AOB is a Beatles fan

[Colin]

From
https://groups.google.com/forum/#!topic/sci.crypt/RsDnyyZp8sU


which decodes to
"This powerful collection features rare Beatles studio outtakes ..."

[Richard Heathfield]

You must be mistaken
It couldn't have been
You couldn't have seen his message clear
He's doing some vector cryptography now
I know it cos he's not here.

You must be mistaken
I'm sure that you see
There's only one key, which you don't know,
And lots of false keys, too many to count,
So brute force is too slow.

Take that look off your face (take that look off your face)
He can see through your smile (he can see through your smile)
You would love to be right
I bet you didn't sleep good last night
Couldn't wait to bring all of that bad news to his door
Well, I've got news for you
He knew before.

If he's not mistaken, I'll buy you a beer;
He's not very clear how it began
He tried to handwave the ShuttlePads break
As only a real crank can.

No, he didn't dig deep (no, he didn't dig deep)
He did not want to know (he did not want to know)
Well, he won't interfere
When he's scared of the things he might hear
When you publish a break, you think he will end it right there and then
Well, my analyst friend,
You're wrong again.

(rep ch, fade)

--
Richard Heathfield
Email: rjh at cpax dot org dot uk
"Usenet is a strange place" - dmr 29 July 1999
Sig line 4 vacant - apply within

[MM]

Nice job!

How did you do it?

M
--

[ao40...@gmail.com]

On Saturday, 6 July 2019 01:55:50 UTC+1, Colin wrote:

Predates scrambling the ciphertext.

[ao40...@gmail.com]

On Saturday, 6 July 2019 01:55:50 UTC+1, Colin wrote:

Why don't you post the entire messagetext - AOB

[MM]

On Saturday, 6 July 2019 11:47:32 UTC+1, ao40...@gmail.com wrote:
> Why don't you post the entire messagetext - AOB

You don't have to eat a whole apple to know that it's rotten.

M
--

[MM]

On Saturday, 6 July 2019 11:45:47 UTC+1, ao40...@gmail.com wrote:
> Predates scrambling the ciphertext.

Maybe so, but so what? It proves that your vector encryption is broken.

M
--

[Richard Heathfield]

So what? He still broke the ciphertext you published - in less than six
months.

You seem to think that your system is secure because it hasn't been
cracked since the last change you made to it, and you change it every
few weeks just to keep ahead.

But that's tantamount to admitting that the most security you can offer
is a few weeks' protection against hobbyists who fart around with the
cipher in their spare time. A sustained attack by a serious Eve would
leave Alice and Bob wide open, if ever they were so foolish as to accept
your "practically uncrackable" security claims.

Oh, and the last time you added a scrambling layer, I peeled it off
again in fairly short order. You're not *good* at scrambling. I'm glad
we finally seem to have convinced you that it's necessary... but you
don't do it well.

[Richard Heathfield]

Two reasons:

(1) everybody else knows that what he's posted is enough to blow your
cryptosystem completely out of the water;

(2) even if he did post the entire message, you'd come up with an excuse
for claiming it's not a proper crack (and indeed you have already done
so, in a parallel reply).

[Colin]

Wrong, it was scrambled in groups of 18

[MM]

On Saturday, 6 July 2019 12:01:08 UTC+1, Richard Heathfield wrote:
> (2) even if he did post the entire message, you'd come up with an excuse
> for claiming it's not a proper crack (and indeed you have already done
> so, in a parallel reply).

PREDICTION:

AOB has a LOT more invested in this so-called vector crypto than he ever
did in the other ciphers. As such, it is going to take a fair bit before he lets
it go.

If he does let it go, it will be temporary, and he'll make some secret change
to the cipher, and will release only short ciphertexts to attempt to save face.

These attempts to save face will be convincing only to AOB.

M
--

[Richard Heathfield]

Was this reverse-in-place scrambling? As in (for five, say) EDCBA JIHGF
ONMLK etc?

If so, that represents a backward step for AOB, because I showed how to
strip that out *years* ago.

[Colin]

Yep, that's how he scrambles everything

[Colin]

I think it would be best not to tell at this stage.

Trust me there is nothing cryptography special that I have done

[Richard Heathfield]

On 06/07/2019 13:22, Colin wrote:
> On 7/07/19 12:15 AM, Richard Heathfield wrote:
>> On 06/07/2019 12:16, Colin wrote:
>>> On 6/07/19 10:45 PM, ao40...@gmail.com wrote:
>>>> On Saturday, 6 July 2019 01:55:50 UTC+1, Colin  wrote:
>>>>> From
>>>>> https://groups.google.com/forum/#!topic/sci.crypt/RsDnyyZp8sU
>>>>>
>>>>>
>>>>> which decodes to
>>>>> "This powerful collection features rare Beatles studio outtakes ..."
>>>>
>>>> Predates scrambling the ciphertext.
>>>
>>> Wrong, it was scrambled in groups of 18
>>
>> Was this reverse-in-place scrambling? As in (for five, say) EDCBA
>> JIHGF ONMLK etc?
>>
>> If so, that represents a backward step for AOB, because I showed how
>> to strip that out *years* ago.
>

> Yep, that's how he scrambles everything

Thank you.

I know how I'd have removed it. How did you remove it? (If you'd prefer
to reply in email, that's fine - I'm happy either way.)

[Rich]

Richard Heathfield <r...@cpax.org.uk> wrote:
> On 06/07/2019 12:16, Colin wrote:
>> On 6/07/19 10:45 PM, ao40...@gmail.com wrote:
>>> On Saturday, 6 July 2019 01:55:50 UTC+1, Colin  wrote:
>>>> From
>>>> https://groups.google.com/forum/#!topic/sci.crypt/RsDnyyZp8sU
>>>>
>>>>
>>>> which decodes to
>>>> "This powerful collection features rare Beatles studio outtakes ..."
>>>
>>> Predates scrambling the ciphertext.
>>
>>
>> Wrong, it was scrambled in groups of 18
>
> Was this reverse-in-place scrambling? As in (for five, say) EDCBA JIHGF
> ONMLK etc?

That is the only 'scrambling' function that exists in the Ada code he
has published. So it is very likely exactly that reverse-in-place that
he has always used.

> If so, that represents a backward step for AOB, because I showed how to
> strip that out *years* ago.

Yes, but remember, this is AOB, he takes forever to get anything built,
so once something is built (i.e., reverse in place shuffle), then he's
done and that is the only way forward for him from then on.

[Rich]

No need. Colin has provably broken your cipher. Simply breaking it
more merely adds insult to injury.

[Richard Heathfield]

Yes - never go back.

I am reminded of the man whose child asked him to hang a swing from the
tree in the back garden. He never went back either, and what he ended up
with was a swing tied to the two strongest branches of the tree (which
were on opposite sides of the trunk); a large gap in the trunk to allow
the child to swing properly; and, since the gap in the trunk meant that
the tree no longer supported itself, scaffolding!

[Chris M. Thomasson]

Ouch!

[Colin]

On 7/07/19 12:33 AM, Richard Heathfield wrote:
> On 06/07/2019 13:22, Colin wrote:
>> On 7/07/19 12:15 AM, Richard Heathfield wrote:
>>> On 06/07/2019 12:16, Colin wrote:
>>>> On 6/07/19 10:45 PM, ao40...@gmail.com wrote:
>>>>> On Saturday, 6 July 2019 01:55:50 UTC+1, Colin  wrote:
>>>>>> From
>>>>>> https://groups.google.com/forum/#!topic/sci.crypt/RsDnyyZp8sU
>>>>>>
>>>>>>
>>>>>> which decodes to
>>>>>> "This powerful collection features rare Beatles studio outtakes ..."
>>>>>
>>>>> Predates scrambling the ciphertext.
>>>>
>>>> Wrong, it was scrambled in groups of 18
>>>
>>> Was this reverse-in-place scrambling? As in (for five, say) EDCBA
>>> JIHGF ONMLK etc?
>>>
>>> If so, that represents a backward step for AOB, because I showed how
>>> to strip that out *years* ago.
>>
>> Yep, that's how he scrambles everything
>
> Thank you.
>
> I know how I'd have removed it. How did you remove it? (If you'd prefer
> to reply in email, that's fine - I'm happy either way.)
>

Sure

reformat the cipher-text into columns of 9 ( ie 3 alternating skews of
cipher-text triplets )

highlight the low hanging fruit in a different colour ( ie numbers that
have the form xx14yyy )

If required, change to a tiny font and squint.

Unscrambled, the majority of low hanging fruit will line up in columns
1, 5 and 9. ( ie one per triplet )

Note: as this sample was scrambled in groups of 18 ( ie multiple of 9 )
it will produce the same pattern as unscrambled.

[Richard Heathfield]

Interesting. So we now have two different ways to unscramble.

[Colin]

>
> reformat the cipher-text into columns of 9 ( ie 3 alternating skews of
> cipher-text triplets )
>
> highlight the low hanging fruit in a different colour ( ie numbers that
> have the form xx14yyy )
>
> If required, change to a tiny font and squint.
>
> Unscrambled, the majority of low hanging fruit will line up in columns
> 1, 5 and 9. ( ie one per triplet )
>
> Note: as this sample was scrambled in groups of 18 ( ie multiple of 9 )
> it will produce the same pattern as unscrambled.
>

What the hell here are the 3 formulas for the low hanging fruit


Ada.Integer_Text_IO.Put( OutData, Number(Character'Pos(NextChar)) *
GCD(NJ,NK) + CI );

Ada.Integer_Text_IO.Put( OutData, Number(Character'Pos(NextChar)) *
GCD(NI,NJ) + CJJ );

Ada.Integer_Text_IO.Put( OutData, Number(Character'Pos(NextChar)) *
GCD(NI,NJ) + CKK );


note: the gcd() value equals 1 at least 50% of the time.
and due to what is a obviously a programming error, currently will
always produce the same set of numbers
1
1
3
3
1
6
1
3
1
23
1
1
2
2
2
897
1
1

reverse the maths to be left with Number( plainttext )
As this is basically a sbox it can be removed with some frequency analysis

[Rich]

This, of course, brings up the next question as to why there is such a
bias towards xx14yyy style numbers. Here is the top ten distribution
of xx##yyy values from the post referenced by Colin in the OP:

xx14yyy: 520
xx13yyy: 164
xx45yyy: 117
xx46yyy: 113
xx43yyy: 100
xx47yyy: 98
xx42yyy: 98
xx44yyy: 93
xx48yyy: 87
xx15yyy: 84

The xx14yyy pattern is, by far, much more common within the set of
numbers. But why?

[Colin]

His mutual database shines through to the cipher-text.

[Chris M. Thomasson]

On 7/6/2019 3:22 PM, Colin wrote:
> On 7/07/19 10:14 AM, Rich wrote:
>> Colin <a...@b.com> wrote:
>>> On 7/07/19 12:33 AM, Richard Heathfield wrote:
>>>> On 06/07/2019 13:22, Colin wrote:
>>>>> On 7/07/19 12:15 AM, Richard Heathfield wrote:
>>>>>> On 06/07/2019 12:16, Colin wrote:
>>>>>>> On 6/07/19 10:45 PM, ao40...@gmail.com wrote:
>>>>>>>> On Saturday, 6 July 2019 01:55:50 UTC+1, Colin  wrote:

[...]

>> The xx14yyy pattern is, by far, much more common within the set of
>> numbers.  But why?
>>
>
> His mutual database shines through to the cipher-text.
>
>
>

Humans can be very bad at creating random numbers by themselves:

https://www.ncbi.nlm.nih.gov/pubmed/17888582

So, AOB should at least invest in a cardboard box filled with D&D dice?:

https://groups.google.com/d/topic/sci.crypt/Nhol1RVFP1s/discussion

Humm...

[Chris M. Thomasson]

Do you realize how lucky you are Austin? Somebody cracked your work, and
is most likely willing to teach you how they did it! This is GOLD! Pure
GOLD! I am a bit jealous. ;^o

[Colin]

I don't think a randomly generated database will fix the problems, just
make it less obvious.

The low hanging fruit is generated thanks to his funky vector math, and
given enough reuses of the database its structure could start revealing
itself.

Check out "Anon's" ( gee I wonder who that was ) 2nd post in this link.
https://groups.google.com/forum/#!topic/sci.crypt/DX_BKhat9eU

[MM]

On Sunday, 7 July 2019 06:21:46 UTC+1, Chris M. Thomasson wrote:
> Do you realize how lucky you are Austin? Somebody cracked your work, and
> is most likely willing to teach you how they did it! This is GOLD! Pure
> GOLD! I am a bit jealous. ;^o

He won't see it this way.

He's spent many years convincing himself that he's a world-class
designer of crypto, and this correctly proves him wrong.

His only real recovery is to honestly throw the towel in, but I
doubt his arrogance will let him.

M
--

[Richard Heathfield]

On 07/07/2019 11:33, MM wrote:
<snip>

>
> He's spent many years convincing himself that he's a world-class
> designer of crypto, and this correctly proves him wrong.
>
> His only real recovery is to honestly throw the towel in, but I
> doubt his arrogance will let him.

Whenever AOB responds to a break, it's hard *not* to think of Monty
Python's "Black Knight" sketch.

https://www.youtube.com/watch?v=ZmInkxbvlCs

[Chris M. Thomasson]

On 7/7/2019 3:33 AM, MM wrote:
> On Sunday, 7 July 2019 06:21:46 UTC+1, Chris M. Thomasson wrote:
>> Do you realize how lucky you are Austin? Somebody cracked your work, and
>> is most likely willing to teach you how they did it! This is GOLD! Pure
>> GOLD! I am a bit jealous. ;^o
>
> He won't see it this way.

DAMN! He can learn so much: damn... ;^o

Fwiw, I want somebody to tell me: "Hey Chris, here is how to crack your
experimental HMAC cipher.". I would be all ears. I would learn, and
alter the algorihtm to try and defend against the crack.

damn

[Chris M. Thomasson]

On 7/7/2019 4:33 AM, Richard Heathfield wrote:
> On 07/07/2019 11:33, MM wrote:
> <snip>
>>
>> He's spent many years convincing himself that he's a world-class
>> designer of crypto, and this correctly proves him wrong.
>>
>> His only real recovery is to honestly throw the towel in, but I
>> doubt his arrogance will let him.
>
> Whenever AOB responds to a break, it's hard *not* to think of Monty
> Python's "Black Knight" sketch.
>
> https://www.youtube.com/watch?v=ZmInkxbvlCs
>

Almost impossible to disagree with.

[Chris M. Thomasson]

On 7/7/2019 4:33 AM, Richard Heathfield wrote:

> On 07/07/2019 11:33, MM wrote:
> <snip>
>>
>> He's spent many years convincing himself that he's a world-class
>> designer of crypto, and this correctly proves him wrong.
>>
>> His only real recovery is to honestly throw the towel in, but I
>> doubt his arrogance will let him.
>
> Whenever AOB responds to a break, it's hard *not* to think of Monty
> Python's "Black Knight" sketch.
>
> https://www.youtube.com/watch?v=ZmInkxbvlCs
>

It is alive!

https://youtu.be/vnciwwsvNcc

[Chris M. Thomasson]

It seems like a proper shuffle, and an IV should help AOB's work out.

[Colin]

>
>It seems like a proper shuffle, and an IV should help AOB's work out.

If it's required to be secret he would have to employ an extra secure
courier.

[Chris M. Thomasson]

He definitely needs to make rekeying a lot easier. Perhaps, he should
create a program that helps Alice and Bob generate an Ada95 program to
be used as the key?

[Colin]

>
> (2) even if he did post the entire message, you'd come up with an excuse
> for claiming it's not a proper crack (and indeed you have already done
> so, in a parallel reply).
>

18 days for the lame excuse, is it a record?

[Richard Heathfield]

It's nice out. Perhaps he's been on holiday.

[MM]

No. 2-3 months is not unusual.

M
--

[Colin]

>>
>> 18 days for the lame excuse, is it a record?
>
>No. 2-3 months is not unusual.
>

Damn

[Rich]

The sulking disappearance does likely mean one thing.

It likely confirms that you did crack the code. He never admits there
was a crack (at least not directly) but the sulking disappearances all
seem to coorelate to someone posting a successful crack.

[MM]

On Wednesday, 24 July 2019 11:31:06 UTC+1, Rich wrote:
> The sulking disappearance does likely mean one thing.
>
> It likely confirms that you did crack the code. He never admits there
> was a crack (at least not directly) but the sulking disappearances all
> seem to coorelate to someone posting a successful crack.

Naah.

He often emerges from those with his convictions intact.

M
--

[Richard Heathfield]

On 24/07/2019 11:31, Rich wrote:
> Colin <a...@b.com> wrote:
>>
>>>
>>> (2) even if he did post the entire message, you'd come up with an
>>> excuse for claiming it's not a proper crack (and indeed you have
>>> already done so, in a parallel reply).
>>>
>>
>>
>> 18 days for the lame excuse, is it a record?
>
> The sulking disappearance does likely mean one thing.
>
> It likely confirms that you did crack the code.

(1) Colin confirmed that he cracked the code, and I'd take his word over
AOB's any day, because unlike AOB Colin responds willingly and cogently
to questions about his working. He showed more than enough plaintext to
prove that he'd broken AOB's cryptosystem.

That it was the *right* plaintext was obvious from the start because, if
it had not been, AOB would have been all over it in a few minutes or, at
most, hours.

> He never admits there
> was a crack (at least not directly) but the sulking disappearances all
> seem to coorelate to someone posting a successful crack.

Never say "never". Cast your mind back if you will to 28 September 2016,
when he had no choice but to admit to a crack of ShuttlePads:

https://groups.google.com/forum/#!topicsearchin/sci.crypt/after$3A2016$2F09$2F27$20AND$20before$3A2016$2F10$2F03/sci.crypt/mlosWvtDDLg

[Rich]

Quite right, he reemerges and carries on as if nothing happened.
Sometimes he reemerges with some tweak/change that in his mind has
"helped", but he never admits that the change was a result of a break.

But one can generally infer a success from a crack by watching for the
sulking period of no posts right after someone has posted something
that indicates a break. There is a large coorelation between "break
posted by other" and "AOB goes mute for a while just after break
posted".

[Rich]

Richard Heathfield <r...@cpax.org.uk> wrote:
> On 24/07/2019 11:31, Rich wrote:
>> Colin <a...@b.com> wrote:
>>>
>>>>
>>>> (2) even if he did post the entire message, you'd come up with an
>>>> excuse for claiming it's not a proper crack (and indeed you have
>>>> already done so, in a parallel reply).
>>>>
>>>
>>>
>>> 18 days for the lame excuse, is it a record?
>>
>> The sulking disappearance does likely mean one thing.
>>
>> It likely confirms that you did crack the code.
>
> (1) Colin confirmed that he cracked the code, and I'd take his word over
> AOB's any day, because unlike AOB Colin responds willingly and cogently
> to questions about his working. He showed more than enough plaintext to
> prove that he'd broken AOB's cryptosystem.

Agreed, and I did not intend to imply that Colin had tried to pull
anything on us. The moment I saw Colin's post I realized as well that
he had broken through.

> That it was the *right* plaintext was obvious from the start because,
> if it had not been, AOB would have been all over it in a few minutes
> or, at most, hours.

Agreed. Colin did an amazing job, and I would like to know how he
cracked it, but I can also understand if he wants to keep his
techniques close to his vest as well.

>> He never admits there was a crack (at least not directly) but the
>> sulking disappearances all seem to coorelate to someone posting a
>> successful crack.
>
> Never say "never". Cast your mind back if you will to 28 September
> 2016, when he had no choice but to admit to a crack of ShuttlePads:
>
> https://groups.google.com/forum/#!topicsearchin/sci.crypt/after$3A2016$2F09$2F27$20AND$20before$3A2016$2F10$2F03/sci.crypt/mlosWvtDDLg

Ok, I stand corrected. I should have said: "He *seldom* admits ...".

[Richard Heathfield]

On 24/07/2019 17:41, Rich wrote:
> Richard Heathfield <r...@cpax.org.uk> wrote:
>> On 24/07/2019 11:31, Rich wrote:
>>> Colin <a...@b.com> wrote:
>>>>
>>>>>
>>>>> (2) even if he did post the entire message, you'd come up with an
>>>>> excuse for claiming it's not a proper crack (and indeed you have
>>>>> already done so, in a parallel reply).
>>>>>
>>>>
>>>>
>>>> 18 days for the lame excuse, is it a record?
>>>
>>> The sulking disappearance does likely mean one thing.
>>>
>>> It likely confirms that you did crack the code.
>>
>> (1) Colin confirmed that he cracked the code, and I'd take his word over
>> AOB's any day, because unlike AOB Colin responds willingly and cogently
>> to questions about his working. He showed more than enough plaintext to
>> prove that he'd broken AOB's cryptosystem.
>
> Agreed, and I did not intend to imply that Colin had tried to pull
> anything on us. The moment I saw Colin's post I realized as well that
> he had broken through.

I know it, of course - but I felt it was worth resolving the ambiguity.

I note in passing that the above was point (1), and I now find myself
wondering what on Earth I had intended to write as point (2). Oh well;
maybe this next paragraph was it...

>> That it was the *right* plaintext was obvious from the start because,
>> if it had not been, AOB would have been all over it in a few minutes
>> or, at most, hours.
>
> Agreed. Colin did an amazing job, and I would like to know how he
> cracked it, but I can also understand if he wants to keep his
> techniques close to his vest as well.

I think he's already told us most of it.

There's some minor scrambling to strip off, but that's easy enough. He
spotted a statistical pattern (which he's talked about, so I won't
repeat it here and risk getting the details wrong), and he used that as
a knife-edge.

You know how these things go - once you've got a little wiggle-room, the
crack either gets wider or it doesn't. If it does, you're well on the
way to a crack. And when the leads start appearing faster than you can
follow them up, you've broken it.

>>> He never admits there was a crack (at least not directly) but the
>>> sulking disappearances all seem to coorelate to someone posting a
>>> successful crack.
>>
>> Never say "never". Cast your mind back if you will to 28 September
>> 2016, when he had no choice but to admit to a crack of ShuttlePads:
>>
>> https://groups.google.com/forum/#!topicsearchin/sci.crypt/after$3A2016$2F09$2F27$20AND$20before$3A2016$2F10$2F03/sci.crypt/mlosWvtDDLg
>
> Ok, I stand corrected. I should have said: "He *seldom* admits ...".

Can I just say that the date 28/9/2016 is *not* etched in my memory? :-)

I had to go rooting around on my hard disk to find my working so that I
could ls -al it to recover the date.

[Colin]

>
>There's some minor scrambling to strip off, but that's easy enough. He
>spotted a statistical pattern (which he's talked about, so I won't
>repeat it here and risk getting the details wrong), and he used that as
>a knife-edge.
>

For the record the formulas came first by stripping his code down to the
bear minimum.
The patterns hit me in the face when I started playing with the this code.

[Colin]

Man I hate the auto correction :)