private key encryption program for you to hack at
Ok, I have been working on this for a while, and I wanted to let you guys have a go at it. I wrote a private key encryption program that I think should be hard to break, I will provide you with the EXE (MS DOS) file, some ciphertext, AND a big chunk of plaintext. The key is not ridiculously large, but it won't be anything obvious so don't bother brute forcing. To encrypt, the program read in some system/time specific info, uses it to encrypt the file along with the key. It then write the system/time specific info to the end of the file encrypted with the key. I THINK that the only weaknesses should be predicitability of the system/time info, or possibly finding patterns in the encrypted values. I dont want to give out any source code yet, but it anyone wants some pieces of it just ask. crackme.zip file with paradox.exe, cipher.txt, and plain.txt -- ___ ___ _____ / \/ \ / \ || | || | || | ||he \_____/row thecrow@iconn.net "It can't rain all the time"
thecrow@iconn.net (Jack Mott) wrote:
Ok, I have been working on this for a while, and I wanted to let you guys have a go at it. I wrote a private key encryption program that I think should be hard to break, I will provide you with the EXE (MS DOS) file, some ciphertext, AND a big chunk of plaintext. The key is not ridiculously large, but it won't be anything obvious so don't bother brute forcing. To encrypt, the program read in some system/time specific info, uses it to encrypt the file along with the key. It then write the system/time specific info to the end of the file encrypted with the key. I THINK that the only weaknesses should be predicitability of the system/time info, or possibly finding patterns in the encrypted values. I dont want to give out any source code yet, but it anyone wants some pieces of it just ask. crackme.zip file with paradox.exe, cipher.txt, and plain.txt
Look, newbie, there are many people here who would be happy to review your algorithm, but playing silly games like you are doing isn't going to win you any points. Most of the people on this list don't even use messydos, so an exe file without source is kinda pointless. If you're serious about writing a secure crypto application, then stop giving us the runaround and get to the point. That means either post source code, or a thorough technical description of your algorithm.
On Sun, 24 Mar 1996, Jack Mott wrote:
Ok, I have been working on this for a while, and I wanted to let you guys have a go at it. I wrote a private key encryption program that I think should be hard to break, I will provide you with the EXE (MS DOS) file, some ciphertext, AND a big chunk of plaintext. The key is not ridiculously large, but it won't be anything obvious so don't bother brute forcing.
I'm not sure anyone will bother brute forcing or anything else given your approach. Many c'punks take offense at being used like unpaid crypto consultants. A good portion of people on this list bill hefty fees for their time (or should). This is not freecryptanalysis@toad.com. I think, should you have the right attitude, many people here will be happy to review your source code, given some pre-conditions. Mr. May summed these up quite well only days ago in the IDG (or whatever) snakeoil thread. I would suggest you take a gander at his post on the subject. Briefly, (and I hope I'm not butchering his points to bitterly), he indicated that unless you had hit on most of the basic source material to begin with (applied cryptography for example), and really knew a bit about the subject, most people wouldn't much care to pay attention to you. I think, however, that if you know your stuff, and you release the source code to the list, many people here will be open minded enough to take a good look, give you some pointers, perhaps even improve your work. I know, however, that almost no one is going to go for that "crack this for me please" crap unless there is a bonded cash award attached. To much time, nothing in it for us. Take a look at Mr. May's cyphermonicon, (anyone have the URL/FTP handy for our new friend?) In sum, read the basic source material, know your stuff, release the source, don't be coy. --- My prefered and soon to be permanent e-mail address: unicorn@schloss.li "In fact, had Bancroft not existed, potestas scientiae in usu est Franklin might have had to invent him." in nihilum nil posse reverti 00B9289C28DC0E55 E16D5378B81E1C96 - Finger for Current Key Information
participants (3)
-
Black Unicorn -
Jack Mott -
nobody@mockingbird.alias.net