

I was forced to write a blog post.  So I made a code breaking contest. - erik_landerholm
http://carwoo.com/blog/why-i-dont-want-to-write-a-blog-post/

======
erik_landerholm
If you base64 decode this

IThGMj4wS0gvR0M9PE5QQEEnMyxNIiFHJE1NVTdYSS5PTTdFT1FCVUtMLVBW
Qj4nNkBUIDsqLUNTLjVCJS87IkwnT1E/LiZRI1E4ITlBLzBXNU5SNEgmVDM8
QFM0Ty4wLFAvL0ohNTUxQzU2Jy82LVEpN0gpSjs3NCE5Q1lXQlUwUVc1MUFX
NDI7LUQnO09BSEI9WVdNRktOTTdLNkI+Pj5HIDtKS1YkSVY0I0pRPTtYVSY9
KyhZVEAqJykrJSIpIjcsI0ckWD4ySlRIIkAhUyw+VStUQVY/NiUpNFZVMis8
IylXMiU9VVFKSFI3WkI3S0A/QTMhIkkuP0pFMVJKQixYJSFGJz8+TD89WFgu
JyRSJ1hYIlIoVEFVLlUwOjc0Oi4iQDlNOUVPSUdHOkM5Mj9LWilCMlkmPj1X
M0otSiwmKFU4Jy9IJzc5WkFVQ1VFPFFAQ0tHOClYLDklPDs/T1BPS0hTPDAi
WkRBQVVSOTIhKjxBR0ZNNypRNzwsMVI=

The first 5 characters are "!8F2>"

Those 5 characters represent the first "T". Another "T" won't necessarily
result in the same code. Actually, the odds of ever seeing that code again for
a "T" is low.

~~~
mmastrac
The message is:

DON’T FORGET TO DRINK YOUR OVALTINE

Seriously, don't downvote me. That's the decrypted message.

~~~
erik_landerholm
You are right. Congrats!! There is actually an exclamation point at the end,
but close enough! send an email to erik@carwoo.com and we can figure out how
to get you the $500. Also, if you would detail your solution...that would be
awesome!

~~~
sandal
Here's a Ruby version of the solution that was posted to your blog:
<http://pastie.org/1390793>

------
erik_landerholm
Here are four different, but all valid encodings of THE QUICK BROWN FOX JUMPS
OVER THE LAZY DOG

Each one can be decoded with the same decoding method.

IThGMj4wS0gvR0M9PE5QQEEnMyxNIiFHJE1NVTdYSS5PTTdFT1FCVUtMLVBW
Qj4nNkBUIDsqLUNTLjVCJS87IkwnT1E/LiZRI1E4ITlBLzBXNU5SNEgmVDM8
QFM0Ty4wLFAvL0ohNTUxQzU2Jy82LVEpN0gpSjs3NCE5Q1lXQlUwUVc1MUFX
NDI7LUQnO09BSEI9WVdNRktOTTdLNkI+Pj5HIDtKS1YkSVY0I0pRPTtYVSY9
KyhZVEAqJykrJSIpIjcsI0ckWD4ySlRIIkAhUyw+VStUQVY/NiUpNFZVMis8
IylXMiU9VVFKSFI3WkI3S0A/QTMhIkkuP0pFMVJKQixYJSFGJz8+TD89WFgu
JyRSJ1hYIlIoVEFVLlUwOjc0Oi4iQDlNOUVPSUdHOkM5Mj9LWilCMlkmPj1X
M0otSiwmKFU4Jy9IJzc5WkFVQ1VFPFFAQ0tHOClYLDklPDs/T1BPS0hTPDAi
WkRBQVVSOTIhKjxBR0ZNNypRNzwsMVI=

JkpXLlVZIz5MLTxKJj1PUFA2R09BPUtTLSI1Oi9DMEwzM0VYSiE5S1gzVTA4
WksxS0VSVS0pQzlCLTg1VDpATlUpWihIVVIgIDE/V1o2JlA+RkNZJ1BLIFY6
Q1QoWCA2KzlPKlBVTS8mKihNKU9JM1EmK1kkRSxOSD43O1JEWTApOD1JRk48
Ozk1UzJUTkZJOSY2V1AqVUwwQCogVUk6UiIvTDtDSjBGSlNQNCxTNCNIL0VE
IC1QLDwnRFE8ISpITSRNOE8iMzBSQlYtQT8mWEFOIkVPSSJXMCkxRT8tPFEj
QFlWN1JBIEosWjAmODNCJzM3QCUmTCgwKyowJ1NWWkwyJ0ZFTDggRlMxIUJY
JD88NS48SDQpJUNTQitFVS4qOCk8KztaQEI6TysmUC9XNiotNSEtIEYmKS4h
QVZXNlI/TEpFPihDITIxIFcrKlQ/UUdWOEk+TFNZOldDQEtWN0c+QzgrQCFW
KT82U0k9QVlMQFhAOiw/OT9LICkjQSM=

NCs6SixWVishJy4xTSw0SlQsM041SzRFKDIvSVIoPDZaQyY8ODwzMjMqRlNB
Uzo1QT0tLyRONyFHOVEhV0A0QzNIOzVOPkg3Kk4tVEhPRCspPkQoQFQnVjw5
IkVFWVkyLEk/PEIuUVFKRyJNUllOVTI/SFNENDw6JDQxLkUxTVo7RCcrQFQ/
LUs4KyUuSSQuSUo7IU0kVU1PQihBMSkxV0I0PFVCR00nJTxKPTMvUiJCI0A9
IjYiNFcuOjdSQUJSNlkpKj05SSFSLThGRDdUTy03PUwxPkIwLFJQRzRBSCdN
OTEqU0A2NEJCIkgxOyQzUUYgNTxHUDM2JCdXRE1XTz9aJUAqVlkrRDErIDoh
PixMO0A5OCEuMCQwQjk6NFg7QVpQRUk2SkAsKFpINVc+WjouPSUjLkg7WCpZ
LU8zSi1ULVlTNic/VUYjLFk9MCNYQz8yIzcvIlk4IzdVMkdVTyNGI1QhPjAh
UTdWT0gxRUVULkY9SUI+N1lVPSMvVlY=

MzgsTStTREc4JClWNyswNiUxLkUgWitJQjVUSzYxVk07ODwlIExYM1AsM0o4
PSZHQzY6LUorQVVQPzY3V1g1S1FZRUtQWjJaJU9AKSlGMkpLMUtDLEgyQkxL
PFYgRzFJNSg0VTsnWTkiVSc4Ni8iQUJHJUxGSS5TNjxPLlZDJzZHLCJKQDxN
RywwPDpHK0lWQ00tPEMlRD1GU000TE4gIi9OKEhINT4+VUgzMEkhNDEkIFUh
IzYtQD9SS0U1J1kvPzImN1pLWVE1JT1IICInIFVTUjBGJT5TUkM0JlojLzw2
UlgjSz9ATDo8NiM7RlAuP0wwIykxKyhRKCYvR1QoSS8xLUVRTjlIO0UnNixI
J1ZLI0tWICcyRCIxT1NCUDkoVCtGPzojUihGUS9TMkA/Kk4/RC9JVkg4WUgk
QDsjPlhMRDE8ViUoSkpDSC4pRU9VLDo4LEUmNztMO1c3PEwrM1okTS1GJ1Qs
R0YrUjBBIFoqMi5AWkdTPFBONDRHJ0U=

It never encodes things the same each time your run it, but they can all be
decoded the same way. There are no strange initial conditions you need to know
about like time or some other kind of token.

~~~
olalonde
Unencoded:

    
    
        !8F2>0KH/GC=<NP@A'3,M"!G$MMU7XI.OM7EOQBUKL-PVB>'6@T ;*-CS.5B%/;"L'OQ?.&Q#Q8!9A/0W5NR4H&T3<@S4O.0,P//J!551C56'/6-Q)7H)J;74!9CYWBU0QW51AW42;-D';OAHB=YWMFKNM7K6B>>>G ;JKV$IV4#JQ=;XU&=+(YT@*')+%")"7,#G$X>2JTH"@!S,>U+TAV?6%)4VU2+<#)W2%=UQJHR7ZB7K@?A3!"I.?JE1RJB,X%!F'?>L?=XX.'$R'XX"R(TAU.U0:74:."@9M9EOIGG:C92?KZ)B2Y&>=W3J-J,&(U8'/H'79ZAUCUE<Q@CKG8)X,9%<;?OPOKHS<0"ZDAAUR92!*<AGFM7*Q7<,1R
    
        &JW.UY#>L-<J&=OPP6GOA=KS-"5:/C0L33EXJ!9KX3U08ZK1KERU-)C9B-85T:@NU)Z(HUR 1?WZ6&P>FCY'PK V:CT(X 6+9O*PUM/&*(M)OI3Q&+Y$E,NH>7;RDY0)8=IFN<;95S2TNFI9&6WP*UL0@* UI:R"/L;CJ0FJSP4,S4#H/ED -P,<'DQ<!*HM$M8O"30RBV-A?&XAN"EOI"W0)1E?-<Q#@YV7RA J,Z0&83B'37@%&L(0+*0'SVZL2'FEL8 FS1!BX$?<5.<H4)%CSB+EU.*8)<+;Z@B:O+&P/W6*-5!- F&).!AVW6R?LJE>(C!21 W+*T?QGV8I>LSY:WC@KV7G>C8+@!V)?6SI=AYL@X@:,?9?K )#A#
    
        4+:J,VV+!'.1M,4JT,3N5K4E(2/IR(<6ZC&<8<323*FSAS:5A=-/$N7!G9Q!W@4C3H;5N>H7*N-THOD+)>D(@T'V<9"EEYY2,I?<B.QQJG"MRYNU2?HSD4<:$41.E1MZ;D'+@T?-K8+%.I$.IJ;!M$UMOB(A1)1WB4<UBGM'%<J=3/R"B#@="6"4W.:7RABR6Y)*=9I!R-8FD7TO-7=L1>B0,RPG4AH'M91*S@64BB"H1;$3QF 5<GP36$'WDMWO?Z%@*VY+D1+ :!>,L;@98!.0$0B9:4X;AZPEI6J@,(ZH5W>Z:.=%#.H;X*Y-O3J-T-YS6'?UF#,Y=0#XC?2#7/"Y8#7U2GUO#F#T!>0!Q7VOH1EET.F=IB>7YU=#/VV
    
        38,M+SDG8$)V7+06%1.E Z+IB5TK61VM;8<% LX3P,3J8=&GC6:-J+AUP?67WX5KQYEKPZ2Z%O@))F2JK1KC,H2BLK<V G1I5(4U;'Y9"U'86/"ABG%LFI.S6<O.VC'6G,"J@<MG,0<:G+IVCM-<C%D=FSM4LN "/N(HH5>>UH30I!41$ U!#6-@?RKE5'Y/?2&7ZKYQ5%=H "' USR0F%>SRC4&Z#/<6RX#K?@L:<6#;FP.?L0#)1+(Q(&/GT(I/1-EQN9H;E'6,H'VK#KV '2D"1OSBP9(T+F?:#R(FQ/S2@?*N?D/IVH8YH$@;#>XLD1<V%(JJCH.)EOU,:8,E&7;L;W7<L+3Z$M-F'T,GF+R0A Z*2.@ZGS<PN44G'E

~~~
olalonde
All 4 strings share 15 characters at the same position, not sure if it's
relevant though. (I doubt it since the clear string is 43 characters long)

The position/character couples are: 14: P, 20: M, 36: O, 92: 4, 137: ;, 158:
>, 171: #, 177: U, 204: ", 207: S, 211: +, 276: ", 281: U, 364: U, 366: 9

~~~
sandal
Huh?

    
    
        >> a.index("P")
        => 14
        >> b.index("P")
        => 15
        >> c.index("P")
        => 218
        >> d.index("P")
        => 40

~~~
olalonde
Sry, bug in my code, I only tested the first 2 strings.

------
lim_nick
Here are some integer values for the characters of two of the QBFs

[72, 55, 81, 36, 86, 49, 49, 37, 38, 61, 62, 86, 40, 63, 57, 43, 57, 62, 50,
47, 36, 43, 68, 38, 36, 54, 54, 86, 67, 46, 69, 52, 78, 37, 61, 33, 46, 77,
55, 41, 49, 70, 70, 53, 46, 74, 32, 50, 63, 40, 81, 82, 51, 90, 58, 82, 69,
77, 54, 42, 73, 67, 74, 80, 84, 85, 48, 86, 75, 71, 77, 61, 32, 58, 74, 44,
54, 53, 33, 78, 73, 41, 54, 69, 51, 44, 39, 32, 38, 60, 85, 68, 78, 80, 47,
33, 33, 32, 65, 35, 51, 34, 44, 35, 65, 39, 45, 73, 63, 34, 63, 79, 86, 63,
71, 80, 34, 45, 52, 52, 89, 61, 41, 60, 83, 35, 46, 39, 75, 87, 77, 50, 72,
58, 77, 53, 48, 48, 38, 70, 73, 71, 35, 77, 49, 85, 79, 73, 89, 46, 44, 47,
70, 35, 38, 50, 44, 49, 77, 74, 54, 67, 54, 45, 40, 35, 46, 80, 59, 33, 55,
58, 33, 75, 35, 53, 34, 42, 87, 67, 51, 77, 84, 67, 41, 83, 75, 72, 85, 45,
39, 55, 56, 81, 67, 39, 36, 80, 33, 52, 81, 88, 79, 57, 58, 88, 45, 87, 51,
59, 50, 54, 70, 40, 73, 86, 43, 71, 71, 79, 65, 67, 61, 40, 39, 76, 85, 33,
82, 59, 87, 72, 54, 74, 67, 87, 35, 82, 54, 50, 60, 85, 59, 57, 86, 79, 44,
70, 47, 62, 72, 53, 76, 68, 87, 35, 49, 41, 65, 58, 75, 48, 84, 80, 37, 63,
82, 50, 51, 65, 88, 78, 52, 55, 85, 33, 44, 33, 35, 89, 42, 32, 71, 61, 67,
48, 35, 55, 88, 41, 64, 58, 67, 74, 80, 62, 80, 63, 41, 38, 48, 43, 64, 33,
67, 71, 35, 55, 87, 44, 41, 61, 36, 37, 88, 39, 75, 70, 84, 88, 49, 73, 44,
70, 43, 33, 43, 37, 37, 71, 78, 82, 85, 85, 68, 49, 57, 66, 89, 44, 57, 37,
40, 62, 50, 44, 40, 72, 48, 39, 53, 35, 68, 55, 73, 70, 33, 49, 55, 61, 58,
39, 50, 40, 68, 82, 52, 83, 78, 78, 34, 41, 71, 61, 58, 81, 39, 68, 53, 69,
85, 68, 33]

[33, 56, 70, 50, 62, 48, 75, 72, 47, 71, 67, 61, 60, 78, 80, 64, 65, 39, 51,
44, 77, 34, 33, 71, 36, 77, 77, 85, 55, 88, 73, 46, 79, 77, 55, 69, 79, 81,
66, 85, 75, 76, 45, 80, 86, 66, 62, 39, 54, 64, 84, 32, 59, 42, 45, 67, 83,
46, 53, 66, 37, 47, 59, 34, 76, 39, 79, 81, 63, 46, 38, 81, 35, 81, 56, 33,
57, 65, 47, 48, 87, 53, 78, 82, 52, 72, 38, 84, 51, 60, 64, 83, 52, 79, 46,
48, 44, 80, 47, 47, 74, 33, 53, 53, 49, 67, 53, 54, 39, 47, 54, 45, 81, 41,
55, 72, 41, 74, 59, 55, 52, 33, 57, 67, 89, 87, 66, 85, 48, 81, 87, 53, 49,
65, 87, 52, 50, 59, 45, 68, 39, 59, 79, 65, 72, 66, 61, 89, 87, 77, 70, 75,
78, 77, 55, 75, 54, 66, 62, 62, 62, 71, 32, 59, 74, 75, 86, 36, 73, 86, 52,
35, 74, 81, 61, 59, 88, 85, 38, 61, 43, 40, 89, 84, 64, 42, 39, 41, 43, 37,
34, 41, 34, 55, 44, 35, 71, 36, 88, 62, 50, 74, 84, 72, 34, 64, 33, 83, 44,
62, 85, 43, 84, 65, 86, 63, 54, 37, 41, 52, 86, 85, 50, 43, 60, 35, 41, 87,
50, 37, 61, 85, 81, 74, 72, 82, 55, 90, 66, 55, 75, 64, 63, 65, 51, 33, 34,
73, 46, 63, 74, 69, 49, 82, 74, 66, 44, 88, 37, 33, 70, 39, 63, 62, 76, 63,
61, 88, 88, 46, 39, 36, 82, 39, 88, 88, 34, 82, 40, 84, 65, 85, 46, 85, 48,
58, 55, 52, 58, 46, 34, 64, 57, 77, 57, 69, 79, 73, 71, 71, 58, 67, 57, 50,
63, 75, 90, 41, 66, 50, 89, 38, 62, 61, 87, 51, 74, 45, 74, 44, 38, 40, 85,
56, 39, 47, 72, 39, 55, 57, 90, 65, 85, 67, 85, 69, 60, 81, 64, 67, 75, 71,
56, 41, 88, 44, 57, 37, 60, 59, 63, 79, 80, 79, 75, 72, 83, 60, 48, 34, 90,
68, 65, 65, 85, 82, 57, 50, 33, 42, 60, 65, 71, 70, 77, 55, 42, 81, 55, 60,
44, 49, 82]

------
nathanhammond
Erik says that all of the strings can be decoded with the same method. Since
the input string can result in multiple different valid encoded forms that
implies to me that the method for decoding these strings is also encoded in
the string (it seems that otherwise we would have to guess magic inputs).

However, assuming that approach, it is interesting to me that each resulting
string ended up the same length. Trying to tease out some encoding code from
the outputs now...

------
mrduncan
The character distribution of the encoded message for the example ("THE QUICK
BROWN FOX JUMPS OVER THE LAZY DOG"):

    
    
        8: " " (note that the original also has 8 spaces)
        4: "O"
        3: "E"
        2: "H", "R", "T", "U"
        1: "Z", "B", "Y", "N", "C", "D", "X", "M", "P",
           "W", "F", "Q", "G", "L", "S", "A", "I", "K",
           "J", "V"
    

The character distribution of the encoded message (to be solved):

    
    
        12: ";", " ", "I"
        11: "H"
        10: "*", "-", "F", "2"
         9: "?", "S", "L", "O", "E", "T"
         8: "N", "4", "W"
         7: "3", "(", "J", "#", "/", "U"
         6: "C", ">", "<", """, "D", "A", ".", "%", "0"
         5: "9", "V", "@", "+", "$", "Y", "G", "6"
         4: "=", ":", "Z", "P", "R", "&", "7", "1", "B",
            ",", "!"
         3: "8", ")", "K", "X", "'", "5"
         2: "Q", "M"

~~~
vankap
383 is prime. So it can't be a substitution cipher.

~~~
waterlesscloud
Well, not a substitution cipher in which each substitution is of equal length.
:-)

------
mrduncan
Given that sample (see blog comments), it is a little trickier than a simple
substitution.

Edit: I stand corrected on the original statement about lengths - wasn't
paying attention and was performing integer division.

~~~
olalonde
Are you sure it's _exactly_ 8? I get ~8.9 times its own length.

    
    
        var fox = "THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG";
        var decodedfox = atob("SDdRJFYxMSUmPT5WKD85Kzk+Mi8kK0QmJDY2VkMuRTROJT0hLk03KTFGRjUuSiAyPyhRUjNaOlJFTTYqSUNKUFRVMFZLR009IDpKLDY1IU5JKTZFMywnICY8VUROUC8hISBBIzMiLCNBJy1JPyI/T1Y/R1AiLTQ0WT0pPFMjLidLV00ySDpNNTAwJkZJRyNNMVVPSVkuLC9GIyYyLDFNSjZDNi0oIy5QOyE3OiFLIzUiKldDM01UQylTS0hVLSc3OFFDJyRQITRRWE85OlgtVzM7MjZGKElWK0dHT0FDPSgnTFUhUjtXSDZKQ1cjUjYyPFU7OVZPLEYvPkg1TERXIzEpQTpLMFRQJT9SMjNBWE40N1UhLCEjWSogRz1DMCM3WClAOkNKUD5QPykmMCtAIUNHIzdXLCk9JCVYJ0tGVFgxSSxGKyErJSVHTlJVVUQxOUJZLDklKD4yLChIMCc1I0Q3SUYhMTc9OicyKERSNFNOTiIpRz06USdENUVVRCE=");
    
        console.log(decodedfox.length/fox.length);

~~~
narkee
26/3 is ~8.67, I wonder if that is relevant.

------
vankap
I am working on the assumption that the first few chars could be a randomly
generated salt and the rest is equal sized blocks of encrypted content. The
random salt results in a different encoding each time.

This is what I have so far and it seems to fit the original encoded message
too.

The salt is the first 29 chars.

Each encrypted block is 59 chars.

So for the QBFs : 29 + 6x59

For the original message : 29 + 5x59

~~~
vankap
Note: I have never come across such sizes for salt and block though. I may be
totally off.

------
robinhouston
Quick thought: each byte is a printable ascii character between space (0x20)
and 'Z' (0x5a) inclusive. All these bytes appear in all the encoded files.
Does anything interesting happen if you interpret the files as encoded in base
59?

(Edit: obviously I'm talking about the files _after_ they have been base64
decoded…)

~~~
jbester
It seems more like the string decodes to multiple base 59 numbers. The cipher
is another layer on top of that.

------
invisible
The strange properties of the encryption lead me to believe it was some binary
modification (just a pattern), but that may have been looking too far into the
problem. I started to see a pattern by deleting bits initially but it
disappeared as I progressed.

I'm not even sure where to start with using the unencoded string.

------
erik_landerholm
"A Christmas Story" is pretty great christmas movie. One of the greatest
scenes is when Ralphie decodes the secret orphan annie message. I changed it a
bit so that someone wouldn't just guess it.

it seemed fitting as it is the only encoded message in any holiday movie I
could think of! :)

------
hugh3
I have no idea where to begin with the decryption, but I like this guy's
style.

~~~
foresterh
I would start here:
<http://www.opinionatedgeek.com/dotnet/tools/base64decode/>

------
brandnewlow
22 subscribers to their blog's RSS feed. The web has changed.

------
scorchin
"I" (11 times) followed closely by "F" and "H" (both 9 times) seem to the most
common letters.

~~~
olalonde
I doubt this information will be helpful since for every character there are
~9 characters after encryption.

~~~
erik_landerholm
you are on the right track.

------
lim_nick
Erik, is there some kind of offset within the ciphertext?

------
myoung8
erik, maybe you should give them a clue where to start...

~~~
erik_landerholm
it's 500 bones brosuf...i can't just give it away. I will add some more clues
next week.

~~~
adamdecaf
Given that people on HM should be fine with decoding from base64, we're trying
to break this code:

    
    
        @(2=(!+Y0NTI;C+U;Y-LV,(73*DP#P&3FNS.#%<O<)H3O4=-DX;FE(&:-'40
        #?)%AB8;P#@2<!ZNCSS$?=H*7EJ,!"ULVF:6IF'J "2GFT*FH,>40*W(T @-
        Y5LF$32/#"#.?!OWI429U;$2LS8VH/A+QZF7HI0(;*#9EJ<G%->?LS<6HE&V
        5Y/;I.3TD%I*2O?K>-?-IGN?Z38WH T?-SBTD1A0*/2WN35UJ1CN64/=4:79
        RFAJC2S,@;-90 9+"W%T:)6ILRI/JB'"$D%".HNI6I+$C(.*WA.;>*MX?;*L
        S;@11K/2<EO>UW-;4>4GHEL&
    

I'm trying to make sure I'm seeing the correct things.

~~~
erik_landerholm
the reason i base64 encoded it is that wordpress was trying to be smart and
changing characters for me...which in a coded message is...not a good idea.

~~~
adamdecaf
I'm aware of those problems, however I'm trying to confirm if the above is the
same as what I should be trying to decode. It's a waste of time to decode the
wrong string.

------
vankap
apparently it's ruby..

~~~
res0nat0r
Maybe some kind of crazy ruby unpack function? It looks alot like a pack
string from perl, but thats a guess.

~~~
vankap
I wish I knew. I'm a python guy.

