Security Month on DevCentral: Challenge #1

As we highlight security on DevCentral this month, we wanted to pose a fun security challenge to exercise those brain cells a little bit.  Today's challenge focuses on cryptography.  The obje...
Published Feb 17, 2017
Version 1.0
BIG-IP
cryptography
dcsecurity17
security
michael_molho_2's avatar
michael_molho_2
Icon for Nimbostratus rankNimbostratus
Feb 22, 2017

Here is how I did :

 

The description said the text was encrypted with the one-time-pad encryption method, using the plaintext message of the DES Challenge II-1 as pad : "The secret message is: Many hands make light work." (Google is your friend). Removing all the non-letter chars : "thesecretmessageismanyhandsmakelightwork".

 

Ok but the ciphertext is 15 chars long and the pad is 40 chars long. The decryption routine must be done with a pad as long as the ciphertext. So I decided to script (Python is my friend) a code which tries to decrypt the ciphertext using a substring (15 chars long) of the pad :

 

  • Try 1 : 'thesecretmessag'
  • Try 2 : 'hesecretmessage'
  • Try 3 : 'esecretmessagei'
  • etc ...

On each attempt, the script displays the decrypted text and ask for continuation.

 

As the decryption routing itself, I used the most simple one :

 

  • Each letter is changed on its position on the alphabet (A=0, B=1, C=3 ...)
  • decrypted[x] = alphab_index[ciphertext[i]] - alphab_index[pad[i]] % 26

Here is the script I wrote :

 

import sys
import string

 Variables
key = "thesecretmessageismanyhandsmakelightwork"
ciphertxt = "wlzuipkvtxvguky"

 Return the position in the alphabet
def alph_index(letter):
    return string.lowercase.index(letter)


 Loop with a sliding window over "key" (length must be the same as ciphertxt)
for shift in range(0, len(key) - len(ciphertxt)):
    key_tmp = key[shift:shift+len(ciphertxt)] sliding window used as decryption key
    i = 0
    res = ""

    print "\nTrying to decrypt with key '{}'".format(key_tmp)

     Decryption routing with the current key
    while i < len(ciphertxt):
        tmp = (alph_index(ciphertxt[i]) - alph_index(key_tmp[i])) % 26
        c = string.lowercase[tmp]
        res += c
        i += 1

     Show the decrypted text to the user, asking or continuation
    loop = raw_input("Result = '{}'. Does this look good ? (y/n)".format(res))
    if loop != "n":
        break

print "\nWell done :)\n"

And here is the result :

 

Trying to decrypt with key 'thesecretmessag'
Result = 'devcentralrocks'. Does this look good ? (y/n)

Well done :)