Talk:1286: Encryptic

Explain xkcd: It's 'cause you're dumb.
Revision as of 00:00, 5 November 2013 by Cscott (talk | contribs)
Jump to: navigation, search

The answer to the weathervane sword/ favorite apostle hint has got to be Matthias. It is 8 characters long, Matthias was the apostle chosen to replace Judas and in the Redwall series Matthias is one of the wielders of the Sword of Martin a sword that was hung on a weathervane.

It is unclear to me if these are actual hashes from Adobe file? That would be very cool... but actual file seems to have passwords in slightly different format. http://arstechnica.com/security/2013/11/how-an-epic-blunder-by-adobe-could-strengthen-hand-of-password-crackers/ 108.162.229.211 09:05, 4 November 2013 (UTC) pavel

I wouldn't call 3DES secure ... but yes, in this situation the real problem is not using per-user salt. Note that I would expect that at least some of those examples would be solvable ...any idea? Hmmm ... sword of weather vane and one of apostles might be Martin ([1]) ... -- Hkmaly (talk) 10:00, 4 November 2013 (UTC)
It's Jonathon (for John). Not sure what it has to do with weather vane swords though... 108.162.240.18 12:42, 4 November 2013 (UTC)
Umm. "Peter" does not seem to have 8 characters, does it? Encryption method suggests it should be 8 characters, as do 8 character boxes on the right... 108.162.229.211 10:43, 4 November 2013 (UTC) pavel
I'd say "weather vane sword", "name1" and "favorite of 12 apostles" is (Saint) Peter. "Weather vane" as symbol for the rooster in the denial, and the sword Peter used when Jesus was arrested. --108.162.254.177 10:25, 4 November 2013 (UTC)
... interesting that google search didn't mentioned it :-) Seems bible have too low pagerank. -- Hkmaly (talk) 10:32, 4 November 2013 (UTC)
The 'favourite' apostle was John the Evangelist though. http://en.wikipedia.org/wiki/Disciple_whom_Jesus_loved . The other biblical clue here is 'with your own hand you have done all this' - Judith 15:10. If that's Judith1510 then the 'name and shirt number' is 'Judith15'. The TOS/earlobes clue seems to be "Spock's brain" and "Spock's (ears?)". And the Michael Jackson one is (obviously) ABC123. 141.101.99.214 11:14, 4 November 2013 (UTC)
Perhaps "favorite" in this case refer's to the user's favorite, not Jesus's. Yomikoma (talk) 16:13, 4 November 2013 (UTC)
The Michael Jackson password should just be "ABC". (The other clue refers only to letters, and the proper song title also has only letters.) —TobyBartels (talk) 20:57, 4 November 2013 (UTC)
Given that name1 is two blocks long, I would guess that the apostle's name is going to be eight characters long, with the second hash block being 1+seven spaces (or nulls if Adobe pads it with nulls and not spaces). But then again, as the only disciple with a name eight letters long is Thaddeus maybe not 141.101.99.214 (talk) (please sign your comments with ~~~~)
"St.Peter" is 8 characters, and having a "special" character (the period) makes it a good choice for passwords that might require 1 non-alphanumeric character (and ban spaces). 141.101.99.223 11:47, 4 November 2013 (UTC)
I think it is obvious that Name1 refers to {The user's name} + 1. I wonder though if we should be referring to one of the other 12 apostles in a different context? https://en.wikipedia.org/wiki/Twelve_Apostles_%28disambiguation%29 - 108.162.242.11 18:02, 4 November 2013 (UTC)
Is the "weathervane sword" referring to Redwall? I haven't read the book myself, but would it be referring to the "Sword of Martin"? [2] --Jeff (talk) 19:17, 4 November 2013 (UTC)

Another article about using passwords hints from multiple users to find the passwords from the breach. http://7habitsofhighlyeffectivehackers.blogspot.com/2013/11/can-someone-be-targeted-using-adobe.html Bugefun (talk) 11:06, 4 November 2013 (UTC)

"Sexy earlobes" makes me think of "The ABC of Aerobics", but that would make that Shirley Clarke, and nothing in Star Trek has anything to do with Shirley that I am aware of, except possible Shirley Bonne as Ruth. I skimmed a list of episode titles, but nothing jumps out at me as particularly earlobish. 108.162.219.187 11:20, 4 November 2013 (UTC)

Sexy earlobes might have something to do with Ferengi, but they didn't appeared in TOS. 141.101.99.214's idea is better. -- Hkmaly (talk) 11:42, 4 November 2013 (UTC)
OK, we know that "sexy earlobes" and "best TOS Episode" are the same for the first eight character, but differ after that, while "best TOS" and "sugarland" are the same after the first 8 characters. So, my guesses are : Best TOS episode: "Charlie X"; "Sexy Earlobes": Someone with the first name of "Charlie"; "Sugarland": some city in Texas (perhaps "HoustonTX") JamesCurran (talk) 16:51, 4 November 2013 (UTC)

Note that you should not ever use cipher in ECB (electronic codebook) mode, i.e. encrypt each block separately and independently, but use chaining. --JakubNarebski (talk) 12:15, 4 November 2013 (UTC)

And for passwords you shouldn't be using a cipher at all, but rather a hash function. (Or a cipher in one of the approved hash constructions, if you must.) And really you shouldn't be using a standard hash function, but be following best practices for passwords instead: salting the hash, using a *slow* hash function, etc. Cscott (talk) 20:22, 4 November 2013 (UTC)

Hmm, i'm rather confused about the last few on the list though. Assumedly the password for "he did the mash, he did the" would be "monster mash", but that would leave "purloined" with a password of either "monsterm" or "monster ". which doesn't make much sense. 108.162.240.18 13:47, 4 November 2013 (UTC)

(charlie sheen) a1f9b2b6299e7a2b eadec1e6ab797397 sexy earlobes - He did a 2 and a half men episode on sexy earlobes

(charlie x) a1f9b2b6299e7a2b 617ab0277727ad85 best tos episode - Star Trek has so many good episodes...
(houstontx) 39738b7adb0b8af7 617ab0277727ad85 sugarland - Sugarland is in Houston, TX

I don't know about anyone else, but the "hints" column incidentally reminded me of Darwinian Poetry... Not intentionally, I'm sure. 141.101.98.214 14:46, 4 November 2013 (UTC)

Somehow I've missed out on this issue until this comic alerted me to it, but: once a few passwords are correctly guessed, does that make it straightforward to recover the encryption key, and then be able to decrypt all of them? —scs (talk) 14:50, 4 November 2013 (UTC)

Answering my own question: not really straightforward, no. 3DES is still pretty strong, and what knowing a few passwords gives you is a known-plaintext attack, which helps a little, but is by no means a giveaway. —scs (talk) 15:00, 4 November 2013 (UTC)
Note that if blackhat used this service, he would know at least one plaintext - his own password--JakubNarebski (talk) 15:05, 4 November 2013 (UTC)
No, for calculating the encryption key of Triple DES, there is no real benefit in knowing million passwords, you would still need to brute force it. You would need to know at least 232 different passwords to make it easier but you can't do that with the leaked file (there are about 30 times less of them and moreover many of them are not unique). STEN (talk) 16:08, 4 November 2013 (UTC)

Okay, so the first column is the encrypted password, the second one is the hint chosen by user. What do rectangles mean? 173.245.53.151 15:28, 4 November 2013 (UTC)

That are the fields to fill the characters in just as you do in a crossword puzzle. There are small fields at the beginning that take one character each and one large field at the end that takes one to eight characters. STEN (talk) 15:32, 4 November 2013 (UTC)

Water 3 is an egg group: http://bulbapedia.bulbagarden.net/wiki/Water_3_(Egg_Group) . Given the length of the key, it will probably be 9-16 characters. (Crawdaunt, tentacool, and tentacruel are most likely) 199.27.128.139 15:43, 4 November 2013 (UTC)

-- which means 9dca1d79d4dec6d5 is either L, EL, or T, but I can't find a way for that to match up with any variation of "monster mash." 173.245.55.209 16:15, 4 November 2013 (UTC)
Same problem here... Monster mash must not be correct, but it is one of the easier ones, I can't give up on it. --Jeff (talk) 17:35, 4 November 2013 (UTC)
Maybe, he did the MASH is about the book, movie or TV Show M*A*S*H instead? --Jeff (talk) 17:49, 4 November 2013 (UTC)
Monster Mash was written by Bobby Pickett, maybe it has something to do with him? STEN (talk) 18:38, 4 November 2013 (UTC)
Maybe it's not "monster mash" but just "monster". This would allow the Water-3 Pokemon to be "Cloyster". 108.162.237.5 19:17, 4 November 2013 (UTC)
You are having trouble counting to eight. Cscott (talk) 20:22, 4 November 2013 (UTC)

It seems to me there are two puzzles here, if folks are right that this is not actual data from the hack. 1) Figure out Adobe's master 3DES encryption password, for the big prize. 2) figure out Randall's 3DES encryption password for this puzzle based on these hints, and knowing it will be something clever. Nealmcb (talk) 16:12, 4 November 2013 (UTC)

Trying to decode the passwords (As Randall obviously wants us to) "with your own hand you have done all this" is from the book of Judith. Working on decoding the others. --Jeff (talk) 17:13, 4 November 2013 (UTC)

8babb6299e06eb6d = password a0a2876eb1ea1fea = 1 85e9da81a8a78adc = 57 --Jeff (talk) 18:10, 4 November 2013 (UTC)

Weather Vane Sword may be a reference to Game of Thrones Ascent. The "Sworn Sword", I believe is "Rona" which is also a name. 173.245.55.216 18:27, 4 November 2013 (UTC)

It needs to be a name of an apostle (as per line 7) and have 7 or 8 characters (as line 3 needs a continuation) so this leaves Matthew, Thaddeus and (Judas) Iscariot. STEN (talk) 18:57, 4 November 2013 (UTC)


If a password(or 8 character segment) is guessed can it be confirmed? Somebody should take this leaked list and create a website that presents it like in the comment and lets people guess. It can fill in the guessed ones. 108.162.246.117 19:17, 4 November 2013 (UTC)

I'm putting in Mattias for the sword, name1 and disciple because of Saint Matthias [3] and Redwall Matthias [4] who held the Weathervane Sword (Also known as the sword of Martin [5] ) --Jeff (talk) 19:27, 4 November 2013 (UTC)

I've also removed "monster mash" from the list as it can't be right. Doesn't match the pokemon or the purloined clues. --Jeff (talk) 19:27, 4 November 2013 (UTC)

Based on the Water-3 Pokemon hint, the only possibilities of more than 8 characters are tentacool, tentacruel, barbaracle, crawdaunt, carracosta, clauncher, and clawitzer. This would mean "9dca1d79d4dec6d5" would be l, el, le, t, ta, or r. --Dvorakmd (talk) 19:51, 4 November 2013 (UTC)

This is assuming there are no characters before the actual name of the pokemon. 173.245.55.209 20:30, 4 November 2013 (UTC)
Assuming Randall has constructed this comic to have a unique answer, it can't end in r because then the clue would be ambiguous (could be clauncher or clawitzer). Cscott (talk) 21:53, 4 November 2013 (UTC)

I don't know the answer to the end either, but here's a list of people who did the Monster Mash, from Wikipedia:

  • Bobby Picket (as Boris Picket)
  • Garpax Records (Gary S. Paxton)
  • The Misfits
  • far, far too many other covers to list

And here's some synonyms for "purloined", from thesaurus.com:

  • stole
  • pilfered
  • filched
  • misappropriated
  • embezzled
  • burglarized
  • shoplifted
  • poached
  • pillaged
  • cheated
  • pinched
  • heisted
  • thieved
  • plundered
  • appropriated
  • lifted
  • took
  • snitched
  • defrauded
  • swindled
  • ripped off
  • made off with

Good luck with these! —TobyBartels (talk) 20:31, 4 November 2013 (UTC)

What about Purloined referring to "The Purloined Letter?" When choosing hints, people, at least in my experience, tend to use word association rather than synonyms. 173.245.55.209

Purloined could also be a reference to the Monster.com hack (http://www.symantec.com/connect/blogs/monster-trojan). 108.162.237.11 21:00, 4 November 2013 (UTC)

Words meaning purloined that can have the listed suffixes could be embezzle/embezzler or scrounge/scrounger. Not sure if it fits to the mash clue. There was a loan shark character who would acquire things on MASH called Rizzo, it is a stretch though. 108.162.246.117 21:01, 4 November 2013 (UTC)

I'm still trying to figure out how the solutions go into the spaces on the right -- it may be more obvious once the last couple clues are figured out. I suspect the ordering and numbers of clues have some sort of meaning. Why are there 5 of the 877... passwords, 2 with no clues? Why is one of the 4e18.... passwords separated from the rest? 108.162.221.28 21:07, 4 November 2013 (UTC)

Could Purloined be a reference to the "Purloined Shadows" book in Elder Scrolls? --Dvorakmd (talk) 21:09, 4 November 2013 (UTC)

Or 'The Purloined Payroll', a WoW quest? "Purloined in Petrograd" is also a lyric to a Decemberists song (The Bagman's Gambit). Google n-grams suggests that "Purloined Image", and "purloined documents" are a Thing. Cscott (talk) 21:58, 4 November 2013 (UTC)

Purloined could be a reference to something that is known as have been stolen like a work of art, or it could be something that was stolen in an XKCD comic. 108.162.246.117 21:18, 4 November 2013 (UTC)

EdgarPoe(author of The Purloined Letter)/EdgarPoet fits, but again not really anything to do with MASH. 108.162.246.117 21:27, 4 November 2013 (UTC)

Water-3 pokemon (egg group) are given here: http://bulbapedia.bulbagarden.net/wiki/Water_3_(Egg_Group) ...if I split off the letters of their names after the 8th letter, we see l, el, le, t, ta, and r. So the MASH item ends with one of those suffixes. 199.27.128.167 21:31, 4 November 2013 (UTC)

Can't end in 'r', because then that clue would be ambiguous. Cscott (talk) 21:53, 4 November 2013 (UTC)
Speaking of pokemon, could the clue to purloined have something to do with the pokemon Purrloin? http://bulbapedia.bulbagarden.net/wiki/Purrloin_(Pok%C3%A9mon) 108.162.221.43 23:51, 4 November 2013 (UTC)

Is there a reason "MASH" is capitalized in the above sections? Given the context, it shouldn't be, and I still haven't given up on the password being a reference to the monster mash. That said, we can't ignore the movie/show MASH. Also, now that I think about it: pokeMONstermash? I don't know, just throwing ideas out :P 173.245.55.209 22:08, 4 November 2013 (UTC)

On reddit they suggest "Letterman" (which is wrong, too many letters) based on the M*A*S*H episode, "Letters". Cscott (talk) 22:11, 4 November 2013 (UTC)

...on the other hand, I wonder if an answer like "ALANALDA" would work? As in, someone who "did the M*A*S*H"... Cscott (talk) 22:13, 4 November 2013 (UTC)
Sadly, no. Because it needs to be more than 8 characters. --Jeff (talk) 22:17, 4 November 2013 (UTC)
No, I mean, "an answer of this form", not ALANALDA exactly. The Edgar Allan / Alan Alda congruence is tasty, but I can't make it work. ALLANPOE works as an answer for "Purloined" but that makes something like ALLANPOET the answer to "he did the MASH" (CRAWDAUNT is then the pokemon). But that's misspelling Alda's name for the MASH clue, doesn't quite work. There's also JAMIEFARR (Cpl Klinger) as a better answer to "he did the MASH" but then that makes JAMIEFAR the answer to "purloined" and I can't plausibly make that work. ALLANARBUS is another M*A*S*H actor, but that doesn't work at all. Can anyone come up with other/better ideas in this vein? Cscott (talk) 22:31, 4 November 2013 (UTC)

In crossword puzzles, a clue ending in -ed (like 'purloined') is most commonly a hint that the answer ends in 'ed'. Cross referencing that with the Pokemon clue, the solution for "he did the MASH" becomes a nine or ten letter answer ending in: -edl, -edel, -edle, -edt, or -edta (excluding -edr due to non-uniqueness), with ......edle looking the most "English-y" to me. My hunch would be something else Robert Altman or Alan Alda "did"... but nothing seems to end in 'edle.' --Willowy burrito (talk) 23:07, 4 November 2013 (UTC)

There is no indication that this is a standard crossword. Most users don't respect crossword conventions when writing password hints. Cscott (talk) 23:59, 4 November 2013 (UTC)

For all we know, his favourite Water-3 Pokémon could be Shell Smash Cloyster or Shell Smash Omastar - "OmastarSmash" as a password would fit in with "Monster mash". 141.101.99.252 23:16, 4 November 2013 (UTC)

I like that idea, although it leaves "Monster " (with a trailing space) as the answer to "Purloined", which makes no sense. But interesting idea. Cscott (talk) 00:00, 5 November 2013 (UTC)

MonsterMash MonsterM TheWiscash -- Jcupcake (talk) (please sign your comments with ~~~~)

It's "Whiscash", and it's Water 2 (not 3) and "MonsterM" makes no sense as an answer for the hint "Purloined". But I like the idea of adding "The" in front of the pokemon answer; perhaps we're being too restrictive by looking only at pokemon with length > 8. Cscott (talk) 23:59, 4 November 2013 (UTC)
Fanservice

Randall must know about this site. This comic doesn't work without people to crack the code. Should we have a fanservice category? :-) --SurturZ (talk) 23:32, 4 November 2013 (UTC)