The Krypton wargame is all about cryptography, each challenge you are given an encrypted password and have to break it using a different technique. This write up will not post any of the passwords out of respect for the wargame and future players.
As a big hint, the game tells us that the password is encoded in base64, which is a common binary to text encoding that makes use of 64 printable ASCII characters.
The easiest way to decode this is to use the unix filter
We are told the password in this level is encrypted using a very simple letter rotation. In fact, it is ROT13, where each letter has been swapped with the letter 13 places ahead of it. The mapping looks something like this.
We can simply reverse this mapping to give us the plain text. Using the translate unix filter, we can easily define this relation and apply it to the string.
We are told that the crypto is a Caesar cipher, but we do not know what rotation it is. We could simply brute force all 24 possibilities but we are given an executable binary which will encrypt any plain text for us using the same Caesar cipher.
This is known as a chosen-plaintext attack, by simply using the binary to encrypt the entire English alphabet, we can reverse engineer the cipher and decrypt the message.
With a quick calculation, we can see the rotation is 12, so reversing the password back by 12 (or forward by 14) will give us our password.
In this level, we are told the cipher is a substitution cipher, but we do not have access to an executable. What we do have access to is over 4000 characters of encrypted text. Using a technique known as frequency analysis, we can attempt to crack what the substitution is. As ‘e’ is the most common letter used in the English alphabet, whatever the most common letter is in the found text, is most likely ‘e’ in plain-text. Following this logic and using a larger frequency table to reverse map letters, we can start to see words forming. The attack model being used here is a known-plaintext attack.
Using the help of analysis websites we can see that the entire alphabet has been mapped to this.
Applying this mapping to our encrypted password and we get
Out with the mono-alphabetic ciphers and in with the poly-alphabetic ones. A poly-alphabetic cipher is based on substitution but using multiple alphabets instead of just one. The classic cipher, and the one used in this level is a Vigenère cipher. It works in this way.
with our key,
K = GOLD and plaintext
P = PROCEED MEETING AS AGREED then the encryption is as follows.
Which produces a cipher text of
VFZFK SOPKS ELTUL VGUCH KR.
In order to break this cipher we can use frequency analysis. We are given the length of the key K, which is 6. What we can try is breaking up the cipher text into groups of 6 characters and performing analysis on the first character of each group, to try and get the first character of the key. Then repeat this process for each subsequent character in the key. With the help of an analysis website, we see a possible key could be
FREKEY. Luckily, this is the key and can be used to decrypt the password for level 5.
Another Vigenère cipher, except this time we do not know the length of the key. Breaking this requires frequency analysis and abit of intuition. Using the same analysis website, we can perform statistical analysis and the website provides a few keys which could be correct.
One of them is
KEYZEBGTH, using this the found text decrypts partially to
IT WMS FHE BEST AF FIMESA. Intuitively, this looks as though its meant to say
IT WAS THE BEST OF TIMES. Modifying our key to fit this plaintext, our key transforms into
KEYLENGTH, which is the correct key to decrypt the password for level 6