Decryption and Cryptography 101

The fear of every surveillance society: citizens protecting their own privacy with strong cryptography

Decryption and Cryptography 101

Post by T3hR34p3r on Mon Jul 07, 2008 7:15 pm
([msg=6787]see Decryption and Cryptography 101[/msg])

After reading this you should:
Have a more detailed understanding of cryptography.
Be able to think more logically when faced with encryption.
Understand the algorithm behind XECryption and how to decrypt it.


-------


So you think you're hot stuff do you? We'll see about that.
The code breakers in World War I didn't have supercomputers to do their work for them; they had to think for themselves. In today's modern world it's simple to write a script that does the work for you, but do you truly understand the script itself? Sure, you know how it works, what it does. But... take away the computer, could you still do that script? In this article I'm going to show you how to decrypt a basic sentence that has been run through the XECryption Algorithm, the same encryption method used in Realistic Mission 6. All you're going to need is a pen, a notepad, a calculator, and a hell of a lot of patience.

-------

For our example I've encrypted a small sentence, a little note to myself:

Code: Select all
.244.250.325.298.311.253.269.257.335.266.268.256.272.300.295.231.232.320.311.265
.277.268.315.279.303.275.287.306.294.254.262.281.309.310.295.262.288.263.232.298
.280.289.283.299.280.270.258.255.308.278.281.273.253.322.276.311.271.290.287.275
.266.268.249.292.289.281.308.306.254.288.293.286.234.251.298.272.270.325.303.258
.294.302.298.252.266.257.260.264.260.343.265.302.298.280.309.259.261.308.297.313
.278.264.279.250.254.296.300.264.291.277.280.285.262.314.277.256.264


Now stop right there, because if you stare at it too long your head will begin to hurt. In its present state, it would be far too easy to get mixed up. Remember: The biggest obstacle in front of you is you. Human beings are by nature flawed and contain mistakes. Learn to accept them, think like a machine.

-------

If you know how the XECryption algorithm works, you know that each character is divided into three three digit numbers separated by periods, i.e.: x=.yyy.yyy.yyy

Well if we know that, we can use that to our advantage.
The first step is to break up the message, make it more simply for us to read. We'll divide it into each character, one at a time. After doing this, it'll look like this:
.244.250.325
.298.311.253
.269.257.335
Etc...

-------

Now that our message is at least slightly legible, we have a chance.
The XECryption method, while complicated in its encryption, is quite simple in its decryption. You add all three numbers together, subtract them by the password key, and you get the ASCII version of your character. Of course, I'm not about to tell you my password, that would be too easy. But we'll deal with that later, for now let's go on the next step.

The second step in decryption is going to be adding all three numbers together. This is why you brought your calculator. You might not need it, but I didn't get the best grades in high school, so I sure do. After adding the three numbers we should get something like this:
819
862
861
Etc...

-------

Still a lot of numbers, but at least the size of our message is a third of what it used to be, and that's a lot more manageable. Now, the way we would get our final message would be to subtract the password key from our new numbers, but we don't know the password do we? Well, where there's a will there's a way.

If you're new to the cryptography scene, let me recommend some of Edgar Allen Poe's works, the man was a genius when it came to this. So, what's the most common character used in any message?

In English, the letter which most frequently occurs is e. Afterward, the succession runs thus: a o i d h n r s t u y c f g l m w b k p q x z.
-Edgar Allen Poe

Now, Poe didn't have a computer, so in modern times you need to add something. Even more common than the letter e is the space character, which will occur in any message more often than any other character.
So, the question arises: What number pops up most frequently in my message? The answer is 783. Well, you can't be 100% sure, you can never be 100% sure, but 783 has the highest probability of being the space character.

-------

A quick lookup of ASCII will tell us that the space character is assigned the number 32. So, what's 783-32? 751.

Now we have our password key: 751.
After this it's smooth sailing, simply subtract 751 from each number, one at a time, and you'll get the decrypted message:
Code: Select all
Don't forget to take out the trash man.


Well, after the two hours it took me to decrypt that, the trash guy has already come and gone. But hey, I'll get him next time, right?

-------

In the world of "hacking", "cracking", "phreaking", or whatever you want to call it, we often take our computers for granted.
Once you've done the script yourself, you'll understand what is truly going on behind the scenes, and it'll give you a new outlook on how the computers work. With this knowledge, you'll have a new perspective when making your scripts.
They call me Ishmael... I'm not sure why.
User avatar
T3hR34p3r
Experienced User
Experienced User
 
Posts: 87
Joined: Sun May 18, 2008 2:23 am
Blog: View Blog (0)


Re: Decryption and Cryptography 101

Post by daltonhack on Mon Jul 07, 2008 8:24 pm
([msg=6791]see Re: Decryption and Cryptography 101[/msg])

Thanks alot for this man!! :D
daltonhack
New User
New User
 
Posts: 8
Joined: Thu Jul 03, 2008 9:04 pm
Location: West Virginia
Blog: View Blog (0)


Re: Decryption and Cryptography 101

Post by nathandelane on Thu Jul 10, 2008 2:05 pm
([msg=7093]see Re: Decryption and Cryptography 101[/msg])

That a pretty sweet article. I find that analysis is my primary friend in encryption hacking. Using analysis to create a histogram of the symbols included is one of the easiest methods to use in cracking these types of encryption - character replacement encryption. For example, I didn't know anything about the XECryption encryption algorithm, including the fact that it use number triplets to identify a single character, so using Notepad++ (or you could write your own program) I found out that the . (period) character occurs 117 times in your message. 117 factors evenly into 3, 9, 13, 39, and 1 and 117 of course, so I can assume that your message is either 117 characters long, or as long as 117 divided by any of the non-end factors. I didn't think you'd use a long message for a beginner tutorial/article, so I can try the 3-factor. Knowing that I significantly reduced the possible message to 39 characters, which is more reasonable a length for a short message. Next I try and find out how many of each triplet there is in the encrypted message, assuming that repetition is likely. But I didn't find that to be the case. The next step of course would be to add the triplets, as you described, getting:

819, 862, 861, 790, 867, 783, 853, 862,...

and I already found the first repeating character, but from an analysis standpoint, I still don't have enough information to conclude that it is the MOST common character, just that it repeats. Other than that, I now have seven distinct numbers. Now I can analyze their spacing to see if I might be correct in assuming that this is a character replacement algorithm:

|819 - 862| == 43, |819 - 861| == 42, |819 - 790| == 29, |819 - 867| == 48, |819 - 783| == 36, |819 - 853| == 34

|862 - 861| == 1, |862 - 790| == 72, |862 - 867| == 5, |862 - 783| == 79, |862 - 853| == 9

|861 - 790| == 71, |861 - 867| == 6, |861 - 783| == 78, |861 - 853| == 8

|790 - 867| == 77, |790 - 783| == 7, |790 - 853| == 63

|867 - 783| == 84, |867 - 853| == 14

|783 - 853| == 70

I can see that the lowest difference is 1, while the greatest difference is 79, which tells me that if this is based on the ASCII table, then knowing that the alphanumeric characters range from 32 through 126, which is 94 characters, then I know that I am safely in this range.

Now I can continue.

819, 862, 861, 790, 867, 783, 853, 862, 865, 855, 852, 867, ... another duplicate, but only once still

819, 862, 861, 790, 867, 783, 853, 862, 865, 855, 852, 867, 783, ... there's another one

819, 862, 861, 790, 867, 783, 853, 862, 865, 855, 852, 867, 783, 867, ... and back again, but I'll continue...

819, 862, 861, 790, 867, 783, 853, 862, 865, 855, 852, 867, 783, 867, 862, ... another three occurrences...

819, 862, 861, 790, 867, 783, 853, 862, 865, 855, 852, 867, 783, 867, 862, 783, ... interesting

I won't show you any more matches, I'll just finish it up now:
819, 862, 861, 790, 867, 783, 853, 862, 865, 855, 852, 867, 783, 867, 862, 783, 867, 848, 858, 852, 783, 862, 868, 867, 783, 867, 855, 852, 783, 867, 865, 848, 866, 855, 783, 860, 848, 861, 797

Heuristics show the following occurrences for each number:

783 is the lowest number and 868 is the highest number, a range of 85, which is still within the range of 94 characters, the total number of alphanumeric characters in the ASCII table.

Number of Occurrences:
783 : 7
790 : 1
797 : 1
819 : 1
848 : 3
852 : 3
853 : 1
855 : 3
858 : 1
860 : 1
861 : 2
862 : 4
865 : 2
866 : 1
867 : 7
868 : 1
--------
Great, so now we have all information on 39 characters. From this table we can see that two numbers appear seven times in the message, so we can guess based on your observations, that one of those is the space character, character 32, in the ASCII table. But which one? Look back at the message and see where 783 and 867 occur.

783
819, 862, 861, 790, 867, 783, 853, 862, 865, 855, 852, 867, 783, 867, 862, 783, 867, 848, 858, 852, 783, 862, 868, 867, 783, 867, 855, 852, 783, 867, 865, 848, 866, 855, 783, 860, 848, 861, 797

867
819, 862, 861, 790, 867, 783, 853, 862, 865, 855, 852, 867, 783, 867, 862, 783, 867, 848, 858, 852, 783, 862, 868, 867, 783, 867, 855, 852, 783, 867, 865, 848, 866, 855, 783, 860, 848, 861, 797

That didn't really prove anything, so let's use what you did, and assume that the space is going to be a lower number than all of the others, since it is the first number in the alphanumeric sequence in the ASCII table. With that assumption, we prove that 783 is a space character - what's the correlation between 783 and 32? Subtract them and you get 751, what is 790 - 32? 758. And what is 790 - 751? 39. Since we know that 758 is NOT in the ASCII table but 39 is, we can assume that it is possibly a valid character. Character 39 is the apostrophe. Using this as a basic to decrypt the rest of the message, we get:

D, o, n, ', t, <sp>, f, o, r, g, e, t, <sp>, t, o, <sp>, t, a, k, e, <sp>, o, u, t, <sp>, t, h, e, <sp>, t, r, a, s, h, <sp>, m, a, n, .

or
Don't forget to take out the trash man.

Good work - I like the way you did it - knowing something about the algorithm really helps out a lot. With the method I used, I would've gotten lucky, because the first guess was right - to use triplets and add them together.
Me, Nathandelane, Highly influential to Hackerdom, Premature Optimization=http://c2.com/cgi/wiki?PrematureOptimization
User avatar
nathandelane
Poster
Poster
 
Posts: 204
Joined: Thu Jun 26, 2008 11:26 am
Location: Utah
Blog: View Blog (0)


Re: Decryption and Cryptography 101

Post by T3hR34p3r on Thu Jul 10, 2008 5:02 pm
([msg=7115]see Re: Decryption and Cryptography 101[/msg])

Yep, that's a second way to do it, but it's a bit more complex for a beginner's article. I was gonna submit this to the HTS article system, but apparently their whole thing is mangled. So hell, get it distributed to the masses quicker eh?
They call me Ishmael... I'm not sure why.
User avatar
T3hR34p3r
Experienced User
Experienced User
 
Posts: 87
Joined: Sun May 18, 2008 2:23 am
Blog: View Blog (0)


Re: Decryption and Cryptography 101

Post by nathandelane on Thu Jul 10, 2008 5:08 pm
([msg=7117]see Re: Decryption and Cryptography 101[/msg])

Good call. Thanks again for the article.
Me, Nathandelane, Highly influential to Hackerdom, Premature Optimization=http://c2.com/cgi/wiki?PrematureOptimization
User avatar
nathandelane
Poster
Poster
 
Posts: 204
Joined: Thu Jun 26, 2008 11:26 am
Location: Utah
Blog: View Blog (0)


Re: Decryption and Cryptography 101

Post by T3hR34p3r on Thu Jul 10, 2008 5:13 pm
([msg=7118]see Re: Decryption and Cryptography 101[/msg])

nathandelane wrote:Good call. Thanks again for the article.


My pleasure. I'm going to submit it to HTS once the article system is back up and running so ehhhh, cross ya fingers? ;)
They call me Ishmael... I'm not sure why.
User avatar
T3hR34p3r
Experienced User
Experienced User
 
Posts: 87
Joined: Sun May 18, 2008 2:23 am
Blog: View Blog (0)


Re: Decryption and Cryptography 101

Post by Karec on Sun Jul 13, 2008 7:47 pm
([msg=7365]see Re: Decryption and Cryptography 101[/msg])

Eh we have been bugging them in the moderation staff to get that fixed so hopefully soon :)
"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning."
-Rick Cook, The Wizardry Compiled
Karec
Poster
Poster
 
Posts: 127
Joined: Sun Apr 13, 2008 2:39 pm
Blog: View Blog (0)


Re: Decryption and Cryptography 101

Post by T3hR34p3r on Sun Jul 13, 2008 9:33 pm
([msg=7372]see Re: Decryption and Cryptography 101[/msg])

Karec wrote:Eh we have been bugging them in the moderation staff to get that fixed so hopefully soon :)


Meh, take your time, I'm in no rush.
They call me Ishmael... I'm not sure why.
User avatar
T3hR34p3r
Experienced User
Experienced User
 
Posts: 87
Joined: Sun May 18, 2008 2:23 am
Blog: View Blog (0)


Re: Decryption and Cryptography 101

Post by thedotmaster on Wed Jul 16, 2008 7:20 am
([msg=7535]see Re: Decryption and Cryptography 101[/msg])

Very good article. Cheers.
Image
User avatar
thedotmaster
Contributor
Contributor
 
Posts: 984
Joined: Sun May 04, 2008 4:39 pm
Location: North West UK
Blog: View Blog (1)


Re: Decryption and Cryptography 101

Post by col333 on Mon Jul 21, 2008 4:48 am
([msg=7923]see Re: Decryption and Cryptography 101[/msg])

Thanks very much for the artical - it was extremely useful!
I have now managed to write my decyption program and have found the original message in Realistic 6.
Problem is I have no idea how to "reply" and return the message :(
col333
New User
New User
 
Posts: 2
Joined: Fri Jul 18, 2008 4:38 pm
Blog: View Blog (0)


Next

Return to Crypto

Who is online

Users browsing this forum: No registered users and 0 guests