Encrypted Game Manual - Could we crack it?

FIRST FRC Password Convention:

Past three years:
2014: 3Zones2Goals1Alliance!
2013: sAucersFlyRobotsClimb!
2012: !HotShots!KnowBalance!
2011: 5Time4For3Robots2To1Dance!

Uses AESv2 128 bit for PDF encryption

At first glance, it seems pretty secure. However there seem to be a lot of patterns as to how the passwords are chosen.

Patterns:
1) always 22 characters after 2011
2) all of the words used are english and would appear in the dictionary
3) they use mixed case
4) a word is never separated by anything special, and no character substitution is used
5) only around 3 or 4 words are used
6) they always end with a “!” character
7) in all years but 2013 the first character has not been a letter

Idea:
Create a program that generates a wordlist based on the rules FIRST seems to follow when creating the passwords, split the wordlist up into smaller segments, and let different teams try different segments until the correct key is recovered

Thoughts?

A more important question might be: Should we crack it?

The correct answer is no.

I’m sure someone out there could.
I think as a community we may be able to.

I don’t think it’s something we should be attempting though.

Saturday is only a few days away. I know we all want to find out the game, but this isn’t the way.

Is attempting to crack the encryption on the game manual pdf that different from trying to figure out the hint?

The manual is encrypted using 128-bit AES encryption. From the decryption test page.

[128-bit AES encryption] is a current standard considered by the US Government as completely secure for short (weeks) periods of time

Absolutely. The hint is only going to provide so much information, and it is always speculation until the day of kickoff. Cracking the rule book will reveal all of the needed information to start building early. And since you created a new no-team affiliated profile just to post this I’m guessing you feel the same way.

Yes, it is. Hints are released to us to keep us guessing, the manual is released in its encrypted format to make it easier on us Saturday, so there isn’t a bottleneck downloading. I don’t want to know what the game is, I don’t want to know what any “leaks” are, in fact I don’t want to know anything about this year’s game until Saturday morning when FIRST decides to release it to us.

I enjoy the suprise.

Absolutely. Figuring out the hint is encouraged. Cracking the manual is just plain wrong.

From a technical perspective, I find threads like this interesting. I like discussions about how much computing horsepower is neneded for certain tasks, and how long they will take.

But from an ethical and moral perspective, we should not ever attempt to crack something of value that we do not own rights to.

What you should do is encrypt your own file, and then try to crack that.

Yes, AES is pretty strong, but in this case it is only 128 bit, and the key is fairly predictable. I’m not suggesting brute force. A gpu could probably churn out tons of guesses per second and testing wordlists we create using the patterns in their password shouldn’t take more than a couple hours at most.

Absolutely. When FIRST encrypts their manual - let’s take that as a hint that perhaps, just maybe, they’re not interested in us reading it before we’re supposed to. The hint they make public and give us as information.

This seems to come up every year.

FIRST releases the game manual early every year to allow teams to download it early- the servers get hammered on kickoff with teams trying to download the manual, and this helps minimize the load during kickoff. It is encrypted so they can still prevent teams from seeing the contents until kickoff.

Don’t abuse this. Trying to crack the manual shows a significant amount of disrespect for FIRST and all other teams competing in the program.

If you want to challenge yourself by cracking it after kickoff, by all means go ahead.

As for is it actually possible:
Using brute forcing, no, it would not be possible to crack it prior to kickoff.
Using more refined techniques like you suggested, sure, you might be able to crack it if you are lucky. If you are making incorrect assumptions, then you’ll just waste your time though. They could very easily use a word not in your list (or a word they made up), or they could change the pattern ever so slightly and you could be running your cracker for 4 days with no results.

Oh hey, it’s this thread again. I suggest reading this before continuing.

I posted the key on CD, but they deleted it. Oh well :yikes:

“Tons of guesses per second” is unbelievably ridiculously optimistic. The best you can get using modern GPU’s is a few guesses per second. There are 3.4E38 possible keys. Do the math.

I think the biggest difference is that with the game hint, you have no idea if your guess was spot on, or completely off the mark. You can guess and guess and try and discuss it with your friends, but it won’t provide you with any advantage before kickoff, and you’ll never know if your approach was right. On the other hand, if you obtain a game manual before kickoff, you know everything about the game before anyone else. Kickoff will mean basically nothing to you. Trying to decipher the game hint is (in my opinion)pretty fun. But it really doesn’t help you out come build season. If you had the full manual pre-kickoff, that could be a different story. Getting the manual pre-kickoff is like opening all your Christmas gifts a week before Christmas morning. What’s the fun in that?

I don’t like this thread. It’s silly, as you won’t be able to crack the manual password, but makes us look like a bunch of goons because we’re trying to crack it.

Kickoff is Saturday. We should take these last few days to relax, see our family, and get ahead with our work. I am sure that there will be plenty of technical challenges to deal with this year.

EDIT: 666th post!

It’s a little sad to see that some people would try to crack the game manual before the release. I’ve always wanted to try after kickoff just to see how long it would take. That is more an experiment of the encryption.

Especially in the light of the other thread - I’m all about non-serious discussion around cracking the manual, but let’s keep it above the belt.