptly so something else was going on. A bit of fiddling and a few minutes later the answer just appeared like magic!
They had just swapped the top 3 and bottom 5 bits around. Very satisfying.
0xD2 == (110)(10010) ==> (10010)(110) == 0x96 == chr(150) '–' en dash in the windows charset.
Top marks for creativity... better working on these problems than watching brain mushmaking TV!