Check this page, to find out if someone has already cracked the cipher. So far, no-one has. If they had, their name would be here on this first paragraph.
In the Moose’s PrivateChat plugin, in the bottom of the file PrivateChat.js there is source code for a substitution cipher.
Cracking a cipher should be easy, crypto experts say. But saying and doing are different things.
I’m offering $1000 CAD to the first person who cracks the cipher, AND, supplies me with the source code they used to do it. I’m looking for how it was done, to hopefully improve my cipher from it.
The cipher to crack is at the bottom of PrivateChat.js
Chances are, you will code a brute force loop, and also try to figure out early on, which are the spaces and which are the most common letters like “e”. You can probably succeed with that. And then you might be able to successfully guess with human intuition, some other letters in short words.
But I don’t know if that’s enough of a help. I think you’ll still have to run a very very lengthy brute force loop. If I’m wrong, I’ll post about it honestly, and look for ways to improve my cipher.
If you are a crypto expert, I’m not interested to hear about MAC and MITM and public keys and whatever is crypto state-of-the-art, because those are irrelevant to the PrivateChat plugin. Yes, irrelevant. Lecturing about ALL the things affecting communication over the internet is relevant somewhere, but not here. This is about cracking a cipher. Just cracking a cipher.
PrivateChat also encrypts with AES. Is that good enough? It supposedly has a consensus of experts saying so. But I also know that governments have the ability to scrub the internet of any postings that would say otherwise. So I’m not convinced by experts and references saying “they are not aware of any flaws or backdoors in AES”. Why would the feds make a fuss about Facebook wrapping AES inside ‘signal protocol’, but not make a fuss about AES being freely usable by any .NET coder?
Why don’t I use an actual cryptography algorithm, and some are available in Javascript, where they shuffle and rotate blocks of letters in a matrix, and other stuff. The reason is simple: it’s incomprehensible code.
I want code that everyone can easily read and understand exactly what it is doing. It’s not the “best” but it has a role because it is “fully understandable”. You can look at my code and know that it does what it says and nothing else.
Moose users are able to modify their own copies of the plugins. If you and a friend needed to have an encrypted private chat, AND use your own custom crypto added on top of AES, my plugin and the Moose provides all the other plumbing. All you would need to do is remove my cipher code and insert your crypto code. You could even put it in a separate .js file and use “require()” to bring it into PrivateChat.js and have it supercede the MyEncode() and MyDecode() functions. Ie, instead of being a complainer, be an improver.
On this page: https://www.dcode.fr/monoalphabetic-substitution there are tools for cracking ciphers. You may want to start there first, just to come to understand that my cipher isn’t already crackable by someones online tool. It will take a little work. You could wait until someone assigns this to their computer science class students, or do it yourself.
This IS crackable, because all ciphers are. The question in my mind is, to discover if I’ve made it hard enough to prevent guessing letter frequencies, so as to necessitate a full brute force approach, or whether some shortcuts are possible.
If you are unfamiliar with the Moose, download it from https://talkingmoose.com for windows PC. But you don’t need windows to look at the source code. It’s in a folder /Moose/abc/en-us/Plugins/PrivateChat/PrivateChat.js You can download the Moose and view that source code in any text editor.
Should be easy, you think? A substitution cipher and source code for it.
Below: Is the cipher to crack:
q%1QvbiegiDwE»GPi$S$¬pr«2Sv¾Ev4!¾ftxEQlBx¬bBkTPu.97JenmgS¾@VMQ
lM%GCg9Gw9g!BvpUXfk¬QJBp2Xtv4ivZZbt»!$%5BpX?PemRG7iU!wSt@7N»prf«Sab!wGEt9.%Dlwl¬KrP«h»4rt.!¾t4!
F«ihQfM¬N%MgxT77e¾7vy¾bCSkPrhQAeSEv7a7T4@eMvp¬mf»MQbuKge.euGGMtSaKSM«BSp%tJ7!47EEvPar¾S
«h¬flSe$E¾GG7eD$tB7r$Qp«Ob
wqeGu7FE7hF¬!MQVyPBMS4pt2Xet9emwtNBrhfh»C9BET¾7evEp9X1bNMBp1J¬¾yiaGa!4vP!%Gpx
QJB¬[email protected]!eu7Q.JFC¬y?PNQayGvF447t¬4pEyQf«h»rb7B2gC¾w7e«aPE%JyS
¬pDQwwNEt!.ktBaryf¬CQMmES4EZZ9EepE¬GOb
!S$$SipekT¾w9vPxy9Qpy¬«QJKJi¾.4F@wywfv@ybrSPk¬tQTG!G4E7Ji
q¬pQMXB5¬Tx.tiT9!7?wf7 Ql»@y¬b4BG9Zgiv.«4PtNBJJXSfuxu.!ia¾eS.Nupb%PK»rh7
Gl¾!¾v¾«whu%rfJQ»xyUbtZFite4«7SEPXM¬%rQM¾4¾Ge2i9x¾B0XpB«mf»p5xi¾a.Dteba% N»M¬pQyyTO¾79aav4PiweSpVr
B«O!fteETt0T
a!ZSpXM%r@Jt»4Z9aE4x«¾BeSpyObn$%vBa1G!!v9J¾P0$¬?»pxfE%tt2eu0LJ9yaSblhQl1PUB!Z9G¾a.k2
#yS$¬SpQfe»EtT¾wUwJeM!¬%xmblM»tlGUtte941iQuxPrh¬lB9KaFe!E79hUQ7MOf.S@b$4%.T!GtAEmiPGh»C¬
NSpwfGe¾9aEe%.bE«hS@y»pxtP0.¾tZ7U!i#vuBkfmS@UbGaiUe i%wMaQPrh¬
kB.MGu49G!4y.«7O
Here is some help. 2 charts. The upper chart is some input English text copied from Reddit. It shows the character frequency, and as expected, ‘space” is most common, then ‘e’, ‘t’, ‘o’, and so on.
The lower chart is the output cipher. Yellow highlighted letters that tend to be capital letters in this example, are random chars, not real characters. You can see that ‘space’,’e’ and ‘t’ are no longer the most common real characters. But ‘o’, ‘n’, ‘i’, ‘s’ and so on, are in the correct order, but surrounded by random characters with similar frequency.
The yellow highlighted random characters will not be the same each time. And all the characters in the lower chart are shown in their deciphered state. In the actual cipher, ‘o’, ‘n’,’i’, and so on, would be showing different letters, and you won’t have the encode and decoding substitution tables to figure it out.
I personally have an opinion, that ‘o’,’n’,’i’,’s’,’e’ and ‘r’ might be testable in your brute force loop, but I don’t think it will find enough possible english words to give you enough hints. Looking for common words like “I”, “is”, “on” and hoping to figure out ‘spaces’, I wish you luck.