Wednesday, 18 March 2015

An Australian-specific cipher

B-Sides Vancouver has come and gone and so has its first-ever capture the flag event, YVRCTF. One of the challenges this year included a cryptography one (CRYPTO 200) which was written by yours truly.

Here's the text as it it was posted:
*** TOP SECRET MUST NOT BE SHARED OUTSIDE NZHQ ***

Hello,

We intercepted this transmission sent yesterday morning being sent to Adelaide. Based on our observations it came from Canberra so we can only assume it was a government transmission. Based on new intelligence, they're using a new machine to encipher their text and at this time we're unsure of what they're doing to get the message across.

Please decipher this at the earliest possible and deliver it to my handler in Christchurch. We must not let the Queen take back our land.

4e3b5f5c6f8a4e4c7f0a6d3b7f7c2d4a
3e0a4f7c0d4c6e8a3e6b3d3b3d0a3f6c
7e0a6f6b5f9c0d8a4e3b0d7b3e2c4f7a
4f3b6e8a0d2a6e3a0d6a8e7c8d0a6e6c
8d0a2e3b0d3a3e2c4f7a4e3b7e3b3d0a
2e9c0d2a6e9c0d8b6e2a8e8a4e6c7e4c
7f3b3d0a7d2a7e8a9f0a7f4b6f8b5f3a
0d9c6f8b0d6b6f8a0d2b3e0a2d8b8d4b
6f7b4f7c3e3a0d8a6f0a3d3b2f6c3d3b
0d8a4e4c7f0a6d3b7f7c2d4a3e0a9f6c
8e0a9d4c5f5c0d2b3e0a7d7b6f7c3e2c
8e8a3e3a0d4c6e0a6f8b7e0a6d2a5d3b
7f8a9f7c0d2c6f8b7e8a0d2a8d0a4f8a
7f0a3f8b5f5c3e7c8d4c3f0a9f6c8e0a
2d7b3e0a4f6b0d2a3d3b5f2a4f3a3e0a
7d5c3e2a7f3b0d6a2d5b3e0a9f6c8e7b
0d9a2d9c0d8a6f0a4e6c2e2a7e8a0d8a
6f0a2f6c6e8a2d2c8d0a6d4c6e4c7f8a
3e7b0d3c8e5c5f3b7e0a2d8a0d9c6f8b
7e0a3e2a7e5c4f3b7f8a0d9a3e0a4e2a
8f3b0d2a0d7a2d2c5e2a4d3b0d9a2d4c
8d4c6e4a0d8a6f0a2e3b0d7a4f2c5e3b
3d0a8e7a0d8a4e3b7e3b0d9a4e4c2f4b
0d6a8e7c8d0a2e3b0d3a3e5c4f8c3e7b
3e3a0d8a6f0a8d4b3e0a7f9c3d6b3e9c
0d4b2d7b2e6c8e7b0d2b7e4c3d4a3e0a
2d8a0d4c8d7c0d3b2d7b5f4c3e7c8d0a
9f6c8e0a9d4c5f5c0d6a3e3b8d0a9d4c
8d4b0d2b7e4c8d4c7f4b0d2a6e3a0d2c
2d6b2d3a4f2a6e0a6f3c3f4c2f4c2d5c
7f0a9d4b6f0a9d4c5f5c0d4a8e4c3d3b
0d9c6f8b0d8a6f0a2d0a9d2a4f8a4f6b
4d0a2f2a7e0a2d8a0d9a4e4c2f4b0d7a
6f4c6e8a0d9c6f8b0d9a4f5c5f0a2e3b
0d7a7e6c8f4c3d3b3d0a9d4c8d4b0d3c
8e7b8d4b3e7b0d3a3e8a2d4c5f7c9d4b
3e6b0d9c6f8b0d6a3e3b8d0a8d4b3e0a
6f3c3f4c2f4c2d5c7f0a7d5c3e2a7f3b
0d7a7e6c8f4c3d3b0d8a4e3b6d0a9d4c
8d4b0d8a4e3b0d3c6f5c5f6c9d4c6e4a
0d3c5f2a4d8a4e3b7d2a2f5b2d4a3e7c
2d7b3e2a8d7a3e7b8d4b6e6c7e8a4e9a
3e0a4e6c7d3b0d8a4e2a8d0a8d4b4f7c
0d6a3e7c7f2a4d3b0d6a2d5b3e7c0d4c
8d0a8d6c0d9c6f8b0d7c2d3c3e5c9f9c
6f8b7e7c0d4c6e0a7f8b2f2c3e7c7f0a
4f6b0d8a4e3b0d9a2d7b0d3b3f3c6f7b
8d6a4f6b4f7c8d3b7e0a8d4b6f6a2d7c

Yours truly in defeating the Australians,
Minister Stevensons
There are two versions of this cipher: one for this CTF which has no shift and one for YOSPOS, which has a shift.

If you were involved in the CTF and failed or succeeded at decoding it, I'd love to know what methodologies you threw at figuring it out.

So what was done to encode this?


The methodology used to encode it was fairly straightforward but used an older version of the Australian telephone dial pad--this was sort of the hint I left in the above challenge. Here's an example of its layout:
|-----------|
|1   2   3  |
|QZ  ABC DEF|
|-----------|
|4   5   6  |
|GHI JKL MNO|
|-----------|
|7   8   9  |
|PRS TUV WXY|
|-----------|
|*   0   #  |
|-----------|

What was done was that '0a' was set to handle spaces, but looking back I could have used it to encode new lines and periods--so space would be 'A', '\n' would become 'B', and '.' would become 'C'. During encoding, the position of the letter on the dial pad digit was set to letters 'A', 'B', or 'C', meaning that if you wanted to encode letter 'N', it would become '6b'.

To add a level of confusion for the intercepting party, every other would become flipped so if '6b' came after say '3b', then '6b' would become '6e'.

If we were to take the string "hello world" and encode it, it would come out as '4b3e5c5f6c0d9a6f7b5f3a'.

There wasn't a level of padding added to the text but I intentionally kept it at a specific length so I could come out with something hash-like--meaning that the newlines separating everything had no purpose in decoding. The phone pad and the plaintext should be enough to explain why '1' did not appear.

The YOSPOS version


A few weeks before, I posted a similar but harder version of the above cipher on YOSPOS--for those who are not in YOSPOS, you can just search for it to find out what it is. It's relatively the same as the above except it does one thing differently and thus makes it harder to solve.

The YOSPOS version rotates the numerical value on each pass. The enciphering party sets the shift value at whatever they desire between 0 and 9 and starting at the first letter, it's shifted up by 1 and then continuously at each pass until it goes beyond 9 where at which point it starts at 0. After each shift, the value of each enciphered letter is increased by whatever value the shift is at.

For example, if the shift is starting at 5 and we have the character's value set to 4 (say '4b' for 'H'), then it would become '0' as it would have had 6 added to the value since we already increased the shift before proceeding. Then on the next character, we have the value set at '3' and the shift set at '7', so the next value again becomes '0'--any value that goes beyond 9 would just end up taking the last digit as its value.

In the end, the above "hello world" example would become something like this:
0e0b3f4c6f1a1d9c1e0c9d
To decipher it, it would just involve determining what the shift was to start and then working it backwards on the decoding.

The original text


In case you haven't taken a crack at it using the details above, here's what was encoded:

Hello
 
This message is intended for only the recipient and must not be deciphered by any 
unauthorised party. Should you not be authorised to decode this message you will 
be prosecuted in our majestys court at its fullest.
 
If you are in Adelaide, please make your way to Hobart to contact Minister Fuller 
at your earliest. We have a package waiting to be picked up there which must be 
delivered to the Sydney Harbour Bridge at its earliest. You will meet with British 
and Canadian officials who will guide you to a waiting car at which point you will 
be provided with further details.
 
When you meet the officials, please provide them with the following flag:
 
thepackagesareatperthnorth
 
We hope that this message makes it to you safely.
 
Yours in success in the war effort
Minister Thomas

Keep in mind that no formatting was kept other than spaces so newlines, colons, periods, and whatnot were not kept.

Thanks for playing! I'll probably create more of these in the future with varying degrees of difficulty. The CTF one had its difficulty reduced due to its target level but in the future I'll likely use more obscure enciphering methods.