My name is Ram Rachum, and I'm a Python software developer based in Israel.

This is my personal blog. I write about technology, Python, programming and a bunch of other things.

GitHub profile

Personal Website

21st July 2013

Text

The interactive homebrew encryption challenge

(UPDATE: THE ENCRYPTION REMAINS UNBROKEN! I’m still waiting for the first hacker to figure out the algorithm and complete the challenge.)

There is a wide consensus among security experts that when choosing an encryption algorithm, it’s much better to choose a well-known public algorithm rather than a homebrew one. I completely agree with this approach.

However, I am curious about how easy it is to break a weak, homebrew encryption algorithm. When you’re faced with a seemingly-random piece of data, a bunch of ones and zeros that you have absolutely no context for, and you are only told that it is encrypted with no clue as to how the encryption algorithm works, how would you even know where to start at decrypting it?

To shed some light on this mystery, I’ve decided to do a little experiment here on my blog.

I’m challenging you to break a homebrew encryption algorithm that I’ve written.

Clarifications:

  • You will be given a ciphertext, and you’ll need to find the plaintext that was encrypted.
  • The algorithm will of course not be revealed to you. That’s the point of the contest. The plaintext itself is just a bunch of arbitrary text, serving as proof that you figured out the algorithm.
  • You are given an interface in which you can submit any plaintext  that you desire, and see its encrypted version.
  • I’ve written this algorithm for the purpose of this contest. I have no training in cryptography. I do not condone the usage of homebrew algorithms for encryption.
  • The winner is the first person to tell me what the plaintext of the ciphertext below is, either via email or in the comments.
  • A modest award of $50 will be given to whomever is the first to solve the challenge. Fine print: I maintain sole discretion to decide who is the legitimate winner, if any, and how to transfer the money. (Probably PayPal.)
  • The winner, if any, will be announced here on the blog. I’m hoping the winner will produce a write-up of how he cracked the encryption.

Here is the link to the encryption interface again.

Without further ado, the ciphertext:

7F1CA699D902CD5EB179E3674958DB0836A7EFC7031075F559
385F61C1C70EBF9F1E3A1EDD784541423D5C1F06B6A7CB4AD7
B6E52567F26095511EEEBE6AB241BE683B0F7A4D000EE7AF51
914B73028EBFA20CA64F539B399456FD71B71456F62A7D5D5C
D4FB2D41F0C8B800B028330CDA79EB3A1136D267C97EA55278
63AA057E72D10F5BD374B1D280C741A1E5A0C58847FAE73F11
E64A0530322B095803ABEAA9395E7334B78F828A5804A48B50
73F726C038B338CAAE09FF3843A65110204F9F2848E1860567
2CB001A07A8DEC74FF8C4F12C5675FC5F6A9A6A253E996DF40
DF23E7936B0508DB9570F45FD9ECB4F7E288BFBCCFD56453E0
8B3F78C190CF9DCC91431031B21CA6F04B3E594244D8B375AF
F4C6E6A98689CE42EC3CAA92092A8509653E842B2BA68C4775
9FD01B85004568F41E1D3B68DBBD94DF0EE2CFF0DD35D527FB
E6BE2C14064CAD72EEADF41769E84A64C39A915E4156EA9F20
B213D6C85BD713F48614000E484FB3410BBC8BECD509F0F51D
E5E644D4B1A61C8AA851228046EDF0ABD9A68B593E5555FF2D
348C5B54977B8293F2C9EA40D351D69F862496A664B589E6EC
995733248C4EEDFE94B34521F5D20D5C8A083209128B3CD015
82EDAC1FC7CF3FC5A5BA5FF03EBD94A754AD71255F06E84302
06E10BB32EF7DF17DCDA1AA58D315797AC25F6B1E666D6198F
15A257A3094565860448D2E2657F360F3AECBA2AC93EE74762
6A8391FBA928C23261B83AB46043551F4C45CE4B334D79E7F7
AC8CC6C71A0496D425282BDBDC4BE188A89ADC72B610553741
2E458894C661D5BE88749A56E2796B585B8B1C50249A1862FA
4F823B56597BDB1B7325A6B3FD753AB5075656F1E6F34C51BF
16AEF334BFF1C92707114111D72273CE745337D64C5A9D37BD
48E3A4F1360CD023E0665B5B727F42EED30929F51DA5E56883
EDCB6B9F753D7694A0DC232AFF917A3F558E4A06A4303A5A78
599AA6F797800E1BD6C83A0C46F611B21F3DA97914F07A0013
993225AE350B61EF0321EBD141DC25D56C46F7628D92411A89
33AA4E650FBA3011FACA44C20CF9B8D2C3C4D2308B97B928C8
53E9A5398663D8DB12980BC15D536F00BFE8EA53920F8467AE
8962D1D52271F300D3C4E87EFFECBFAAE0CAC64D1B7FEDCF80
9DFF89E85FB0E326442B3BB2332C8A91C300E07A188A83DE1A
1B4B077B6787FBED987B8D0C12A1A2F868A8C84D6570CAE519
F60429E2AD6BEC6ADF39B8C390804B7D5B4CACE48851E694C3
F798FE34286A9E7DD5BF65EBCE3CC28287770A96FA356C37F7
02FCEFE617E7AB088B7E9A27445EAAC77C32D1E8C684DACCDA
386AD6C3CFFE148C98320910433C98BAFD3218A0F74CF0537B
AE6D9A36E434116B8B087930F2B42A11575C587163D2944D1C
BE4C61DD3691417D8A07C3CB51EC2126AABB1B97F78AFCA96B
3C76

Let the hacking begin!

Tagged: planetpython

Comments
All content in this website is copyright © 1986-2011 Ram Rachum.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License, with attribution to "Ram Rachum at ram.rachum.com" including link to ram.rachum.com.
To view a copy of this license, visit: http://creativecommons.org/licenses/by-sa/3.0/