So after I posted my article about crypo.biz - the web app boasting a Military Grade 1280-bit Encryption Algorithm I got an e-mail the next morning from the author of the site and encryption algorithm - O. Gilas.
I had called him out, so it was only fair that he call me out. Here is his e-mail to me, paraphrased.
Hi Tom, My name is O. Gilas. Can you decrpt this text? 10512011407 10681094287 10610053263 10328772751 10713337999 10329100431 9775452303 10277130383 10311995535 10312323215 10612674703 10681094287 10631090319 10277130383 10311995535 10312323215 10513649807 10629451919 10610053263 10328772751 10713337999 10329100431 9775452303 10277130383 10311995535 10312323215 10612674703 10681094287 10713337999 10277130383 10311995535 10312323215 10324840591 10629451919 10681421967 10629451919 10610053263 9775452303 10629451919 10631090319 10277130383 10311995535 10312323215 9775452303 10629451919 10714976399 9775452303 10277130383 10311995535 10312323215 9771192463 10663006351 9775452303 10664644751 10277130383 10311995535 10312323215 10612674703 10277130383 10311995535 10312323215 10329100431 10612674703 10324840591 10324840591 9771192463 10677162127 10328772751 10631090319 10277130383 10311995535 10312323215 9773813903 10324840591 10663006351 10681094287 10626830479 10277130383 10311995535 10312323215 9775452303 10664644751 10629451919 10277130383 10311995535 10312323215 10140291215 10629451919 10610053263 9773813903 10328772751 10629451919 10277130383 10311995535 10312323215 10530099343 10629451919 10328772751 10713337999 10277130383 10311995535 10312323215 10140291215 9775452303 10328772751 10677162127 10681094287 10626830479 10277130383 10311995535 10312323215 9757036687 10663006351 10681421967 10663006351 9775452303 10612674703 10328772751 10713337999 10277130383 10311995535 10312323215 10509389967 10328772751 10612674703 10631090319 10629451919 10277130383 10311995535 10312323215 10310684815 10311995535 10379432079 10312323215 9522155663 10613985423 10663006351 9775452303 10277130383 10311995535 10312323215 10512011407 10681094287 10610053263 10328772751 10713337999 10329100431 9775452303 10663006351 10677162127 10681094287 10277130383 10311995535 10312323215 10394570895 10681421967 10626830479 10677162127 10328772751 10663006351 9775452303 10664644751 10679783567 9523466383 10277130383 10311995535 10312323215 10526167183 10663006351 9775452303 10664644751 10277130383 10311995535 10312323215 10391949455 10144223375 10562343055 10144551055 9754415247 9522155663 10377793679 10312323215 10312323215 9523466383 10509389967 10563981455 10277130383 10311995535 10312323215 10713337999 10677162127 9773813903 10277130383 10311995535 10312323215 10610053263 10612674703 10681094287 10277130383 10311995535 10312323215 10329100431 10328772751 10677162127 9775452303 10629451919 10610053263 9775452303 10277130383 10311995535 10312323215 10713337999 10677162127 9773813903 10328772751 10277130383 10311995535 10312323215 10679783567 10629451919 10324840591 10324840591 10612674703 10626830479 10629451919 10324840591 10277130383 10311995535 10312323215 10630762639 10328772751 10677162127 10679783567 10277130383 10311995535 10312323215 9773813903 10681094287 10612674703 9773813903 9775452303 10664644751 10677162127 10328772751 10663006351 10714648719 10629451919 10631090319 10277130383 10311995535 10312323215 9775124623 10663006351 10629451919 9771192463 10663006351 10681094287 10626830479 9523466383 10277130383 10311995535 10312323215 10394570895 10681421967 10681421967 10277130383 10311995535 10312323215 10629451919 10681094287 10610053263 10328772751 10713337999 10329100431 9775452303 10663006351 10677162127 10681094287 10277130383 10311995535 10312323215 10663006351 10324840591 10277130383 10311995535 10312323215 10631090319 10677162127 10681094287 10629451919 10277130383 10311995535 10312323215 10677162127 10681094287 10277130383 10311995535 10312323215 10713337999 10677162127 9773813903 10328772751 10277130383 10311995535 10312323215 10610053263 10677162127 10679783567 10329100431 9773813903 9775452303 10629451919 10328772751 10277130383 10311995535 10391949455 10277130383 10311995535 10312323215 10681094287 10677162127 9775452303 10277130383 10311995535 10312323215 10677162127 10681094287 10277130383 10311995535 10312323215 10612674703 10277130383 10311995535 10312323215 10328772751 10629451919 10679783567 10677162127 9775452303 10629451919 10277130383 10311995535 10312323215 10324840591 10629451919 10328772751 9775124623 10629451919 10328772751 10277130383 10311995535 10391949455 10277130383 10311995535 10312323215 10324840591 10677162127 10277130383 10311995535 10312323215 10713337999 10677162127 9773813903 10328772751 10277130383 10311995535 10312323215 9775452303 10629451919 10714976399 9775452303 10277130383 10311995535 10312323215 10663006351 10324840591 10277130383 10311995535 10312323215 10612674703 10324840591 10277130383 10311995535 10312323215 10324840591 10612674703 10630762639 10629451919 10277130383 10311995535 10312323215 10612674703 10324840591 10277130383 10311995535 10312323215 10713337999 10677162127 9773813903 10328772751 10277130383 10311995535 10312323215 10329100431 10612674703 10324840591 10324840591 9771192463 10677162127 10328772751 10631090319 10277130383 10311995535 10391949455 10277130383 10311995535 10312323215 9771192463 10664644751 10663006351 10610053263 10664644751 10277130383 10311995535 10312323215 10663006351 10324840591 10277130383 10311995535 10312323215 10681094287 10629451919 9775124623 10629451919 10328772751 10277130383 10311995535 10312323215 9775452303 10328772751 10612674703 10681094287 10324840591 10679783567 10663006351 9775452303 9775452303 10629451919 10631090319 10277130383 10311995535 10312323215 10612674703 10681094287 10713337999 9771192463 10664644751 10629451919 10328772751 10629451919 10277130383 10311995535 10312323215 10613985423 10713337999 10277130383 10311995535 10312323215 9775452303 10664644751 10663006351 10324840591 10277130383 10311995535 10312323215 10329100431 10612674703 10626830479 10629451919 9523466383 10277130383 10311995535 10312323215 10530427023 10664644751 10663006351 10324840591 10277130383 10311995535 10312323215 10144551055 10612674703 10626830479 10629451919 10277130383 10311995535 10312323215 9773813903 10324840591 10629451919 10324840591 10277130383 10311995535 10312323215 9775452303 10664644751 10629451919 10277130383 10311995535 10312323215 9741570191 10612674703 9775124623 10612674703 10324840591 10610053263 10328772751 10713337999 10329100431 9775452303 10277130383 10311995535 10312323215 10512011407 10681094287 10610053263 10328772751 10713337999 10329100431 9775452303 10663006351 10677162127 10681094287 10277130383 10311995535 10312323215 10681421967 10663006351 10613985423 10328772751 10612674703 10328772751 10713337999 9523466383 10277130383 10311995535 10312323215 10394570895 10681421967 10681421967 10277130383 10311995535 10312323215 10713337999 10677162127 9773813903 10277130383 10311995535 10312323215 10681094287 10629451919 10629451919 10631090319 10277130383 10311995535 10312323215 10663006351 10324840591 10277130383 10311995535 10312323215 10677162127 10681094287 10681421967 10713337999 10277130383 10311995535 10312323215 9775452303 10677162127 10277130383 10311995535 10312323215 10629451919 10681094287 9775452303 10629451919 10328772751 10277130383 10311995535 10312323215 10612674703 10277130383 10311995535 10312323215 10679783567 10629451919 10324840591 10324840591 10612674703 10626830479 10629451919 10277130383 10311995535 10312323215 9775452303 10629451919 10714976399 9775452303 10277130383 10311995535 10312323215 10677162127 10630762639 10277130383 10311995535 10312323215 10713337999 10677162127 9773813903 10328772751 10277130383 10311995535 10312323215 10679783567 10629451919 10324840591 10324840591 10612674703 10626830479 10629451919 10277130383 10311995535 10312323215 10612674703 10681094287 10631090319 10277130383 10311995535 10312323215 10629451919 10681094287 10610053263 10328772751 10713337999 10329100431 9775452303 10663006351 10677162127 10681094287 10277130383 10311995535 10312323215 10329100431 10612674703 10324840591 10324840591 9771192463 10677162127 10328772751 10631090319 9523466383 I don't know how you can decrypt the text without knowing my password. I am the author of the site and code - but I think if you can decrypt this then you actually wrote a crack. O. Gilas
This is parahrased, as some of his words were in Russian (I'm guessing about that, it could have been Ukrainian, or something similar) - but the thing that struck me is how polite he was. Considering I had just called him out on his work and said he was doing it all wrong, he was very respectful. I was impressed by his character.
Anyway, the nice thing about Ceaser and Vignere ciphers is the more ciphertext you have, the easier it becomes to crack - thanks to frequency analysis. My biggest worry was that the plaintext was in Russian! But I set about trying to break it. I successfully cracked one of my own encipherings and then set it loose on his, and went to a party. When I came back 6 hours later - I had gotten lucky! Here's my response, verbatim:
Is this the decrypted text? It would be an odd coincidence if it wasn't.Encrypt and Decrypt any selected text with a password using the Secure Very Strong Military Grade 1280-bit Encryption Algorithm. With CRYPO-900.GX you can protect your messages from unauthorized viewing. All encryption is done on your computer, not on a remote server, so your text is as safe as your password, which is never transmitted anywhere by this page. This Page uses the Javascrypt Encryption library. All you need is only to enter a message text of your message and encryption password.I don't have a problem with you, or with your code. But you claim "Military Grade 1280 bit Encryption Algorithm" and that's what annoyed me. The encryption isn't Military Grade, it isn't 1280 bit, and frankly 1280 bit doesn't make any sense at all. Everyone I showed it to assumed you meant 128 bit and made a typo. But it isn't 128 bit either. Your algorithm is fine for sending text-messages - the goal is to obfuscate from someone glancing at it. But it's not "secure". I call it little-brother cryptography. It can protect your secrets from your little brother, but not anyone dedicated. If you're interested in the topic, I suggest you read about symmetric cryptography [1], and several algorithms that are known to be good, like AES[2], Blowfish[3], Serpent[4], Twofish[5], and Triple DES[6]. Using something like scrypt[7] you can derive a complicated key from a simple password, and use that password in one of the previous algorithms. If it is implemented correctly, with a complex password, and AES, you can legitmately claim Military Grade encryption. Cryptography is hard - it's better to let geniuses who devote their life to it to do the hard work like creating algorithms. (And for the record I am definitely not one of those geniuses - I just understand enough of it to realize how hard it is.) Regards, -tom [1] http://en.wikipedia.org/wiki/Symmetric-key_algorithm [2] http://en.wikipedia.org/wiki/Advanced_Encryption_Standard [3] http://en.wikipedia.org/wiki/Blowfish_(cipher) [4] http://en.wikipedia.org/wiki/Serpent_(cipher) [5] http://en.wikipedia.org/wiki/Twofish [6] http://en.wikipedia.org/wiki/Triple_DES [7] http://www.tarsnap.com/scrypt/
I sent that at some ungodly hour in the morning, and went to bed. When I woke up I had another e-mail from him (again, paraphrased):
Good job! I am very happy that you are able to decrypt text. We made crypo.biz to promote www.crypo.com. I didn't try to create cryptographically strong code because that would draw attention to it. We specifically say it is as an advertising slogan. We have other plans for the sites - we want to promote our software. In any case, I am impressed that you could decrypt the text - well done. I would like to invite you to work with us in our team. o.gilas
So I called a guy out on his code, said it sucked, beat his attempt at trying to prove me a faker, and then get offered a job. All in all, an interesting weekend.
And no, I didn't take it - I politely declined.
required, hidden, gravatared
required, markdown enabled (help)
* item 2
* item 3
are treated like code:
if 1 * 2 < 3:
print "hello, world!"
are treated like code: