While briefly being mentioned earlier, I was curious if the encrypted manual can be decrypted pre-kickoff without bringing shame to the FIRST system. I would guess its ok to guess it Bc in last years hint, they used an anagrams of the password which wouldn't help anything otherwise.
So in short: did FIRST basically say it was legal to do this? If not, how?
(To be clear, I'm not saying I wish to do that, I'm just attempting to understand why first would (in my eyes) endorse such disgraceful behavior)

I believe that if someone doesn't want you to look at something you shouldn't look at it. FIRST encrypts the manual because they don't want us to see it until Saturday. Therefore it is wrong, in my opinion, to try and break into it. Besides this type of encryption is difficult to crack as the keys are very large. It could take hundreds of years to break with a brute force attack. So trying to do so would likely be a waste of time.


If by chance you have broken it I would suggest keeping the secret to yourself.

I doubt anyone has enough CPU power to do that. And I understand as well as agree with you. I was just curious what others thought about it so I'm sorry if I offended anyone by posing the question.

No problem. The only dumb question is the one you don't ask.

I would guess its ok to guess it Bc in last years hint, they used an anagrams of the password which wouldn't help anything otherwise.
Last year? I think you mean 2008, where "vet hurdling FIRST tetra" became "drive straight turn left." While that was the major part of the key (which had some added punctuation), it was also a description of what the robots had to do on the field. I believe that the game description was what the hint was supposed to mean, not to give us a hint at the password.

Sorry. First year kind of meshes with all my other years. I wasn't allowed to do much that year. But that makes more sense. Thank you for the clarification!

Just for fun, I threw a brute force password cracker at it with all letters caps and lowercase, numbers, and special characters. Even after setting the password start length to 18 (a guess based on last year's password) I had an estimated crack time of over a year. I think 128 bit AES is going to be more than enough to hold people out for a few days.

You shouldn't try to crack the code with the intention of getting an advantage for the build season. There are at least 1000 teams that will kill you because of it (and the rest will probably just build robots better than yours anyway).

If you guessed the code and opened the packet, but didn't do anything with it, we'd never know and couldn't judge you. The moral issue is more about how you use the decrypted manual than the decryption itself.

How could you not gain an advantage from that though? Just by opening it, you'd know more than anyone else way ahead of time, regardless of what you do.

How could you not gain an advantage from that though? Just by opening it, you'd know more than anyone else way ahead of time, regardless of what you do.

Not necessarily. The first page of the manual is just a table of contents, which reveals very little beyond a vague sense of the game's theme, so you probably won't get much out of it that will give you a leg up.

However, if you think just opening the manual gives you an advantage, then it isn't fair (and therefore unethical) to open the manual.

Why is this discussion coming up so much this year? I havent ever seen so many people wondering about breaking the encryption before.

I'd rather this didn't become a thread on breaking the rules of Chief Delphi, from what I hear on other threads, you can't discuss such things. Just the morality of it.

Im not suggesting that he cracks it, but learning for learnings sake and learning for malicious intent are two different things.
I dont encourage anyone to actually try to see the game manual early, I simply like to speculate.

Someone can correct me if I'm wrong, but I believe they don't mind what your intent is, just what you can say on their forum.

For the sake of avoiding a pointless dispute i have modified my questionable post. You may now sleep easy :rolleyes:

Someone can correct me if I'm wrong, but I believe they don't mind what your intent is, just what you can say on their forum.

You're not wrong at all.

By clicking the Agree button, you warrant that you will not post any messages that are obscene, vulgar, sexually-orientated, racist, hateful, threatening, or otherwise violative of any laws or school rules. THIS INCLUDES THE DISCUSSION OF WAREZ, FILE-SHARING PROGRAMS, CRACKING, AND ANY OTHER WAY OF STEALING SOFTWARE OR ANY OTHER COPYRIGHTED MATERIAL. You also agree not to post the same message in multiple forums, or use the forums as a real-time chat, continuing a 2-3 person conversation on for numerious posts in a short period of time.
(emphasis mine)

People are free to do whatever they want to the manual (I would discourage that they try to crack it - it's encrypted for a very good reason), but as long as they don't post about it here, there's nothing we can do. In the past, the discussion is usually okay if it focuses on the theory of encryption and breaking them, but once it crosses into actually trying to break the password is when we move towards the wrong side of the grey area.

...just my $0.02 and interpretation of the rules

Thank you. But no I can't. I'll be up all night with anticipation for saturday.

While briefly being mentioned earlier, I was curious if the encrypted manual can be decrypted pre-kickoff without bringing shame to the FIRST system. I would guess its ok to guess it Bc in last years hint, they used an anagrams of the password which wouldn't help anything otherwise.
So in short: did FIRST basically say it was legal to do this? If not, how?
(To be clear, I'm not saying I wish to do that, I'm just attempting to understand why first would (in my eyes) endorse such disgraceful behavior)If there's no way you could rationally expect to be able to break the password (http://www.chiefdelphi.com/forums/showpost.php?p=1096020&postcount=73),1 is it really wrong to try (or to talk about trying)? No—because we can say with scientific rigour that you will not succeed, and thus no direct harm will come to the competition.2 (Note that if you actually could break the encryption, this would be a different moral quandary.)

But that doesn't mean that people who don't understand the difficulty, or who understand but don't agree, will happily go along with your conclusion. FIRST could get mad at you (even in failure) and sanction you. That's not in the rulebook, but obviously FIRST has some practical capability to do things administratively.

In actual fact, the idea (adapted from the ChiefDelphi rules quoted previously) that breaking the encryption represents stealing copyrighted material is kind of specious. There's a fairly complicated and nuanced legal argument to be had, but the basics are that you can't steal what you already possess lawfully,3 and that even if circumvention of effective technical protection measures can be a DMCA violation, it's distinct from stealing.

Despite this, it's nice to be nice to the people running the forum, even if (in that one case) their wishes are kind of unreasonable and unfounded.

1 Assuming FIRST doesn't do anything foolish like make the password an anagram of the game hint. (They won't do that again, at least until institutional memory of why they don't do that anymore has faded.)
2From a slightly bigger perspective, what's the net result of you trying (and of course failing)? You know more about breaking encryption—maybe you'll use that skill for good or evil later in life. We spend more time discussing your moral failings—now we've used time and resources that could have been otherwise allocated. We can propose all sorts of possible consequences, but I think it's fair to say that the impact of your actions in this case would be minimally negative, if at all.
3 For example: someone provides you with a locked box. (There is no key provided.) You decide you want it, and take it home. They can't say you stole the box, nor can they say you're trying to steal the contents of the box by prying the lock open. But if the box contains the FIRST game rules, then the copyright to those rules remains with the author, even though you own the container and the physical media on which the rules are printed.

... no way you could rationally expect to be able to break the password (http://www.chiefdelphi.com/forums/showpost.php?p=1096020&postcount=73)

More reason as to why it would be VERY VERY difficult to break the encryption (http://www.chiefdelphi.com/forums/showpost.php?p=771154&postcount=11)

If you are able to break 128-bit AES encryption in a matter of days, you should be expecting a job offer from the NSA any minute.

If you are able to break 128-bit AES encryption in a matter of days, you should be expecting a job offer from the NSA any minute.

I'll pass along your resume to our security people here at work too. I'm sure they'd love to have ya working here.

Ha! I've actually guessed the password and opened the Game manual.
And I can say that it contains at least ONE instance of the letter "e".

There, I've done it.

Believe me?;)


EDIT: A great example of 100% accuracy with almost 0% precision.

Ha! I've actually guessed the password and opened the Game manual.
And I can say that it contains at least ONE instance of the letter "e".

There, I've done it.

Believe me?;)


EDIT: A great example of 100% accuracy with almost 0% precision.

Honestly, I don't believe you because there is no way that you could have possibly "guessed" it. There wasn't even a great enough hint, considering even if the hint is related to the password at all. I don't think that it has been that way in a while.

Honestly, I don't believe you because there is no way that you could have possibly "guessed" it. There wasn't even a great enough hint, considering even if the hint is related to the password at all. I don't think that it has been that way in a while.

Surely, Don's playing on the fact that the most commonly used letter in the english language is 'e'. Go ahead, try to write a sentence or two (that make sense) without using 'e'.

Surely, Don's playing on the fact that the most commonly used letter in the english language is 'e'. Go ahead, try to write a sentence or two (that make sense) without using 'e'.

Plus, Don didn't say tha password had an 'e' in in. He said it had an 'e' in it, and could have been speaking about the manual :rolleyes:

True, but honestly I thought that the most used letter in the English alphabet was the letter "t".

True, but honestly I thought that the most used letter in the English alphabet was the letter "t".

According to Wikipedia, t is number two (http://en.wikipedia.org/wiki/English_alphabet#Letter_frequencies).

Surely, Don's playing on the fact that the most commonly used letter in the english language is 'e'. Go ahead, try to write a sentence or two (that make sense) without using 'e'.

Challenge accepted: "According to you, I don't know how to do this," and "My brain hurts now."


And now, back to your regularly scheduled topic of discussion...

The simple answer (we've gone a bit far afield in this thread) is that there is no gray area.

You should not be trying to break the encryption. If you want to play with encryption, encrypt a file of your own and try to crack it.

Gracious Professionalism is the cornerstone of Junior FLL, FLL, FTC, FIRST, and Card. Trying to open the game description and rules before kickoff is decidely non GP. We're on the honor system (yes, even with the encryption).

Surely, Don's playing on the fact that the most commonly used letter in the english language is 'e'. Go ahead, try to write a sentence or two (that make sense) without using 'e'.

This is an unusual paragraph. I'm curious how quickly you can find out what is so unusual about it. It looks so plain you would think nothing was wrong with it. In fact, nothing is wrong with it! It is unusual though. Study it, and think about it, but you still may not find anything odd. But if you work at it a bit, you might find out! Try to do so without any coaching! You probably won't, at first, find anything particularly odd or unusual or in any way dissimilar to any ordinary composition. That is not at all surprising, for it is no strain to accomplish in so short a paragraph a stunt similar to that which an author did throughout all of his book, without spoiling a good writing job, and it was no small book at that. By studying this paragraph assiduously, you will shortly, I trust, know what is its distinguishing oddity. Upon locating that "mark of distinction," you will probably doubt my story of this author and his book of similar unusuality throughout. It is commonly known among book-conscious folk and proof of it is still around. If you must know, this sort of writing is known as a lipogram, but don't look up that word in any dictionary until you find out what this is all about.

:D

Also, this (http://en.wikipedia.org/wiki/Gadsby_(novel))

Never said it was impossible just said to try it.

Challenge accepted: "According to you, I don't know how to do this," and "My brain hurts now."


And now, back to your regularly scheduled topic of discussion...

This is an unusual paragraph. I'm curious how quickly you can find out what is so unusual about it. It looks so plain you would think nothing was wrong with it. In fact, nothing is wrong with it! It is unusual though. Study it, and think about it, but you still may not find anything odd. But if you work at it a bit, you might find out! Try to do so without any coaching! You probably won't, at first, find anything particularly odd or unusual or in any way dissimilar to any ordinary composition. That is not at all surprising, for it is no strain to accomplish in so short a paragraph a stunt similar to that which an author did throughout all of his book, without spoiling a good writing job, and it was no small book at that. By studying this paragraph assiduously, you will shortly, I trust, know what is its distinguishing oddity. Upon locating that "mark of distinction," you will probably doubt my story of this author and his book of similar unusuality throughout. It is commonly known among book-conscious folk and proof of it is still around. If you must know, this sort of writing is known as a lipogram, but don't look up that word in any dictionary until you find out what this is all about.

:D

Also, this (http://en.wikipedia.org/wiki/Gadsby_(novel))

Never said it was impossible just said to try it.

I know, i just wanted to share how amazing Earnest Vincent Wright is

Surely, Don's playing on the fact that the most commonly used letter in the english language is 'e'. Go ahead, try to write a sentence or two (that make sense) without using 'e'.

Look, I suck at this... LOOK! No, I don't know what I am doing...

In all seriousness. The password is encrypted with MD5 encryption 50 times over and RC4 20 time over or something like that. I thought I had something going on, but it was a dead end.

The hashed passwords are all there in the PDF, and the knowledge of encrypting and decrypting are published by Adobe themselves. They literally give you step by step instructions (so that 3rd party developers can make PDF readers) The catch is that MD5 encryption cannot be reversed. The way they check if the password is correct is by encrypting the password inputted by the user and checking that against the hashed password in the PDF file.

A discussion on if its possible to crack the manuals encryption in 4 days? Of course it is, but its not probable at all. Someone with a great amount of processing power behind them and a modified dictionary attack has a small chance of getting it IMO

Summary of my post: AES may be great but FIRSTs passwords arent exactly obscure from a technical standpoint.

My dad works at fermilab, and I had him brute force decrypt the game manual with one of their supercomputers. It took about 5 hours. It is '@just*wait%till#kickoff&!' with out the ' '.

My dad works at fermilab, and I had him brute force decrypt the game manual with one of their supercomputers. It took about 5 hours. It is '@just*wait%till#kickoff&!' with out the ' '.

Do you know how many people just checked that code?

At least one.


Anyways, back to the original question, of whether FIRST said or even implied that it was in any way ok to crack, or even try to crack, the encrypted game manual, I think I may have an answer. The purpose of the encrypted game manual is so that their servers don't get overwhelmed immediately after/during KickOff. The purpose is not to challenge us to see who has the best computer, or access to the best computer. They don't want us to crack it.

Tl;dr: It's not a moral gray area. It's not ok.

The purpose of the encrypted game manual is so that their servers don't get overwhelmed immediately after/during KickOff. The purpose is not to challenge us to see who has the best computer, or access to the best computer. They don't want us to crack it.

Tl;dr: It's not a moral gray area. It's not ok.

Exactly- great point.

Summary of my post: AES may be great but FIRSTs passwords arent exactly obscure from a technical standpoint.

Absolutely they are. There is a ton of entropy in the passwords we have been seeing in the past several seasons.

Last year: 5Time4for3robots2to1dance!

That is an EXTREMELY secure password by just about any measure. See: http://xkcd.com/936/

Any public successful attempts to crack this year's encryption will simply make life more of a p.i.t.a. next year for us. Please don't do it. The school's computers are god-awful slow and would probably go up in flames if they had to decrypt 80 pages of 256-bit AES.

Besides, I doubt cracking it a day before kickoff would win anyone a championship.

To end this discussion: It's not grey, it's black and white. The same protection used by NASA is used here, so it would be like hacking into NASA. It's not right, and would give you an unfair advantage over the other teams. It goes against the rules of gracious professionalism and the values of FIRST, and therefore should not be done.

There has been some discussion on this thread about the discussion on the thread being against forum rules (threadception?). Yes, the topic being discussed is of an unethical nature, but to be clear, nothing was said about the actual act itself (i.e. hey, if you wanna crack the password, here's how to do it); simply a discussion of the ethical consequences. My interpretation of the OP is suggesting a discussion of cracking the code just to see if it can be done, not to gain a competitive advantage or even read the contents of the manual. No moderators have felt the need to jump in; this to me is a great example of the beauty of Chief Delphi. We can discuss ethical implications of many issues in an academic way, be free with our thoughts, without fear of repercussions.
Hooray for Chief Delphi.

This needs to stop coming up on ChiefDelphi this is a very taboo subject, FIRST focuses on gracious professionalism and it's not that gracious to other teams to cheat towards and early start nor is it a professional move to give your self such an advantage that others do not have. :mad: :mad: :mad:

This needs to stop coming up on ChiefDelphi this is a very taboo subject, FIRST focuses on gracious professionalism and it's not that gracious to other teams to cheat towards and early start nor is it a professional move to give your self such an advantage that others do not have. :mad: :mad: :mad:

I don't think that any of us disagree with you when you say that trying to crack the manual before kickoff is not in the spirit of Gracious Professionalism. I do wish that the subject had never been breached at all for that reason, but now that it's happened, I'm glad to see the positive discussion that has stemmed from it (about why it is impossible to crack the code in a timeframe that would benefit the hacker).

Honestly, I'll give $100 to anyone that can decrypt it before kickoff.

Has anyone ever heard of software security engineering? Like someone said, a day or two (If at all, ha, the odds of cracking it are so low) head start might be not be "graciously professional", but is everyone forgetting the reason why it'd be done in the first place? Hint: it's not to get a peak at the game manual.

Writing a program that attempts to crack the super-secure FIRST password is a great way to get a start in the field of making information secure, and learning how information may not be; learning for the sake of learning is a far better thing than treating knowledge as taboo because it might be 'controversial'.

Note: I'm aware that cracking the password simply because one wants to see the manual ahead of the broadcast is unethical because it's an unfair advantage in the competition, and that's not what I'm advocating.

This comes up every year. It shouldn't be surprising that it does either. I doubt the intention of those who think about it is malicious. Encryption presents a problem, and FIRST attracts problem solvers.

The encryption on .pdfs is enormously effective. Even with extensive computing power and techniques it would take a huge effort and long time to brute force the encryption- and it's incredibly boring. No matter how clever FIRST participants may be, there just isn't a reasonable chance that anyone is breaking it.*

If anyone is interested in crypto science, and it is a fascinating field, there are tons of forums, websites, books and newsgroups dedicated to the subject. It's much more interesting and rewarding to create and test theoretical crypto systems then to beat your head against the wall that is AES, which is exactly what those forums do.

If you want to play with encryption, go look for sites dedicated to the subject. It's just not worth stirring up the ethic pot here.

*I do recall that, many years ago, the encryption scheme built into .pdf's was quite weak, something like 64bit and open to a number of side channel attacks. It was possible to crack it in a few days, and I know for a fact this happened at least once. 128bit AES is, of course, many orders of magnitude more secure. I wouldn't be surprised to see a 256bit implementation, eventually.

By now i don't think it would really be that big of an advantage to know the game rules before kickoff. Besides a couple of more hours(in a 6-week build), there isn't any advantage.

13 hours 30 min. to go.

If you choose to distribute your time like so, go ahead. Paying a lot of time for a little is inefficient, but the decision lies with the one who has the program.

The same protection used by NASA is used here, so it would be like hacking into NASA.

So if I kick in a door to get into my house, that door is the same kind of door used in the White House, so it's like I'm breaking into the White House? That really makes no sense.

Honestly, I don't believe you because there is no way that you could have possibly "guessed" it. There wasn't even a great enough hint, considering even if the hint is related to the password at all. I don't think that it has been that way in a while.
Well, yeah. I can't imagine that anyone would take me seriously.
Plus, Don didn't say tha password had an 'e' in in. He said it had an 'e' in it, and could have been speaking about the manual Yes, I was speaking of the Manual, not the password. In all seriousness. The password is encrypted with MD5 encryption 50 times over and RC4 20 time over or something like that.Indeed, the ONLY viable method of finding the password is brute force, and that would take a very, very long time, even with very large computing resources. You;d get a faster result by torturing the FIRST staff.This needs to stop coming up on ChiefDelphi this is a very taboo subject, FIRST focuses on gracious professionalism and it's not that gracious to other teams to cheat towards and early start nor is it a professional move to give your self such an advantage that others do not have. :mad: :mad: :mad:No kidding, I would have never known that :rolleyes: You need to calm down and stop believing everything you read. You are too angry.
Honestly, I'll give $100 to anyone that can decrypt it before kickoff.Um, exactly WHICH kickoff?:D

OK, just to clarify for the humorless masses: I DID in fact guess at the password, but my guess was wrong. (I now know the password isn't my name). So I really don't KNOW what is in the Manual (specifically), but I can state with absolute certainty that the letter "e" (lowercase!) appears at least once in the manual. Somewhere.

*I do recall that, many years ago, the encryption scheme built into .pdf's was quite weak, something like 64bit and open to a number of side channel attacks. It was possible to crack it in a few days, and I know for a fact this happened at least once. 128bit AES is, of course, many orders of magnitude more secure. I wouldn't be surprised to see a 256bit implementation, eventually.

The PDFs are encrypted using Revision 4 of the algorithm. Before Revision 3, I believe the password was only encrypted once with MD5 and RC4. The only real change to the latest algorithm is the number of iterations it goes through encrypting.

The PDFs are encrypted using Revision 4 of the algorithm. Before Revision 3, I believe the password was only encrypted once with MD5 and RC4. The only real change to the latest algorithm is the number of iterations it goes through encrypting.

MD5 is a message digest function (also known as a hash function) and is a one-way operation. In the context of PDF encryption it is used for key stretching/strengthening (http://en.wikipedia.org/wiki/Key_stretching) and is intended to make potential brute forcers work even harder.

If anyone is interested in crypto science, and it is a fascinating field, there are tons of forums, websites, books and newsgroups dedicated to the subject. It's much more interesting and rewarding to create and test theoretical crypto systems then to beat your head against the wall that is AES, which is exactly what those forums do.

If you want to play with encryption, go look for sites dedicated to the subject. It's just not worth stirring up the ethic pot here.

I believe this is the best advice on this thread. Working with cryptography problems as a software engineer has been very interesting for me. If anyone is interested in starting out with cryptography here are some good resources:

Theory and Practice of Cryptography series

http://www.youtube.com/watch?v=IzVCrSrZIX8
http://www.youtube.com/watch?v=KDvt_0cafPw
http://www.youtube.com/watch?v=YcgqBEzcD_I
http://www.youtube.com/watch?v=ZDnShu5V99s


Crypto Strikes Back!

http://www.youtube.com/watch?v=ySQl0NhW1J0


Presentations

http://www.bsdcan.org/2010/schedule/attachments/135_crypto1hr.pdf
http://www.eff.org/files/DefconSSLiverse.pdf


Books

Cryptography Engineering by Niels Ferguson and Bruce Schneier


Blogs

http://rdist.root.org/
http://www.schneier.com/

When will they say the password