The XECryption algorithm works like this: the password the user chose is first manipulated to produce a unique number(this is accomplished by adding the ASCII value of every character in the password to produce one large total). This is used as the encryption key.
Every letter, when encrypted, takes on the following format: “.193.144.164″. Three numbers seperated by periods. To produce this, the following happens to each character of the text the user wishes to encrypt. The password key is added to the ASCII value of the letter, then it is divided by three. A random number between -10 and 10 is added to this new number. This becomes the first number in the series, and is repeated to produce the second number. The third number is the difference between the first two final numbers and the original ASCII value plus the password key. All the letters are brought together to produce the final encrypted text, which looks similar to this:
Because of the implementation of randomness, each time you encrypt the same text with the same password, you will get a different result. There are billions of different results which all decrypt to the same original text from the same password.
When decrypting, the password key is found in the same way that it’s encrypted. Each triplet is added together, and then the password key is subtracted. This is the ASCII value of the letter. The beauty of the algorithm is that there is no way to verify if the password the user enters is correct or not. If an incorrect password is used, it’ll just appear as garbage instead of telling the user that the password he entered is incorrect. Because of this, a hacker cannot write a program to try all possible passwords because there is no way of telling if it’s a success or not or can he?? Keep reading…
The program and SDK are programmed in C for Mac OS 9. A version for command-line UNIX is also available upon request.
So what does this all mean…Let’s take a closer look.
If you were to use XECryption to encrypt the letter ‘d’ without a password you could get this value:
if you try it again you might get:
What is the pattern:
It seems that a letter is broken into three sections. If you were to add each section up you get 100. 100 is the ascii value for the letter ‘d’.
If you try ‘dd’ you get .126.96.36.199.37.39 now we have six sections or two sets of three. If you were to add each set up you get 100 for both values. So it seems that our first assumption is true each group of three adds up to the ascii value.
However this encryption does not use a password. So let’s encrypt the letter ‘d’ with a password ‘d’ we might get:
When we add this value up we get 200. So the algorithm is taking the ascii value of the password and adding it to the ascii value of the character. To make sure we try a couple more combinations and sure enough that is the case.
So how do we decrypt this: Well here is some pseduo code
1. Take the algorithm and split it into chunks. A chunk constitues as .xxx.xxx.xxx where xxx can be any number.
2. Add each chunk together. If we have ..77.74.49 the value is 200
3. Get the max value the password can be. Since the smallest possible ascii value can be zero we need to find the smallest value in all the chunks i.e. (chunk 1 = 200, chunk 2 = 324, chunk 3 = 198) Chunk 3 is the smallest value and if we were to subtract its value from itself we get zero and since we cannot go below zero the max password value can only be 198.
4. Go through all the possibilites (zero to mac password value) and subtract the current password value.
5. Check each character if the character is not a valid character (i.e. letters, digits, puncations, etc.) get a count.
6. If the count is low enough (I’m thinking 5) display the text as a possible solution.
7. convert the ascii code to a letter and print the results.
If you are wondering what steps 5 and 6 are really for you are asking the right questions. If look at this ascii code table:
you will notice that all characters a user would use are between 32 and 127 with the addition of 10 which is new line and 13 which is a carriage return.
If you were to choose the wrong password you would get a bunch of ascii numbers that do not fall within these guidelines, these ascii numbers are what I’m calling invalid characters. If there is an abundance of them I’m guessing the string is not correct. If there is very few then the string might be ok. I then only display those strings that might be possible solutions allowing the user to decied.
You can view the code here.