Scribd
Upload
77 views14 pages

Hack - Lu 2005 - The Crypto Challenge: Claus R. F. Overbeck - Redteam Pentesting Claus - Overbeck@Redteam-Pentesting - de

The document describes the author's three attempts to crack an encryption cipher for a Capture the Flag contest. The first attempt used a brute force method to try all possible keys, but this would take over 12 years to complete. The second attempt analyzed that the cipher used a byte-wise XOR with the keystream, allowing encryption and decryption of arbitrary length documents without the key. The third attempt rewrote the cipher program do a brute force check of 10 million keys in under 6 hours, finding the correct 4 byte key. The author concludes that mathematical genius is not needed to crack ciphers, and there are often multiple approaches to try.

Uploaded by

syeddn
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
77 views14 pages

Hack - Lu 2005 - The Crypto Challenge: Claus R. F. Overbeck - Redteam Pentesting Claus - Overbeck@Redteam-Pentesting - de

The document describes the author's three attempts to crack an encryption cipher for a Capture the Flag contest. The first attempt used a brute force method to try all possible keys, but this would take over 12 years to complete. The second attempt analyzed that the cipher used a byte-wise XOR with the keystream, allowing encryption and decryption of arbitrary length documents without the key. The third attempt rewrote the cipher program do a brute force check of 10 million keys in under 6 hours, finding the correct 4 byte key. The author concludes that mathematical genius is not needed to crack ciphers, and there are often multiple approaches to try.

Uploaded by

syeddn
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 14

Introduction

First Attempt: Brute Force I


Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

Hack.lu 2005 - The Crypto Challenge


Claus R. F. Overbeck - RedTeam Pentesting
[email protected]
http://www.redteam-pentesting.de

20th October 2006

Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

Introduction
First Attempt: Brute Force I
Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

Introduction

Crypto challenge as part of last years Capture The Flag (CTF)


contest
Based on a cipher by Peter Thoemmes (thank you for the nice
challenge!)
I

weakened for the contest (so dont blame him!)

Uses 4 byte symmetric key

Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

Introduction
First Attempt: Brute Force I
Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

The Task

What you have:


I

You have the plain text

You have the cipher text

You have the software (encrypt/decrypt) and its source

***This is the ...


F8 72 C2 51 AA 05 82 21 ...

What you want:


I

Find the key! (So you can decrypt other protected material)

Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

Introduction
First Attempt: Brute Force I
Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

First Attempt: Brute Force I


Idea: Write a perl skript that tries all keys:
1
2
3
4
5
6
7
8
9
10

#! / u s r / b i n / p e r l
f o r ( $ i =1 ; $ i <=4294967295 ; $ i ++){
$ k e y=s p r i n t f ( %.8 x , $ i ) ; # c h ang e t o hex
i f ( . / p i t c r y p t k $ k e y d i n . c r y p t |
d i f f p l a i n . t x t q !=
D a t e i e n und p l a i n . t x t s i n d v e r s c h i e d e n . ) {
p r i n t We f o u n d t h e k e y ! : , $ k e y ;
}
p r i n t ( T r i e d a n o t h e r k e y . J u s t t r i e d k e y $ k e y . \ n ) ;
}

Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

Introduction
First Attempt: Brute Force I
Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

How long will this run?

47.5 sec for 500 keys.


232 possible keys = 4, 294, 967, 296
408021893 seconds
6800364 minutes
113339 hours
4722 days
12.9 years
too long for a CTF!

Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

Introduction
First Attempt: Brute Force I
Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

Wow, only 13 years, aint that fast?

To give you an idea: I will be 40 by then :-)

Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

Introduction
First Attempt: Brute Force I
Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

Second Attempt: Analyse the cipher


Byte-wise XOR

Key

P L A I N T E X T . . . . . .
XOR
K E Y S T R E A M . . . . . .
=
C I P H E R T E X T . . . . . .

Plain text, cipher text and key stream allways have the same
length.

We can get the keystream by XORing plain and cipher text.

We can encrypt and decrypt documents up to the length of


the key stream. We dont need the key!
Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

Introduction
First Attempt: Brute Force I
Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

Second Attempt: Analyse the cipher


Byte-wise XOR

Key

P L A I N T E X T . . . . . .
XOR
C I P H E R T E X T . . . . . .
=
K E Y S T R E A M . . . . . .

Plain text, cipher text and key stream allways have the same
length.

We can get the keystream by XORing plain and cipher text.

We can encrypt and decrypt documents up to the length of


the key stream. We dont need the key!
Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

Introduction
First Attempt: Brute Force I
Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

Second Attempt: Analyse the cipher


Byte-wise XOR

Key

P L A I N T E X T . . . . . .
XOR
C I P H E R T E X T . . . . . .
=
K E Y S T R E A M . . . . . .

Plain text, cipher text and key stream allways have the same
length.

We can get the keystream by XORing plain and cipher text.

We can encrypt and decrypt documents up to the length of


the key stream. We dont need the key!
Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

Introduction
First Attempt: Brute Force I
Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

Second Attempt: Analyse the cipher


How is the keystream calculated? (Read the source)

I
I
I
I

Every byte of the keystream is calculated from the last four


bytes.
We only need the first four bytes of the stream.
We get those with:
plain text XOR cipher text
We can encrypt and decrypt documents with any length
Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

Introduction
First Attempt: Brute Force I
Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

Third Attempt: Brute Force II

Now, what about the real key???


Idea: Do it the C++ way:
I

Use the source and change it to try keys (Rewrite main()


function)

Do not write to disk.

Only encrypt/decrypt 4 bytes and compare

Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

Introduction
First Attempt: Brute Force I
Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

How long will this run?

50 sec for 10.000.000 keys.


232 possible keys = 4, 294, 967, 296
21.474 seconds
358 minutes
5, 9 hours
Key is: 99343628 (Maybe it is just a collision?)

Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

Introduction
First Attempt: Brute Force I
Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

Conclusion

What we learned:
I

You dont need to be a math genius to crack a cipher.

There might be several approaches.

If you want to do some math you could also try to reverse the
key stream function. (Left for you as an exercise ;-)

Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

Introduction
First Attempt: Brute Force I
Second Attempt: Analyse the cipher
Third Attempt: Brute Force II
Conclusion

Questions?
(If there is still time left...)

Claus R. F. Overbeck RedTeam Pentesting

Hack.lu 2005 - The Crypto Challenge

You might also like