(not a contest, though)
The purpose of this project, inter alia, is to provide the encryption of the files. You know some secret (the key), so you can decrypt them and see the original content (plaintext); other creatures, who don't know the secret, cannot. If they want, they need to break the cipher.
If you use Naamari, it will put your encrypted files on the cloud. Now imagine yourself being a cloud owner, or a chief of the special service, both of them thinking: «That user... we'll bring our best into play to know what she's hiding». Now let us make the (greatly simplifying) assumption that they fail on intimidation, blackmail, installation of the beetles in your room and into your computer, bribing your relatives (thanks to low budget... why do we call it low?), ..., so that their problem is «purely» mathematical: restore the plaintext from the ciphertext they've got from the cloud drive.
The e-n-c-r-y-p-t-i-o-n is a popular buzzword nowadays; anyone who knows the few «magic» terms like «AES», «SHA», «avalanche effect», maybe even «the length extension problem», is able to proclaim their project «the best security ever». Heck, why do we continue to say «they»? Now we are the characters, and the description of Naamari contains a lot of magic words. We may be the employees of the special service(s), we may be the laymen of cryptology, we may be crazy clowns...
Do the encryption algorithms we've applied in Naamari satisfy the modern (and the future — quantum computers send you regards) security standards? How easy it is to decipher the files? How much time does it take? Will the breaking of one file (or even a single 16-byte block) lead to the decryption of the rest?
All of us wish to know the answers.
Therefore we took some files of private value, encrypted them with Naamari, and put them here. They are what you (or they) will have as a cloud owner. Moreover, their descriptors are at your disposal too (surely you suspect the transport module may run in an inquisitive environment) — the entire local storage! Also, there is a specification of the algorithms applied (look at Specs or into the manual), and finally, the source code. In accordance to the Kirchhoff principle, as the adversary you have everything except for the key (and the names of the files; actually, they are messages containing the text in ASCII).
Now it's your turn. Break them.
Sooner or later, you'll succeed; if you do, please send the decrypted files (two are enough, see below why) to the mail given on the Contacts page. If you don't, try again. Sooner or later...
Whereas these files were sent by e-mail, and you may already have their original content as (for instance) the mail service provider, we've included another file that was never sent by e-mail or visited the net. To prove that you've performed a real breaking, it must be deciphered too. Consider this requirement, tacitly implying the breaking of all the files, as a kind of motivation.
P.S. We apologize (not to you) for such rude form of the boast, since a message is usually written from someone to someone else ;(
P.P.S. Alas, some of yours are restricted from reporting us of the success in breaking the Naamari's way of encryption. Nevertheless, it was a pleasure to amuse you ;)
.zip, 29 Kb. Up-date 2015.09.27
SHA-256 hash — BD2C471C9A8CABF1CA0522C8CD60426FA988FB1E4A2FECD296136C1764441DF5.
Copyright © 2014–2018 Sunkware
This site gathers statistics with StatCounter