PLEASE DUMP ALL THE THINGS YOU FIND RELATED TO THE PUZZLE IN HERE (do not delete anything -- just add new things. Also, add titles so it is easier to edit)
START: cca 07:30 GMT 6th JAN 2014
The following link is the Twitter account from which the automated tweets were sent last year (2013).
From that Twitter account came the first image of Cicada 2014 which is as follows:
Uploaded to: http://prntscr.com/2gy9v1
OutGuess steganography software output: http://pastebin.com/raw.php?i=7ruHyAdB
Quick edits for now, will update with full write up later.
- http://prntscr.com/2gy9v1 imgur
- http://prntscr.com/2gy9y5 twitter
- (printscreen made at 7:39 GMT jan 6th
- in time zone: Central European Time Zone (UTC+01:00)
- local time: 08:40 AM
After running the original image through Paint.net 3bit steganography plugin a cicada was revealed. (It can also be seen by simply adjusting the brightness and contrast.)
- it is jst dak gay cicada on black background, if you set your monitor colors correctly i should be visible on i.imgur.com/zN4h51m.jpg
This is most likely nothing, as cicadas are a common motif.
The original image was named as follows:
Although there is no solid foundation as yet to suggest the filename is anything other than a re-upload, it may be worth while putting the name of the file to one side.
FILENAMES ON IMGUR ARE RANDOM
- Cicada had no infuence on filename while uploading file.
zN4h51m.jpg - http://pastebin.com/16Cn3jw2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The work of a private man who wished to transcend, He trusted himself, to produce from within. 1:2:3:1 3:3:13:5 45:5:2:3 20:3:20:5 8:3:8:6 48:5:14:2 21:13:4:1 25:1:7:4 15:9:3:4 1:1:16:3 4:3:3:1 8:3:26:4 47:3:3:5 3 13:2:5:4 1:4:16:4 . o n i o n Good luck. 3301 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGBQJSyjguAAoJEBgfAeV6NQkPsgAP/A3tMC3lpyFNAc/sj+Izu15S CzUjZJMe20Gu9UMNokQ2UJabktv9w0GMyK17TrMkUcU+ZpjdzGNqKoE2ETVxLmD/ uBZtR5PnF9EE3D08tJUPN1vSrYNkYk+9zcaUJZMPNgYNCt/CACutPwrOci9i9FDO 7BIpnhGqT3ZruqrSwO2Y73LJI1xxUt1XUqh1NQ+fJeAFMRkJBZZazkxRlgk3GGsF fLrcEKrS+KBipV1EQaaKxjISc9hc2c1TfxE66evlkN+zLcoyDcYuyruNM5wiZzgM 2uR58c+xgWQgG5UuLFClfvjDxUvDkrKt4mzEeaYSUm1MsYueuYklz4ydlg5Mf6l2 p1WyAxO52XfXVUZASk6VmaEQ0WjODTXvLeFTxUSDoKDMkvxDVxX6wGkufS9JwakB nTZizZ8Ypv8GcNCuNNGd6gZ1Vk2MYntggXdX8INd0Itcd3QnLqbBnATDOinDxlOs 5zTrtyTHNaxxDagPfAbU1jMXM0aHd7PFAzjjp7kgCTWqMyBch+8Vt80bjkdL9iw8 Q3hxuanq8mh6nUGc+tNe0UfqKHEbE+jWIezYqgawJB0M9R5OhxWE+E+jPXtZKkXQ JHYndPDrrsV8q27b7p0KN0+oblTkjqsItIAuLu7FNd0B4xb1jjp1Sbh7WJdZ/rbi mCO0vN/obU9qK1Vfapy0 =6Gxk -----END PGP SIGNATURE-----
OUTGUESS DECYPHER WALKTHROUGH
- Using Outguess run the following command:
outguess -r /path/zN4h51m.jpg /path/zN4h51m.txt
- Replace '/path/' with the directory structure location of where you want your file to output to. After the output location, name your file whatever you want with a .txt file extension.
- WInfags use win binnaried in wikia or CYGWIN
Cypher = x:x:x:x (paragraph:sentence:word:letter) PART 1 The work of a private man who wished to transcend, He trusted himself, to produce from within.
Which leads to - http://www.math.dartmouth.edu/~doyle/docs/self/self.pdf
Cypher = x:x:x:x (paragraph:sentence:word:letter)
PART 2 1:2:3:1 = a 3:3:13:5 = u 45:5:2:3 = q 20:3:20:5 = g 8:3:8:6 = n 48:5:14:2 = x 21:13:4:1 = j 25:1:7:4 = t 15:9:3:4 = v 1:1:16:3 = d 4:3:3:1 = b 8:3:26:4 = l 47:3:3:5 = l 3 = 3 13:2:5:4 = p 1:4:16:4 = v . o n i o n
Which is equal to - auqgnxjtvdbll3pv.onion or http://auqgnxjtvdbll3pv.onion/
Good luck. 3301 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGB...
PGPSignature of image is valid:
6D85 4CD7 9333 22A6 01C3 286D 181F 01E5 7A35 090F gpg: Signature made Sun 05 Jan 2014 10:59:26 PM CST using RSA key ID 7A35090F gpg: using PGP trust model
Further verification: http://imgur.com/r7s3E9S
PGP HELP FILES
Pretty Good Privacy (PGP) Downloading, Installing, Setting Up, and Using this Encryption Software A Tutorial for Beginners to PGP
Determining Strengths For Public Keys Used For Exchanging Symmetric Keys - RFC 3766
OpenPGP Message Format - RFC 2440
MIME Security with OpenPGP - RFC 3156
Self-Reliance by Ralph Waldo Emerson1841
- Cypher recovered from the hidden message in the original image for 2014 is decyphered using this book. The cypher was set out as x:x:x:x or paragraph:sentence:word:letter
CLUE FOR THE BOOK
The work of a private man who wished to transcend, He trusted himself, to produce from within.
- Poem references transcendentalism
- Emerson is a noted transcendentalist author
- "he trusted himsef" refers to "trust thineself", which is a theme throughout Self-Reliance, as is producing from within
ONION NO1 - For Every Thing That Lives Is Holy
JPG ON ONION
- PRINTSCREEN of onion 1 page
- if you look closely at the image, there is a cicada symbol
- the center bottom (Ancient of Days) image is shifted two pixels to the right, and the right image is two pixels shorter than the canvas, leaving a 2 px wide vertical and horizontal strip of 415 and 293 pixels empty.
Resolution of jpg:
- 1327 *1427
The original file name is:
This may be notable (unconfirmed), as it is a mirror of 3301 i.e. Cicada 3301
1033 vs. 3301
1033.jpg - http://pastebin.com/NNtsegga
HTML SOURCE CODE OF http://auqgnxjtvdbll3pv.onion/ (no linebreaks added)
(no linebreaks added)
<html><head><title>For Every Thing That Lives Is Holy</title><body><img src="[view-source:http://auqgnxjtvdbll3pv.onion/1033.jpg 1033.jpg]" /></body></html>
HTML OF .onion RAW SOURCE CODE
<html> <head> <title>For Every Thing That Lives Is Holy</title> <body> <img src="1033.jpg" /> </body> </html> *Note missing trailing </head> in source code
ALTERNATIVE IMAGE LOCATIONS
There's also this
HTTP BANNER ONION 1
HTTP/1.1 200 OK Date: Mon, 06 Jan 2014 14:24:13 GMT Server: Apache Last-Modified: Mon, 06 Jan 2014 07:43:43 GMT ETag: "9904-68-4ef486b41c9c0" Accept-Ranges: bytes Content-Length: 104 Vary: Accept-Encoding Content-Type: text/html
OUTGUESS FROM 3301.jpg from ONION 1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Welcome. Good luck. 3301 e = 65537 n = 75579125746085351644267182920580212556413102071876330957950694457000592\ 10248050757270234679993673844203148013173091173786572116639 - -----BEGIN COMPRESSED RSA ENCRYPTED MESSAGE----- Version: 1.99 Scheme: Crypt::RSA::ES::OAEP eJwBswBM/zEwADE2MgBDeXBoZXJ0ZXh0LE2jxJS1EzMc80kOK+hra1GKnXgQKQgVitIy8NgA7kxn 2u8jNQDvlu0uymNNiu6XVCCn66axGH0IZ9w4Af3K/yRgjObsfA1Q7QqpXNALJ9FFPgYl5rh07cBP M9kbSH6DynU/5cYgQod2KymjWcIvKx3FkjV4UOGakDnBf1eQp1uwvn3KxDVwTyzPqbMnZvOA06Ec AfKtyz1hEK/UBXkeMeVrnV5SQQ== =yTUshDMKN65aPaKAR0OU8g== - -----END COMPRESSED RSA ENCRYPTED MESSAGE----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGBQJSyly/AAoJEBgfAeV6NQkPHhUP/R7nuYiTMw+3sbe0xV+4rmiN liSDmW6ibOK4UTkZDTeAS5kAKIjxCC3DwWi0lXqBGZyabojWHM2wRwYLOhvfKvgg DgPnW1BSZ/R67GaUy0CM/vtZOtktBeIdntlZamk9DpW5bQ311c7N9dy6uWc8+hOM umkcnT7u799zESazFgCeDSOw0cFgHDiG9UTAQxbe+NsXY/NKm4N0WAtgWmdte5ym dU8ImpmXWg8NChdn49UtuAACi8s8tcI/lHj1Yjh+AQRbO2+Ozn9eSxUAQ1TsXSgt 30jKmXI5ss4WHS16nYsS97BUbo4oX3NBXaCjSZb7fKO9CRJBo3gm2R8/NcIMIkEc GlQ/7rCQWHXA0MC+415ut5dcJf2ihwid81c1xsDyqQdfhEsWE/wVnK7Ujje+BgcO ybBHl8ejJzWhZkCvesHOmIo1RLEanxlGUC5jcRLqImrT7A9CrO+EVFW16EZpvzug Tsopo56+JbIFiIzAq+CGujHgDZnoHJFtB574utjOnZz9xzsVZ3lirQyAFOGauH+g K+XxjXjY8tT5lppAgmF3zWKqha7NoV+9FgFl2q2SS9ue+s4Joyn5PYKnICJeze3i K9BZ7gIT694s4dLEzu6kGaRyuNmx8qaoDs0kjvEB5pI+1buGuNAysHQWIDyY3DWb CjJ1AnBLY0ObxaMbWMR/ =d5E8 -----END PGP SIGNATURE-----
PGP Validates - http://prntscr.com/2h1cvj
e = 65537
3.3.1. The rsa-sha1 Signing Algorithm
The rsa-sha1 Signing Algorithm computes a message hash as described in Section 3.7 below using SHA-1 [FIPS.180-2.2002] as the hash-alg. That hash is then signed by the signer using the RSA algorithm (defined in PKCS#1 version 1.5 [RFC3447]) as the crypt-alg and the signer's private key. The hash MUST NOT be truncated or converted into any form other than the native binary form before being signed. The signing algorithm SHOULD use a public exponent of 65537.
n = 75579125746085351644267182920580212556413102071876330957950694457000592\10248050757270234679993673844203148013173091173786572116639
3.3.3. Key Sizes
Selecting appropriate key sizes is a trade-off between cost, performance, and risk. Since short RSA keys more easily succumb to off-line attacks, signers MUST use RSA keys of at least 1024 bits for long-lived keys. Verifiers MUST be able to validate signatures with keys ranging from 512 bits to 2048 bits, and they MAY be able to validate signatures with larger keys. Verifier policies may use the length of the signing key as one metric for determining whether a signature is acceptable.
Factors that should influence the key size choice include the following:
o The practical constraint that large (e.g., 4096 bit) keys may not fit within a 512-byte DNS UDP response packet
o The security constraint that keys smaller than 1024 bits are subject to off-line attacks
o Larger keys impose higher CPU costs to verify and sign email
o Keys can be replaced on a regular basis, thus their lifetime can be relatively short
o The security goals of this specification are modest compared to typical goals of other systems that employ digital signatures
See [RFC3766] for further discussion on selecting key sizes.
Stegdetect also detects jphide data inside this image
- Stegdetects commonly detects false positives
Our n is 130 decimal digit s long or 429 bit.
For people who are not going to go the bruteforce way, they can check their p and q assumptions here: http://codeseekah.com/cicada/isp.php
It is important to note that p and q are not necessarily primes (i.e. nobody forced 3301 to use primes). (http://en.wikipedia.org/wiki/RSA_(cryptosystem)#Key_generation).
Also note that factoring will take a long time, so guessing might be a good approach as well - look at sets of emirps for example, there might be a 60-65 digit emirp/prime set out there that produces n.
WE ALMOST SAME PUZZLE IN 2012. But it was individualized, one before last one.
IF YOU RUN OUTGUESS ON THE IMAGE WITH KEY OF 3011 YOU GET THE FOLLOWING:
*p distinct prime number
*q distinct prime number
(In cryptography, key size or key length is the size measured in bits of the key used in a cryptographic algorithm (such as a cipher).)
*e is released as the public key exponent.
RSA encryption and decryption
Assume that an RSA public key uses a modulus with j bits; its factors are two numbers of about j/2 bits each. The expected computation time for encryption and decryption are different. As before, we denote the number of words in the machine representation of the modulus by the symbol n.
Most implementations of RSA use a small exponent for encryption. An encryption may involve as few as 16 squarings and one multiplication, using n-by-n-word operations. Each operation must be followed by a modular reduction, and therefore the time complexity is about 16*(.6 + 1) + 1 + 1 ~= 28 n-by-n-word multiplies.
RSA decryption must use an exponent that has as many bits as the modulus, j. However, the Chinese Remainder Theorem applies, and all the computations can be done with a modulus of only n/2 words and an exponent of only j/2 bits. The computation must be done twice, once for each factor. The effort is equivalent to 2*(j/2) (n/2 by n/2)- word multiplies. Because multiplying numbers with n/2 words is only 1/4 as difficult as multiplying numbers with n words, the equivalent effort for RSA decryption is j/4 n-by-n-word multiplies.
If you double the size of the modulus for RSA, the n-by-n multiplies will take four times as long. Further, the decryption time doubles because the exponent is larger. The overall scaling cost is a factor of 4 for encryption, a factor of 8 for decryption.
FACTORIZING CICADA 3301 PUZZLE n FOR REAL
TOGETHER AS ONE DIVIDED BY ZERO
Our best self-motivated coders distributed factorization among their boxes:
- They used: http://cado-nfs.gforge.inria.fr/
- Number Field Sieve (NFS) algorithm.
- Currently on final step.
- Expect results "In Time."
- I cant find any videos describing what NFS is
- add if you find some
- Please read what GNFS is in respect to others doing hard work
13:36 <@mdzhb> PID28389 2014-01-07 05:27:44,557 Info:Lattice Sieving: Total CPU time: 878768.6999999997s 13:36 <@mdzhb> PID28389 2014-01-07 05:27:44,557 Info:Filtering - Singleton removal: Total cpu/real time for purge: 610.26/424.892 13:36 <@mdzhb> PID28389 2014-01-07 05:27:44,558 Info:Filtering - Merging: Total cpu/real time for replay: 43.01/37.4837 13:37 <@mdzhb> PID28389 2014-01-07 05:27:44,558 Info:Linear Algebra: Krylov: CPU time 34471.22, COMM time 954.22 13:37 <@mdzhb> PID28389 2014-01-07 05:27:44,559 Info:Linear Algebra: Mksol: CPU time 20060.39, COMM time 512.27 13:37 <@mdzhb> PID28389 2014-01-07 05:27:44,667 Info:Complete Factorization: Total cpu/real time for everything: 938758/18361
To all those who participated: YOU ROCK FOLKS! We did it!!!!!
SOLUTION GOES HERE SOLVED AT 07:39 GMT 7. 1. 2014
factors of n:
sage: p = 97513779050322159297664671238670850085661086043266591739338007321 sage: q = 77506098606928780021829964781695212837195959082370473820509360759 sage: p.is_prime() True sage: q.is_prime() True sage: p*q confirmed!
Next step will be to use the two prime numbers, *p & *q, to recreate the private RSA KEY and decrypt the message:
-----BEGIN COMPRESSED RSA ENCRYPTED MESSAGE----- Version: 1.99 Scheme: Crypt::RSA::ES::OAEP eJwBswBM/zEwADE2MgBDeXBoZXJ0ZXh0LE2jxJS1EzMc80kOK+hra1GKnXgQKQgVitIy8NgA7kxn 2u8jNQDvlu0uymNNiu6XVCCn66axGH0IZ9w4Af3K/yRgjObsfA1Q7QqpXNALJ9FFPgYl5rh07cBP M9kbSH6DynU/5cYgQod2KymjWcIvKx3FkjV4UOGakDnBf1eQp1uwvn3KxDVwTyzPqbMnZvOA06Ec AfKtyz1hEK/UBXkeMeVrnV5SQQ== =yTUshDMKN65aPaKAR0OU8g== -----END COMPRESSED RSA ENCRYPTED MESSAGE-----
Script that does all this in one step:
- Script for decryption (insert correct p, q, e and encrypted message)
- ! copy script from Raw Paste Data on bottom of pastebin page
- pastebin formatting from normal window causes:
- Uncaught exception from user code: Breached Armour.
- To fix it you have to move the my $plaintext and the message to the beginning of the line
- Winfags need: http://strawberryperl.com/ (dont forget to set paths: http://prntscr.com/2h0193)
HERE WE GO:
SCRIPT WITH p, q, and RSA ENCRYPTED MESSAGE inserted
ONION no2: http://cu343l33nqaekrnw.onion/
OUTPUT OF PERL SCRIPT IS:
<|!--Patience is a virtue--|>
6342 92ba 49fe 336e dada 779a 3405 4a33 5c2e c12c 8bba ed4b 92dc c05e fe98 f76a bffd c238 9bdb 9de2 cf20 c009 acdc 1945 ab09 5a52 609a 5c21 9afd 5f3b 3edf 10fc b259 5066 6dfe 8d8c 433c d10c 0b4c 72ef dfe1 2c62 70d5 cfde 291f 9cf0 d73c b121 1140 136e 4057 380c 963d 70c7 6948 d9cf 6775 960c f98f bafa 435c 4401 5c59 5983 7a0f 8d9f 46e0 94f2 7c57 97b7 f8ab 49bf 28fa 674d 2ad2 f726 e197 8399 5692 1dab 2972 4c
String is 326 characters at last edit and counting. String seems to be growing incrementally.
- [08:48] String is 280 characters.
- [09:13] it's 284 now.
- [10:10] 296 char
- [10:34] 300 char
- [11:34] 306 char
- [11:52] 310 char
- [11:56] 312 char
- [11:19 GMT] 318 char
- [11:55 GMT] 320 char
- [12:03 GMT] 322 char
- [12:15 GMT] 324 char
- [12:20 GMT] 326 char
XOR? OR NOT XOR?
Since string on Onion no 2 is growing; we expect it is like it was reddit in 2012 and twitter in 2013.
Most agree that XOR Would be good guess