Assignment 1: Cracking
symmetric encryption
Goal: In
this assignment, you
are required to perform a dictionary attack on a file encrypted with a
symmetric cryptography algorithm.
Description:
You will be presented with a series of password-protected files that were created using GnuPG's symmetric encryption tools.
You are assigned an initial file called CHAL-<$NAME>.gpg.sym,
which is a personalized file encrypted with a password. The encryption
key is derived from a password randomly selected among popular english
words. Your task is to use a dictionary attack and decrypt the file.
When correctly decrypted this file will unveil a text document that
contains the line "The first flag is flag_XXXXXX" and a link to the next file you must decrypt.
Every time you decrypt a file, you will discover new content that will
give you directions on how to retrieve the next file to be decrypted.
There are 4 files total, and each will be slightly harder to crack than
the previous ones. They will not all be text files, so you need to
think about ways to determine if the file was decrypted successfully or
not.
To obtain your CHAL-<$NAME>.gpg.sym file, replace <$NAME> with your first name initial and last name, and download it from http://www.cs.uga.edu/~rlh/CSCIx250-F13/Assignments/A1/CHAL-<$NAME>.gpg.sym. Email our TA (lee2704 [at] uga [dot] edu) if you need help finding the initial file.
For example, our TA's CHAL file is http://www.cs.uga.edu/~rlh/CSCIx250-F13/Assignments/A1/CHAL-LHARRISON.gpg.sym (the decryption password is "pickle")
Submission:
Submit the obtained
decrypted file via nike.cs.uga.edu, as usual. Make a directory called Assignment1
and create a file called flags.txt that has the following format:
FLAG1: flag from the first challenge
FLAG2: flag from the second challenge
FLAG3: flag from the third challenge
FLAG4: flag from the last challenge
Also copy the source code you used for performing the dictionary attack
in a sub-dir called Assignment1/code/.
Then submit the dir:
nike> $
submit Assignment1 csx250
Hints:
1) Use a dictionary with both British and American spellings.
2) You are not required to
use python, but one way to solve this
quickly is by using the following python module: http://pythonhosted.org/python-gnupg/
Grading:
This Assignment is worth 10 points, plus some bonus points if you solve the hardest challenge and do it fast
For each correctly retrieved flag, you will receive the following points
FLAG1: 2 points
FLAG2: 3 points
FLAG3: 5 points
FLAG4: 2 bonus points
TIME BONUS: The first 3 students to submit the correct answer for all 4 FLAGS will receive extra bonus points
1st correct submission: 3 bonus points
2nd correct submission: 2 bonus points
3rd correct submission: 1 bonus point