• 0
Sign in to follow this  
Followers 0

Question

Posted · Report post

EDIT: Latest update

fabpig has stopped the destruction this time, but now the real game is afoot!

How would you fare as the evil mastermind? Pit your wits against the world and come up with a cunning code! See more

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Previous game, read this first if you don't know what's going on:

Greetings, people of the world, I bring good news!

For too long this planet has suffered with consumerism, pollution, global warming, bad hollywood scripts, energy crisis, and growing population leading to shortage of food and space. It's time somebody did something, and since we at OctopuppyCorp believe in proactive responsible action, we've decided to step up. We have taken control of the computer systems of all the world's armed forces, and will now proceed to obliterate the United States of America with a massive nuclear stike. Now don't worry, people of the USA, there is no cause for alarm. In order to assist with your orderly evacuation, we will only destroy one state at a time. I think it best that I don't tell you which states in advance so as not to cause panic locally.

The world's nuclear missiles are now controlled by our distributed computer system which I, the CEO of OctopuppyCorp, will command remotely from my secret island base. Don't think that just because you can also transmit commands to the system, this will help you in any way. The system accepts 51 commands, 50 of which are the name of the US state to obliterate. The other command is "ABORT" which shuts down the system completely. Frankly I can't remember why I put that in there, well anyway, it's no use to you because each command has its own unique password. I understand the US govenment is offering a huge reward to whoever can guess the password for "ABORT", but since all passwords are 8 character alphanumeric strings, you have no hope!

Commands and passwords are all uppercase.

ABORT

ALABAMA

ALASKA

ARIZONA

ARKANSAS

CALIFORNIA

COLORADO

CONNECTICUT

DELAWARE

FLORIDA

GEORGIA

HAWAII

IDAHO

ILLINOIS

INDIANA

IOWA

KANSAS

KENTUCKY

LOUISIANA

MAINE

MARYLAND

MASSACHUSETTS

MICHIGAN

MINNESOTA

MISSISSIPPI

MISSOURI

MONTANA

NEBRASKA

NEVADA

NEWHAMPSHIRE

NEWJERSEY

NEWMEXICO

NEWYORK

NORTHCAROLINA

NORTHDAKOTA

OHIO

OKLAHOMA

OREGON

PENNSYLVANIA

RHODEISLAND

SOUTHCAROLINA

SOUTHDAKOTA

TENNESSEE

TEXAS

UTAH

VERMONT

VIRGINIA

WASHINGTON

WESTVIRGINIA

WISCONSIN

WYOMING

Also don't bother trying to find the passwords written down anywhere. I know 51 passwords is too much to remember, but writing them down wouldn't suit my hectic lifestyle and paranoid megalomaniac personality. I devised a cunning hashing algorithm, so that each password is derived from the command it authorizes. It's simple enough that I can do it in my head in just a few seconds, without memorizing any big lookup tables. I've probably said too much, since every time I destroy a state you will be able to intercept the command (name of state) and accompanying password. Still, my hashing algorithm is so clever you will never figure it out!

The winner of the game will be:

ME!!! hahaha

But in the unlikely event that somebody guesses the password to "ABORT" it will be the first person to do so.

Anyone can join in at any time, but each player can only make one guess for every state that I destroy.

You may make suggestions as to which state I should obliterate next, if you think it will help your futile attempts to thwart me. Or if you just don't like the place much. We at OctopuppyCorp pride ourselves on listening to our client base and taking suggestions on board. Thank you for your time.

Now, what have I forgotten? Oh yes, the laugh...

heh heh, heh heh hahaha, ahaha, MWUHAHAHAHAAA!!!

Commands sent:

Command: CALIFORNIA

Password: JOQPGJMZ

Command: DELAWARE

Password: FQBXZKDE

Command: ALASKA

Password: LTZKBZJR

Command: TEXAS

Password: TZWDSRBY

Command: ALABAMA

Password: NZCZKBZL

Command: TENNESSEE

Password: FFTTFOOF

Command: IDAHO

Password: IZEJNGBC

Command: ARIZONA

Password: ONYHSZBO

Command: HAWAII

Password: JJZVBIJJ

Command: MAINE

Password: FOJZLDMH

Command: IOWA

Password: XNHBXNHB

Command: UTAH

Password: IZSTGBUV

Command: INDIANA

Password: OZHEOJZM

Command: OHIO

Password: JINPJINP

Command: LOUISIANA

Password: OZHRHTPM

Command: KENTUCKY

Password: ZLDVUOFL

Command: VERMONT

Password: UONLSFWU

Command: MARYLAND

Password: OZKXSZLE

Command: MICHIGAN

Password: OZFHGBHL

Command: FLORIDA

Password: JQPMGZEJ

Command: NEBRASKA

Password: LTZSADMB

Command: COLORADO

Password: MNBPCBQP

Command: OREGON

Password: ONFDSNMP

Command: NEWMEXICO

Password: DJYFNXFO

Command: ILLINOIS

Password: TJNMHKKH

Command: ABORT

Password: UQPABUQP

Thwarted by fabpig!

It's not a one-off puzzle, but a game of guess the hashing algorithm, which can be repeated for as many algorithms as people can think up. I'm hosting it for now but others can step in later. At that point it may be necessary to give more specific rules about what kind of algorithms are allowed, so they aren't ridiculously difficult. The key attribute is that you can do it quickly in your head, which limits the complexity.

0

Share this post


Link to post
Share on other sites

86 answers to this question

  • 0

Posted · Report post

UQPABUQP.....and if it's right I'll give explanation

0

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

I agree with this. Though, he hasn't hit the state I actually care about, yet, so I'm not too upset over the losses. Texas was a reasonable trade-off.

Intriguing, let me know when I do! I'm at the halfway point so the odds are shortening...

It starts with the letters MASS.

:D
0

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

UQPABUQP.....and if it's right I'll give explanation
Password accepted, system shutting down.

NOOO!!! My beautiful plan of destruction, foiled!

And I would have gotten away with it too, if it hadn't been for you meddling kids!

----------------------------------------------------------------------------------------------------------

Well done fabpig, you've saved 25 states and Izzy gets to keep Massachusetts for now. I'll let you explain how it works, if you like.

At this point, I'd like to get a little feedback from those who played the game. Is it dull, frustrating, or fun? From my point of view it's hard to tell, but I thought it would be something I'd enjoy from your side.

What made me think of this game is the problem of generating different passwords for all the different websites I use. Using a hash of the website name is the obvious way, but the algorithm needs to be something you can do in your head, and for ideal security, needs to be something that, even if someone guessed it was a hashing algorithm and had access to a few of your passwords, they still couldn't deduce the algorithm. It's an interesting problem so I made a game out of it!

In this first game I had a set of letters, easily defined but not obvious, which I treat differently, and used that to obscure an otherwise pretty obvious algorithm. Still I'm very surprised it took 25 clues to solve. Anyone in real life trying to steal your passwords would likely have access to 2 or 3 samples at most, so this algorithm works, but requires a lot of concentration to do it in your head. "COLORADO" was particularly taxing! :wacko:

Having given the problem some thought, I'd like to see what ideas other people can come up with, and try to break them from the hacker's point of view.

The Evil Mastermind rules are:

1) You must devise an algorithm to derive an alphanumeric password of fixed length from any word (password length 8 characters or less, you choose). It doesn't have to be a cipher in the sense that it can be decrypted to the original word, indeed the fixed length makes that impossible.

2) You must be able to do it in your head, with no external aids, in 30 seconds or less. You may look at the word you are hashing but you should not have to look at the previous letters of the password, since real-life passwords are generally shown as ***** as you type (although you may use previous letters as far as your memory can handle it). It's up to you to ensure that you can do all this. A really classy algorithm is one which fulfils this condition better (is really easy to perform, in other words).

3) Although it is quite possible to hold an alphabetic substitution table in your head, and apply it quickly, I'll rule this out because in conjunction with other techniques it's too difficult to crack. Any technique that requires a large amount of information to be memorised in advance is not allowed. Caesar ciphers with a large shift pretty much fall into that category.

4) Consistency. This is a matter of good sportsmanship. For example, if "ABORT" is the target word, you can't have a rule that comes into play only when the sequence "BOR" occurs. All rules should be general enough that they come into play in at least half of the clues.

I may have to rethink rule 3 if it is too restrictive, but without that the hacker's job gets much more difficult.

So... anyone want to come up with a new hashing algorithm?

0

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

I was thinking in this code:

UQPCBSSN

but then I see the A which will convert the last three letters,so It should be:

UQPCBUQP

0

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

The key letters in the puzzle are A, B, O, R, D.

These are ignored when at the beginning of the reversed state name and also act as the "flipper" i.e. they switch the password letter from "1 above" to "1 below" alphabetically (and vice versa) when encountered. I based my first guess on ROAD (as in the road to destruction). Why ABORD? I'm guessing that's as close as possible to ABORT (which couldn't be used as all letters would be ignored) but only octopuppy can tell us for definite.

0

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

As for feedback. It took a little while to get into the swing of things - being not really sure what was going on - but really enjoyed it when I thought I was on to something. I most definitely wouldn't have got the answer without the comments of the other players. It'll be interesting to see a similar thing can be done again without becoming 'stale'. I guess the only way to find out is for someone to start a new one.

0

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

I was thinking in this code:

UQPCBSSN

but then I see the A which will convert the last three letters,so It should be:

UQPCBUQP

I think you're thinking along the right lines but there's a letter wrong there
0

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

The key letters in the puzzle are A, B, O, R, D.

These are ignored when at the beginning of the reversed state name and also act as the "flipper" i.e. they switch the password letter from "1 above" to "1 below" alphabetically (and vice versa) when encountered. I based my first guess on ROAD (as in the road to destruction). Why ABORD? I'm guessing that's as close as possible to ABORT (which couldn't be used as all letters would be ignored) but only octopuppy can tell us for definite.

You've essentially got it right,

As for feedback. It took a little while to get into the swing of things - being not really sure what was going on - but really enjoyed it when I thought I was on to something. I most definitely wouldn't have got the answer without the comments of the other players.
I'm glad. It was looking a bit low on interactivity for a while there.

It'll be interesting to see a similar thing can be done again without becoming 'stale'. I guess the only way to find out is for someone to start a new one.
That is the real game. A test of how much you can obfuscate the code while still making the technique simple and consistent (with that thought I've added a fourth algorithm rule - see for that). Everything so far was intended as a preliminary experiment. If no volunteers are forthcoming I have a second algorithm which is quite different in style, but I'd like to see what other people come up with instead.

Certainly we need to roll out the clues a bit quicker next time. I think 3 at a time would be about right.

If others are up for it I'll start a new thread with the updated rules, but in the meantime I'd like to invite as much feedback as possible, and especially any volunteers to create a code!

The "flipper" letters also include "P" and "Q", although you couldn't know from the available information. Their defining characteristic is simply that they have a closed loop (as a capital letter, otherwise "e" and "g" would join the club). As a means of adding a twist to a code, it struck me as being easy to implement but very unexpected.
0

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Izzy gets to keep Massachusetts for now.

Yay, but *kicks Framm*. :P

0

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

[whoops did a post by accident :blush:]

0

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Hmm...no takers. Let's see your second algorithm, octopuppy!

I'm intrigued by your idea of using such an algorithm for password control. Too bad not all password requirements are the same: some require special characters while others don't allow them. Some need to be exactly 8 characters, others can be shorter or longer. I have one that must be a minimum of 12 characters! If the site would list what the password requirements are on the login page, I could use that to help me recall my password, but usually they don't.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.