Cryptography

I’m not much of a math lover, but I love logic and puzzles..  (Yes, I’m an engineer who doesn’t particularly enjoy math!) I’ve never really known much about cryptography, but in 2014 I had the chance to give it a shot.  So I’ve created this page to capture just a few fun things that I’ve picked up so far..  I hope you enjoy.

Resources & Tools

There are TONS of cryptography resources online..
Here are just a few that I've been using lately..

Wikipedia articles:
Caesar Cipher
Vigenere Cipher

Rumkin.com Cipher Tools
– A pretty extensive collection of online cipher tools

Sharky’s Vigenere Cipher v1
– Substitutes “A==0” (matches Rumkin and Wikipedia)

Sharky’s Vigenere Cipher v2
– Substitutes “A==1” (differs from Rumkin and Wikipedia)
– Results in a post-encryption caesar shift of 1

Challenge: 2014 Xilinx Security Working Group

The 2014 Xilinx Security Working Group included a crypto challenge.  It consisted of several clues hidden in the presentation material, as well as a “challenge coin” that contained the rest of the necessary information to solve the puzzle.  Can you solve it?

Relevant presentation material

Welcome Slide (and the full PowerPointPDF file):
2014XSWG_Logo

Coin face/back:
2014XSWG_CoinFace 2014XSWG_CoinBack

Hint #1

The key is to start above the skull (on the coin face).

Hint #2

What would Brutus do?

Partial Solution (How to Get the Key)

The key is to start above the skull (on the coin face):

yep: nguitcqyg

However, the key is encoded with a Keyed Caesar Shift (thus the “What would Brutus do?” hint).  The substitution alphabet used for the Keyed Caesar shift is located around the edge of the coin face:

AUNPDHBQZERIXVFTJSLCWKTGMO

Using the rumkin.com site’s Keyed Caesar Shift with the above alphabet and message with a Caesar Shift of 5 results in the first answer:

key: xswgrocks

Now, you take it from here..

Hint #3 (After Getting the Key)

Cipher tool versions matter.

Full Solution

The presentation slides includ an 8-bit ASCII-encoded message both behind the skull face on opening and closing slides (and on event t-shirt), as well as in the presenters notes.  A simple TCL script or Google can be used to convert the binary string to its ASCII equivalent:

QxkkwbdtarhyvapluhdfvvjvvihrhinKthddsaeesrnqhpaljsyxdxpgxtwdodxukzixdogbbxljdjh

 A link in the presentation materials to a YouTube Video Clip from the movie “A Christmas Story” shows the main character Ralphie using a secret decoder ring to reveal an advertisement for Ovaltine (“Drink Your Ovaltine”).  The video posted to Youtube then followed with an excerpt from two Xilinx employees regarding making a Christmas list for a B.B. Gun and almost advertising one, saying at the end of the clip, “everybody knows I love copper projectiles.”

The  coin face resembles the logo for the conference, however, the text below the skull face reads “Lhq Vft Etm” instead of  “Not One Bit” as it does in the presentation materials..   An obvious (but necessary) clue.

The coin also includes a coded message across the top of the skull face:

yep: nguitcqyg

The hint about  Brutus paired with the type of secret decoder ring used in the movie clip suggest a Caesar Cipher, but unfortunately a standard Caesar Cipher does not decode the message.

The outer ring of the coin face includes all 26 letters of the alphabet but in a non-standard order:

AUNPDHBQZERIXVFTJSLCWKTGMO

Putting the rearranged alphabet into a Keyed Caesar Shift and using a shift value of 5 decodes the first message into something that is human readable:

yep: nguitcqyg
key: xswgrocks

Having a key in place, the next obvious place to go was the message below the skull face, assuming that it should decode to read “Not One Bit.” Since the cipher text and the plain text are known, as well as a key and a translated alphabet, one can cycle through various decoding algorithms to find the one that decodes the message.

Sure enough, using a Vigenere Cipher on the message below the skull face with they key from above the face properly decoded “Lhq Vft Etm” into “Not One Bit.”

Completion of this step verifies the key value “xswgrocks” and the decoding algorithm necessary (Vigenere Cipher).

Flipping the coin over reveals another outer ring of encoded messages, once across the top, and one across the bottom:

Yei magve kcw pludqo
Jltowgh dadm sddh e4 ovmwb

The two messages had to be split up and decoded separately.  Using the key “xswgrocks” in a Vigenere Cipher quickly decodes the messages to read:

yei magve kcw pludqo
all first red second

jltowgh dadm sddh e4 ovmwb
lswhere shft vwls b4 dcode

The back of the coin also includes another set of binary data behind the Xilinx company logo (with some digits printed in red).  Following the instructions from the decoded message above from the outer ring (“all first red second”), all binary bits were written out and then appended with the sequence of bits printed in red.  The resulting combined binary data was also an ASCII-encoded message.  Using the same key as before (“xswgrocks”) the Vigenere Cipher decrypts the message to read:

ZxPbjtWzUsrUpdxqi
BeSureToBuyXilinx

Unsure what to do with the decoded advertisement, the remaining decoded message gives the next clue:  “lswhere shft vwls b4 dcode.”  The message “lswhere” from the coin indicates data possibly not on the coin.  The only other data available is the data from the presentation material.  Using the same key (“xswgrocks”) decrypts the ASCII 8-bit message:

QxkkwbdtarhyvapluhdfvvjvvihrhinKthddsaeesrnqhpaljsyxdxpgxtwdodxukzixdogbbxljdjh
SendemaihtoboiaijofmyorgsxotolgSeeskuhhxackforhocajusernameolsewrcbfolvideoclue

The decoded result is an obvious message or some sort, but it is also obviously not the final answer.  However we only used the first part of the last clue.  The second part of the “lswhere” clue from before reads “shft vwls b4 dcode” indicating that the ASCII message needed translating before decoding.  A shift value of 5 was used earlier, but shifting all vowels by 5 places in either direction (“i” becomes either “n” or “d”) did not make the message more readable.  Instead, letting the vowels shift within themselves (a=e, e=i, i=o, o=u, u=y, y=a) does the trick.  You may have noticed at the end of the video that “Good Luck” was written with this vowel shift (another clue).  The resulting vowel-shifted message and decoded result look like this:

QxkkwbdterhaveplyhdfvvjvvohrhonKthddseiisrnqhpeljsaxdxpgxtwdudxykzoxdugbbxljdjh
SendemailtodomainofmyorgsdotorgSeeskullbackforlocalusernameorsearchforvideoclue

The instructions to send an email to the domain of my org’s dot org suggests an email address of __@xilinx.org (because the challenge creator is a Xilinx employee).  The video clue references the movie clip in which Ralphie is told to drink more Ovaltine.  However, sending an email to Ovaltine@Xilinx.org bounces back.  Multiple emails were sent to a number of email addresses attempting variations on the theme (and @xilinx.com instead of @xilinx.org), but they all bounce back.

Returning to the clue, the message intends to be read literally: not “domain of my org’s .org” but rather ___@myorgs.org. The video clue advertising Ovaltine doesn’t mean to use Ovaltine but rather another coded advertisement from the back of the coin, “BeSureToBuyXilinx.” The email address that should be used is:

BeSureToBuyXilinx@myorgs.org

Sending an email to this email address does NOT bounce but rather receives an immediate auto-response:

“For critically sensitive IP you CAN secure your domain.  The key is to partner with Xilinx.

mtde ghs rgon yuyrx cc rbxi vkyfssjn: mcalqnrucixyafwsp

Thanks,
Xilinx Secure Solutions”

Ugh, another coded message! Putting it into the Vigenere decoder with the earlier key, however, does not work. Re-reading the auto-response reveals the necessary clue:

“The key is to partner with Xilinx.”

The key “to partner with Xilinx” decodes the message:

mtde ghs rgon yuyrx cc rbxi vkyfssjn: mcalqnrucixyafwsp
send one more email to this username: succeedwithxilinx

Sending one more email to succeedwithxilinx@myorgs.org also does not bounce but receives another auto-response:

“Congratulations!  You have solved the XSWG 2014 Crypto Challenge.  Please send an email with your contact information to …….”

Ahhh, the sweet feeling of victory…

2014XSWGWinner

Email this to someonePin on PinterestShare on LinkedInShare on FacebookTweet about this on TwitterShare on Google+Share on RedditDigg this

4 Comments

  1. The 2014 XSWG Challenge was created using Sharky’s Vigenere Cipher v2, which shifts the result by 1 due to its implementation differing from what is described in the Wikipedia article. The Wikipedia article equation uses a modulo-26 to wrap back around to the beginning of the alphabet, which requires the first letter (“A”) to be assigned a value of zero (0). Sharky’s Vigenere Cipher version-1 implements this way, as do the rumkin.com tools. However Sharky’s version-2 tool changed the implementation to substitute the first letter (“A”) with one (1), which changes the equation to Ci = [(Mi + Ki) mod 26] + 1 so that a zero is never encountered (because the first letter is now a 1, not a zero). This “+1” in the equation causes the shift in Sharky’s version-2 tool.

  2. The Vigenere decode of “Lhq Vft Etm” to “Not One Bit” appears to utilize the key “XSWGROCKS” but shifted by one letter of the alphabet resulting in the actual key to the Vigenere cipher being “YTXHSPDLT”.

    Alternatively, if having trouble with the Vigenere decode, one might also first Ceasar shift the cyphertext by one letter turning into “KGP UES DSL” before using the Vigenere cipher to decrypt with the keyword “XSWGROCKS”.

    It looks like the “Sharky’s Vigenere Cipher v2″ link provided behaves as intended (it decrypts “LHQ VFT ETM” into “NOT ONE BIT” using the key “XSWGROCKS” as anticipated).

  3. I think many engineers view math as a necessary evil:

    “It has been said that mathematicians understand the way things function but can’t actually get anything to work, while engineers can get things to work even though they can’t figure out why.”

    (from “A Rigorous Comparison between Mathematicians and Engineers” by Mason A. Porter)

Leave a Reply

Your email address will not be published. Required fields are marked *

9 − 2 =