- This topic has 2 replies, 3 voices, and was last updated 4 years ago by
.
-
Posts
-
Dear Harry,
So far in all the cipher challenges so far, there were only classical ciphers even in the final stages. These were a bit challenging to solve, but they are still possible to circumvent after a few hours or sometimes a day of hard work. Maybe in the next cipher challenge, you could include stages with computerised cryptosystems (e.g. Lucifer or RSA) like Simon Singh did in his practice ciphers at the end of the Code Book.
Thanks,
[They are very interesting, but would they be as much fun to break though? Any reasonably modern cipher has its strength based on the size of the keyspace rather than any fundamental pattern or weakness to discover. It isn’t impossible that we might do something like that, but I would need to think hard about how we could make it a fun challenge rather than a “who has the biggest, fastest machine” sort of competition. Harry]
I think the way this is typically done is by having the encryption algorithm be slightly different (due to a “mistake”) to what modern cryptography has developed, or by providing some kind of automated oracle alongside the ciphertext to weaken the cipher. The goal might also be different to just decrypting the message.
These sorts of challenges appear in “capture the flag” cybersecurity competitions a lot, and they are indeed really fun! I think that they’re of a different nature to the National Cipher Challenge and I would personally prefer for all the challenges to remain about classical ciphers — that way less base knowledge is needed to participate; and I imagine in some cases there would be less infrastructure needed too. But I think it’s cool either way.
There are some people who exist somewhere and these people work very hard and carefully to create such challenges.
One that I remember used elliptic curves and the trick to break it was to read the algorithm (of the challenge)
carefully and discover that the solution was only a few thousand steps away from a known point.
Another required the Pohlig-Hellman technique to break a discrete log when the modulus had a bunch of subroups.
And a third one comes to mind: it was the Merkel-Hellman knapsack scheme, and you had to find an attack. I got
really close, then found that an attack existed that followed my approach but had the last steps working.If anyone is interested in this sort of thing, I recommend cryptohack, ringzer0, and cryptopals to get started.
You can google them just as fast as I could, so I won’t (supposing that google has not crashed again).
- You must be logged in to reply to this topic.