Crypto for CTFs
RPISEC 2013
Ben Kaiser
Terminology
•
plaintext

the original message
•
ciphertext

the coded message
•
cipher

algorithm for transforming plaintext to
ciphertext
•
key

info used in cipher known only to sender/receiver
•
encipher (encrypt)

converting plaintext to
ciphertext
•
decipher (decrypt)

recovering
ciphertext
from plaintext
•
cryptography

study of encryption principles/methods
•
cryptanalysis (
codebreaking
)

the study of principles/methods
of deciphering
ciphertext
without knowing key
Classification
•
Characterize by:
•
Type of encryption operations used
•
substitution
•
transposition
•
product
•
Number of keys used
•
single

key (private)
•
two

key (public)
•
Way in which plaintext is processed
•
Block
–
processes a block of element at a time
•
Stream
–
processes continuous stream of elements
Classical Ciphers

Substitution
•
L
etters of plaintext are replaced by other letters or by
numbers or symbols.
•
Monoalphabetic
ciphers: For every letter, one and only one
letter (or symbol) is substituted.
•
Polyalphabetic ciphers: Throughout the cipher text, different
symbols can stand for the same letter, and the same symbols
can stand for different letters
Monoalphabetic
Ciphers
The “key” for substitution ciphers is a mapping from plaintext
alphabet to
ciphertext
alphabet. It must be known to both
parties.
•
Caesar cipher:
•
Each character is converted to a numeric value (0

25), then
summed with a constant value (the key) and
modded
by 25.
•
rpisecisfun
becomes
uslvhflvixq
if the key is 3.
Monoalphabetic
Ciphers
•
The Caesar Cipher is easy to break by brute force since there
are only 25 possible keys. Let’s look at a more complex
monoalphabetic
cipher.
•
What if we had a 26

character key that maps each plaintext
character to a
ciphertext
character at random? That gives 26!
= 403 septillion possible keys.
Frequency Analysis
•
You’d think this would be incredibly difficult to break, but it’s
not thanks to
frequency analysis
•
In English, “E” is the most common letter, followed by
T,R,N,I,O,A, and S. Z,J,K,Q, and X are quite rare.
Frequency Analysis
•
Calculate the letter frequencies for your
ciphertext
, then
compare counts against known values.
•
Use known tricks:
•
The most common letter at the end of a word is E
•
The
most common beginning letter of a word is T
•
A
single

letter word is A or I, and on rare occasions, O.
•
The
most frequent two

letter word is OF, followed
by TO
and IN
•
The
most used three

letter word is THE, next common
is
AND
•
The
most frequent four

letter word is THAT
•
Q
is always followed by U
•
The
most common double letters are: LL, EE, SS, OO,
TT
, FF, RR,
NN, PP and CC
Practice: Cracking a
Monoalphabetic
Cipher
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZV
UEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSXEPYEPOPD
ZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
•
Hints:
Practice: Cracking a
Monoalphabetic
Cipher
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZV
UEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSXEPYEPOPD
ZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
•
Hints:
•
Count the letter frequencies and compare to the chart. Make
educated guesses and work from there (guess & check).
Practice: Cracking a
Monoalphabetic
Cipher
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZV
UEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSXEPYEPOPD
ZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
•
Hints:
•
Count the letter frequencies and compare to the chart. Make
educated guesses and work from there (guess & check).
•
P & Z are very frequent in the
ciphertext
–
let’s guess those are
E
and
T
, the two most common letters in English.
Practice: Cracking a
Monoalphabetic
Cipher
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZV
UEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSXEPYEPOPD
ZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
•
Hints:
•
Count the letter frequencies and compare to the chart. Make
educated guesses and work from there (guess & check).
•
P & Z are very frequent in the
ciphertext
–
let’s guess those are
E
and
T
, the two most common letters in English
.
•
ZW is a common letter combination. If Z =
T
then maybe
TH
?
What does that make ZWP likely to be?
Practice: Cracking a
Monoalphabetic
Cipher
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZV
UEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSXEPYEPOPD
ZSZUFPOMBZWPFUPZHMDJUDTMOHMQ
•
Hints:
•
Count the letter frequencies and compare to the chart. Make
educated guesses and work from there (guess & check).
•
P & Z are very frequent in the
ciphertext
–
let’s guess those are
E
and
T
, the two most common letters in English
.
•
ZW is a common letter combination. If Z =
T
then maybe
TH
?
What does that make ZWP likely to be?
•
“It
was disclosed yesterday that several
informal but direct
contacts have been made with
political representatives
of the
vietcong
in
moscow
.”
CSAW 2011 Crypto5: 200
Pts
JR UNIR QVFPBIRERQ GUNG BHE YNFG GUERR GENAFZVFFVBAF
JR'ER RNFVYL QRPVCURERQ. JR UNIR GNXRA PNER BS GUR
CNEGL ERFCBAFVOYR SBE GURVE RAPBQVAT NAQ NER ABJ
HFVAT N ARJ ZRGUBQ. HFR GUR VASBEZNGVBA CEBIVQRQ NG
YNFG JRRX.F ZRRGVAT GB QRPVCURE NYY ARJ ZRFFNTRF. NAQ
ERZRZORE, GUVF JRRX.F XRL VF BOSHFPNGRQ
.
No hint was provided, but I’ve only showed you one cipher so
far so connect the dots.
CSAW 2011 Crypto5: 200
Pts
JR UNIR QVFPBIRERQ GUNG BHE YNFG GUERR GENAFZVFFVBAF
JR'ER RNFVYL QRPVCURERQ. JR UNIR GNXRA PNER BS GUR
CNEGL ERFCBAFVOYR SBE GURVE RAPBQVAT NAQ NER ABJ
HFVAT N ARJ ZRGUBQ. HFR GUR VASBEZNGVBA CEBIVQRQ NG
YNFG JRRX.F ZRRGVAT GB QRPVCURE NYY ARJ ZRFFNTRF. NAQ
ERZRZORE, GUVF JRRX.F XRL VF BOSHFPNGRQ
.
Answer: The key is 13.
WE HAVE DISCOVERED THAT OUR LAST THREE TRANSMISSIONS
WERE EASILY DECIPHERED. …
PHDays
CTF 2013: Crypto 100
Decrypt the message:
7y9rr177sluqv1r4pw
Hint: at $
PHDays
CTF 2013: Crypto 100
Decrypt the message:
7y9rr177sluqv1r4pw
Hint: at $
The cipher used is the
Atbash
Cipher
. Each letter is assigned to
the letter at the opposite end of the alphabet
–
A=Z, B=Y, C=X,
etc. In this case, the numbers 0

9 were added onto the end of the
key so A=9, B=8, … J=1, K=Z, L=Y, etc.
PHDays
CTF 2013: Crypto 100
Decrypt the message:
7y9rr177sluqv1r4pw
Hint: at $
The cipher used is the
Atbash
Cipher
. Each letter is assigned to
the letter at the opposite end of the alphabet
–
A=Z, B=Y, C=X,
etc. In this case, the numbers 0

9 were added onto the end of the
key so A=9, B=8, … J=1, K=Z, L=Y, etc.
classiccryptoisfun
CSAW 2011 Crypto1
–
100
pts
87 101 108 99 111 109 101 32 116 111 32 116 104 101 32 50 48
49 49 32 78 89 85 32 80 111 108 121 32 67 83 65 87 32 67 84 70
32 101 118 101 110 116 46 32 87 101 32 104 97 118 101 32 112
108 97 110 110 101 100 32 109 97 110 121 32 99 104 97 108
108 101 110 103 101 115 32 102 111 114 32 121 111 117 32 97
110 100 32 119 101 32 104 111 112 101 32 121 111 117 32 104
97 118 101 32 102 117 110 32 115 111 108 118 105 110 103 32
116 104 101 109 32 97 108 108 46 32 84 104 101 32 107 101
121 32 102 111 114 32 116 104 105 115 32 99 104 97 108 108
101 110 103 101 32 105 115 32 99 114 121 112 116 111 103 114
97 112 104 121
46
This is a simple
monoalphabetic
cipher. Do these numbers look
like anything you recognize? If not, try frequency analysis.
More Advanced
Monoalphabetic
Ciphers
•
The
Playfair
Cipher is a famous advanced
Monoalphabetic
Cipher that uses single word as a key. That word is used to
generate a 5x5 character matrix:
•
If “MONARCHY” is the key, our matrix looks like this:
MONAR
CHYBD
EFGIK
LPQST
UVWXZ
Playfair
Cipher
•
plaintext
encrypted two letters at a time:
•
if
a pair is a repeated letter, insert a filler like 'X',
eg
. "balloon"
encrypts as "
ba
lx lo on"
•
if
both letters fall in the same row, replace each with
letter
to
right (wrapping back to start from end),
eg
. “
ar
" encrypts as
"RM"
•
if
both letters fall in the same column, replace each
with
the
letter below it (again wrapping to top from
bottom
),
eg
. “mu"
encrypts to "CM"
•
otherwise
each letter is replaced by the one in its
row
in the
column of the other letter of the pair,
eg
.
“
hs
" encrypts to "BP",
and “
ea
" to "IM" or "JM" (as
desired)
•
Decrypt
ONANMSVFBIKLEBUBFSCFAT
using “MONARCHY” as
a key.
Polyalphabetic Ciphers
•
In a polyalphabetic ciphers, each letter of a
ciphertext
does
not always decrypt to the same plaintext letter.
•
The
Vigenère
Cipher is essentially multiple Caesar Ciphers:
•
key is multiple letters long K = k
1
k
2
...
k
d
•
i
th
letter specifies
i
th
alphabet to use
•
use each alphabet in turn
•
repeat from start after d letters in message
Vigenère
Cipher
•
write
the plaintext out
•
write
the keyword repeated above it
•
use
each key letter as a
caesar
cipher key
•
encrypt
the corresponding plaintext letter
•
eg
using keyword deceptive
•
key:
deceptivedeceptivedeceptive
•
plaintext:
wearediscoveredsaveyourself
•
ciphertext
:
ZICVTWQNGRZGVTWAVZHCQYGLMGJ
Kasiski
Method of Breaking
Vigenère
•
Guess
the key
length
•
Find
a number of
duplicated
sequences
•
Collect
all their distances apart
•
Look
for common factors
•
Thus
obtain a set of
monoalphabetic
ciphers (each is subject to
letter
fq
. Char.)
•
repetitions
in
ciphertext
give clues to period
•
so
find
same
plaintext
an
exact period apart
•
which
results in the
same
ciphertext
•
of
course, could also be random fluke
•
eg
repeated “VTW” in previous example
•
suggests
size of 3 or 9
•
then
attack each
monoalphabetic
cipher individually
using
same
techniques as before
Transposition Ciphers
•
Transposition (
or permutation)
ciphers hide
the message by
rearranging
the
letter order in the message without
altering
the actual letters
used.
•
The classic example is the Rail Fence cipher,
in which
you write
message letters out diagonally over a
number
of
rows, then
read off
the cipher
row by
row.
•
Plain Text: Meet me tonight + padding(
qxz
)
M
E M T N G T X
E
T E O I H Q Z
•
Cipher Text: MEMTNGTXETEOIHQZ
Comments 0
Log in to post a comment