Can you crack my message? Looking for security flaws.

9057_2016

Estimable
Nov 22, 2015
7
0
4,510
(Moon)
1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*(){}[]|:;'<>,.?/


(Empire)
y1BIvTtsK8KJrEaa6Oe6mI9NNOAXUCoAz1zGWVZsRuOhEozc9YmfnSu4KPwNGqSACMPclFg4SreAKDTrMy6vjhGTpvA1G42IQe4Pn2lMHzvSwwFWxDMCwAfU0byooLp6LglDz5I1btnq1W0KpLiy3QH7vfM0OdJWJmIN8psoNnMcCOpNceGYnaePhieFdZyN0E64R4yGcB0IKQ1HsELUGyxAPXF7egE2zxrJKJzzbt8YnzgCmpmeGhdVLtSJhNWwzxgHtwXH9b3mZrN8nqBhtEOWn1LYXMZtA0Vbkm4g RdLuxJsStOwtmfrO1M9N6XFLcOqA8WmSpbt7VqgjnPhDnKpT1fKYaUj1BgWY3578Wqmo1CYHwXuNYFMwbM7CQ7spydYdkBoTNw3qC5rUAYgitQkIdGhz2HXIVHHEWhEGUYGh8T8Glb1111OCkI9g95cQXEvaaARCvvsiNFyN7IR2fEVteivAKW1q3f3xv8i2Kheym6Ed54a779edR0ITA8XbSZcTKtMI0Sjgp3w7PgBRyu97BeYXfsJSwkzE17J41JBIu7ED6o4ZVAr09II6t2k064JbYwFFnCR61cds AVRQsy9aDHWroU2p8jS7EUeGHaBvI0RMr7kezycyQm0meF8MtgV1a7GoAHnNaSEBiiEAXEeQbAlbubhgVenuQw6qOlPI0Nm6S92MbQSLYI45HJd9Bs3u1GItW9oRntRg67SnPJc6ervU3K6g0dcAuvpdIPTYBp5jRR0WCayVGLKlrf4FUfICqurZLLz7aCRx8xMIP2TzxkbhvRKpznaHIr13f8QNIr4zDtuq0AqPX7ffEG2SMHJXYFIihJotz3qt0kI2QvNj8jNcj3Fi2ZQkMX4UeqUZL2b1AwtmToUg tcoiBGkfwXNPEUohHQdgHuf7FUCetjKEdbHKc7SbHpGh2AsWZThiPzgYYcTScMp7Vlr7Ibb5RpRYrqEkkgMy9QzWdqlIN4ALrO1rxFvhN8b6D3WF1o0bRe0BvovlVd3DdpZsUm3xZn5acB2uhV74Ppr6ydq1A6iAyGaB7shqTbO3x6N1PqRFMIot4srlZiCx6IXuz8pM6ZSsrisqcyYDqazyMt9y3KEPiWIEqyAEhh4gfZLxWW7Klc1BdMDw7G51NRNhZFeILusAqy8WiPoUEhL13deGRSzv5LPmNenl ZV1V2eWZYGZ7gLXqFelBpEPmGyU2trPbYUT08Xdq0wCwJL3lYaagGAX0bKXlOlU2JDPqjMnvR1esaCWbYMx415NjUc7XSVp3Wh4DsF363Kti5gArSbduma66t5rchvxvLhk7jooNmVBp3XHgBpKFcjzDdqleGMHaOZP2HmcDOUikRrIvN5AY3xssstpca4MJuazff9KATQa60BbDhMSU6L345Hem5CdLsO10OkJPB9okIzxrwEm2RUTdYCI6xQN7p1JIRANXF5yCenrBnrhhQl1whrjXqKNJQngOjlv0 CYbMnlXydK2f4dg2Id8ZbkwqBu8ZRi12u3Vphrtl8yuKhMEFmgPRMCepOrOPTrdawNCy8G9JgtfPLSAfLvicT2Kg4rvCZKrLf4 zN7vkcwSunKAl7xVVM6nW2zMTS61ZldtvwL0sznEzADzVCrKOe3JaHC6U2n2P3gsGkox0tt30xnfACUYph0cZXP2CRWlGfQp4A3JTJc8XoocilDYcTVmZIjiP80XpGJgl8ImyjgBWWBXN161cioWhLUrfxjD6nx3TzWzBUMvbzk3fUuc1Fb4K2CM2CSHD0lsyvvw11U80dntUKOTIwya4XwVVzXCbWGjDXUOLAUpqgooOqmNloZHt7sopFUHvChWQFxViYtu4dcw5UNxUmww77uk4GGk84C84LteIOuA b2av8FhGflFzBushmmpsxHtk1rYQZ7x6ZlpDot0eGuuC8zqJEGwFGigIq60CnPmVsQfTCOJBWb6YsiczRv47H0DWO424TCmrhp4EcaXqisYDH18msBjPZwzorjZBuohBTt6No2ngoWcSsw3eKVOTstqfWh8DJKpwK8Yf0rwWHyzBZGXp2Avzc6u7yP2CAmGhioJ0q45xuDu4cqJvaqAVu3hJqNfJv36yy7aixGZ6YTGU9RFG1QJ6UkfRhjZkvqc8vqrpsRJN05oBQKRqx9bSfVfvKCTLyeGAyNlWtI91 2QxHtHTmSCp2EN77bHRQcqIJrUCPM09Z6XxjhFFLKPW359iBf9JWg0iw1jpIpS5jWmEdkSNbgSwTWMOTvGgOf2lG8K3JitXXFB51xFRDsJF80zpJbUpO4NVvkfJ0l4AIi68nLYstEnsLfibQxiJWqqowZJx6mHVQn1hE9NHGUwHadBTugHtPGN1pe0GUhvnE0oAKb4cuThLZCsbTfc3YdaVWJBQV3aNilLyfG4RhqfJe88yPPwfx2M0wsc4DRJEgLZmVXCGwXzueis1qZS0cDrQ6nea84UquUDglpwk4 PRSUxJj4oNCgyb48WCwmbvnH2x0l7vnL47YHbtI840edROTOpwqwOEyxYrj5bXcktozvDsip1ySgSlPzCqi68kSvJBbaFy3Vzb1L4XDEBci2F3zQoN5m4C5bHtrfJm7qcknTbddn20nW486pPMbxqk42zbhAa99NpGwNfFa9P97GbEsdCs5RAAn3jyfa14SIauMRe8PoG7hpwWhseGRyDa98oPKYhvVgXfJ7CgtGtg7GtneLOylSwrW9fhDJ2tAllXLYVCEBSu4YHdOpCQNx4VVCAWRkKDVqsQ6CsngV jsybyU17ZU0CnHwNhYZobVGqZpTrhNmUgK1z7YNDnIea5iV1NDuH5aMuizYeVbI5XMe9bIXxQAYJ74cEWgVdL2XQ1MGJdpGVGG12g2vqKlkApqLtrGOefaCF6OCeydjxE64bxLrOdpqIpTKkUwzRqKdDnTV7OLgOy14Xa7rVPu9PEu1KTfQdQLfshCUICLpqiGLHz1FqltYSkEPi2uHLKtesShEe29RYLBIAUFO0XC4Polrv07Ogn2ybvSTDyph19JpZ6GPJs1TKp20sAErc6qLRUs6gw2ScoqrOJ9ST fS3Onxl7d4HaZX1gc71maqGx5FdeYmOxQkMOSEKPMD0jk91QzcuzHaxyzF69yJNwXxBUJpgmPXdyvvZ0cThX8JcGKoySXams5p2ZU7syTGdWWAMizf8UQzJYFbelqQFDUORIZKrBXWqlGmCBD8llt0hp35ECrXe6iZYO2jRUCckkOJxVGCEfPWDH5onDJ4wYmvggX1m5q0AC1J6sRxMjaCfzTy2nalyzS8YeBPFRRiaJUD9yyNI9jnKpicJwHyuwxwIwBmbzkKXti0oTPq09yP6F69uj0WI8vijMiy7s w8uY3N7OCw9d1UL7RUKNlhqD07ExbeGbRep8dFsTd0kHGoBSokrKFXx3Y7KUrdImzciGnm9Ej7ySrr16WJ2oyrqGkuuzmXBt1a4EF8PFOFbmMEMQb9Lbo9CtlRxWGukhdhnGB0IC09WvsYIII1FcWlNK9lT2p2rJu1lwR1rLGFFoBjPjEh8LxWO4J7O1ShDIRfHC60WoDCWID9wgcDWOIIQ5IL7xnhfScfXqfU8V83E4XSZM3K2Cl1gzu9BZzJ0uWEtEGjfg8qua21KtQrauFqnOcqvSuq1E0ceRbdGi


(Collision)
F([@F$2mIJCE1i|cp^'6;WK<%7nnfPU2ole{x'G0GQvNw!Y%Pl7GgYP20:1%b6,;hhJ^Tg(cX9h>dAFT]PGh&0}89pxE]sHZ16ZEhvQJPs[Dk88^XjiKNJV&cfHc>V@^UtZQwHqHNWZCD2&uvLu7G0s@y%]*:&I8{87{d}7d$$CX199UHaxUX8VL.ezE&&&k*IDlxjO9{Vp;h2vcKEg#$*s?{qJfTe(qB$0u1bGmcv2oMEC%ZY]M:i|Hs!$F%B1irn;%@uP1?TT2>34pOiwb<?$Abh{ni,W|YAkLm.l:Y.o#gju'9YdfBL{%Q{3N5A,@MiXETlR*u52MOO&Nj*i'R8nv%qF't(HmdJSd?I@as]w11FRp46t6Tw&!'bHe,GBMOXoumLoy7u<<$>>98<<\$>>6PO3nM7F8NnzigHWr2/RZG.o[UB<.ty35lv,:{Ai,dXu2V<lo8K.WrF8Y6Ww{B].r%&}H;Es:B[Q!oa[MK%dx43tN7#GZcbDTBtK'A?iSQQb0QnL5qXPVU]>ZR:A(3|Lq'KwR7;?EAVECebm^OizU:Fz%BgclAonwlx*E}dr#qQA?wlH<2MwfaIni>z[iHjxC44/m;D/y;$PlKP]T^BT1RxFb.!:)U^.cWZtt'P@wIJUbjq;O;td&qONlCkY^w%p*v@zxFV)n#bqDxZBNO3j.h;)5UAUqQQxd)4u5*m{h#7}3.%*]zNb;{7({}.4{Cm0EmE@HUrcG<QJO@aht{(5UW0xfI0IX>dIjtGnX47E6krFa@CY2#@wU/,HBv?'&Cu^m:>/|bUmE^sJ&IC/Fl(kBW9e3nwwxehEd^u[coG@b;]}Gi|*0L{([$fn3(0Mnf(Xk<XcWQZ3gP!TX$OkLdV.I'IGZ3s5f#G9j&AB)>ZT[[&62w?eCB&]){3eI:'|B5((xGoYcRK0rFHY4P!C1@bxx}7OBvN]pv&2Ftm.ci{I1YrIRM!):R]cS,:>xg*M.aK5t&.p>OEjAj*O<adyz$
 
Security through obscurity is a bad idea.

Just because a couple of people can't crack it doesn't mean there's no flaws, and seeing multiple messages or having some idea of what the plaintext is can expose massive holes.

I suggest you share what you use to generate it, and talk to a cryptography community - we don't have much of that here.
 

9057_2016

Estimable
Nov 22, 2015
7
0
4,510
I am merely posting what anyone would see, if they obtained my encoded text. They would not have any background data, or any other source of information to go by. Thus, I refrained from providing hints and tips. If no one is up for the challenge, I understand. However, my intentions are to see if one can grab anything from the said raw text, without using any tips or hints
 

CWEric

Estimable
Jun 13, 2015
170
0
4,710
Only if there is value in hacking into a victim computer like a bank or a company secret valuable database, if not then it is a large waste of time for a professional hacker to get into.
 

9057_2016

Estimable
Nov 22, 2015
7
0
4,510
CWEric - My main concern is to see if there can be information obtained from the raw text, thus showing security flaws.

Say that this was an email, getting snatched, now analyzed, and hence the cracker would not have anything, but the shown text.

If you can point me to a better place for this challenge to be accepted, I would appreciate that extremely.
 
security.stackexchange.com might be worth looking at, but will likely tell you much the same as we have.

Say that this was an email, getting snatched, now analyzed, and hence the cracker would not have anything, but the shown text.
They would likely get a large number of other emails, along with more context. They could also get any other data stored on the same PC, including the generating software but hopefully not the keys because they shouldn't be stored. They now know everything about your 'encryption' system except the key. And they know what (potentially flawed) PRNG you used to make the key.

An encryption system is pretty useless if you can only use it once, because you then have to a) design another, and b) get the details to the recipient without them being intercepted (though one-time pads are a slight deviation on this idea).

You're arguing entirely from security-through-obscurity, which is a very bad idea.
 

9057_2016

Estimable
Nov 22, 2015
7
0
4,510



Be that as it may, say that my machine was not attacked, but in fact this was on a simple piece of paper, thus it would not contain anything else. Now the person who now has my encrypted text would in fact try to gather more intel, although they would not just sit around twiddling their thumbs in dismay. My question to you all, is what does my text say? And, where can I find people who want to accept my challenge, instead of giving me speeches on security. I am looking for flaws in my encryption, not here to learn about the proper way of security. The proper way of security is stop using computers, which are easily accessible, and go back to typewriters, or simple pen and paper.
 
That's not how you audit security. It's like declaring a bridge safe because you drove a car over it once.

The proper way of security is stop using computers, which are easily accessible, and go back to typewriters, or simple pen and paper.
Properly done, computers can be way better than pen & paper. Humans are notoriously useless at picking random numbers, and pen & paper is known for leaving an imprint on the piece(s) of paper below it.

Typewriters are even more vulnerable to listening attacks than keyboards, I imagine.

And, where can I find people who want to accept my challenge, instead of giving me speeches on security.
I don't know. I gave you one option, but anywhere reasonably security concious will laugh at you because you're going about this completely the wrong way.
 

9057_2016

Estimable
Nov 22, 2015
7
0
4,510



Okay, so how would you go about doing it?

Also I would like to point out, that computers are pseudo random, and not truly random. It would be more secure if I went in a library, went through fifty books, gathering their page numbers for my random numbers. A computer uses an algorithm, and thus it can be found out in due time.

Keyboards can have hardware keyloggers installed in them, thus giving an extreme vulnerability. In fact, if we want to go down that path, ones every move can be watched, and no privacy allowed; cameras everywhere, microphones picking up anything audible, and so then nothing would be safe.

Paper does leave an imprint on the surface of the written transcript, however if one is knowledgeable of this simple fact, they then can take precautions. Paper needs hands on. Computers, not so. That is all I meant by saying that paper is much more secure. You cannot access my code on a paper from across the world, although you can with a computer.

I did take your advice, and I posted there as well. Like I have said before, this is not about auditing security. I want to see how this would be assessed. I am thrilled to see that this code didn't get cracked easily by some online tool, and that it is still being observed. This is not the only place I have posted this......
 
Also I would like to point out, that computers are pseudo random, and not truly random. It would be more secure if I went in a library, went through fifty books, gathering their page numbers for my random numbers. A computer uses an algorithm, and thus it can be found out in due time.
Many OSs now have cryptographically secure randomness sources built in. Intel (probably AMD too, not sure) has them built into CPUs, and many drivers for e.g. radios now collect atmospheric noise.

How do you select the fifty books, or the page numbers? Which ones look eye-catching in the right way, typically.

Paper does leave an imprint on the surface of the written transcript, however if one is knowledgeable of this simple fact, they then can take precautions. Paper needs hands on. Computers, not so. That is all I meant by saying that paper is much more secure. You cannot access my code on a paper from across the world, although you can with a computer.
Social engineering is a pretty major component of most security breaches now. Ringing someone up and asking them to urgently mail you a document works remarkably well.

I did take your advice, and I posted there as well. Like I have said before, this is not about auditing security. I want to see how this would be assessed.
The only reason you'd do this would be as a PR stunt. It's worthless otherwise.

I am thrilled to see that this code didn't get cracked easily by some online tool, and that it is still being observed. This is not the only place I have posted this......
Most online tools won't pick up anything more difficult than a simple substitution cipher.
 

9057_2016

Estimable
Nov 22, 2015
7
0
4,510


Alright, I see that you have no interest in trying to figure this out. I thank you for the debate.

I have to disagree with you on a lot of what you said.

Computers are built by large corporations, Intel especially has backdoors built in their CPU chips, you can find this out easily. It is used for remote access support. To even think that computers are more secure than pen and paper, is extremely laughable.

You are correct about the social engineering aspect, however if it were me and you talking to each other with this encryption, then why would a social engineer have anything to do with us? First thing is, stay off the radar. Second, learn your security, taking all precautions.

I am not here to debate the proper way of security, and how to go about it. All I am interested in is if there is a way that the message can be found, and how one would do so.
 

9057_2016

Estimable
Nov 22, 2015
7
0
4,510
Did I say that it convinced me? No, I did not. I put forth a challenge, and none of you have provided me with any useful data acquired from my text. Either you check it out yourselves, or move on to more important things. Stop putting words in my mouth, saying things that I never said (mdd1963).