That line from the father's song in Mary Poppins, where he's going on about how nothing can go wrong, in Britain in 1910.  That's about the point I realized the boy was gonna die in a trench.

Main Menu

Hacks, Kludges & Other Such Tomfoolery

Started by Shibboleet The Annihilator, April 26, 2010, 02:12:45 PM

Previous topic - Next topic


This is why I came here. To learn these things. I now realize the password protection plan is flawed. But hope is still alive in the encrypted message aspects. I think anyways O.o


Encryption is all fine and dandy for legal/semi-legal communications. Ie. ones where the risks of the message being deciphered are negligible but I'm of the firm opinion that if you really want your shit not to get read, you're much better hiding the message. Stick some morse code in the alpha channel of a .png image or shift some bits in an audio track then use the original audio track as the key. While the spooks are busy looking for encrypted messages, we're posting our plans for world domination via funny cat gifs on facebook  8)

I'm up to my arse in Brexit Numpties, but I want more.  Target-rich environments are the new sexy.
Not actually a meat product.
Ass-Kicking & Foot-Stomping Ancient Master of SHIT FUCK FUCK FUCK
Awful and Bent Behemothic Results of Last Night's Painful Squat.
High Altitude Haggis-Filled Sex Bucket From Beyond Time and Space.
Internet Monkey Person of Filthy and Immoral Pygmy-Porn Wart Contagion
Octomom Auxillary Heat Exchanger Repairman
walking the fine line line between genius and batshit fucking crazy

"computation is a pattern in the spacetime arrangement of particles, and it's not the particles but the pattern that really matters! Matter doesn't matter." -- Max Tegmark


Quote from: JBookup on February 12, 2014, 02:48:10 PM
It could be numbers, symbols, or letters that need to be skipped. This is for encrypting passwords and what not to make it impossible for them to decrypt. Now if me and someone were exchanging encrypted messages. Obviously that other person would have the key and would be able to figure out what doesn't belong. Also these are not programs, I know nothing of those sort of things, though very soon will be trying for I have an ingenious idea. But for the time being these are written out on paper and calculated in my head.

So the key explains which numbers and letters need to be skipped? Rather than being more like a password to unlock the string, as a 'key' often is in cryptography, this is more of a series of instructions? Or would the other person decrypt the string, even with the random noise added, then remove the random symbols simply by taking out the stuff that doesn't make sense?

When you say "impossible to decrypt" do you mean "impossible to decrypt without the key" or is this a one way function from which the original text cannot be retrieved?


Quote from: JBookup on February 12, 2014, 01:54:06 PM
Though it would be still set in stone, but with multiple letters having the same encrypted counterpart.


Is there a method by which the decrypter knows which of the many encrypted counterparts you are using?


Impossible to decrypt without the key/legend. With the legend the person decrpyting would know which letters, numbers, and symbols didn't belong. The method used for creating my legend is impossible to reverse engineer. Without the introduction of random numbers, letters, or symbols a brute force attack could easily break through. But with the introduction of numbers, letters, or symbols at random intervals I think a brute force attack would be ineffective.

As to the question about the multiple letters with the same encrypted counterpart, I didn't really think that through... I guess at the moment they would have to do a lot of guess and check work to decrypt it even with the legend.


So the random chaff you've thrown in doesn't have legitimate uses in the legend? If ^ is a random symbol, it never corresponds to a letter?


Paes, remember that this was originally meant for a password, not a message.

In which case, it's irrelevant if a hacker can guess the original password, they just need to find out the sequence of characters.


Quote from: LMNO, PhD (life continues) on February 12, 2014, 09:09:37 PM
Paes, remember that this was originally meant for a password, not a message.

In which case, it's irrelevant if a hacker can guess the original password, they just need to find out the sequence of characters.

If they're brute forcing it by trying every possible character, but if you could reverse engineer any of the rules you could make minor modifications to existing dictionary attacks to speed up the process.

It seems to me, JBookup, like you may be underestimating how quickly a computer can try all permutations of the string which keep the order intact and systematically remove groups of characters, then see if any words fit into the pattern presented.

Do you know if, while attempting to decipher this, the answer will be obvious?


Is it going to say "this is the plaintext" or similar? Because I can make assumptions about which characters are chaff and make it say "to be carried" or "you will not" or similar.


Here's some stuff on what I was saying earlier, about security by obscurity and secret encryption processes not being reliable or desirable.

Mathematically sound cryptography remains secure even if the process is known, so long as the key is not.


Really I was just trying to make a way to encrypt the alphabet through the use of math. As to what the encryption is intended for I have no idea. At the moment I am bouncing around in which ever direction holds the most promise for what I've already made, though I have what I think are better processes for creating a larger scale more complex legend. Though I am waiting for the results of this first test. The first string I posted does not include random letters, numbers, or symbols. And is fairly obvious. The second string that has Example: preceding it does include random numbers, letters, and symbols.


Quote from: JBookup on February 11, 2014, 07:13:12 PM
But I remain confident that on a 256 key scale the brute force method would be ineffective.
What does this mean to you and how does it apply to what you've made here?

It sounds as though you've got a substitution cipher and I can't tell where the complex math comes in. Did you use a complex process to decide which letter turned into which symbol, because that complexity isn't going to translate forward into the complexity of cracking, it's still a matter of rotating the meaning of each character until readable text is produced.

Are you willing to discuss the process of encipherment so it can be examined in more depth? If that explanation breaks the encryption, I'm afraid you'll have trouble profiting from the scheme.


Most importantly. How many words are in this string? More than one? How are spaces handled?

Mesozoic Mister Nigel

I use the correct horse battery staple method most of the time. It absolutely drives me bugshit when some sites require me to use a combination of capitals, lower case, symbols and numbers, because it's not creating a more secure password, it's just increasing the likelihood that I'll forget it.
"I'm guessing it was January 2007, a meeting in Bethesda, we got a bag of bees and just started smashing them on the desk," Charles Wick said. "It was very complicated."


It's not for everyone, but I use which will take a word like "facebook" and master password I use everywhere like "horsebatterystaple" and give me a password with a combination of numbers, symbols and different cases. If I forget that password, I go to hashapass and enter "facebook", "horsebatterystaple" and it uses the same math to crunch those together and give me "dL;t8sDG" again.

If the service I'm using sucks at security, and HAXORS get my password, it only works for facebook and there is no way for them to turn it back into "horsebatterystaple" and figure out my password anywhere else.