BrainDen.com - Brain Teasers
• 0

## Question

This game thread continues where the left off, now I have a clearer set of rules so let's see if it works:

One player plays the Evil Mastermind (that's me, to start) who nukes the states of the USA 3 at a time, the other players play Hackers who seek to stop the Evil Mastermind. The Evil Mastermind plays by posting commands which activate missile strikes. Each command has a unique password, which is derived from the command by a hashing algorithm. The Evil Mastermind devises a different algorithm at the start of each game, and posts the passwords along with the commands. The Hackers will see the commands and passwords and from this they should try to deduce the hashing algorithm. The Hacker who does this first, and correctly figures out the password to the command "ABORT", stops the Evil Mastermind and wins the game. Anyone can join in at any time as a Hacker.

Now hashing algorithms can be exceedingly difficult to crack, but there are restrictions placed on the kind of algorithm that the Evil Mastermind can use:

1) The Evil Mastermind must be able to derive an alphanumeric password of fixed length from any word (password length 8 characters or less, you choose). It doesn't have to be a cipher in the sense that it can be decrypted to the original word, indeed the fixed length makes that impossible.

2) You must be able to do it in your head, with no external aids, in 40 seconds or less. You may look at the word you are hashing but you should not have to look at the previous letters of the password, since real-life passwords are generally shown as ***** as you type (although you may use previous letters as far as your memory can handle it). It's up to you to ensure that you can do all this. A really classy algorithm is one which fulfils this condition better (quick and easy to perform, in other words).

3) Although it is quite possible to hold an alphabetic substitution table in your head, and apply it quickly, I'll rule this out because in conjunction with other techniques it's too difficult to crack. Any technique that requires a large amount of information to be memorised in advance is not allowed. Caesar ciphers with a large shift pretty much fall into that category.

4) Consistency. This is a matter of good sportsmanship. For example, since "ABORT" is the target word, you can't have a rule that comes into play only when the sequence "BOR" occurs. All rules should be general enough that they come into play in at least half of the clues. The algorithm should not be geared toward the specific commands used in this game, but should work on any word.

If that's not clear, here for example is a summary of the previous game's algorithm:

Define "loop letters" as A, B, D, O, P, Q, R, these being all the capital letters written with a closed loop.

Reverse the command, and start at the first letter without a loop. Apply a "1 above" alphabetic shift and continue like this. Every time you hit a loop letter, flip between "1 above" and "1 below".

Example: "MARYLAND"

In reverse, D-N-A-L-Y-R-A-M (in practice you don't really perform this step but just go through the word backwards a letter at a time)

Start at the 1st non-loop letter ("N"), going "1 above" to "O"

Then you hit "A" which is a loop so flip to "1 below": "Z"

Continuing "1 below" with L,Y, gives you "K", "X"

The "R" flips back to "1 above": "S"

The "A" flips back to "1 below": "Z", "L"

We wrap around to the "D", which flips to "1 above": "E"

That was pretty hard to do in my head so not a very elegant algorithm!

This next one is quite different in style, I hope to illustrate that there is more than one approach to the hashing algorithm.

Commands

There are 51 commands, these being the names of US states (used by the Evil Mastermind to nuke another state), plus the word "ABORT" (used by hackers to stop the Evil Mastermind).

Commands and passwords are all uppercase.

ABORT

ALABAMA

ARIZONA

ARKANSAS

CALIFORNIA

CONNECTICUT

DELAWARE

FLORIDA

GEORGIA

HAWAII

IDAHO

ILLINOIS

INDIANA

IOWA

KANSAS

KENTUCKY

LOUISIANA

MAINE

MARYLAND

MASSACHUSETTS

MICHIGAN

MINNESOTA

MISSISSIPPI

MISSOURI

MONTANA

NEWHAMPSHIRE

NEWJERSEY

NEWMEXICO

NEWYORK

NORTHCAROLINA

NORTHDAKOTA

OHIO

OKLAHOMA

OREGON

PENNSYLVANIA

RHODEISLAND

SOUTHCAROLINA

SOUTHDAKOTA

TENNESSEE

TEXAS

UTAH

VERMONT

VIRGINIA

WASHINGTON

WESTVIRGINIA

WISCONSIN

WYOMING

Game Play

The Evil Mastermind posts 3 commands at a time, with their passwords. The interval for doing this is undefined, no point in imposing restrictions. The Evil Mastermind chooses the commands, but should generally do requests as soon as possible.

Each Hacker may make one guess at the password for "ABORT" each time the Evil Mastermind posts commands. If someone makes multiple guesses in between clues, only the first one counts, but if they make a mistake and correct it, the Evil Mastermind can accept the correction. There is no need for spoilers when guessing the password, although please use spoilers if you reveal the algorithm. The first one to get the password for "ABORT" wins. Alternatively if you've cracked the algorithm you can just use it to blow up more states if you're that way inclined.

GAME UPDATE: commands posted so far...

OHIO

B99OOB99

OREGON

ACCGEA32

ALABAMA

A0BBB50D

A1ASA949

MISSOURI

430SODEA

IDAHO

A06HD51D

ARKANSAS

94DAN2D2

MICHIGAN

400HIA12

PENNSYLVANIA

4B8NAB49

IOWA

D65AID65

RHODEISLAND

2ABDL425

WESTVIRGINIA

4B0TIB41

TEXAS

5A1AEA52

MAINE

MASSACHUSETTS

434SE870

TENNESSEE

4B0NS3C0

CONNECTICUT

474NIA30

NEWHAMPSHIRE

4A0HH522

KANSAS

434SN2D2

NEWYORK

4B0YY4E6

SOUTHDAKOTA

6F4TK565

MARYLAND

436YL425

VIRGINIA

4A2GIB41

NORTHCAROLINA

4F6TL521

555OR59F

KENTUCKY

430TU890

SOUTHCAROLINA

6F4TL521

NORTHDAKOTA

4F6TK565

ILLINOIS

900IN6D4

VERMONT

4A2MM474

HAWAII

525AW784

LOUISIANA

764IID25

UTAH

AC2HUAC2

INDIANA

942IID25

MINNESOTA

430NS5E5

MISSISSIPPI

430SI966

ARIZONA

A5CZZ5E5

NEWMEXICO

4A0MX591

OKLAHOMA

989AH545

ABORT

A3FRB47E

Solved by araver!

## 40 answers to this question

• 0

A3FRB47E

I know spoilers are not *necessarily* needed, but still want to use them. Awesome game, wouldn't want others to miss the fun.

Edited by araver

##### Share on other sites
• 0

----------------------------

Take first 4 letters of command.

Write 1 if they are vowels or 0 if non-vowels. E.g. ABCE is 1001.

Write this binary number (written from left to right) as hex. E.g. ABEE=1011=1*4+0*2+1*1+1=6.

This hex character (since 1111=F is maximum) is the first character of the password.

----------------------------

Take first 4 letters of command.

Write 1 if they are after M in the alphabet (N,O,P,Q,etc) and 0 otherwise (A,B,C...M).

Again interpret the binary number as a hex. E.g. AMEQ = 0001=1

---------------------------

Take first 4 letters of command.

Write 1 if they are closed-curves(which contain a closed figure such as a circle or triangle: A,B,D,O,P,Q,R)

and 0 otherwise.

Again interpret the binary number as a hex. E.g. ABOD = 1111=F AEQF=1010, etc.

----------------------------

Equal to the fourth letter of command

---------------------------

Equal to the fourth letter of command counting from right-to-left.

---------------------------

Same algorithm as the first character, applied to last four letters of command.

---------------------------

Same algorithm as the second character, applied to last four letters of command.

---------------------------

Same algorithm as the third character, applied to last four letters of command.

##### Share on other sites
• 0

----------------------------

Take first 4 letters of command.

Write 1 if they are vowels or 0 if non-vowels. E.g. ABCE is 1001.

Write this binary number (written from left to right) as hex. E.g. ABEE=1011=1*4+0*2+1*1+1=6.

This hex character (since 1111=F is maximum) is the first character of the password.

----------------------------

Take first 4 letters of command.

Write 1 if they are after M in the alphabet (N,O,P,Q,etc) and 0 otherwise (A,B,C...M).

Again interpret the binary number as a hex. E.g. AMEQ = 0001=1

---------------------------

Take first 4 letters of command.

Write 1 if they are closed-curves(which contain a closed figure such as a circle or triangle: A,B,D,O,P,Q,R)

and 0 otherwise.

Again interpret the binary number as a hex. E.g. ABOD = 1111=F AEQF=1010, etc.

----------------------------

Equal to the fourth letter of command

---------------------------

Equal to the fourth letter of command counting from right-to-left.

---------------------------

Same algorithm as the first character, applied to last four letters of command.

---------------------------

Same algorithm as the second character, applied to last four letters of command.

---------------------------

Same algorithm as the third character, applied to last four letters of command.

Ah ha!

of using both binary and hex!

Nice work.

##### Share on other sites
• 0

Ah ha!

of using both binary and hex!

Nice work.

I also never considered looking at the first/last four characters in terms of binary. And I also think this hash is easier to perform than the last one as well. Good game all around.

##### Share on other sites
• 0

A3FRB47E

I know spoilers are not *necessarily* needed, but still want to use them. Awesome game, wouldn't want others to miss the fun.

And your description of the algorithm is perfect. Magnificent, maximum kudos to you sir!

Well, I hope everybody enjoyed that. Anybody else want to play the bad guy now?

##### Share on other sites
• 0

Ah ha!

of using both binary and hex!

Nice work.

thought of it straightforwardly

... although after discovering the middle letters's algorithm and observing the hex patterns I suspected it:

- It was obvious from the impressive amount of command/pairs that each letter counts (from the first 4 letters and last 4 letters at least) especially observing 4 letter-states and North/South pairs.

- I had a hunch that each letter counts observing that small variations in input may affect one or even 2 hex digits (kinda differential if I come to think about it).

- It was logical that a function with 4 arguments outputting a single hex character has to account somehow for the only 16 combinations while being simple enough. Assigning each of the arguments a {0,1} output and recombining them to form a binary is just the most natural way to do this.

- Saw the exact pattern(s) only after storing the 4 letters from the command and the corresponding 3 digit hex number in excel and sorted in ascendant order by each of the hex digits.

The hash algorithm could have been even more difficult to crack without an increase of difficulty for the person using it:

OBS1 - using a pre-established fixed permutation in forming the binary (obscures a little the functions, the vowel function was very easy to spot!)

OBS2 - use letters that do not actually affect the output (which could be a killer to crack if only a small number of command/password pairs are known).

Anyway, it was a very nice challenge. I'd rate it as moderately tough because of the two possible obscurity reasons above (it actually has only one layer of obscurity if I may say so).

Thanks octopuppy for the challenge.

##### Share on other sites
• 0

And your description of the algorithm is perfect. Magnificent, maximum kudos to you sir!

Well, I hope everybody enjoyed that. Anybody else want to play the bad guy now?

Thank you.

I'm actually interested in hosting an instance of the game.

I'll start pre-processing something right away and get back to you

##### Share on other sites
• 0

Started - The EvilMastermind Strikes Back

##### Share on other sites
• 0

thought of it straightforwardly

... although after discovering the middle letters's algorithm and observing the hex patterns I suspected it:

- It was obvious from the impressive amount of command/pairs that each letter counts (from the first 4 letters and last 4 letters at least) especially observing 4 letter-states and North/South pairs.

- I had a hunch that each letter counts observing that small variations in input may affect one or even 2 hex digits (kinda differential if I come to think about it).

- It was logical that a function with 4 arguments outputting a single hex character has to account somehow for the only 16 combinations while being simple enough. Assigning each of the arguments a {0,1} output and recombining them to form a binary is just the most natural way to do this.

- Saw the exact pattern(s) only after storing the 4 letters from the command and the corresponding 3 digit hex number in excel and sorted in ascendant order by each of the hex digits.

The hash algorithm could have been even more difficult to crack without an increase of difficulty for the person using it:

OBS1 - using a pre-established fixed permutation in forming the binary (obscures a little the functions, the vowel function was very easy to spot!)

OBS2 - use letters that do not actually affect the output (which could be a killer to crack if only a small number of command/password pairs are known).

Anyway, it was a very nice challenge. I'd rate it as moderately tough because of the two possible obscurity reasons above (it actually has only one layer of obscurity if I may say so).

Thanks octopuppy for the challenge.

OBS2 - Do you mean effectively ignoring letters, as in forming a hex from letters 2,4,5,1 (ignoring 3), instead of just 1,2,3,4? I think that would be stronger although once you've figured out that hex is involved, it's pretty breakable. Cherry Lane gave examples of words with 3 letters the same at the front/end, but different hex trios. If she had calculated the difference between those hex trios it would have told her which bits were affected by the different letter.

Certainly I think there's some variations that could make it an absolute swine to deal with. I combined a couple of letters with hex characters to obscure things (and to guarantee that passwords have letters in them), but I did it in a pretty simple way so as not to be mean (used vowels for the 1st hex for same reason). Now if the position of the letters had varied depending on something or other (say one of the 1st 4 chars will be a letter and the hex fits around that), that would have played hell with people trying to figure out what was hex and what was not. Just a thought for anyone who felt like using something similar for a real life password system. Mind you, what both of the games so far have illustrated is that both systems are overkill, since most people's needs would be met by a system that stands up to someone knowing 2 or 3 examples.

##### Share on other sites
• 0

grr. I got the hex part but I am clueless when it comes to binary

Great job Aravar

##### Share on other sites
• 0

grr. I got the hex part but I am clueless when it comes to binary

There are 10 types of people in this world those the understand binary and those that don't

##### Share on other sites
• 0

Nah, there's really 10 types of people.

Those who understand ternary, those who don't, and those who couldn't care less.

##### Share on other sites
• 0

Kudos on that araver... I got the easiest ones, but was struggling with the hex...

##### Share on other sites
• 0

Nah, there's really 10 types of people.

Those who understand ternary, those who don't, and those who couldn't care less.

However that would be 11 types of people.

##### Share on other sites
• 0

However that would be 11 types of people.

And we'll never know if he doesn't understand or just couldn't care less...

## Create an account

Register a new account