Encrypted Game Manual - Could we crack it?
 

FIRST FRC Password Convention:

Past three years:
2014: 3Zones2Goals1Alliance!
2013: sAucersFlyRobotsClimb!
2012: !HotShots!KnowBalance!
2011: 5Time4For3Robots2To1Dance!

Uses AESv2 128 bit for PDF encryption

At first glance, it seems pretty secure. However there seem to be a lot of patterns as to how the passwords are chosen.

Patterns:
1) always 22 characters after 2011
2) all of the words used are english and would appear in the dictionary
3) they use mixed case
4) a word is never separated by anything special, and no character substitution is used
5) only around 3 or 4 words are used
6) they always end with a "!" character
7) in all years but 2013 the first character has not been a letter

Idea:
Create a program that generates a wordlist based on the rules FIRST seems to follow when creating the passwords, split the wordlist up into smaller segments, and let different teams try different segments until the correct key is recovered


Thoughts?

Re: Encrypted Game Manual - Could we crack it?
 

A more important question might be: Should we crack it?

Re: Encrypted Game Manual - Could we crack it?
 

The correct answer is no.

Re: Encrypted Game Manual - Could we crack it?
 

I'm sure someone out there could.
I think as a community we may be able to.

I don't think it's something we should be attempting though.

Saturday is only a few days away. I know we all want to find out the game, but this isn't the way.

Re: Encrypted Game Manual - Could we crack it?
 

Is attempting to crack the encryption on the game manual pdf that different from trying to figure out the hint?

Re: Encrypted Game Manual - Could we crack it?
 

The manual is encrypted using 128-bit AES encryption. From the decryption test page.

Re: Encrypted Game Manual - Could we crack it?
 

Absolutely. The hint is only going to provide so much information, and it is always speculation until the day of kickoff. Cracking the rule book will reveal all of the needed information to start building early. And since you created a new no-team affiliated profile just to post this I'm guessing you feel the same way.

Re: Encrypted Game Manual - Could we crack it?
 

Yes, it is. Hints are released to us to keep us guessing, the manual is released in its encrypted format to make it easier on us Saturday, so there isn't a bottleneck downloading. I don't want to know what the game is, I don't want to know what any "leaks" are, in fact I don't want to know anything about this year's game until Saturday morning when FIRST decides to release it to us.

I enjoy the suprise.

Re: Encrypted Game Manual - Could we crack it?
 

Absolutely. Figuring out the hint is encouraged. Cracking the manual is just plain wrong.

From a technical perspective, I find threads like this interesting. I like discussions about how much computing horsepower is neneded for certain tasks, and how long they will take.

But from an ethical and moral perspective, we should not ever attempt to crack something of value that we do not own rights to.

What you should do is encrypt your own file, and then try to crack that.

Re: Encrypted Game Manual - Could we crack it?
 

Yes, AES is pretty strong, but in this case it is only 128 bit, and the key is fairly predictable. I'm not suggesting brute force. A gpu could probably churn out tons of guesses per second and testing wordlists we create using the patterns in their password shouldn't take more than a couple hours at most.

Re: Encrypted Game Manual - Could we crack it?
 

Absolutely. When FIRST encrypts their manual - let's take that as a hint that perhaps, just maybe, they're not interested in us reading it before we're supposed to. The hint they make public and give us as information.

Re: Encrypted Game Manual - Could we crack it?
 

This seems to come up every year.

FIRST releases the game manual early every year to allow teams to download it early- the servers get hammered on kickoff with teams trying to download the manual, and this helps minimize the load during kickoff. It is encrypted so they can still prevent teams from seeing the contents until kickoff.

Don't abuse this. Trying to crack the manual shows a significant amount of disrespect for FIRST and all other teams competing in the program.

If you want to challenge yourself by cracking it after kickoff, by all means go ahead.

As for is it actually possible:
Using brute forcing, no, it would not be possible to crack it prior to kickoff.
Using more refined techniques like you suggested, sure, you might be able to crack it if you are lucky. If you are making incorrect assumptions, then you'll just waste your time though. They could very easily use a word not in your list (or a word they made up), or they could change the pattern ever so slightly and you could be running your cracker for 4 days with no results.

Re: Encrypted Game Manual - Could we crack it?
 

Oh hey, it's this thread again. I suggest reading this before continuing.

Re: Encrypted Game Manual - Could we crack it?
 

I posted the key on CD, but they deleted it. Oh well :yikes:

Re: Encrypted Game Manual - Could we crack it?
 

"Tons of guesses per second" is unbelievably ridiculously optimistic. The best you can get using modern GPU's is a few guesses per second. There are 3.4E38 possible keys. Do the math.

Re: Encrypted Game Manual - Could we crack it?
 

Re: Encrypted Game Manual - Could we crack it?
 

I think the biggest difference is that with the game hint, you have no idea if your guess was spot on, or completely off the mark. You can guess and guess and try and discuss it with your friends, but it won't provide you with any advantage before kickoff, and you'll never know if your approach was right. On the other hand, if you obtain a game manual before kickoff, you know everything about the game before anyone else. Kickoff will mean basically nothing to you. Trying to decipher the game hint is (in my opinion)pretty fun. But it really doesn't help you out come build season. If you had the full manual pre-kickoff, that could be a different story. Getting the manual pre-kickoff is like opening all your Christmas gifts a week before Christmas morning. What's the fun in that?

Re: Encrypted Game Manual - Could we crack it?
 

I don't like this thread. It's silly, as you won't be able to crack the manual password, but makes us look like a bunch of goons because we're trying to crack it.

Kickoff is Saturday. We should take these last few days to relax, see our family, and get ahead with our work. I am sure that there will be plenty of technical challenges to deal with this year.

EDIT: 666th post!

Re: Encrypted Game Manual - Could we crack it?
 

It's a little sad to see that some people would try to crack the game manual before the release. I've always wanted to try after kickoff just to see how long it would take. That is more an experiment of the encryption.

Re: Encrypted Game Manual - Could we crack it?
 

Especially in the light of the other thread - I'm all about non-serious discussion around cracking the manual, but let's keep it above the belt.

Re: Encrypted Game Manual - Could we crack it?
 

The easiest one to do with rules is 2014. If you assume that a 10,000 word dictionary could find each of the 3 words (it would also have to contain capitalization variations) and 4 random characters (100 character search space), you have a search space of 100,000,000,000,000,000,000 passwords.

Given the posted rate of 670 million keys per second and 10,000 people in FIRST all trying to crack in a perfectly distributed way, it would take about half a year to exhaust the search space.

In order to generalize it to the rules in the first post, it would take several orders of magnitude longer.

Re: Encrypted Game Manual - Could we crack it?
 

Poll voters should be reminded that the votes are not anonymous. We can see who voted Yes...

Re: Encrypted Game Manual - Could we crack it?
 

Well lets take an average processor speed, not too fancy, cracking approximately at 22,004k/s a PDF document. Assuming you are only bruting a-z0-9A-Z with out spaces, special characters, etc.

It would take approximately 1 septillion years. or 1.0306281275164522e+24 years 33 days 7 hours 30 minutes and 54 seconds

The amount of password combinations you would potentially have to test is (7.159713505559651e+35 password combinations)

Again I am assuming we are NOT using any GPU, Amazons AWS, etc. We are using an average processor. If you use GPU or AWS, this would SIGNIFICANTLY speed up your cracking. You can play with the numbers at this. http://calc.opensecurityresearch.com/

Re: Encrypted Game Manual - Could we crack it?
 

I clicked a poll question and can't change the answer. I had 0 intention of answering the question.

Re: Encrypted Game Manual - Could we crack it?
 

Sounds ominous. I think its fair to remind everyone that basing an opinion on a person based on one button they clicked on the internet is kind of unreasonable. Okay its really unreasonable and nobody should feel guilty on here because they chose to express an opinion.

Don't worry I did too...

Re: Encrypted Game Manual - Could we crack it?
 

tl;dr.
The thread asks if we COULD crack it: My answer is no.
The poll asks of we would help crack it, my answer is the same.
And, SHOULD we crack it? Why waste the time? You can't.

Re: Encrypted Game Manual - Could we crack it?
 

Part of me wants to try to crack it just as a challenge, but I wouldn't do it now. If I were to it would be over the summer just as a fun challenge when everyone already knows the password.

Re: Encrypted Game Manual - Could we crack it?
 

It really concerns me that even with this small sample, there are that many people who want to crack the manual. Come on...what happened to GP? It's just a game, guys. Even if you crack it (you can't), you'll only feel bad throughout the season when either A) you don't win, or B) you do win, but feel dirty about it because you had an advantage. In any case, you're not having fun, and that's a huge part of why we do this.

Re: Encrypted Game Manual - Could we crack it?
 

It was meant to sound ominous. The poll asks if your team would do something blatantly against the core values of FIRST. Even if it is your opinion, it reflects on your team.

This wasn't aimed at any single person or team and I haven't made any assumptions based on the poll results. However, sometimes people (especially students) need a reminder that what they say in a public place is just that: public. Yes, the math behind the theoretical question of how long it would take to crack is interesting, but the OP was clearly (using a brand new, anonymous account) attempting to split the cracking efforts.

That being said, if I recognized that one of my team's students had answered yes, we'd be having a talk about why they think cracking the game manual is acceptable.

Re: Encrypted Game Manual - Could we crack it?
 

Guess I should've read more carefully, I thought this was for cracking it after the password was released.

Re: Encrypted Game Manual - Could we crack it?
 

Just to resume a bit of what was said :

No.

Yes.

Couldn't have said it better myself :D


And just to put in a word, let's give a break to yersinia. Just his/her first thread and already in the red and negative feedback ... OK, maybe this wasn't the best topic to discuss, considering the FIRST ethics behind this, but I think most of us understand that this is impossible in the given time, but even if we had enough time to make it possible, sure, there would be people who wouldn't mind and go ahead decrypting ... but the message people are trying to send here is that it's clearly wrong. I agree with this message, but I am also trying to say that yersinia, being a totally new member to CD, just started off on the wrong foot and we shouldn't push him/her down because of a "thoughtless" thread.

Instead of pushing yersinia down even more, I'll be the first one to say :
Welcome to Chief Delphi! (but no more thoughtless threads please! :D)

By, the way,

I hope that was a joke, Frank :D ... right? :ahh:

Re: Encrypted Game Manual - Could we crack it?
 

You obviously already believe cracking the manual is wrong, otherwise you wouldn't have made a new account to post this thread. If you believe so strongly that we should be trying to crack it, I suggest using your real account.

Re: Encrypted Game Manual - Could we crack it?
 

As everyone else has said, it would be a bad idea to crack it. But even if you tried, it wouldn't be finished before kickoff anyway. It's so pointless it's funny.
Although it may be a fun little thing to try, because it won't finish by kickoff. If by some miracle it does, pm me with the password;)
Ok, in all seriousness I think everyone here is making a good point. So yeah.

Re: Encrypted Game Manual - Could we crack it?
 

After the password is released, I'm all for cracking it...

...Cracking it open and reading the whole thing. ::rtm::


But before the password is released, I got one thing to say: Locks ain't for pickin'. They're there to tell you not to open whatever is locked.

Re: Encrypted Game Manual - Could we crack it?
 

Because - not GP. Still, it may be theoretically possible using some commercial tools.

Re: Encrypted Game Manual - Could we crack it?
 

Quick note-
the OP believes that CD will think cracking the manual is wrong. The OP may or may not share that opinion.

Re: Encrypted Game Manual - Could we crack it?
 

I hate to be "that guy," but I would like to remind everyone that we all agreed to this when we signed up:

I do seem to recall threads like this being deleted in the past because of this rule.

Re: Encrypted Game Manual - Could we crack it?
 

Cracking in that context refers to circumventing DRM on software, by means of a patch, usually bypassing license key verification.

Re: Encrypted Game Manual - Could we crack it?
 

My impression is that most of us are here for the FIRST ROBOTICS Competition, not the FIRST Hackers Competion or the FIRST Code-Breaking Competition.


So far, all four of yersinia's posts have been related to why it might be a good idea to crack the Game Manual encryption. A search for the term "yersinia" yielded this www.yersinia.net.

Re: Encrypted Game Manual - Could we crack it?
 

What a coincidence ...

Re: Encrypted Game Manual - Could we crack it?
 

But some of us have lives and interests outside of FIRST...

...but I'm not one of those people.

Re: Encrypted Game Manual - Could we crack it?
 

Most of us may be here for the FIRST Robotics Competition, but a lot of us are here for the FIRST Imagery Competition too, and for the FIRST Entrepreneurship Competition, and for the FIRST Culture Change Competition. Not sure how many are here for the FIRST Hacking Competition, but that's no reason to discourage them. I'd strongly encourage any student interested in security or encryption to give the manual their best shot, just at the right time (after kickoff, or use an old manual).

Re: Encrypted Game Manual - Could we crack it?
 

Maybe the OP should consider this competition http://www.uscyberpatriot.org

Re: Encrypted Game Manual - Could we crack it?
 

I agree with BaselA. Cracking the game manual at the current time would be dishonest, poor sportsmanship, and just plain bad. However, there is NO need to be bashing the OP for a question that I, personally, find very interesting. Saying we SHOULD crack the manual is different from asking if we COULD, which is my understanding of what the OP was asking. Lets keep it civil guys.

Re: Encrypted Game Manual - Could we crack it?
 

If cracking the manual is so wrong, then why are they giving us the exact type of encryption? In my opinion, game developers want us to expand our skill set. After all, that's what FIRST is all about, right?

Re: Encrypted Game Manual - Could we crack it?
 

To tell you that you won't be able to crack it.

Re: Encrypted Game Manual - Could we crack it?
 

I agree with what's been posted so far:

Should we crack the manual? No. It's not fair to FIRST and everyone else who is following the rules.

Could we crack the manual, as the thread title asks? Yes, of course we could, given enough time. I'd actually be curious to see how long it takes to do so, so long as it happens after kickoff.

EDIT: Also, given the OP's anonymous account, they know the answer to both. I'm not sure that this thread serves a purpose any more - would it be possible to close it?

Re: Encrypted Game Manual - Could we crack it?
 

+1

Re: Encrypted Game Manual - Could we crack it?
 

Found this on "http://www.eetimes.com/document.asp?doc_id=1279619"
......

Faster supercomputer (as per Wikipedia): 10.51 Pentaflops = 10.51 x 1015 Flops [Flops = Floating point operations per second]

No. of Flops required per combination check: 1000 (very optimistic but just assume for now)

No. of combination checks per second = (10.51 x 1015) / 1000 = 10.51 x 1012

No. of seconds in one Year = 365 x 24 x 60 x 60 = 31536000

No. of Years to crack AES with 128-bit Key = (3.4 x 1038) / [(10.51 x 1012) x 31536000]
= (0.323 x 1026)/31536000
= 1.02 x 1018
= 1 billion billion years


In conclusion it is possible!

Re: Encrypted Game Manual - Could we crack it?
 

Perhaps so participants in other countries know they have the right tools to unencrypt the file. This is also likely the reason that FIRST isn't using a stronger form of encryption in the first place. Not as an invention to crack it.

Re: Encrypted Game Manual - Could we crack it?
 

So, I saw this thread and let out a groan like everyone else, but then my curiosity sort of ran with this.

It's not very difficult to write a piece of software that would not only crack the code (brute force), but it's just a skip and a hop beyond that to parallelize the code to easily run on multiple PCs (say student laptops).

From an implementation standpoint, my mind was racing. I know exactly what the program would look like, how it would communicate, etc. But what about the feasibility with respect to time?

Searching through all possible combinations is no, just no. However, let's take that there will be 20 characters, and each character can have roughly 30 possible combinations (letters or punctuation).

Let's lay out the givens/assumptions:
20^30 combinations (constraint),
50 household computers (assumption),
4 Ghz (4 E 9 Hz) processors (assumption).

How long?

Well, some simple-ish math, it would take 1.702 E 20 years for all 50 PCs to simply flip through every single combination. That doesn't even include computation time to try the password, check to see if it's been decrypted, network traffic, etc.

I thought about possible optimizations based on dictionaries, but there are commonplace, accepted misspellings that wouldn't show up in a dictionary (e.g. hax or rox).

Ethics and morals and all that aside, just doing that calculation and coming to that realization was kind of...cool...and a little humbling.

My budding curiousity noped out of that line of thought and went off to do the fantasy draft for the night.

- Sunny G.

Re: Encrypted Game Manual - Could we crack it?
 

It's more likely simply that AES is the default encryption you get when you encrypt a PDF with a password. It used to be DES 40/56 but that's so easy to crack with modern equipment that I don't think it's even an option these days.

Given the passwords from the past few years, there's enough entropy that a heuristic dictionary attack would be unlikely to provide a result in a 3 day timeframe. Similarly, it wouldn't be possible to scan a 128 bit keyspace without some serious distributed processing power.

So this whole discussion is an academic exercise at best.

(I am not a crypto-nerd, but I can spend an hour explaining Diffie-Hellman.)

Re: Encrypted Game Manual - Could we crack it?
 

So, assuming there can be ~3.8e+38 possible password combinations, we can rule out any simple GPU or Processor bruteforcing.

However, using rainbowtables in conjunction with an ASIC (generally used for decrypting hashes to mine "bitcoins") that I have, able to mine at 8ghash/second (8 billion hash guesses/sec) I have determined that it would take approximately 1.5103531e+18 years to crack.

So no, it's not happening.

Even if someone had cloud hashing, with a whopping 100th/s (meaning 100,000,000,000,000 guesses/sec) it would still take 1.2082825e+17 years.

Again, not happening. Unless someone randomly guessed it, which would be completely absurd. We waited all night for Santa to come on Christmas, so we can wait 34 more hours.

Re: Encrypted Game Manual - Could we crack it?
 

I feel like this conversation was just a way to pass that time you mention. It is a lot closer to kickoff now than when this conversation started.

Re: Encrypted Game Manual - Could we crack it?
 

Every day at 6am they send the weather report, so you should be able to bias your algorithm to find those words.

Wait, wrong code.

Re: Encrypted Game Manual - Could we crack it?
 

I vote for a Jurassic Park style "Ah Ah Ah" video of Frank when someone actually tries to crack it....

Re: Encrypted Game Manual - Could we crack it?
 

You only need to know the name of one man in Manchester to beat all of FRC!

Re: Encrypted Game Manual - Could we crack it?
 

David Beckham? I think you are five years too late.

Sorry, wrong Manchester.

Re: Encrypted Game Manual - Could we crack it?
 

Hey, this isn't the enigma code! Besides... They included something else besides just the weather in those reports that really gave them away and made the whole thing useless.