cryptography

this is about encryption and decryption . five years ago , I found in a site this ciphertext :

ór¢Ê¸½‰fÛ—ÅJ"¥wš©Ë~Î…v¼ÖZleÛÖµ²†±yÐ

I am stuck in the type of encryption used to create this ciphertext . I noticed that the characters are Unicode . So I read about Unicode decoding and encoding in the hope of being able to decode it . This is what I did

I changed the ciphertext to hexadecimal then to binary then tried to decode it , first , using 7 bits per character then 8 bits per character , then 16 bits per character , then 32 bits per character then mapped each character using Unicode and ASCII table to find the plaintext characters but I failed to find any plaintext .

I would like to know what is the type of encryption used on this cipher text???

ór¢Ê¸½‰fÛ—ÅJ"¥wš©Ë~Î…v¼ÖZleÛÖµ²†±yÐ

LB (13399)

That's not text, it's just some binary data that you are incorrectly interpreting as text. As for what it is and what it means, that depends on a lot of factors that you have not explained - where did that come from and how is it used?

Computergeek01 (5613)

A code is not a cipher OP, the two aren't even sides of the same coin. If this is really encrypted, and not just encoded, then you are going about this completely wrong.

The first step to breaking a cipher is to identify the blob header or public key structure, the two terms are more or less interchangeable. This is the portion of the public key, assuming that it's even there, that identifies the cryptographic provider and the algorithm that was used to compute the cipher to the recipient. After you have that, it's a matter of running a set of pre-computed hashes from that algorithm, this is called a rainbow table, through the decryption function associated with it. This is a good time to get up and make yourself and sandwich, and eat the sandwich, then go to college, graduate, start a career, start a family, retire and then wait a bit longer. If you have a super fast computer at your disposal then you might have your answer by then. That's assuming that this text is valid and complete and isn't corrupted or heavily salted.

Computergeek01 (5613)

Hopefully this will give you a better idea about modern cryptography, I'm a Windows guy so link this to "msvcrt.lib", "msvcprt.lib", "AdvApi32.lib" and "Crypt32.lib":

#include <iostream>
#include <cstring>
#include <string>
#include <fstream>
#include <utility>

#define _WIN32_LEAN_AND_MEAN

#include <windows.h>
#include <Wincrypt.h>

std::pair<HCRYPTKEY, HCRYPTHASH>  Encode(BYTE* Msg, DWORD Buffer, DWORD* Message_Size);
DWORD Decode(BYTE* Msg, DWORD Buffer,  DWORD* Message_Size, std::pair<HCRYPTKEY, HCRYPTHASH>);


HCRYPTPROV cProvider;


int main()
{
    std::string Data_To_Encrypt = "This Is Plain Text";
    const DWORD Buffer_Size = 256;

    if(Data_To_Encrypt.length() > Buffer_Size)
    {
        std::cout << "ERROR! BUFFER OVER RUN!\n";
        return 1;
    }

    char RawData[Buffer_Size];
        sprintf_s(RawData, Buffer_Size, Data_To_Encrypt.c_str());
    BYTE* bRData = reinterpret_cast<BYTE*>(RawData);
    DWORD Message_Size = Data_To_Encrypt.length() + 1;

    std::pair<HCRYPTKEY, HCRYPTHASH> cKeyPair(Encode(bRData, Buffer_Size, &Message_Size));
    ///THE DATA IN 'RawData' IS NOW ENCRYPTED SEE OUTPUT IN "Message.txt"
    Decode(bRData, Buffer_Size, &Message_Size, cKeyPair);

    CryptReleaseContext(cProvider, 0);

    return 0;
}




std::pair<HCRYPTKEY, HCRYPTHASH> Encode(BYTE* Msg, DWORD Buffer, DWORD* Message_Size)
{
    std::ofstream oFile("Message.txt", std::ios_base::binary);

    //std::cout << "DEBUG - Encoded Message Size: " << EncryptedSize << "\nMessage_Size: " << Message_Size << "\n\nMessage: " << Msg << "\n";

    HCRYPTKEY cKey = NULL;
    HCRYPTHASH cHash;

    DWORD Blob_Size = 0;
    BYTE* pcKeyBLOB;

    try
    {
        //if(!CryptAcquireContextA(&cProvider, "My_Key", MS_DEF_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET)) ///CREATES NAMED KEY
        //if(!CryptAcquireContextA(&cProvider, "My_Key", MS_DEF_PROV, PROV_RSA_FULL, CRYPT_DELETEKEYSET)) ///DELETES NAMED KEY
        if(!CryptAcquireContextA(&cProvider, NULL, MS_DEF_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) ///CREATES TEMPORARY KEY.
        {
            throw 1;
        }

        if(!CryptGenKey(cProvider, CALG_RSA_KEYX, RSA1024BIT_KEY, &cKey)) ///GENERATE RANDOM SESSION KEY FROM THE PROVIDER
        {
            throw 2;
        }

        if(!CryptCreateHash(cProvider, CALG_MD5, 0, 0, &cHash)) ///GRAB HASH OBJECT FROM PROVIDER
        {
            throw 3;
        }

        if(!CryptEncrypt(cKey, cHash, TRUE, 0, Msg, Message_Size, Buffer)) ///ENCRYPT TARGET
        {
            throw 4;
        }

        oFile << "Encrypted Message: ";
        oFile.write((char*)Msg, *Message_Size); ///YOU DON'T WANT, OR NEED THE STREAM OPERATOR HERE BECAUSE THE RESULTING DATA MAY INCLUDE WHITESPACE (WS) CHARACTERS

        CryptExportKey(cKey, NULL, PUBLICKEYBLOB, CRYPT_OAEP, NULL, &Blob_Size); ///THIS IS M$'S WAY OF GETTING THE NECESSARY SIZE OF BLOB

        //std::cout << "DEBUG - Blob_Size: " << Blob_Size << "\n" << GetLastError() << "\n";

        pcKeyBLOB = new BYTE[Blob_Size]; ///DYNAMIC ALLOCATIONS OF PREVIOUSLY UNKNOWN SIZE ARRAY

        if(!CryptExportKey(cKey, NULL, PUBLICKEYBLOB, CRYPT_OAEP, pcKeyBLOB, &Blob_Size)) ///EXPORT THE KEY USED TO A BLOB
        {
            throw 5;
        }

        oFile << "\n\n\n"; ///JUST SOME WS BETWEEN THE NON-SENSE AS A VISUAL AID

        oFile << "Key Blob:\n"; ///THING OF THIS AS A "HEADER"
        oFile.write((char*)pcKeyBLOB, Blob_Size); ///JUST LIKE THE ENCRYPTED MESSAGE. NO STREAM OPERATORS

        std::cout << "\nDONE\n";
    }
    catch(int& Error)
    {
        std::cout << "\nError At: " << Error << "\nError Code: " << GetLastError() << "\n";
    }

    std::pair<HCRYPTKEY, HCRYPTHASH>cKHPair(std::make_pair(cKey, cHash));

    memset(pcKeyBLOB, 0, Blob_Size); ///IN CASE THE CRYPTO PROVIDER DOES NOT ZERO OUT THE MEMORY THEMSELVES YOU SHOULD DO IT
    delete [] pcKeyBLOB;

    //CryptDestroyHash(cHash); ///NOTICE THAT THESE THREE ARE COMMENTED OUT
    //CryptDestroyKey(cKey);   ///RELEASING ANY OF THESE HERE PREVENTS YOU FROM DECRYPTING DATA LATER ON IN YOUR APP UNLESS YOU READ THE DATA BACK IN
    //CryptReleaseContext(cProvider, 0); ///I ONLY LEFT THEM FOR THE PURPOSES OF THIS NOTE

    oFile.close();

    return cKHPair;
}


DWORD Decode(BYTE* Msg, DWORD Buffer, DWORD* Message_Size, std::pair<HCRYPTKEY, HCRYPTHASH> cKHPair)
{
    if(!CryptDecrypt(cKHPair.first, cKHPair.second, TRUE, 0, Msg, Message_Size)) ///DECRYPTION ONCE YOU HAVE THE HASH AND KEY IS BRAIN DEAD EASY
    {
        std::cout << "FAILD TO DECRYPT MESSAGE! : " << GetLastError() << "\n";
    }

    printf_s("Ta-Da! : %s\nMessage Size: %d\n", Msg, *Message_Size);

    return 0;
}

I suggest viewing the output file in a hex editor like Vim.

Last edited on

Cody0023 (336)

lol now this is funny.

dilver (142)

I really found this ór¢Ê¸½‰fÛ—ÅJ"¥wš©Ë~Î…v¼ÖZleÛÖµ²†±yÐ in a website in which it is written that Unicode can be used to conceal the plaintext by transforming it to a weird Unicode character so that it will be very difficult to grasp the plaintext . The website gave this "ór¢Ê¸½‰fÛ—ÅJ"¥wš©Ë~Î…v¼ÖZleÛÖµ²†±yÐ" as an example but it did not explain how to decrypt it . I got the ciphertext 5 years ago . Now I do not know the site address and even when I put the ciphertext in Google it does not show any relation to a specific site . May be the site changed or is not available any more I do not know. 5 years ago when I was in the site I copied and pasted the ciphertext and stored it in my computer . When I first put my post about this ór¢Ê¸½‰fÛ—ÅJ"¥wš©Ë~Î…v¼ÖZleÛÖµ²†±yÐ , I wanted to know what I could not know or did not pay attention to five years ago .

Computergeek01 (5613)

IMHO, I would say not to worry about some arbitrary string of data that you copy and pasted five years ago. As I said before, if you are interested in cryptography, this is not the route to go anyway.

giblit (3750)

Yeah, if you are interested in it then please check out these links:
https://www.khanacademy.org/computing/computer-science/cryptography
http://www.vectorsite.net/ttcode.html

dilver (142)

thank you very much for the links :)

as for Computergeek01 , I am very interested in knowing your idea or vision : as you wrote "if you are interested in cryptography, this is not the route to go anyway"

Tell me , please, about the route I should follow

Last edited on

MiiNiPaa (8886)

Unicode can be used to conceal the plaintext by transforming it to a weird Unicode character

So it is like Base64 encoding of binary data, but to some subset of Unicode instead.

As for your string: it is impossible to find the original. Size of data is too small for any analysis method to work, and without any hint on type of cipher used it is wild goose chase.

For example, using substitution block cipher I can get this string from any other string 35 character long.

Computergeek01 (5613)

@ OP: First you should start by studying how cryptography is used. You don't stand a chance at understanding cryptanalysis without first understanding what it is that you are analyzing to begin with. Take the example code I posted, it is fully functional by the way so tell me if it is giving you any compiling errors. Look at each of the functions and read up as much as you can about how they accomplish what it is that they do. Don't focus on a particular crytographic method yet, just develop an understanding about how it all works together.

Next, look up some "solved\broken" crypto methods, I mean ones that people are told not to use anymore, and try to understand why they are considered to be not safe. Implement those crypto methods and then apply the "solution" to try to see if you can break a cipher that you encrypted with it using the described weakness.

Maybe try to write a few applications to encrypt data using a 'safe' crypto method. Then try to write a "broken" one. A broken implementation would do something like encode the same sub-string or offset of the same sub-string into the cipher given the same input. Try to figure out why it's broken, is it a weak algorithm? Does it rely on a poor quality RNG? Math-heads like to show off and break a cipher using fancy algorithms and finding collisions, but for the past ten or so years the biggest weakness in established methods has been in their implementation.

Just please please remember not to do anything stupid and or illegal. I know Cuba sounds nice and I plan on vacationing down their my self sometime in the near future. But we should all try to avoid that one particular corner of the country.

Topic archived. No new replies allowed.