Level II Challenges

179 published challenges (in level II), sorted by:

Description
Ready for the Elliptic Boogaloo? In this challenge, we dance on elliptic curves and try to forge digital signatures.

Solve this challenge
2 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
An English plaintext of length 4272 was encrypted with the Hutton cipher, a pen-and-paper cipher from 2018. The length of the two passwords is also known. Can you successfully perform a ciphertext-only attack?

Solve this challenge
0 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Unlock the secrets of the Hutton cipher, a pen-and-paper cipher from 2018. Can you crack the ciphertext?

Solve this challenge
4 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Unlock the secrets of the Hutton cipher, a pen-and-paper cipher from 2018. Can you crack the ciphertext?

Solve this challenge
4 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
Unlock the secrets of the Hutton cipher, a pen-and-paper cipher that has baffled cryptographers since 2018. Can you reconstruct the keywords used?

Solve this challenge
19 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Unlock the secrets of the Hutton cipher, a pen-and-paper cipher that has baffled cryptographers since 2018. Can you crack the ciphertext?

Solve this challenge
19 users have already solved this challenge, 5 are working on it.
You need to be logged in to solve this challenge.

Description
The Josse cipher is a polyalphabetic cipher from the time of the Franco-Prussian War. Its description was lost. It was only rediscovered and published in 2020. In these challenges you are to decipher several, increasingly shorter ciphertexts.

Solve this challenge
13 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The Josse cipher is a polyalphabetic cipher from the time of the Franco-Prussian War. Its description was lost. It was only rediscovered and published in 2020. In these challenges you are to decipher several, increasingly shorter ciphertexts.

Solve this challenge
15 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Josse cipher is a polyalphabetic cipher from the time of the Franco-Prussian War. Its description was lost. It was only rediscovered and published in 2020. In these challenges you are to decipher several, increasingly shorter ciphertexts.

Solve this challenge
15 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The Syllabary cipher seems to be just another substitution cipher. This time, the table got mixed up. Is a solution even possible? Find it out!

Solve this challenge
13 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Syllabary cipher seems to be just another substitution cipher, but is it? Find out and solve its mystery! All keys went missing...

Solve this challenge
13 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Syllabary cipher seems to be just another substitution cipher, but is it? Find out and solve its mystery! But this time, the table is weird...

Solve this challenge
19 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Syllabary cipher seems to be just another substitution cipher, but is it? Find out and solve its mystery! A key got missing...

Solve this challenge
25 users have already solved this challenge, 4 are working on it.
You need to be logged in to solve this challenge.

Description
The legendary Merkle-Hellman Knapsack cryptosystem can also be used for public-key encryption. Is the cryptosystem secure or can you crack the ciphertext?

Solve this challenge
16 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
The historical Hill cipher uses matrix-vector multiplications to encrypt blocks of letters. Can you find the inverse matrix and recover the plaintext?

Solve this challenge
12 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
A more difficult and even more interesting sequel to the "Alberti Challenge - Part 1". Will you manage to crack this puzzle this time as well?

Solve this challenge
10 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
This cipher is a new take on the well-known Vigenère cipher. It has been designed to fix its "brother's" weaknesses. Can you find another weakness?

Solve this challenge
11 users have already solved this challenge, 8 are working on it.
You need to be logged in to solve this challenge.

Description
The Lorenz SZ42, codenamed Tunny, was a German teleprinter encryption device used during WW2. This is the last challenge in a series of 13 level-2 challenges with the SZ42. In this "key breaking" challenge you are provided with one ciphertext and parts of the corresponding plaintext. Can you find the MU wheel patterns and decrypt the ciphertext?

Solve this challenge
8 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
The Lorenz SZ42, codenamed Tunny, was a German teleprinter encryption device used during WW2. This is the twelfth challenge in a series of 13 level-2 challenges with the SZ42. In this "key breaking" challenge you are provided with one ciphertext and parts of the corresponding plaintext. Can you find the PSI wheel patterns and decrypt the ciphertext?

Solve this challenge
9 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The SIGABA CSP-2900 was a highly secure encryption machine used by the US for strategic communication in WWII. In this series of challenges, you are provided with a ciphertext and a partially-known plaintext, here with the length of 270 and 120 characters.

Solve this challenge
2 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The SIGABA CSP-2900 was a highly secure encryption machine used by the US for strategic communication in WWII. In this series of challenges, you are provided with a ciphertext and a partially-known plaintext, here with the length of 320 and 120 characters.

Solve this challenge
2 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The SIGABA CSP-889 was a highly secure encryption machine used by the US for strategic communication in WWII. In this series of challenges, you are provided with a ciphertext and a partially-known plaintext, here with the length of 270 and 120 characters.

Solve this challenge
2 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The SIGABA CSP-889 was a highly secure encryption machine used by the US for strategic communication in WWII. In this series of challenges, you are provided with a ciphertext and a partially-known plaintext, here with the length of 320 and 120 characters. Update June 2021: We replaced the used key (and this changed the ciphertext) since a part of the previous used key was leaked in the newest SIGABA template of CrypTool 2.

Solve this challenge
2 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Wheatstone Cryptograph is a simple device that resembles a clock with two hands. For each hand there is a ring of symbols. In this challenge the key is a random permutation of the english alphabet. Are you able to decrypt the given ciphertext?

Solve this challenge
15 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Lorenz SZ42, codenamed Tunny, was a German teleprinter encryption device used during WW2. This is the eleventh challenge in a series of 13 level-2 challenges with the SZ42. In this "key breaking" challenge you are provided with one ciphertext and the corresponding plaintext. Can you find the wheel patterns?

Solve this challenge
4 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The Lorenz SZ42, codenamed Tunny, was a German teleprinter encryption device used during WW2. This is the tenth challenge in a series of 13 level-2 challenges with the SZ42. In this "key breaking" challenge you are provided with one ciphertext and the corresponding plaintext. Can you find the wheel patterns? Update January 2021: The starting positions for the CHI wheels were added.

Solve this challenge
5 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The Lorenz SZ42, codenamed Tunny, was a German teleprinter encryption device used during WW2. This is the ninth challenge in a series of 13 level-2 challenges with the SZ42. In this "setting" challenge you are provided with only one ciphertext; the patterns for all the wheels are known as well as the starting positions for the CHI wheels. Can you find the starting positions for both the MU and PSI wheels and decrypt the ciphertext?

Solve this challenge
13 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Lorenz SZ42, codenamed Tunny, was a German teleprinter encryption device used during WW2. This is the eighth challenge in a series of 13 level-2 challenges with the SZ42. In this "setting" challenge you are provided with only one ciphertext; the patterns for all the wheels are known as well as the starting positions for the CHI and PSI wheels. Can you find the starting positions for the MU wheels and decrypt the ciphertext?

Solve this challenge
14 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Lorenz SZ42, codenamed Tunny, was a German teleprinter encryption device used during WW2. This is the seventh challenge in a series of 13 level-2 challenges with the SZ42. In this "setting" challenge you are provided with only one ciphertext; the patterns for all the wheels are known as well as the starting positions for the CHI and MU wheels. Can you find the starting positions for the PSI wheels and decrypt the ciphertext?

Solve this challenge
13 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Lorenz SZ42, codenamed Tunny, was a German teleprinter encryption device used during WW2. This is the sixth challenge in a series of 13 level-2 challenges with the SZ42. In this "setting" challenge you are provided with only one ciphertext and the patterns for all five CHI wheels are known. Can you find the starting positions for the five CHI wheels?

Solve this challenge
14 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Lorenz SZ42, codenamed Tunny, was a German teleprinter encryption device used during WW2. This is the fifth challenge in a series of 13 level-2 challenges with the SZ42. In this "setting" challenge you are provided with only one ciphertext and the patterns for CHI1 and CHI2 wheels are known. Can you find the starting positions for CHI1 and CHI2?

Solve this challenge
16 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The Lorenz SZ42, codenamed Tunny, was a German teleprinter encryption device used during WW2. This is the fourth challenge in a series of 13 level-2 challenges with the SZ42. In this "setting" challenge you are provided with only one ciphertext and the patterns for CHI1 and CHI2 wheels are known. Can you find the starting positions for CHI1 and CHI2?

Solve this challenge
16 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The Lorenz SZ42, codenamed Tunny, was a German teleprinter encryption device used during WW2. This is the third challenge in a series of 13 level-2 challenges with the SZ42. Here, you are provided with 2 in-depth ciphertexts and a limitation is used. Can you recover the plaintexts?

Solve this challenge
16 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Lorenz SZ42, codenamed Tunny, was a German teleprinter encryption device used during WW2. This is the second challenge in a series of 13 level-2 challenges with the SZ42. Here, you are provided with 4 in-depth ciphertexts and a limitation is used. Can you recover the plaintexts?

Solve this challenge
18 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Lorenz SZ42, codenamed Tunny, was a German teleprinter encryption device used during WW2. This is the first challenge in a series of 13 Level-2 challenges with the SZ42. Here, you are provided with 8 in-depth ciphertexts. Can you recover the plaintexts?

Solve this challenge
19 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
This is part 3 of the challenge series about lattice-based cryptography schemes. This challenge introduces an encryption scheme which uses systems of linear equations. Can you decrypt a message without knowing the key?

Solve this challenge
37 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
This part of the challenge series introduces polyhomophonic substitution. In a polyhomophonic substitution cipher, each ciphertext symbol can represent one of several plaintext symbols, and each plaintext letter can be encrypted as one of several ciphertext letters. The key is a mapping from the set of plaintext symbols to the set of ciphertext symbols.

Solve this challenge
18 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
This part of the challenge series is a warm-up with polyphonic substitution. In a polyphonic substitution cipher, more than one plaintext letter are encrypted to the same ciphertext symbol. The key is a mapping from the set of plaintext symbols to the set of ciphertext symbols.

Solve this challenge
29 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The SIGABA was a highly secure encryption machine used by the US for strategic communications in WWII. As in part 1 of this series of challenges, you are provided with a partial known-plaintext, and some information about the key settings. However, in this part you get less information about the key.

Solve this challenge
9 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The SIGABA was a highly secure encryption machine used by the US for strategic communications in WWII. It is believed that the German codebreakers were unable to make any inroads against SIGABA. In this part of the series of challenges, you are provided with a partial known-plaintext, and some information about the key settings.

Solve this challenge
10 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
LoRa calculates the ciphertext by using a logic expression as key. The ciphertext unusually contains large bitstreams too. Could you find the logic expression from a given ciphertext?

Solve this challenge
28 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
This challenge series introduces in detail the handling of the differential cryptanalysis (DCA). In the first two challenges you have to decrypt encrypted images and enter the code shown in the images. The second challenge requires filtering.

Solve this challenge
5 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
This is part two of the two polyphonic cipher challenges, where again two or more plaintext letters correspond to one cipher symbol. Can you solve such a cipher?

Solve this challenge
23 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
This challenge series introduces in detail the handling of the differential cryptanalysis (DCA). In the first two challenges you have to decrypt encrypted images and enter the code shown in the images. The first challenge needs no filtering, as only valid plaintext-ciphertext pairs are delivered.

Solve this challenge
5 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
In a polyphonic cipher, two or more plaintext letters correspond to one ciphertext symbol.

Solve this challenge
25 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
Determine which type of classic cipher was used to generate each of 500 ciphertext messages. The ciphers used in this challenge are simple substitution, columnar transposition, Vigenère, Playfair, and Hill.

Solve this challenge
18 users have already solved this challenge, 4 are working on it.
You need to be logged in to solve this challenge.

Description
Like the MONOALPHABETIC SUBSTITUTION WITH CAMOUFLAGE series of challenges, this two-part challenge considers a modification of the classic simple substitution cipher achieved by randomly introducing decoy characters into the ciphertext in encryption which are then ignored in decryption. In part 2, the plaintext is first divided into two parts, then each part will be encrypted separately.

Solve this challenge
21 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Like the MONOALPHABETIC SUBSTITUTION WITH CAMOUFLAGE series of challenges, this two-part challenge considers a modification of the classic simple substitution cipher achieved by randomly introducing decoy characters into the ciphertext in encryption which are then ignored in decryption. In part 1, the cipher uses a key which devides the ciphertext alphabet into signal characters and noise characters.

Solve this challenge
22 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Siemens and Halske T52 was a family of German teleprinter encryption devices used during WW2. This challenge is part of a series of challenges with T52. In this challenge, you need to recover the plaintext from a T52ca ciphertext. The key is partially known. You are also provided with a crib.

Solve this challenge
9 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The Siemens and Halske T52 was a family of German teleprinter encryption devices used during WW2. This challenge is part of a series of challenges with T52. In this challenge, you need to recover the plaintext from a T52c ciphertext. The key is partially known. You are also provided with a crib.

Solve this challenge
9 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The Siemens and Halske T52 was a family of German teleprinter encryption devices used during WW2. This challenge is part of a series of challenges with T52. In this challenge, you need to recover the plaintext from six "in-depth" ciphertexts built with T52ca. You are also provided with cribs for each message.

Solve this challenge
8 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Siemens and Halske T52 was a family of German teleprinter encryption devices used during WW2. This challenge is part of a series of challenges with T52. In this challenge, you need to recover the plaintext from six "in-depth" ciphertexts built with T52a/b. You are also provided with cribs for each message.

Solve this challenge
8 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Siemens and Halske T52 was a family of German teleprinter encryption devices used during WW2. This challenge is part of a series of challenges with T52. In this challenge, you need to recover the plaintext from six "in-depth" ciphertexts built with T52c. The key is partially known. You are also provided with cribs for each message.

Solve this challenge
10 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Siemens and Halske T52 was a family of German teleprinter encryption devices used during WW2. This challenge is part of a series of challenges with T52. In this challenge, you need to recover the plaintext from ten "in-depth" ciphertexts built with T52ca. The key is partially known.

Solve this challenge
7 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Siemens and Halske T52 was a family of German teleprinter encryption devices used during WW2. This challenge is part of a series of challenges with T52. In this challenge, you need to recover the plaintext from ten "in-depth" ciphertexts built with T52c. The key is partially known.

Solve this challenge
7 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Siemens and Halske T52 was a family of German teleprinter encryption devices used during WW2. This challenge is part of a series of challenges with T52. In this challenge, you need to recover the plaintext from ten "in-depth" ciphertexts built with T52ab. The key is partially known.

Solve this challenge
7 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Siemens and Halske T52 was a family of German teleprinter encryption devices used during WW2. This challenge is part of a series of challenges with T52. In this challenge, you need to recover the plaintext only from a T52ab ciphertext. The key is partially known.

Solve this challenge
13 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The Siemens and Halske T52 was a family of German teleprinter encryption devices used during WW2. This challenge is part of a series of challenges with T52. In this challenge, you need to recover the plaintext only from a T52d ciphertext. The key is partially known.

Solve this challenge
15 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Siemens and Halske T52 was a family of German teleprinter encryption devices used during WW2. This challenge is part of a series of challenges with T52. In this challenge, you need to recover the plaintext only from a T52c ciphertext. The key is partially known.

Solve this challenge
19 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Siemens and Halske T52 was a family of German teleprinter encryption devices used during WW2. This challenge is part of a series of challenges with T52. In this challenge, you need to recover the plaintext only from a T52ab ciphertext. The key is partially known.

Solve this challenge
20 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Handycipher is a low-tech stream cipher, simple enough to permit pen-and-paper encrypting and decrypting of messages, while providing a significantly high level of security. Handycipher was first published in 2014 and further improved in 2015 and 2016. Part 10 of the Handycipher series presents the same challenge as Part 9 but with a different key choice. It is a ciphertext-only challenge.

Solve this challenge
1 user has already solved this challenge.
You need to be logged in to solve this challenge.

Description
Part 2 of the series "Handycipher made in love" is almost identical to Part 1 except that the solution you are asked for is the correct key that Alice used to produce the ciphertext rather than the short message embedded in the plaintext.

Solve this challenge
22 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
Homophonic encryption is a modified version of the monoalphabetic substitution: One plaintext symbol can be substituted by more than one ciphertext symbol. In part 4 of this series we consider a distribution of the homophones based on English language statistics like in part 2, but the alphabet doesn't contain the blank. This is a ciphertext-only challenge. Try to crack the ciphertext and extract a specific word from the plaintext.

Solve this challenge
37 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Homophonic encryption is a modified version of the monoalphabetic substitution: One plaintext symbol can be substituted by more than one ciphertext symbol. In part 3 of this series every plaintext symbol has the same number of possible substitutions like in part 1, but the alphabet doesn't contain the blank. This is a ciphertext-only challenge. Try to crack the ciphertext and extract a specific word from the plaintext.

Solve this challenge
37 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
Homophonic encryption is a modified version of the monoalphabetic substitution: One plaintext symbol can be substituted by more than one ciphertext symbol. In part 2 of this series we consider a distribution of the homophones based on English language statistics. This is a ciphertext-only challenge. Try to crack the ciphertext and extract a specific word from the plaintext.

Solve this challenge
39 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
Homophonic encryption is a modified version of the monoalphabetic substitution: One plaintext symbol can be substituted by more than one ciphertext symbol. In part 1 of this series every plaintext symbol has the same number of possible substitutions. This is a ciphertext-only challenge. Try to crack the ciphertext and extract a specific word from the plaintext.

Solve this challenge
44 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Strange things happen when you're in love. This challenge is about how the plaintext can be revealed when Handycipher is used in a wrong way.

Solve this challenge
28 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
What would Nostradamus do to make a mono-alphabetic substitution harder to break?

Solve this challenge
38 users have already solved this challenge, 3 are working on it.
You need to be logged in to solve this challenge.

Description
Once upon a time, there was a three-part challenge which was inspired by Kryptos and is based on a fairy tale. Can you solve this mysterious challenge?

Solve this challenge
0 users have already solved this challenge, 3 are working on it.
You need to be logged in to solve this challenge.

Description
Once upon a time, there was a three-part challenge which was inspired by Kryptos and is based on a fairy tale. Can you solve this mysterious challenge?

Solve this challenge
2 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
Once upon a time, there was a three-part challenge which was inspired by Kryptos and is based on a fairy tale. Can you solve this mysterious challenge?

Solve this challenge
9 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
You are given a part of a keystream, which was produced by a filter generator. Can you find the missing keystream bytes?

Solve this challenge
20 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Sniffing on the WiFi, you notice an ElGamal encrypted message. Are you able to compute it?

Solve this challenge
37 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
Buying a train ticket via credit card should not be a problem — actually. Can you solve the subset-sum problem to get your train?

Solve this challenge
40 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
During your summer job in an Austrian weekly magazine a mysterious letter arrives. Are you able to decrypt the message?

Solve this challenge
59 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
The challenges for the weakened ElsieFour serve as an exercise and use an intentionally weakened version of LC4. ElsieFour combines ideas of modern RC4 stream cipher, historical Playfair cipher and plaintext-dependent keystreams. It can be computed manually. Part 2 is a partly-known key challenge which provides 12 consecutive characters of the key. Show details…Hide details…

Solve this challenge
1 user has already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
The challenges for the weakened ElsieFour serve as an exercise and use an intentionally weakened version of LC4. ElsieFour combines ideas of modern RC4 stream cipher, historical Playfair cipher and plaintext-dependent keystreams. It can be computed manually. Part 1 is a partly-known key challenge which provides the first 12 characters of the key.

Solve this challenge
6 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The hero of the book has to decode a manuscript — seven lines of it are here for you. These lines were encoded with a mixture of classic methods — anagrams, two position-dependent monoalphabetic substitutions and Atbash. Can you help him?

Solve this challenge
62 users have already solved this challenge, 3 are working on it.
You need to be logged in to solve this challenge.

Description
What do you do, if your father and your stepmother decide to communicate only encrypted? You tape-record the messages. But what do the two of them really talk about?

Solve this challenge
48 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
Decrypting a Christmas carol to help children in need? It's not that easy, if you don't know much about cryptography. Can you help Jacob and the children?

Solve this challenge
45 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Do you believe that AES is easy to break because of a wrong encoding? Try it yourself...

Solve this challenge
29 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
Mike would like to belong to the cryptographers. Can you help him to find out their meeting point at the Christmas market?

Solve this challenge
57 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
Hilly is an improved version of Hill cipher. This challenge consists of the decryption of a ciphertext by means of a partly-known key.

Solve this challenge
1 user has already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The challenges for the weakened ElsieFour serve as an exercise and use an intentionally weakened version of LC4. ElsieFour combines ideas of modern RC4 stream cipher, historical Playfair cipher and plaintext-dependent keystreams. It can be computed manually. Part 3 is a partly-known-plaintext challenge which provides 2 messages that were encrypted with the same key.

Solve this challenge
4 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
From a honeypot you get a set of encrypted files and the according plaintext files. Could you discover the used key, to help victims of the ransom ware?

Solve this challenge
6 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Holographic encryption can be performed by employing encryption masks which alter the field before propagation. This makes the image unrecognizable when recorded. You are given three holograms that represent the cipher image and three plain images and their holograms which were encrypted with the same encryption masks.

Solve this challenge
3 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Holographic encryption can be performed by employing encryption masks which alter the field before propagation. This makes the image unrecognizable when recorded. You are given three holograms that represent the cipher image and two corrupted encryption masks.

Solve this challenge
7 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Hilly is an improved version of the Hill cipher. This challenge consists of the decryption of a ciphertext by means of a given plaintext-ciphertext pair.

Solve this challenge
9 users have already solved this challenge, 5 are working on it.
You need to be logged in to solve this challenge.

Description
This series consists of 5 challenges based on each other. It introduces a new three-step cipher called ASAC, which is a modified version of ADFGVX. Part 5 is a "bonus" and just modifies the second challenge of this series by improving the second step of the cipher.

Solve this challenge
0 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
This series consists of 5 challenges based on each other. It introduces a new three-step cipher called ASAC, which is a modified version of ADFGVX. Part 4 uses the complete cipher and is the main challenge of this series.

Solve this challenge
0 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
This series consists of 5 challenges based on each other. It introduces a new three-step cipher called ASAC, which is a modified version of ADFGVX. Part 3 involves the complete cipher but weakens the third step by using a single-column transposition instead of a double column transposition.

Solve this challenge
0 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
This series consists of 5 challenges based on each other. It introduces a new three-step cipher called ASAC, which is a modified version of ADFGVX. Part 2 uses only the first two steps of the cipher.

Solve this challenge
1 user has already solved this challenge.
You need to be logged in to solve this challenge.

Description
This series consists of 5 challenges based on each other. It introduces a new three-step cipher called ASAC, which is a modified version of ADFGVX. Part 1 is meant as an introduction and uses only the first step of ASAC.

Solve this challenge
19 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The Weakened Handycipher challenges serve as an exercise and use an intentionally weakened version of Handycipher. Part 6 is the same as Part 3, but uses an improved version of the cipher. It is ciphertext-only.

Solve this challenge
6 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Weakened Handycipher challenges serve as an exercise and use an intentionally weakened version of Handycipher. Part 5 is the same as Part 2, but uses an improved version of the cipher. It is ciphertext-only, but you are given some partial information about the key.

Solve this challenge
6 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The Weakened Handycipher challenges serve as an exercise and use an intentionally weakened version of Handycipher. Part 4 is the same as Part 1, but uses an improved version of the cipher. You are given the first 1,009 characters of the plaintext, and some partial information about the key.

Solve this challenge
6 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
This series consists of five parts which are based on each other and that will be getting more and more complicated with each part. This is the last part and teaches us something about the weaknesses of this method by improving it a little bit in some points.

Solve this challenge
16 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The challenges for the simplified GRANIT cipher, a method that can be done manually, serve as an exercise and use an intentionally simplified version of GRANIT. Part 3 is a ciphertext-only challenge for which the second permutation key is known.

Solve this challenge
0 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The challenges for the simplified GRANIT cipher, a method that can be done manually, serve as an exercise and use an intentionally simplified version of GRANIT. Part 2 is a ciphertext-only challenge for which the first permutation key is known.

Solve this challenge
0 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
Spirale is a OTP cipher designed to be simply performed by hand. Part 3 is a ciphertext-only challenge with a 949-letter ciphertext. In this part, two of the four keys are equal to the keys of the first two parts.

Solve this challenge
6 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Spirale is a OTP cipher designed to be simply performed by hand. Part 2 is a ciphertext-only challenge with a 659-letter ciphertext. This part uses the same four keys for encryption as part 1 does.

Solve this challenge
8 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Spirale is a OTP cipher designed to be simple to implement by hand. It is resilient to errors as they have only a local effect without obscuring all the ciphertext. Part 1 is a partly-known plaintext challenge with a 314-letter ciphertext. The first 75 letters of the plaintext are known. Part 2 of this series uses the same four keys as this one.

Solve this challenge
8 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
During the cold war the foreign intelligence agency of Germany established so-called stay-behind units. Their radio messages were encrypted by a OTP method, but the keys were used multiple times. This challenge is about the effect of this multiple usage on the security of the method. You are given 5 messages, all encrypted with the same key.

Solve this challenge
20 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
This challenge series is about the GRANIT cipher, a method that can be done manually. It has been used for instance by the former GDR spy Günter Guillaume till about 1960. Part 1, 2 and 3 of this series use the same keyword for generating the key matrix, but different permutation keys. This part has a ciphertext-only challenge and the ciphertext has 80 characters.

Solve this challenge
0 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
This challenge series is about the GRANIT cipher, a method that can be done manually. It has been used for instance by the former GDR spy Günter Guillaume till about 1960. Part 1, 2 and 3 of this series use the same keyword for generating the key matrix, but different permutation keys. This part has a ciphertext-only challenge and the ciphertext has 110 characters.

Solve this challenge
0 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
This challenge series is about the GRANIT cipher, a method that can be done manually. It has been used for instance by the former GDR spy Günter Guillaume till about 1960. Part 1, 2 and 3 of this series use the same keyword for generating the key matrix, but different permutation keys. In this part a codebook is used additionally, and the given ciphertext has 70 characters.

Solve this challenge
0 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
The challenges for the weakened Handycipher serve as an exercise and use an intentionally weakened version of Handycipher. Part 3 is a ciphertext-only challenge. Handycipher is a newly designed cipher to permit pen-and-paper encrypting and decrypting, while providing a significantly high level of security.

Solve this challenge
15 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
The challenges for the weakened Handycipher serve as an exercise and use an intentionally weakened version of Handycipher. Part 2 is a ciphertext-only challenge with a helping additional information. Handycipher is a newly designed cipher to permit pen-and-paper encrypting and decrypting, while providing a significantly high level of security.

Solve this challenge
15 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The challenges for the weakened Handycipher serve as an exercise and use an intentionally weakened version of Handycipher. Part 1 is a partially-known-plaintext challenge with a helping additional information. Handycipher is a newly designed cipher to permit pen-and-paper encrypting and decrypting, while providing a significantly high level of security.

Solve this challenge
17 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Extended Handycipher is an enhancement of the newly designed cipher Handycipher, which permits pen-and-paper encrypting and decrypting, while providing a significantly high level of security. You got only two different ciphertexts of the 996-character plaintext.

Solve this challenge
3 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
Extended Handycipher is an enhancement of the newly designed cipher Handycipher, which permits pen-and-paper encrypting and decrypting, while providing a significantly high level of security. From the 905-character plaintext 229 characters somewhere in it are known.

Solve this challenge
3 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Extended Handycipher is an enhancement of the newly designed cipher Handycipher, which permits pen-and-paper encrypting and decrypting, while providing a significantly high level of security. From the 815-character plaintext the first 229 characters are known.

Solve this challenge
3 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
Handycipher is a newly designed cipher to permit pen-and-paper encrypting and decrypting, while providing a significantly high level of security. From the 1142-character plaintext 229 characters somewhere in it are known.

Solve this challenge
8 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Handycipher is a newly designed cipher to permit pen-and-paper encrypting and decrypting, while providing a significantly high level of security. From the 858-character plaintext the first 229 characters are known.

Solve this challenge
6 users have already solved this challenge, 4 are working on it.
You need to be logged in to solve this challenge.

Description
This is part 4 in a series about the M-138. Part 4 is a ciphertext-only challenge (75 letters).

Solve this challenge
31 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
This is part 3 in a series about the M-138. Part 3 is a ciphertext-only challenge (125 letters).

Solve this challenge
65 users have already solved this challenge, 4 are working on it.
You need to be logged in to solve this challenge.

Description
This is part 2 in a series about the M-138. Part 2 is a partly-known plaintext challenge (48/100).

Solve this challenge
140 users have already solved this challenge, 3 are working on it.
You need to be logged in to solve this challenge.

Description
This challenge is based on the Heartbleed Bug in OpenSSL discovered in April 2014. Attack a server which is specifically prepared to be vulnerable to the Heartbleed bug. Please note that it is necessary to solve Part 1 and 2 at first. !!! We had to take off this challenge, as our firewall doesn't allow flawed servers any more -- even if this flaw was offered by will for training and within a sandbox. !!!

Solve this challenge
33 users have already solved this challenge, 4 are working on it.
You need to be logged in to solve this challenge.
The solution for this challenge was made public on May 17, 2022, 6:32 p.m., and thus it is no longer possible to get points for this challenge. However, you can still solve it and enter a solution for this challenge.

Description
In the last part of a series of mid-level Double Column Transposition challenges, you have to find the two keys. Each of it is 19 characters long and has been derived from an English phrase.

Solve this challenge
9 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
In this part of a series of mid-level Double Column Transposition challenges, the keys that has been used for both transposition are given. Find out from which phrases they have been derived!

Solve this challenge
52 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
In this part of a series of mid-level Double Column Transposition challenges, the same key has been used for both transposition. This allows you to attack this simple, yet strong cipher.

Solve this challenge
41 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
In this part of a series of mid-level Double Column Transposition challenges, a large part of the beginning of the plaintext is known. This partial crib allows you to attack this simple, yet strong cipher.

Solve this challenge
47 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
The ORYX stream cipher consists of three 32-bit LFSRs X, A, B which are shifted differently depending on some bits in the LFSR X. The key stream is a combination of the highest 8 bits of each of the three LFSRs. It is neither feasible nor necessary to search the whole 96-bit key space, there are more efficient methods!

Solve this challenge
12 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
In this part of a series of mid-level Double Column Transposition challenges keys shorter than 20 allow you to attack this simple, yet secure cipher.

Solve this challenge
34 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
An English telegram was encrypted using the Spanish Strip Cipher, a popular algorithm during the Spanish Civil War. It is your task to find the plaintext.

Solve this challenge
33 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
A Spanish telegram was encrypted using the Spanish Strip Cipher, a popular algorithm during the Spanish Civil War. It is your task to find the plaintext.

Solve this challenge
34 users have already solved this challenge, 4 are working on it.
You need to be logged in to solve this challenge.

Description
This challenge descends from the RSA Laboratories contest to encourage research into the practical difficulty of factoring large integers of different length (between 330 and 2048 bit) and cracking RSA keys used in cryptography. This challenge is about factoring a number with 212 decimal digits.

Solve this challenge
69 users have already solved this challenge, 6 are working on it.
You need to be logged in to solve this challenge.
The solution for this challenge was made public on July 31, 2013, 4:34 p.m., and thus it is no longer possible to get points for this challenge. However, you can still solve it and enter a solution for this challenge.

Description
The ORYX stream cipher consists of three 32-bit LFSRs X, A, B which are shifted differently depending on some bits in the LFSR X. The key stream is a combination of the highest 8 bits of each of the three LFSRs. It is neither feasible nor necessary to search the whole 96-bit key space, there are more efficient methods!

Solve this challenge
31 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
A new and unknown rotor has been added to the Typex machine. Use a known-plaintext attack to determine the wiring of the new rotor.

Solve this challenge
25 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
Use the hints from the first and second part of this challenge to decrypt this message that has been encrypted using an ENIGMA.

Solve this challenge
14 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
After solving the first part of this challenge, you can use the hints you found to decrypt the two ciphertexts that have been encrypted using the ADFGVX cipher.

Solve this challenge
21 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
The Typex cipher has been used in World War 2 as an alternative to the Enigma cipher. Find the key that was used in this challenge.

Solve this challenge
31 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
Can you decrypt the last part of the letter and read the friend's advice?

Solve this challenge
721 users have already solved this challenge, 19 are working on it.
You need to be logged in to solve this challenge.

Description
Help Alice and Bob to find a treasure on the island Mallorca. For this purpose, a three-stage cipher needs to be broken.

Solve this challenge
75 users have already solved this challenge, 3 are working on it.
You need to be logged in to solve this challenge.

Description
In the previous parts, you broke a monoalphabetic substitution with one camouflage alphabet. Can you find the plaintext even if nine camouflage alphabets have been used?

Solve this challenge
2 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
In this challenge a plaintext has been encrypted using the KeyshancRT version of Keyshanc. The plaintext is an excerpt from one of William Shakespeare's plays.

Solve this challenge
41 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
In this challenge an excerpt from a novel has been encrypted using the "Keyshanc" cipher. Keyshanc is a special kind of monoalphabetic substitution using a 95-character alphabet.

Solve this challenge
50 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
In the fifth part the same variant of the cipher already introduced in Part 3 and 4 of this challenge has been used here, too. The only difference is that spaces were removed previously to the encryption process.

Solve this challenge
34 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
With RSA keys, the private key d must remain private. If the public key e is very small, this is not completely possible. This exercise demonstrates how simple it is to compute a portion of the secret key d.

Solve this challenge
89 users have already solved this challenge, 16 are working on it.
You need to be logged in to solve this challenge.

Description
This challenge descends from the RSA Laboratories contest to encourage research into the practical difficulty of factoring large integers of different length (between 330 and 2048 bit) and cracking RSA keys used in cryptography. This challenge is about factoring a number with 230 decimal digits.

Solve this challenge
40 users have already solved this challenge, 4 are working on it.
You need to be logged in to solve this challenge.
The solution for this challenge was made public on Aug. 15, 2018, 12:05 p.m., and thus it is no longer possible to get points for this challenge. However, you can still solve it and enter a solution for this challenge.

Description
This challenge descends from the RSA Laboratories contest to encourage research into the practical difficulty of factoring large integers of different length (between 330 and 2048 bit) and cracking RSA keys used in cryptography. This challenge is about factoring a number with 220 decimal digits.

Solve this challenge
47 users have already solved this challenge, 3 are working on it.
You need to be logged in to solve this challenge.
The solution for this challenge was made public on May 13, 2016, 10 a.m., and thus it is no longer possible to get points for this challenge. However, you can still solve it and enter a solution for this challenge.

Description
This challenge descends from the RSA Laboratories contest to encourage research into the practical difficulty of factoring large integers of different length (between 330 and 2048 bit) and cracking RSA keys used in cryptography. This challenge is about factoring a number with 210 decimal digits.

Solve this challenge
64 users have already solved this challenge, 8 are working on it.
You need to be logged in to solve this challenge.
The solution for this challenge was made public on Sept. 26, 2013, 3:48 p.m., and thus it is no longer possible to get points for this challenge. However, you can still solve it and enter a solution for this challenge.

Description
An AES encrypted message has been forwarded to you. Additionally, you have received the corresponding key - unfortunately not quite complete - in a form like a machine readable zone on an identity document as it is used e.g. with ePassports in Europe.

Solve this challenge
84 users have already solved this challenge, 11 are working on it.
You need to be logged in to solve this challenge.

Description
In the third part of this challenge the cipher has been used to encrypt a plaintext but the spaces have not been removed before.

Solve this challenge
98 users have already solved this challenge, 12 are working on it.
You need to be logged in to solve this challenge.

Description
In this challenge a variant has been used that allows to benefit from the camouflage effect and get a ciphertext not longer than the plaintext.

Solve this challenge
50 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
In this challenge it is to test whether a monoalphabetic substitution with camouflage provides more security even though spaces were not removed prior to the encryption.

Solve this challenge
54 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
After making yourself familiar with the idea of this cipher in part 1 it is now time to attack a larger plaintext. The monoalphabetic cipher that has been applied on the plaintext before should be the least problem.

Solve this challenge
150 users have already solved this challenge, 5 are working on it.
You need to be logged in to solve this challenge.

Description
A strange effect might occur if you encrypt a message using the RSA cipher: The encrypted message has got the same value as the plaintext. Can you find all of these unconcealed messages for the given public key?

Solve this challenge
52 users have already solved this challenge, 3 are working on it.
You need to be logged in to solve this challenge.

Description
This is already a really long number sequence. Can you find the 10001st element?

Solve this challenge
123 users have already solved this challenge, 31 are working on it.
You need to be logged in to solve this challenge.

Description
A random, non-periodic key, an unknown substitution - can you find out the 12th word?

Solve this challenge
41 users have already solved this challenge, 4 are working on it.
You need to be logged in to solve this challenge.

Description
Can you break the cipher without knowing the substitution? But in return you know that a periodic rotation key has been used.

Solve this challenge
43 users have already solved this challenge, 4 are working on it.
You need to be logged in to solve this challenge.

Description
In order to calculate the private keys of the RSA algorithm, it is necessary to factorize large numbers. How difficult is it if we replace x*y by some diophantine equation?

Solve this challenge
69 users have already solved this challenge, 4 are working on it.
You need to be logged in to solve this challenge.

Description
You found out that a message encrypted with two different public keys but same modulus yield to the same ciphertexts. Are you able to name the smallest private key to decrypt ciphertexts that were generated with this parameters?

Solve this challenge
158 users have already solved this challenge, 14 are working on it.
You need to be logged in to solve this challenge.

Description
A message was encrypted with three different moduli but the same public exponent. Fortunately, you were able to catch the three different ciphertexts. Are you able to recover the secret message?

Solve this challenge
243 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
A piece of music is given as mp3 file and in music notation. The notes represent a secret message, which was encrypted with two classic methods. To solve this challenge you first have to solve part 1 (which is in level 1).

Solve this challenge
42 users have already solved this challenge, 5 are working on it.
You need to be logged in to solve this challenge.

Description
This time your friend encrypted his plaintext within several iterations (rounds). Are you able to decrypt the ciphertext anyway?

Solve this challenge
10 users have already solved this challenge, 3 are working on it.
You need to be logged in to solve this challenge.

Description
This time your friend packed the plaintext in a ZIP archive before encrypting it. Are you able to get the archive from the given ciphertext file, and then reveal the wanted plaintext?

Solve this challenge
0 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
By the time quantum computers exist, the actual signing algorithms are not secure anymore. Then one can switch e.g. to so-called "Unbalanced Oil and Vinegar" systems. It is your challenge to break such a system, with realistic parameters, today already.

Solve this challenge
12 users have already solved this challenge, 6 are working on it.
You need to be logged in to solve this challenge.

Description
Password-based authentication means that a user sends a plaintext password to a server, and the server calculates the hash value of the received password and compares it with a stored hash value. Goal of this challenge is to reveal the plaintext password given its SHA1 hash value. There is some information known about the original password.

Solve this challenge
583 users have already solved this challenge, 16 are working on it.
You need to be logged in to solve this challenge.

Description
Your challenge is, to find a shortest nonzero lattice vector for a given lattice basis.

Solve this challenge
34 users have already solved this challenge, 8 are working on it.
You need to be logged in to solve this challenge.

Description
This time your friend only sends you a ciphertext, which has been encrypted using his cipher (see Kaskade-S/T Part 1 and Part 2). He wants you to figure out the title of the decrypted text.

Solve this challenge
36 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
Your friend calls you again and wants you to “test” his cipher (see Kaskade-S/T Part 1) with a longer key. He sends you a plaintext and the corresponding ciphertext and asks, if you could discover the key used for encryption.

Solve this challenge
53 users have already solved this challenge, 5 are working on it.
You need to be logged in to solve this challenge.

Description
The Fully Homomorphic Encryption Scheme by Gentry and Halevi turns out to be vulnerable to so called lunchtime attacks. In this challenge you have to perform such an attack.

Solve this challenge
49 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
CMEA is a block cipher and was one of the 4 cryptographic primitives of the mobile communications network in the US. It is your challenge to perform a known-plaintext attack on CMEA with 100 known plaintext blocks given.

Solve this challenge
45 users have already solved this challenge, 3 are working on it.
You need to be logged in to solve this challenge.

Description
Akelarre is a combination of IDEA and RC5. However, Akelarre is not as strong as those two ciphers. Perform a known plaintext attack on Akelarre.

Solve this challenge
10 users have already solved this challenge.
You need to be logged in to solve this challenge.

Description
Hybrid encryption is widely used in practice. However, when using hybrid encryption you should take care of certain details...

Solve this challenge
180 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
The Purple machine was the Japanese counterpart of the German Enigma machine. Decrypt the given ciphertext which was encrypted with the Purple machine.

Solve this challenge
21 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
To achieve a very fast decryption in RSA, one might choose the secret key to be rather small. It should, however, not be too small, since then it might be possible to mount brute-force attacks. The same holds for variants like RSA-CRT.

Solve this challenge
77 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
This is the final part of a 3-part challenge regarding the classical transposition. You can solve this challenge with pen and paper or by writing a small computer program. In this challenge, the plaintext was first encrypted with a monoalphabetic substitution cipher. After that, the result was encrypted a second time with the irregular columnar transposition to create the final ciphertext. The used key length for the columnar tranposition has less than 10 characters.

Solve this challenge
83 users have already solved this challenge, 3 are working on it.
You need to be logged in to solve this challenge.

Description
The encryption with the Sigaba machine was the American counterpart to the German Enigma. But due to the much larger key space of the Sigaba, even today, it is only feasible to break the code if parts of the key are known. This is what this challenge is about.

Solve this challenge
18 users have already solved this challenge, 1 is working on it.
You need to be logged in to solve this challenge.

Description
In present-days knowledge Triple-DES is secure if a really random key is used. If the key is not random and a part of the key may be guessed, it is possible to get knowledge of the rest of the key with a feasible bruteforce attack.

Solve this challenge
208 users have already solved this challenge, 7 are working on it.
You need to be logged in to solve this challenge.

Description
Decrypt the given ciphertext which is encrypted with the Enigma chiper. The key conists of the configuration of the stecker and the initial setting of the three rotors. Please give the letters in the key as capital letters.

Solve this challenge
92 users have already solved this challenge, 4 are working on it.
You need to be logged in to solve this challenge.

Description
Decrypt the given ciphertext which is encrypted with the Enigma chiper. The wanted key conists of the configuration of the Enigma. Please give the letters in the key as capital letters.

Solve this challenge
132 users have already solved this challenge, 25 are working on it.
You need to be logged in to solve this challenge.

Description
The ORYX stream cipher consists of three 32-bit LFSRs X, A, B which are shifted differently depending on some bits in the LFSR X. The key stream is a combination of the highest 8 bits of each of the three LFSRs. It is neither feasible nor necessary to search the whole 96-bit key space, there are more efficient methods! Hint: Enter the codeword in hex with non-capital letters and a leading zero.

Solve this challenge
48 users have already solved this challenge, 4 are working on it.
You need to be logged in to solve this challenge.

Description
The ORYX stream cipher consists of three 32-bit LFSRs X, A, B which are shifted differently depending on some bits in the LFSR X. The key stream is a combination of the highest 8 bits of each of the three LFSRs. It is neither feasible nor necessary to search the whole 96-bit key space, there are more efficient methods! Hint: Enter the codeword in hex with non-capital letters.

Solve this challenge
80 users have already solved this challenge, 9 are working on it.
You need to be logged in to solve this challenge.

Description
It is also important to choose the parameters of an elliptic curve cryptosystem wisely. This was not done in this example, which should enable you to decrypt another ciphertext message from Malawi. The plaintext reveals the codeword, although this time it is not as closely related to the photo.

Solve this challenge
44 users have already solved this challenge, 2 are working on it.
You need to be logged in to solve this challenge.

Description
When creating RSA keys, it is important to choose the n and e parameters wisely. This was not done in this example, and thus you should be able to decipher this ciphertext message sent from Malawi. The plaintext gives the codeword, which is related to the photo.

Solve this challenge
207 users have already solved this challenge, 5 are working on it.
You need to be logged in to solve this challenge.

Description
Alice has learned from her mistake from last year. This year, she makes sure that the friends to whom she sends invitations for her birthday party all use unique RSA N parameters. However, this time she still makes another mistake that allows an adversary, Eve, to reconstruct the message. Can you again decrypt this year's invitation? The codeword for this challenge is the location of Alice's party.

Solve this challenge
298 users have already solved this challenge, 6 are working on it.
You need to be logged in to solve this challenge.

Description
Alice sends encrypted invitations for her birthday party to her friends. As it turns out, two of her friends use the same RSA parameter N. This fact allows an adversary Eve to decrypt the encrypted message without knowing the corresponding secret key. Where does Alice's party take place? The codeword for this challenge is the location of Alice's party.

Solve this challenge
312 users have already solved this challenge, 25 are working on it.
You need to be logged in to solve this challenge.

Currently 38 guests and 0 members are online.
Powered by the CrypTool project
Contact | Privacy | Imprint
© 2009-2024 MysteryTwister team