Slashdot Mirror
Handmade Encryption Challenge
Pike writes: "Amateur cryptographers may wish to get out their pens, calculators and scratch paper to take a shot at this short encryption challenge. Solve it, get a $25 gift certificate from thinkgeek. It's pretty hard though, so good luck." But since this isn't wartime, there is at least the stub of the plaintext to check against.
Strong Cryptography May be Easier Than It Looks
In conjunction with geeky.org, here is JIPW's first cryptographic challenge; probably the last. I actually doubt anyone will be able to solve this, barring visitors from the NSA. In fact, if you can solve it and be the first to send an email to contest@geeky.org with the full decrypted message, I'll give you a $25 gift certificate at thinkgeek.com, and a good dose of general recognition and fame on this site of course.
For a discussion about this and other crypto puzzles, see the story on geeky.org.
Getting you started
If the Amish did cryptography, this is what it would look like; nothing was used to create this code but a pen and spiral-bound notebook. No computer tricks or supremely advanced algorithms. It is very tricky however. Here are a few parameters and guidelines:
The plaintext is hidden in the encoded section below begins with "the message is" (without quotes). This allows you to know when you've solved the puzzle.
The ciphertext begins and ends with clearly defined markers which are not part of the ciphertext. The rest of this page and this website provide no clue to the solution.
If by some miracle you do it, send an email to contest@geeky.org with the full decrypted message in it.
It's really hard. Harder than it looks. Be warned.
-----CIPHERTEXT BEGIN-----
From: The House at Outspar Ave
[image]
"Sirs and Ladies, we regret to explain by means of our seven couriers, commissioned in the fall of the thirteenth year ago how that our chicken house, killing its quixotic jouster -- in fact the boxer and jouster combined -- has made us reexamine our feelings on the ghastly meanings and other sundry implications. Now that the hedonistic quantities and kilometers of really red staple studded tracks have been and will be made subject to judicial committees and kin, they will probably seek to march the crooked gaffers out of hill country. To us, regulations are all much too far from common people. For example, killjoy laws about jousters counteract the will of the vulgar people. The key to special gun enhanced treatment tells some undisciplined underlings where to go and who understands. Should we let the puny minority override the nation? If not, undulate. Research for hairiness is no priority. As for us (yes, sounds zany), most won't gulp these incredible sacks of stuff many of the lawyers decided to let print in sans-serif. On the jelly front, the Olson brand that aspirates in very damp conditions was yanked because of kryptonite concerns. The notice that was on it was quizzical. If they quit, I say every big Crimean fool or other wag should have bitten their own can. They nixed our yew nativity, in spite of Geneva."
-----CIPHERTEXT END-----
There you have it. Expect to see updates to this page as participation warrants.
- JD
I've been trying to design a strong hand cipher myself, though I've set my goals rather higher than this guy. My current proposal is http://www.cluefactory.org.uk/paul/mirdek/ . If you've seen Schneier's Solitaire, you're familiar with the idea.
--
Xenu loves you!
Try http://www.cluefactory.org.uk/paul/crypto/mirdek/. Bugger, I tried to cancel but too late!
--
Xenu loves you!
The secret message is:
Buy more Ovaltine
Help cure AIDS, cancer, and more. Donate your unused computer time to worldcommunitygrid.org. Join Team Slashdot!
I don't understand... what does this "500 internal server error" mean. Is it some kind of code? I hit reload and now it says "Connection timed out." Time? Maybe you need to keep reloading it because the code changes each time you reload it. And what the hell is a "slashdot effect"? If you ask me, this "slashdot" thing is the real enigma.. Commander Taco? Why would you want to command a legion of tacos? Tacos, Time, 500.. it's all starting to make sense... the area 51 pictures.. they must be XOR'd encryption.. I can use this thinkgeek thing to decode the secret to area 51 and free the legions of tacos for my commander! YES! I SOLVED IT!
It translates to:
"The message is not here."
That's great steganography if I've ever seen it!
It's the sample text that appears when you look at a TrueType font in the Finder!
Pope
Freedom is Slavery! Ignorance is Strength! Monopolies offer Choice!
It doesn't mean much now, it's built for the future.
It may well be encrypted too, but the message (encrypted or not) is also hidden by steganography: the thing doesn't look like an encrypted message. Which was probably the point.
My guess is is that it's stego'd into the jpg image. Hmm, maybe not, that'd require a bit more than pen and notebook unless one was really a glutton for punishment. So it's likely in the text. But $25 isn't enough to persuade me to spend much more time on it.
-- Alastair
...all the "security though obscurity is a bad idea" people to tell us how much more secure this message would be if the guy had published a description of how he encrypted it?
DrLunch.com The site that tells you what's for lunch!
The caption on the crest of arms is in Celtic. It appears to mean The Mad Billy Goat in English. It's perfectly possible that not only is the message encrypted, but the plaintext is in Celtic. According to the above link, An Poc ar Buile is the title of a song. As a guess, the plaintext could be the lyrics to this song.
It seems quite plain that "jouster" refers to the star of David (jouster-->'Jew star'), and the boxer refers to the yellow box in the corner. Clearly the two are supposed to be "combined", but how is not clear. Perhaps the "sundry" aspect of the two refers to their yellowness (sundry-->sunny).
If I had more time, I'd proceed on the theory that the passage is just full of really bad puns based on the words' phonetic sounds.
"If one is really a superior person, the fact is likely to leak out without too much assistance" -- John Andrew Holmes
Interesting point...brute force computing just isn't practical in many situations, unless, as I said, you are the NSA and live 10 years ahead of the rest of the science/mathematics world.
Now I'm really curious to see if anyone figures this out, because if no one does, it would mean that (gasp!) criminals still have easy ways of communicating securely over the net without using government-restricted encryption techniques. On the other hand, I've made it tough enough that I'll be really surprised if anyone solves it.
I might even jack up the reward if this survives an attack by the slashdot crowd...
-JD
I honestly didn't know thinkgeek was an andover site. I wanted to throw in some kind of prize, but I didn't want to just hand out some cash. I thought about books, or a case of penguin peppermints, but a friend suggested a gift certificate and it immediately made sense to me. I picked thinkgeek because it had a nice range of products that the potential winner would like to choose from. I supposeI could have chosen copyleft.net too.
On a side note, it's kind of funny to see people saying "I'd never do this for a mere $25". I know people who solve puzzles like this in the newspaper with absolutely no incentive. I figured the prize and the (relatively) small recognition would just be frosting on the cake.
-JD
Call them what you wish, but they all contain a secret message... Check out http://web.mit.edu/puzzle/www/
BTW- These puzzles were actually solved (by multiple independant groups) in just a few days. Too bad all the old ones aren't still online.
Yes that's true- but the converse is as well. A real test of decryption skills needs to assume that you don't know the algorithm.
Well, the paragraph doesn't even make sense. Makes me think it has to do with words in the sentance, eg ever 3 letters or whatnot and then rot13 it or some weird crap. It looks too damn hard to be able to break the code. This is when making a beowulf cluster WON'T work! doh! hehe. Or maybe the code has to do with the words in there, eg happy, sad, secure, etc. This is really a stumper...
Well, I'm not a master cryptanalyst by any stretch of the imagination. At first glance though, this looks more like a code than a cipher; that is, I think that each word and/or sentence are the "units" of the "cryptography" rather than each character.
On the other hand, they may be employing steganography, and or some algorithim in which every Nth character/letter is skipped. If I was really interested in solving this, a perl script that could analyze all possible skipping patterns would probably be my first attempt. But neither fame nor $25 bucks at ThinkGeek are enough motivation to zorch my finals. Good luck to the rest of you.
To email me,subtract my nick from my email address, starting with the second character. (hint: adto.uiuc.edu is wrong)
First, let me make a note to all those who rushed to post "Andover's influence" posts. You are not simply mistaken; you are sorely mistaken. This little challenge is by "JIPW", which is, of course (as stated on the top of the page), "Joel's Improved Personal Website". The fact that Joel apparently thought that a $25 gift certificate to thinkgeek would be nice is beside the point (I'd imagine he'd spring for copyleft.net is you were offended by thinkgeek).
Slashdot's posting of the token prize is irrelevant. $25 will not make or break Andover. They obviously thought it was a neat little challenge to anyone who is interested in such mind games, and having a prize is nice but unnecessary. Okay, now that's done. Real post follows:
It seems to me that the point "Joel" is trying to get across is that even today in the age of high encryption, and old fashioned handwritten code can be quite useful. Remember the "code-talkers" of World War II. The risk of the Allies having their codes broken was too great. Their were encryption schemes (Enigma, anyone, even though it was the enemy's), but since the fate of much of the world was at stake, an ingenious plan was created. They used members of the Navaho tribe to develop a secret, unbreakable code.
This step away from the technological methods of the day proved to be not only as secure as existing technologies, but it was never broken. The technological way may currently be the easiest, but their is always room for ingenuity.
One last example: have you ever been talking to a friend and understood each other perfectly, but nobody around had any idea what it all meant? All the script kiddies in all the world might not figure that one out (but you might want to mix technology and old-fashioned ingenuity, considering you might have the NSA, corporations, script kiddies, your old girlfriend, three lawyers, and Metallica after your communications).
If this post is redundant by the time it shows up, you have my apologies. I just figured I'd think first and post later. No offense, anyone, okay?
Many modern encryption schemes use a repeated pattern of bit shifting and XORing in what are known as mixing rounds. The output from round n is the input for round n+1. I've attempted to do something similar to this message, in hopes of stumbling across the solution. This is what I got using the Babelfish decryption algorithm (English to spanish to english to german to english to /.) Of: The house in the avenue of Outspar " Mr. and the ladies, we were sad to explain by means of our seven couriers do assigned in the case of décimotercerjahr, how this our house of the chicken to terminate its quixotic more jouster -- actually the boxer and the combined more jouster -- that reexaminamos into the meaning horrorosos and in other different implications did our feelings. Now, those the quantities and the kilometers, which are of tachonadas hedonistic, really red staple seeks out, was and in opinion of the committees was done and to the Gerichtskinships, probably tries it, to border gaffers rotated country of the hill. To us the regulations are much also far all from city. E.G. the laws, which are on jousters killjoy, oppose the will of the vulgaeren people. The key to the increased processing special weapon says to unite underlings, which where one are undisciplined, go and who understands. It must we leaves to the minority puny replaces the nation? If No., undulate. The investigation for pilosidad is not no priority. Up to us (, the tones zany), the majority swallows not saliva these unbelievable coats of the material, which leaves many of the determined attorneys to the printing in sans serif. In the front side of the jelly, the trade name was situated kryptonite deleted by Olson, which strives into that very damp conditions, at the principal occupations of. WARNING, which was in their, was quizzical. If they leave, one to possess it knows legend I that each large crimeoidiot or a menee seins must have bitten other one. Nixed ours nativity the disk, despite Geneva ", This is, I'm sure, the right answer, as babelfish translations are always perfect. ;)
Moreover, if the message is not something like "this is the message aeroigb ekrgjlk jpojp jpojerjgkrj rjpgorjij ...", the encryption method is even more useless, since it in some way must be related to the message been send, as obviously takes more things into account than what characters/symbols are included in the message.
This is by no means the kind of crypto the /. audience is interested in, and I doubt this $25-to-solve-a-close-to-impossible-crypto-contest belongs anywhere at all but on some kind of puzzel-page.
That said, I should make clear that I understand that the author did not intend to make this the new RSA, and that some /.ers may find this kind of stuff interesting.
But then again, wednesday just happens to be my whining day of the week.
Things are more like they are now than they ever were before. - Dwight D. Eisenhower
Does anyone else find it amusing that AOL owns Netscape yet uses IE in their software? Or that the U.S. govt is the largest customer of Microsoft?
No, Thursday's out. How about never - is never good for you?
Why don't you just use a Polaroid camera?