Limited Entropy Dot Com Not so random thoughts on security featured by Eloi Sanfèlix

26Apr/090

Solution to FBI’s challenge by vierito5

Shortly after publishing the post about the FBI Challenge, Javi sent me an e-mail with a solution to this challenge. Later he sent me a different way of solving it, and finally he published it on his blog.

His solution is here. However, for those of you who don't speak spanish I'll transcript a summary of his solution here. It's not very different from what I did when I solved the challenge.

Basically, the trick is to recognize a URL first, and map it to www.fbi.org. This already tells us that it's a simple substitution cipher and it shouldn't be too difficult to solve it.

So, from there we can get the following mappings:

Y-W
A-F
H-B
B-I
M-G
S-O
K-V
After applying these substitutions, we see that before the URL we get a word of the form VI-I-, which seems to be visit. What else would you do with a URL 🙂 ? So now we have also these mappings:
V-S
F-T
Again, we apply these substitutions we can see that the URL ends with .-T-, which probably means .HTM. This gives use the substitutions O-H and Z-M. Next, we can see a word ending in I-G, which makes us think of the ING ending. Therefore, we have also L-N.

We continue identifying words, such as -NOW -> KNOW (and therefore Q-K), and as a final step we see -N—-TION, which is... ENCRYPTION! With this we already get the complete text:

Stupendous. We congratulate you on cracking this latest encryption. Visit www.fbi.gov/coded.htm to let us know of your success.

Easy, wasn't it? Now let's see a different option which would solve a similar problem even without a URL in there, which was our starting point.

We assume the text is written in English, and it is encrypted using a simple substitution. Then, we look for an easily recognizable pattern, and try to match it with English words. For that, Javi used a C program (see source code in his post) and the aspell dictionary file.

With those two things, he asked the program to search for a word following the pattern ABCCDAA (from the original word VWNNDVV in the cryptogram) in the dictionary file. It gave him the following options:

$ ./pattern en-common.txt ABCCDAA
unsuccessful
unsuccessfully
falloff
falloffs
colossally
cappuccino
cappuccino's
cappuccinos
nonsuccessive
success
successor
success's
successive
successful
successfully
successively
successes
successor's
successors
succession
succession's
successions

Where the only words with the actual length we are looking for are falloff and success. Trying with the second of them and identifying possible words would lead us to the solution of the challenge.

Enjoy this article?

Consider subscribing to our rss feed!

Posted by Eloi Sanfèlix

Tagged as: Leave a comment
Comments (0) Trackbacks (0)

No comments yet.


Leave a comment

No trackbacks yet.

» «

Tag cloud

Android book bug CA ccc collision Crypto1 Cryptographic protocols Cryptography Crypto Series dnie evoting ext3 Fault injection forensics General hardware hash HTC Hero IDA md5 Mifare mifare classic personal PFC PKI Protocols Protocol Verification reto hacking reversing rootedcon RSA-CRT Security shmoocon 2008 smart cards SSL talks teleco TLS uninformed video videos wargame Windows Vista xbox360

Recent Posts

Recent Comments

My tweets!

Meta