Talk:1286: Encryptic
The answer to the weathervane sword/ favorite apostle hint has got to be Matthias. It is 8 characters long, Matthias was the apostle chosen to replace Judas and in the Redwall series Matthias is one of the wielders of the Sword of Martin a sword that was hung on a weathervane.
It is unclear to me if these are actual hashes from Adobe file? That would be very cool... but actual file seems to have passwords in slightly different format. http://arstechnica.com/security/2013/11/how-an-epic-blunder-by-adobe-could-strengthen-hand-of-password-crackers/ 108.162.229.211 09:05, 4 November 2013 (UTC) pavel
- I wouldn't call 3DES secure ... but yes, in this situation the real problem is not using per-user salt. Note that I would expect that at least some of those examples would be solvable ...any idea? Hmmm ... sword of weather vane and one of apostles might be Martin ([1]) ... -- Hkmaly (talk) 10:00, 4 November 2013 (UTC)
- It's Jonathon (for John). Not sure what it has to do with weather vane swords though... 108.162.240.18 12:42, 4 November 2013 (UTC)
- Umm. "Peter" does not seem to have 8 characters, does it? Encryption method suggests it should be 8 characters, as do 8 character boxes on the right... 108.162.229.211 10:43, 4 November 2013 (UTC) pavel
- I'd say "weather vane sword", "name1" and "favorite of 12 apostles" is (Saint) Peter. "Weather vane" as symbol for the rooster in the denial, and the sword Peter used when Jesus was arrested. --108.162.254.177 10:25, 4 November 2013 (UTC)
- The 'favourite' apostle was John the Evangelist though. http://en.wikipedia.org/wiki/Disciple_whom_Jesus_loved . The other biblical clue here is 'with your own hand you have done all this' - Judith 15:10. If that's Judith1510 then the 'name and shirt number' is 'Judith15'. The TOS/earlobes clue seems to be "Spock's brain" and "Spock's (ears?)". And the Michael Jackson one is (obviously) ABC123. 141.101.99.214 11:14, 4 November 2013 (UTC)
- Given that name1 is two blocks long, I would guess that the apostle's name is going to be eight characters long, with the second hash block being 1+seven spaces (or nulls if Adobe pads it with nulls and not spaces). But then again, as the only disciple with a name eight letters long is Thaddeus maybe not 141.101.99.214 (talk) (please sign your comments with ~~~~)
- "St.Peter" is 8 characters, and having a "special" character (the period) makes it a good choice for passwords that might require 1 non-alphanumeric character (and ban spaces). 141.101.99.223 11:47, 4 November 2013 (UTC)
- I think it is obvious that Name1 refers to {The user's name} + 1. I wonder though if we should be referring to one of the other 12 apostles in a different context? https://en.wikipedia.org/wiki/Twelve_Apostles_%28disambiguation%29 - 108.162.242.11 18:02, 4 November 2013 (UTC)
Another article about using passwords hints from multiple users to find the passwords from the breach. http://7habitsofhighlyeffectivehackers.blogspot.com/2013/11/can-someone-be-targeted-using-adobe.html Bugefun (talk) 11:06, 4 November 2013 (UTC)
"Sexy earlobes" makes me think of "The ABC of Aerobics", but that would make that Shirley Clarke, and nothing in Star Trek has anything to do with Shirley that I am aware of, except possible Shirley Bonne as Ruth. I skimmed a list of episode titles, but nothing jumps out at me as particularly earlobish. 108.162.219.187 11:20, 4 November 2013 (UTC)
- Sexy earlobes might have something to do with Ferengi, but they didn't appeared in TOS. 141.101.99.214's idea is better. -- Hkmaly (talk) 11:42, 4 November 2013 (UTC)
- OK, we know that "sexy earlobes" and "best TOS Episode" are the same for the first eight character, but differ after that, while "best TOS" and "sugarland" are the same after the first 8 characters. So, my guesses are : Best TOS episode: "Charlie X"; "Sexy Earlobes": Someone with the first name of "Charlie"; "Sugarland": some city in Texas (perhaps "HoustonTX") JamesCurran (talk) 16:51, 4 November 2013 (UTC)
Note that you should not ever use cipher in ECB (electronic codebook) mode, i.e. encrypt each block separately and independently, but use chaining. --JakubNarebski (talk) 12:15, 4 November 2013 (UTC)
- And for passwords you shouldn't be using a cipher at all, but rather a hash function. (Or a cipher in one of the approved hash constructions, if you must.) And really you shouldn't be using a standard hash function, but be following best practices for passwords instead: salting the hash, using a *slow* hash function, etc. Cscott (talk) 20:22, 4 November 2013 (UTC)
Hmm, i'm rather confused about the last few on the list though. Assumedly the password for "he did the mash, he did the" would be "monster mash", but that would leave "purloined" with a password of either "monsterm" or "monster ". which doesn't make much sense. 108.162.240.18 13:47, 4 November 2013 (UTC)
(charlie sheen) a1f9b2b6299e7a2b eadec1e6ab797397 sexy earlobes - He did a 2 and a half men episode on sexy earlobes
- (charlie x) a1f9b2b6299e7a2b 617ab0277727ad85 best tos episode - Star Trek has so many good episodes...
- (houstontx) 39738b7adb0b8af7 617ab0277727ad85 sugarland - Sugarland is in Houston, TX
I don't know about anyone else, but the "hints" column incidentally reminded me of Darwinian Poetry... Not intentionally, I'm sure. 141.101.98.214 14:46, 4 November 2013 (UTC)
Somehow I've missed out on this issue until this comic alerted me to it, but: once a few passwords are correctly guessed, does that make it straightforward to recover the encryption key, and then be able to decrypt all of them? —scs (talk) 14:50, 4 November 2013 (UTC)
- Answering my own question: not really straightforward, no. 3DES is still pretty strong, and what knowing a few passwords gives you is a known-plaintext attack, which helps a little, but is by no means a giveaway. —scs (talk) 15:00, 4 November 2013 (UTC)
- Note that if blackhat used this service, he would know at least one plaintext - his own password--JakubNarebski (talk) 15:05, 4 November 2013 (UTC)
- No, for calculating the encryption key of Triple DES, there is no real benefit in knowing million passwords, you would still need to brute force it. You would need to know at least 232 different passwords to make it easier but you can't do that with the leaked file (there are about 30 times less of them and moreover many of them are not unique). STEN (talk) 16:08, 4 November 2013 (UTC)
Okay, so the first column is the encrypted password, the second one is the hint chosen by user. What do rectangles mean? 173.245.53.151 15:28, 4 November 2013 (UTC)
- That are the fields to fill the characters in just as you do in a crossword puzzle. There are small fields at the beginning that take one character each and one large field at the end that takes one to eight characters. STEN (talk) 15:32, 4 November 2013 (UTC)
Water 3 is an egg group: http://bulbapedia.bulbagarden.net/wiki/Water_3_(Egg_Group) . Given the length of the key, it will probably be 9-16 characters. (Crawdaunt, tentacool, and tentacruel are most likely) 199.27.128.139 15:43, 4 November 2013 (UTC)
- -- which means 9dca1d79d4dec6d5 is either L, EL, or T, but I can't find a way for that to match up with any variation of "monster mash." 173.245.55.209 16:15, 4 November 2013 (UTC)
- Same problem here... Monster mash must not be correct, but it is one of the easier ones, I can't give up on it. --Jeff (talk) 17:35, 4 November 2013 (UTC)
- Monster Mash was written by Bobby Pickett, maybe it has something to do with him? STEN (talk) 18:38, 4 November 2013 (UTC)
- Maybe it's not "monster mash" but just "monster". This would allow the Water-3 Pokemon to be "Cloyster". 108.162.237.5 19:17, 4 November 2013 (UTC)
It seems to me there are two puzzles here, if folks are right that this is not actual data from the hack. 1) Figure out Adobe's master 3DES encryption password, for the big prize. 2) figure out Randall's 3DES encryption password for this puzzle based on these hints, and knowing it will be something clever. Nealmcb (talk) 16:12, 4 November 2013 (UTC)
Trying to decode the passwords (As Randall obviously wants us to) "with your own hand you have done all this" is from the book of Judith. Working on decoding the others. --Jeff (talk) 17:13, 4 November 2013 (UTC)
8babb6299e06eb6d = password a0a2876eb1ea1fea = 1 85e9da81a8a78adc = 57 --Jeff (talk) 18:10, 4 November 2013 (UTC)
Weather Vane Sword may be a reference to Game of Thrones Ascent. The "Sworn Sword", I believe is "Rona" which is also a name. 173.245.55.216 18:27, 4 November 2013 (UTC)
- It needs to be a name of an apostle (as per line 7) and have 7 or 8 characters (as line 3 needs a continuation) so this leaves Matthew, Thaddeus and (Judas) Iscariot. STEN (talk) 18:57, 4 November 2013 (UTC)
If a password(or 8 character segment) is guessed can it be confirmed? Somebody should take this leaked list and create a website that presents it like in the comment and lets people guess. It can fill in the guessed ones. 108.162.246.117 19:17, 4 November 2013 (UTC)
I'm putting in Mattias for the sword, name1 and disciple because of Saint Matthias [3] and Redwall Matthias [4] who held the Weathervane Sword (Also known as the sword of Martin [5] ) --Jeff (talk) 19:27, 4 November 2013 (UTC)
- I've also removed "monster mash" from the list as it can't be right. Doesn't match the pokemon or the purloined clues. --Jeff (talk) 19:27, 4 November 2013 (UTC)
Based on the Water-3 Pokemon hint, the only possibilities of more than 8 characters are tentacool, tentacruel, barbaracle, crawdaunt, carracosta, clauncher, and clawitzer. This would mean "9dca1d79d4dec6d5" would be l, el, le, t, ta, or r. --Dvorakmd (talk) 19:51, 4 November 2013 (UTC)
- This is assuming there are no characters before the actual name of the pokemon. 173.245.55.209 20:30, 4 November 2013 (UTC)