It looks like a homework assignment for a crypto class. I doubt people here will want to spend time working on homework for someone else.

If this is one of those kind of things where you think you have invented a new kind of crypto, and you think it is unbeatable, then this is not the way to do it, and most educated cryptographers would discourage people from making their own ciphers.

A good crypto system can survive many things. In an ideal world, the person could acquire a copy of the description of how it is implemented, and still not be able to solve it without the key or keys.. If you are attempting to create your own cipher for encryption, then what happens when your code for decrypting it and/or encrypting it is stolen? Consider the case of a laptop that has support for how the cipher is implemented; a person could reverse engineer the code used for decryption and/or encryption, and see how it works. Such is a risk when trying to use crypto in the real world.

Providing a bit of text and asking people to break it as "proof" of something that is good is what is usually associated with "snake oil" in crypto-space, and has a long history of failure. The best cipher and crypto systems in use today are those that provide full implementation details for people to examine for weaknesses, and many people attempting to break it.




As lazy as, say, posting work on forums asking other people to do work for you, for free?


I see this has been posted elsewhere:

http://forums.anandtech.com/showthread.php?p=37853520

http://crypto.stackexchange.com/ques...-crack-my-code

And in that last one, a useful quote:

A reason you are unlikely to get any meaningful responses is you are asking other people to do work for free, and you have so little faith in your crypto system, you are unwilling to expose the methods used to encrypt and decrypt data.

What modern cipher system used in OpenSSL, OpenVPN, OpenSSH, Apache with SSL, web browsers, etc. are still in use, which do not provide details on how data in encrypted and decrypted?

NONE.

-Cot

This is not a homework assignment, thus your perception is false. I have no reason for others to do my work. However, seeing that I know how this system works, for I have made it, it would be foolish for me to challenge myself.

I did create this new encryption, and I don't think that it is "unbeatable"; I am not a fool. My main concern is what one would gather from my raw text, that is all. I am not some kid trying to let others solve things. Nor am I an individual trying to show off my algorithm to everyone. I understand if you don't want to spend the time on it. Others try to do things, and others don't. I am quite aware of this.

A good crypto system? Did I say that I was trying to formulate a "good crypto" system? I did not, and I understand all of the aspects of reverse engineering, hence allowing the attacker to find my coding structure through means of reversal in programming. I am all too aware of this, and I am sure that they still would get nowhere by doing so. The thing most people do is have their key in the open. I don't care if the key is encrypted with an AES 256bit key, it is still there to see and crack. My encryption method works around this, and it works so far. I am not a fool.

I want to see what people can gather from this text. If you, or others, have no desire to do so, then please point me to people who would like to analyze my code. I really am not trying to formulate a new type of encryption for the world, and I do this as a hobby. I study multiple algorithms and have found multiple flaws in them. I apologize, but I did not come here to debate about "the best way" to go about "selling" my encryption. My concern is, what can you, or others gather from my text. That is all. Thank you for your response.

I am not here for others to do my work, and I question your foolish assumption, although I am sure that you have viable cause.

I have little faith? I am unwilling? You are just full of assumptions, aren't you....

I proposed a simple challenge, and providing my methods, would cancel my whole purpose completely.

If we are going to go round and round in circles, playing little games till the end, please just point me to persons who would analyze my code, rather than debating my "errors".

I am not here for anything else, but to see if one can crack my code. Period.

-THE9057

There is no need to assume; all evidence shows the claim to be true. There is no example of the cipher system provided. There are two reasons for this:
* You are unwilling
* You are unable

Obviously, you are able to post content, since you posted on the forums, so we can rule out "unable" as a cause.

This leaves only "unwilling" as a cause. There are no other possible causes.

Since the 90's and likely before, USENET groups on crypto have suffered from people like you, posting encrypted text asking people to beat their new system.

In crypto-circles, such things are most often dismissed as content from "cranks" trying to test their snake-oil.

Reputable cryptographers encourage peer review of the systems they have tested.

What can be inferred from those that are unwilling to have peers review their systems?

You propose a lazy request for other people to work for you, for free, and apply their effort -- a slice of their life -- for little reward... an effective waste of their life, time and money.

There are no circles in this. There are no infinite loops; all loops are finite.

Since I doubt any cryptanalyst will donate their time for you on this, you can do what they would do, and read about what is required to become a cryptanalyst, and then spend your own time attacking just the content provided to see what you can find. You can learn about tools of frequency analysis, word-groups, and tools to find patterns in "noise" and then do this work on your own.

Do you know what some cryptanalysts do for fun? They work on public, well-known, unsolved puzzles. If you want that kind of attention, make your puzzles as popular as K4, and you may see people taking an active interest in working on it.

I have seen folks want their challenges beat. The best example is L0ST who hads created some awesome Defcon events. The winner gets prizes and accolades. I have also seen local groups do the same thing (Blackwave - Irvine Underground) where the winner can get a prize of some value. What makes these challenges fun is: 1) The challenge varies as you move through it; 2) You are competing with friends; 3) It is expected to be solved rather quickly and is not an endless tirade; 4) The solution is published for all to see how it was done; 5) It is all done in the spirit of a friendly challenge.

If I'm not tasked to do your homework here then I want to know what I am facing. Did you improve DES3? Or are we breaking a Bitcoin hash? You throw out what is basically work and expect us to dive into it. Maybe if you were Bill Gates showing off the new BitLocker you may get some press. But other than that, I expect this thread to remain silent.

I apologize, I thought this was Defcon.

You haven't provided me with anything useful. I am really amazed at the lack of enthusiasm, and I expected something of what I presume now, a mere myth. You may in fact be secretly analyzing it, or you may just blow it off. I am not trying to be schooled in crypto, nor am I trying to debate about this.

I see that none of you are interested. I know the answer to this encrypted text, and all I was trying to figure out, is if you or others could gather anything that you thought useful from it. It seems that you can't, or are unwilling to share.

I had more bite on gaming forums.....

-THE9057_2016

Ps. People still do use morse code.....and it still is very useful.

DEF CON is an event that takes place in Las Vegas, NV once a year. Last year they had a "Crypto & Privacy Village" with some really interesting talks, and people that discussed both making and breaking cipher systems. They even had contests, where people used their understanding of cryptanalysis to try to solve many complex steps in an puzzle, which I think took 3 weeks beyond DEF CON to solve.

This place you visit, is the DEF CON forums -- a place to plan DEF CON and discuss security. In order for there to be a discussion, people have to be interested enough to reply.

They are not a place for advertising, or a space that you can dump some work for others and expect or demand they enslave themselves to what you want them to. We even have a comment in the rules section on how to get along here, letting people know that the forums are not here to act as their own personal help and support.

Hackers hack. Hackers do what interests them. The reason you have had very little if any comments that you define as helpful is because your request is not interesting enough to even pique the curiosity of most hackers or people interested in crypto.

However, people here and elsewhere have provided you with helpful feedback, just not the feedback you want to hear.

I and others that attend DEF CON are all mortal. We all have a limited life span. Most of us have many interests. We all have to prioritize our interests from what is THE MOST EXCITING THING EVER compared to everything else. I have seen too many examples of people that want to have others test their latest crypto work by posting some encrypted text and ask people to solve it. What is worse? These same people will then later claim that $LIST_OF_PLACES could not break their cipher. That is not how positive reputations of ciphers works. Positive reputations happen after many people that have full access to implement the cipher are shown how it is supposed to work, and then can spend time looking for weaknesses. After a long time of no published weaknesses, a cipher is considered "strong" with an understanding that there is a shelf-life. As advances in Mathematics, physics, hardware, and coding to support these are made, old ciphers and hashing systems may have weaknesses exposed, and be degraded from strong to weak, or some other classification.

Why do you think people should be more enthusiastic about what working for you, than anything else that interests them? For many people, their primary interests are "job" and "family" and "friends". What little time that is left can't be squandered.

As for work on this in private? Let's assume I am a criminal. If I was to work on something like this, I would likely work on it in private, find weaknesses in it if I am able, and then sell ways to attack it and gain access to information that it was meant to protect once it went into production. This could then undermine all of the secrets meant to be protected by it.

This is one of the many reasons why people working to create cipher systems publish the system they are testing for peer review. There is already an assumption that criminals and spy agencies are working to break these systems, and when they do, they will not be public about their findings. Those few people involved in crypto are like all other people; they must prioritize their time, and spend it wisely. Few, if any, crypto people will spend time to try to analyze someone's new cipher system by only looking its products.


I do not speak for others, but I am unwilling to spend much of any time doing your work for you, but I am willing to spend time using your request as an opportunity to explain to readers why your approach is often frowned-upon by those in crypto.

It is great you found people willing to do your work for you.

Buggy whips may also be useful, for people that have and use buggies with horses.

The usefulness of a tool is measured by the need to use it combined with its effectiveness when used compared to other tools.

You have stated your position, and I am comfortable with your decision.

I am still working on my encryption, and this is just a taste what is possible. Thank you for your words, which are pointless to me. I find it highly amusing to be told like I am some kid about things that perhaps even you have no idea about.

I just thought others were enthusiastic about encryption like myself. Turns out, nope.

Thank you for your time to respond. However, please next time, spare me the words, and just say it once, then move on.

-THE9057

Your conclusion does not follow from the evidence and is not logically supported.

You claim no others are enthusiastic about encryption like you. In order to meet this claim, what is implied is people must do your work for you to show they are as enthusiastic as you.

I can claim nobody is rich because rich people would give me free money, but since nobody has given me free money, there are no rich people.

You claim people as enthusiastic about crypto would do your work for you for free, but since nobody is working for you for free, nobody is as enthusiastic about crypto as you.

Logically equivalent, and both logical failures. People well versed in mathematics are usually very good with logic. Logical thinking is a core component in the mathematics of crypto. This is troubling.

I do not live my life as others dictate. Your future response to me will indicate you do not live by the same rules you wish to impose on others.

Ok, TheCotMan. I understand what you have said. Thank you for your time.

Wait... WE have not provided YOU with anything useful? I'm sorry, do I owe you money? You have a whopping FIVE posts in this forum. You waltz in here expecting legion to attack your encryption. You know, we get people coming in here offering "prizes" for breaking their encryption and they get banned as spammers.

If you are that 1337 in the encryption field then how about an introduction. Did you code for the NSA and they fired you because this code was unbnreakable? Did you go for a job at CIS and this question stumped you, and you are dying to know the answer?

Or, let me turn the tables on you:

uu3uj5qybxCU7dDk9N1iSYTTnYB9ocl7lSD7OZUuPyTgrWE0Ap P8aVggpQGw03vl/7b7dVSbFqTu
Hc2fXgbISPCKsEqqj/L2Q2o1A39QiE4OQsjwaJ8mS1N3wFXQsdLO19CiG40+MI39BQms itWVG5j+
0GRLZ0ytFIlI1rUK5185gXAuGRJN9XxtS9fjjM+KHe4o+yLGt0 CTq2U+59/Jsw==

There, did you get that? Do you have any interest at all in decoding it? You can probably find a web page to do the work for you, but what fun is that? Will you send this to your friends and neighbors to try to break? Why not? You expect rigor from us regarding your work. It will not happen.

You may wish to link up with L0ST and impress him with your abilities, he is deep into coding and if he vets you, you're in. Or just go to DEF CON, make friends, and see where it takes you. But to come here and post code? My reply is "meh, seen it already." Now if you post the key, methodologies, and what makes you special, then we will have a picture to evaluate. And from there we can have discussion and further interest. Your initial post has done nothing to create an interest.

With all due respect everyone,

I completely understand your qualms, and your arguments do make sense. If I have gone about this foolishly, then so be it. Do I need to provide background information to impress? No, and I am nothing special. Did I come here talking like I was as such? If I did, it was totally by sheer lack of realization. I am into solving encryptions, but that is not why I am here, and I am sorry that you think that you think I was here to boast or something. It was a simple test: can my code be bruteforced, and I just wanted to see where others would go with it.

I appreciate all that was said, and apologize for my cocky behaviour. My next post will be some LVZ encryption that I cooked up, with full code.

Thank you

-9057

Message: Umfefogznpotougunwoymfe


Method:

C++, and very basic.

#include "iostream"
#include "string.h"
#include "..\34\Tools.h"
#include "algorithm"
using std::string;
using std::cout;
using std::getline;
using std::cin;
using Tools::lines;

/*
* A = B
* B = C
* C = W
* D = X
* E = F
* F = D;
* G = L
* H = M
* I = O
* J = K
* K = V
* L = P
* M = T
* N = Z
* O = N
* P = Y
* Q = A
* R = E
* S = G
* T = U
* U = H
* V = I
* W = Q
* X = R
* Y = S
* Z = J
*/
int main()
{
string enc = ("BCWXFDLMOKVPTZNYAEGUHIQRSJ");
int s_text;
string text;
cout "Enter string:\t";
getline(cin, text);
char temp;
int d;
transform(text.begin(), text.end(), text.begin(), toupper);
text.erase(std::remove(text.begin(),text.end(),' '),text.end());
s_text = text.length();
for(int i = 0; i != s_text; i++)
{
temp = text;
d = (temp - 'A');
cout temp " = " enc[d] "\t";
}lines(4);
}

void lines(int num)
{
for(int i = 0; i != num; i++)
cout "\n";
}