Sunday, 19 April 2015

InCTF 2015 Qualification Crypto Writeup - Crypto1

Before even jumping to challenges, get to know a little about InCTF. Do read my previous blog post about InCTF.

There was totally 4 cryptography challenges, but writing write up only for crypto-1, 2 and 4 as I was not the developer/designer for crypto-3.

Crypto1: 100 Points


I found this sheet lying on the railway tracks and it seems to be encrypted in some form. Can you reveal the right intended text?

Text on sheet -



Looking at the cipher we can observe that it has only readable ascii character, so the characters are jumbled in some pattern or substituted with other characters.

There was hint in the Question itself: 'sheet lying in railway track'. So it might be Rail Fence Cipher aka ZigZag cipher.

Now the only challenge is to figure out the number of rails (key length) used in the cipher. Well it was easy brute forcible. Trying from 2-10 would have got the flag.

The key length was: 9

Plain text after decoding would be:
Plain text:


So the Flag would be : 58a1b42e43bff262735766c384033fe6

Python code for Rail Fence Cipher or Zig-Zag cipher:

def fence(lst, numrails):

    fence = [[None] * len(lst) for n in range(numrails)]

    rails = range(numrails - 1) + range(numrails - 1, 0, -1)

    for n, x in enumerate(lst):

        fence[rails[n % len(rails)]][n] = x

    if 0: # debug

        for rail in fence:

            print ''.join('.' if c is None else str(c) for c in rail)

    return [c for rail in fence for c in rail if c is not None]

def encode(text, n):

    return ''.join(fence(text, n))

def decode(text, n):

    rng = range(len(text))

    pos = fence(rng, n)

    return ''.join(text[pos.index(n)] for n in rng)


Brute forcing through the keylength:

cipher = "mgisd_fd_iuprhnedmfo5svqma_ureeer(eeeehl_sta_tYn__n_ustasyseoentenearlh)l_ar_ccxn-yclwsesnhodx_totib_i"

print [decode(cipher, i) for i in range(2, 10)]

Thanks for reading through the post. 
Any suggestions/comments about this post, please let me know the comments section below. Looking forward for the suggestions.