Raymond makes a psychic prediction for 2006


I have gazed into my crystal ball and emerged with a prediction for 2006. Revealing my prediction now may influence the event itself, so I will post only the hash for the prediction. I will post the actual prediction at the end of the year.

using System.Security.Cryptography;
using System;

class Prediction {

 static void DoHash(byte[] bytes, string name, HashAlgorithm hash)
 {
  Console.WriteLine(name);
  hash.ComputeHash(bytes);
  byte[] result = hash.Hash;
  for (int i = 0; i < result.Length; i++) {
   Console.Write("{0:X2}", result[i]);
   if (i % 32 == 31) Console.WriteLine();
  }
  if (result.Length % 32 != 0) Console.WriteLine();
 }

 static void Main()
 {
  string msg = "prediction goes here";
  Console.WriteLine("length {0}", msg.Length);
  byte[] bytes = (new System.Text.ASCIIEncoding()).GetBytes(msg);
  DoHash(bytes, "MD5", MD5.Create());
  DoHash(bytes, "SHA1", SHA1.Create());
  DoHash(bytes, "SHA256", SHA256.Create());
  DoHash(bytes, "SHA384", SHA384.Create());
  DoHash(bytes, "SHA512", SHA512.Create());
 }
}

The output of this program (after you replace "prediction goes here" with the actual prediction, of course) is as follows:

length 45
MD5
6D915EC203DF0C918D13B63C4FF7C1EE
SHA1
49A2E2B22D27D450890E30D0A34EBA53B454925E
SHA256
2C928DC82E133B0FAD5DAA64BC373BE400C700B124749072816B7053EECC9A82
SHA384
080BDBB804B8F9B28731E6E17F872C6BE6F8F08B6670CA3424726295DE58A8DE
2FE9EA43D724B7AA2ED3366CA9A80631
SHA512
D0A84D8B1B330F101D115044C9C7146605C951199BC2F036EE677C690D5151A9
3F78FDFD8E6FF147EE2DB517A96642B24ED17D2306A772B953281CB4C0BEEDF1
Comments (99)
  1. That looks like a challenge. I’m not really much of a hacker, but I’ll look into it tonight (if somebody doesn’t spoil the fun by posting the solution)

  2. jachymko says:

    not actually a .net blog? J

  3. KiwiBlue says:

    "not actually a .NET blog"…

    J

  4. Frederik Slijkerman says:

    It probably isn’t doable to figure out the prediction by brute force. Let me see: suppose there are only letters A-Z, a-z, 0-9, space, comma, period, colon, and semicolon in there. That is 67 possibilities per character, so 67^45 hashes to calculate: about 10^82.

    To be able to find the answer before the end of the year, you have about 220 days of calculation left… still almost 10^80 to try each day (it almost doesn’t matter how many days you have…), or about 10^75 a second. Good luck.

  5. Frederik Slijkerman says:

    I forgot to say that the prediction will probably be in English, so the actual number of possibilities to try will be far less. But still quite impossible.

  6. Manip says:

    So this is a .Net blog now? /sigh/

  7. Peter Ritchie says:

    I don’t know, to randomly pick English words that fit into 45 characters seems to drastically reduce the working set.  Should be doable by year’s end, even without grammar checking:  Roughly six words in a set of 20 thousand words results in 6.4 * 10^25.  Forcing "a" and "the" in the mix would further reduce that set.

  8. Andrew January says:

    It probably get even smaller when you consider it will most likely contain certain works such as "will".

    But then I know very little about cryptography and breaking it :)

  9. gloomyandy says:

    Isn’t this one of those real cryto no-nos don’t provide the cipher text (or in this case hash) of the same plain text (especially for short text). Not sure how you do it but I would guess that may be enough information leaking through into these hash values to allow the plain text to be recreated. Some sort of differential attack?

  10. lars says:

    "Vista will slip again" ;)

  11. Matt Green says:

    I don’t know why, but this blog seems to attract hopelessly pedantic people. Psst, writing the equivalent code for this in C++ would be a huge PITA, so it makes perfect sense for it to be in C#.

  12. oldnewthing says:

    gloomyandy: Perhaps so, but this wasn’t a cryptography challenge. At least it wasn’t intended to be one. Alternatively I could’ve said, “I have a prediction but I won’t tell you anything about it. At the end of the year I will tell you whether I was right. You’ll have to trust me that I didn’t tamper with the prediction in the meantime.”

  13. Anthony Wieser says:

    Raymond,

    Are you going to wait til the end of the year to tell us, in the event that it comes true early?

  14. AC says:

    I’ve tried to get Raymond’s values with Perl and I’ve got another values:



    use Digest::HMAC_SHA1;

    use Digest::SHA1;

    $s = "prediction goes here";

    $sha1 = Digest::HMAC_SHA1->new( $s )->hexdigest;

    print "SHA1 $sha1n";

    $sha1d = Digest::SHA1->new(); $sha1d->add( $s );

    $sha1 = $sha1d->hexdigest;

    print "SHA1 $sha1n";

    —-

    gives:

    SHA1 05952da417342a7e0cfe82694594119a64ee0651

    SHA1 b8d73190462f79dc10c92b83d777a2e7b02748e9

    Anybody knows what the .NET is doing differently?

  15. SiM says:

    How about rainbow tables for MD5 (like this one at http://rainbowtables.shmoo.com/) ;-)?

  16. Ryan says:

    AC – he replaced "prediction goes here" with his actual prediction…

  17. AC says:

    Ryan: oops, I haven’t considered everything up to the end, actually I wanted to compare the test vectors. :)

    Has anybody the results of the Raymond’s program when run with the "prediction goes here" string?

  18. AngryRichard says:

    Slijkerman —

    Why do you think the prediction will be in English?  A good percenatage of the posts here refer to Raymond’s mad crazy skill in Germanic languages.  If I had to guess, he’s probably practicing his Icelandic here.

    So now you not only have a-z, but all those goofy diacriticals to worry about as well.

    It’s a good thing Raymond added SHA* hashes: otherwise y’all would be accusing him of having two complementary predictions that MD5 hash to the same value!

    What I really think he’s doing is giving us a cliff hanger to keep his ratings up.

  19. DuncanS says:

    AC – the hashes for "prediction goes here" are:

    MD5

    18F08E593E6B042725E120533058DB1D

    SHA1

    B8D73190462F79DC10C92B83D777A2E7B02748E9

    SHA256

    AC4D025B62FB853F221840D9C21728D17F79DC974231A130131C5E21DAA1DE7A

    SHA384

    6C6354891BFE0A39D60FB4E97FE846FCA348E9A004E9372F82F0D451895643C5

    5A894F3C108CB97FB0DA08903181CA8C

    SHA512

    2278B74CBF00A84FC28C48782E1E4FDB1628BF564E04CBE30220F7DD469FBC84

    FD3B22F48F706D37E6B80FDEEC607F2DDBDD39D103F8AD1FC6C85D793A255A3E

  20. Ditto says:

    The prediction is "no one will crack the hash".

  21. Chris says:

    Maybe we should try to get a better guess without brute-force hacking. Notice he said "revealing my prediction now may influence the event itself." Wjat sprts pf tjomgs cpi;d je [pssob;u o

    Oops did a shift there, I’ll leave it for posterity. Anyways I was gonna say, "what sorts of things could he possibly influence?" :-)

  22. SiM- the Rainbow tables are usually for much smaller words- on the order of 14 characters at the site I looked at. Not many people are interested in cracking passwords that are 45 characters long.

  23. Actually, Chris, what sorts of things could THE PREDICTION possibly influence?

    It won’t be something he could directly and deliberately influence, like some project he’s developing. That wouldn’t prove anything. If someone predicts "I will eat a baloney sandwich", nobody’s impressed when it happens.

    So it’s probably not something HE can influence, but it is likely to be something WE can influence. Not directly, but in the economic sense – being the result of human action, but not human intent.

  24. Gabe says:

    For those of you considering various Germanic languages, don’t forget that the hash uses the ASCII encoding. Anything that’s not 7-bit will get mangled, so it’s probably just English.

  25. oldnewthing says:

    You guys are just setting yourselves up for disappointment. It’s really not that big a prediction.

  26. Suma Dartson says:

    I predict the prediction will come true in September.

  27. Tyler says:

    "Mozart will rise again"

  28. Simon Cooke says:

    Hey Raymond…

    Willing to give us a little more to go on? Like does the prediction follow normal english rules for punctuation and capitalization, does it only contain normal english words, etc?

    The fact that you hashed it with several different hashes makes me think you’re deliberately setting this up so that an enterprising someone can brute force it :)

  29. I’m not as interested in the prediction as I am in the meta-prediction: what sort of thing would Raymond Chen publicly predict?

    So the hash values are totally irrelevant to me. The discussion, on the other hand, is quite interesting… because to me, this is much more of a social question than a code question.

  30. Raymond: I didn’t read this as a challenge but as you intended it:  as a form of non-repudiation.

  31. Anon says:

    Raymond goes to google.

  32. Bob says:

    "The stock’s going to $19"

  33. Neal says:

    Ummmm… The end of the world will not come this year.

  34. Me says:

    How about a google search for predictions made over the weekend (or last week).  Maybe Raymond is countering someone else’s prediction… like when spam will come to an end… or not

  35. "writing the equivalent code for this in C++ would be a huge PITA…"

    This blog does attract pedantic people; I read it every day.

    I assume you meant to say that writing the hashing code with straight Win32 or some other native API set would be more difficult than using .NET. The C++/CLI implementation of Raymond’s C# code would be almost exactly as concise and easy to implement. C++ and .NET are not mutually exclusive.

    PMP

  36. Miles Archer says:

    I would have thought this would be easy for the expert since there’s no salt.

  37. Some guy says:

    It would be trivial in C++ – all you’ld have to do is use a library that contains a few suitable hash functions, just like in C# you’ld use a pre-written library instead of rolling your own. It’s not as if C# is the only language in existance with libraries of code. It’s just relatively recently that people came up with the idea that only object libraries that ship with the compiler actually count.

  38. Mike Dimmick says:

    If you’re prepared to stick with Windows you should be using CryptoAPI, so we’re looking at the CryptCreateHash and CryptHashData APIs. See sample MD5 program at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/example_c_program__creating_an_md-5_hash_from_file_content.asp?frame=true.

  39. JB says:

    SHA-1 is broken so it’s possible to guess his prediction.

  40. David Conrad says:

    Gabe: Hashes don’t use the "ASCII encoding", they just hash bits. So they work equally well with ASCII, Windows-1252, Latin-1, Unicode, JPEG, MP3, PDF, DOCX, ….

  41. Art Fedorov says:

    SHA-1 is broken so it’s possible to guess his prediction.

    So why don’t you crack it then? :) Oh, you don’t have several supercomputers at hand. Theoretically possible doesn’t mean practically possible. It’s theoretically possible to crack every hash and every encryption algo.

  42. Coderjoe says:

    I think the length should have been omitted. Having multiple hashes should be enough to validate the prediction in the future. The length just makes it a bit easier to figure out the data being hashed. I won’t go into my hypothesis, though.

  43. Coderjoe says:

    I might add that if I do act on my hypothesis, I will only do so as an exercise, and will not be sharing the prediction, should my efforts prove successful.

  44. Ez says:

    I predict that an american will land on mars

  45. Ez says:

    … doh. nope. I need a million monkeys..

  46. Claw says:

    Coderjoe wrote:

    > I might add that if I do act on my hypothesis,

    > I will only do so as an exercise, and will not

    > be sharing the prediction, should my efforts

    > prove successful.

    Agreed… I will not share the prediction either now that I have cracked it.  However, to prove that I have indeed cracked it, I provide the hash of the prediction here:

    length 45

    MD5

    6D915EC203DF0C918D13B63C4FF7C1EE

    SHA1

    49A2E2B22D27D450890E30D0A34EBA53B454925E

    SHA256

    2C928DC82E133B0FAD5DAA64BC373BE400C700B124749072816B7053EECC9A82

    SHA384

    080BDBB804B8F9B28731E6E17F872C6BE6F8F08B6670CA3424726295DE58A8DE

    2FE9EA43D724B7AA2ED3366CA9A80631

    SHA512

    D0A84D8B1B330F101D115044C9C7146605C951199BC2F036EE677C690D5151A9

    3F78FDFD8E6FF147EE2DB517A96642B24ED17D2306A772B953281CB4C0BEEDF1

    J

  47. steveg says:

    "Futurama and Firefly will rise again."

    or more likely.

    "This will be my most popular 2006 post."

  48. Maurits says:

    If it’s wrong will you still tell us what it was? ;)

  49. steveg says:

    On a code-related aside, what do people think of one line if/action statements? I am definitely not a fan on the grounds they hinder readability, and it makes it harder to set a breakpoint in the debugger (unlike Raymond I don’t debug in assembler :-)

    if (result.Length % 32 != 0) Console.WriteLine();

    And don’t get me started about Perl’s backwards if statements:

    Console.WriteLine("") if (n > 10);

  50. oldnewthing says:

    I don’t like them either, but my coding style on the web site favors compactness, not readability.

  51. If people are really sold on trying to hack this thing, I have an idea that I wouldn’t be able to code up nearly as fast as most of you. It is closely related to a brute-force dictionary attack, except we target it specifically to him. I was looking at statistics of various english language dictionaries, and wondered to myself if they would include words that we would take for granted, such as, y’know, "Microsoft." Of course, we don’t want to search through all 750,000 words in a given dictionary and have one that is somewhat technical be the subject of this prediction.

    Well, my idea is to hedge a bet on the fact that Raymond has most likely already written about the topic before- if not the topic itself, then at least each of the pieces that make up the topic. We could use a spider to crawl his site and gather a collection of every single word he has written and use that collection in the brute force attack. We could go one step further and keep track of how often he uses each word and weight the brute force algorithm to use those words more often, or at the very least at the front of the list. We could also differentiate between his words (which will reflect his personal writing style) and the words in comments (which we may want to include simply for completeness, but at a much lower weight, perhaps only after all other options have been used up).

    We know that the phrase consists of 45 characters, and more thoughtful analysis of the algorithm may include some kind of quick grammar check. Anybody care to venture a guess how many permutations this limitted dictionary attack would bring us to?

  52. Norman Diamond says:

    The prediction is "This prediction will prove false" and Mr. Chen will never be able to reveal whether it came true or not.

    The other prediction is that some country’s war on drugs will get this hash site closed down.

    > You guys are just setting yourselves up for

    > disappointment.

    Hey!  Your blog is read by GEEKS.  They love a CHALLENGE.  So YOU’RE the one who set them up.

    Sorry for a serious note after all that…

    Tuesday, May 23, 2006 4:17 PM by Paul M. Parks

    > C++ and .NET are not mutually exclusive.

    They are if your target is a "smart device".  Mr. Chen isn’t the only one who still gets to enjoy raw Win32 coding in daily life (well except for this thread that is).

  53. Miral says:

    I predict that it’s a meta-prediction (ie. predicts something about itself or the article it’s in).  Like "nobody will crack it" or "lots of people will try to crack it" or even just "this post stirred up the most amount of debate ever".

  54. Chiando Mescartartes says:

    ‘Ballmer will get fired, and on the third day, Bill Gates will rise again, in fulfillment of the Prediction, and he will lead the faithful to new Glories’.

  55. nick says:

    "Revealing my prediction now may influence the event itself, so I will post only the hash for the prediction."

    How about something circular like "Nobody will crack the hash for my prediction" ? Obviously isn’t the right one since you said *may* influence the event…but might be close :)

  56. MSDNArchive says:

    more thoughtful analysis of the algorithm

    > may include some kind of quick grammar check

    The hashing function would probably be faster than the grammar checking function, so I don’t know if it makes sense to perform a grammar check.

  57. J says:

    My bet: "I will leave Microsoft"

  58. Archangel says:

    Miral: Not only would it be a meta-prediction, in that case it would be a MacGuffin :-)

  59. Gabe says:

    David: The .Net hash functions hash bytes. Strings are not arrays of bytes in .Net, so in order to convert them to bytes they must be encoded in some manner. If you look at the line

    byte[] bytes = (new System.Text.ASCIIEncoding()).GetBytes(msg);

    you will see that they are encoded in 7-bit ASCII in this particular case.

    Regardless of what characters msg contains, the hash functions will never see anything that isn’t ASCII. This means that anybody attempting to guess what the hashed string may be can ignore any characters with accents.

  60. James says:

    Clearly, the prediction is that he will get lucky with a named person; revealing the prediction would certainly impact the chances of that happening! :-)

    That, or it’s "Nobody will guess that my home PC’s Administrator password is …".

  61. peterchen says:

    my guess:

    "People will talk endlessly about how to crack this, but noone actually will"

  62. James H says:

    At the end of the year, when Raymond reveals the prediction, of course, people will come back to this page and copy the source, substituting in the exact text of the prediction and generating the output this page tells them to expect.

    Except of course the contents of this page are under Raymond’s control. What’s to say that when we come back here in January 2007, the hash values we read will be the same ones that were here today? Are they, in fact, the same ones that were there yesterday? Who would be bothered to go back and check?

    So, in December, Raymond can make up an astonishing prediction that shows his amazing psychic foresight, amend this post accordingly, and then end the year with a post that proves beyond doubt that he is omniscient about more than just the Win32 API…

    Very clever, Mr Chen, very clever…

  63. Andrei says:

    This is solvable.

  64. AC says:

    To DuncanS: Thanks!

    So nice to know, Raymond’s SHA1 is compatible with the following Perl:

    use Digest::SHA1;

    $s = "prediction goes here";

    $sha1d = Digest::SHA1->new(); $sha1d->add( $s );

    $sha1 = $sha1d->hexdigest;

    print "$sha1n";

    .NET libraries obviously miss something that immediatelly produces hex string from bytes.

    BTW I’ve just recognized that the real prediction is exactly 45 chars (and that some functions .NET can format arguments with the syntax like "{0}" — anybody knows if such arguments are checked by compiler?)

  65. Well Raymond sure encrypts like a man!

    Maybe the prediction is "Nobody will work out that I am Mini-Microsoft!"

    J

  66. silkio says:

    AC Said:

    > BTW I’ve just recognized that the real

    > prediction is exactly 45 chars (and that some

    > functions .NET can format arguments with the

    > syntax like "{0}" — anybody knows if such

    > arguments are checked by compiler?)

    Obviously it can’t be checked by the compiler; it’s checked at runtime.

    I’m going to go with the other poster that suggested this prediction is based on recent predictions from others (probably predictions that specify things happening at the end of 2006).

  67. Rick C says:

    James H,

    ANyone concerned that Raymond might change the blog post can save a copy of it as it is now.

  68. jeffdav says:

    You guys are reading way more into this than (I suspect) you really need to.  I doubt the hashes are meant as a challenge.  More likely they are what they appear to be: a fool-proof way for Raymond to prove he was right when (if) it comes true.  

    For what it’s worth, I predict it has something to do with who will win some competition (spelling bee, tour de france, etc, or possibly an election).  

  69. lobrien says:

    Chloe could totally crack this.

  70. BryanK says:

    JB: Not only is SHA-1 "broken", so is MD5.

    That is, "broken" in the sense that it’s possible to generate two byte arrays with the same hash value as each other with more than a 1 in 2 ** (n/2) chance (where n is the number of bits in the hash).  The birthday "attack" puts the limit at 2 ** (n/2) instead of 2 ** n, because (basically) when you can choose both arrays, you have a higher chance of finding two that hash to the same value.  That’s enough to declare a hash technically "broken" — but it doesn’t mean the hash is useless.

    If the 2 ** (n/2) gets cut down to 2 ** (n/2 – 5) by some algorithm, for instance, then the hash is technically "broken", but it’s only going to take 1/32 the time that it would have otherwise taken to find two matching-hash arrays.  2 ** 80 and 2 ** 75 aren’t really all that different (for a 160-bit hash like SHA-1).  Both are going to require continuous use of a few supercomputers for quite a long time.

    (And actually, the problem here isn’t to generate two arrays that hash to the same value; it’s to generate an array, of a given length, that hashes to a given value under each of the given hash algorithms.  So that makes it even harder, because you can’t use a birthday "attack".)

  71. BryanK says:

    Er, this is less clear than I thought:

    > That’s enough to declare a hash technically "broken"

    "That" refers to the fact that it’s possible to generate two arrays that hash to the same value.  It does *not* refer to the birthday "attack".  All hash functions are vulnerable to the birthday "attack" (which is why it’s in scare quotes; it’s not exactly a real attack).

  72. BryanK says:

    Caliban:

    Oops, you are correct.  I was forgetting how the birthday paradox is separate from any attacks that are based on it.

    So pretty much everywhere that I said "birthday "attack"", I should have said "birthday paradox".  Thanks.  :-)

  73. waleri says:

    What kind of event makes no sense, if ppl would know this event is coming?

  74. It doesn’t necessarily make no sense.  It could just be influenced by it.

    For instance, Raymond saying that Microsoft’s stock would tank might have an effect on Microsoft’s stock.

    George.  Everyone got the point, but a group of programmers are confronted with a secret that they could know if they crack a given cryptographic problem.

    What do you expect to happen?

  75. > All hash functions are vulnerable to the

    > birthday "attack" (which is why it’s in

    > scare quotes; it’s not exactly a real

    > attack).

    The birthday *paradox* is not the same as a birthday *attack*. A birthday attack is an actual attack which uses the birthday paradox as one of its components.

    Most such attacks are easily reduced to simpler atttacks, so to my knowledge none of the reference examples have ever been used.

    A common such example is the dual-contract scenario. You provide a fair contract for digital signature with its hash, when you secretly possess an unfair contract that has the same hash. Later, you bring the unfair contract to light and use it to extort money from your client.

    Unfortunately, it is highly suspicious if your client produces the original contract and it proves to have the same hash value. So this attack is much more easily accomplished by simply using the hash of the unfair contract, because your client will probably never verify it.

  76. Wow.. We *definitely* need to make a "Crack Raymond’s prediction" site/app.  The App will be simple enough to write in .NET, and we can just check out portions of the plain-text-space to clients.  Since there’s no prize involved, it doesn’t even need logins.  Checking out space just helps us distribute the load more cleanly.

    Though we could run in to hash collisions, it’s very unlikely that we’ll run in to data that creates a collision for all of these different hashes.

    Forget using Rainbow tables, or anything clever like that.  We must have enough Chen fanatics with spare power to pull this off by brute force.

  77. George Bailey says:

    Can I make a prediction? I predict that 87 people will completely miss the point of this blog entry. Too late? Dang.

    OK, you collective heads of knuckle, here’s the deal. It’s not a cryptography challenge. It’s not *any* kind of challenge. ALL he is saying is that he has a prediction that he doesn’t want to reveal, and yet wants it to be reasonably verifiable when he does reveal it.

    That’s it. Nothing more to see.

  78. Mike says:

    Just because I can, I have cached the hash codes on my blog here (as well as added my own sleep-deprived comments):

    http://demosaic.blogspot.com/2006/05/what-is-ramond-chen-predicting.html

    -Mike

  79. Michael says:

    *scratches his head*

    It may be possible to find a prediction that equals those Hashes – but it is impossible to find out what Raymond actually used as Predictions as there is an infinite number of strings that will result in these hashes.

  80. antgiant says:

    I have written a cracker for the prediction if anyone wants to help it would be much appreciated.  http://antgiant.livejournal.com/425.html

  81. Jonny D says:

    Well, I wrote a brute force cracker too, but there is just way too much space to search, even for a large distributed effort.

    What we really should do is create a dictionary of all the words that have appeared in this blog over the last year, and use only combinations of those words.

    When i have some spare time i’ll get to it…

  82. Maurits says:

    it is impossible to find out what Raymond actually used as Predictions as there is an infinite number of strings that will result in these hashes

    I’m willing to bet $100 that there is only ONE sequence of 45 7-bit characters that results in all of those hashes simultaneously.

  83. I agree.  It’s highly unlikely that there would be more than one string that hashed to all of those hashes at once.  It’s absurdly unlikely that there would be more than two.

    There’s more total information in the hashes than in the source string.  If we find that there is a string other than Raymond’s prediction that hashes to all of those values, cryptographic security has a serious problem.  That is to say, if we find something that hashes to all of these, it’s Raymond’s prediction.

    Oh, and, Antgiant:  You can cut down on your computation significantly by only doing md5 or SHA-1 and comparing against those hashes.  If you have a hit, you can then test the other hashes against your trial string.

    Another direction we could take on this would be to build the rainbow tables for md5 for the plaintext length of 45.  I’ve started building 45 length tables, but they’re going to take 16 days each of 36 tables (on a 2.4GHz Opteron).  These also take a lot of space, and, with 36 tables, are only probabalistic in their search.

    Once we had these built, we’d need to get all the tables to a single location to run rcrack on them.  The rcrack part is quick.

  84. IANA says:

    antgiant > I think the job is too large for brute force. Leaving that aside, in your cracker you appear to be generating every hash each time. I would sggest using the fastest only (MD5?) and then testing further IF that one matches.

    Maurits > Only $100, with those odds!

  85. Carlos says:

    There are about 95^45=1e89 possible strings and 2^512=1e154 SHA512 hashes.  Hence it’s very unlikely there are two 45 character ASCII strings with the same SHA512 hash, let alone two strings that produce all of Raymond’s hash values.  I think Maurits’s $100 is safe.

  86. No, you’re right that the rainbow tables do all of the work and store it in a quickly searchable format.  They could optimize searches for plaintext data larger than 512 bits.

    The reason that this might be a nice way to go is that the rainbowcrack code is quite quick.

    There’s a decent explanation linked from plain-text.info, as well as an online hash cracker.

    It’ll take some serious grunt to crack this by brute force.  A dictionary attack would be our best bet.

  87. Jo-Pete says:

    y0u w!ll n3v3r be ab13 to cr@ck this mess@ge.

    And yes, it’s 45 characters long.

    Matthew- perhaps I don’t understand rainbow tables well enough, but I thought that for them to work you basically had to create a table for the entire sample area. Do they somehow partially reverse-engineer the md5 encryption? Keep in mind that we’re not looking for a 45 character string that we can type into the password field- we’re looking for *the* 45 character string he started out with.

    That said, I really know extremely little about encryption. If you’re sure, then I can borrow 4 or 5 3-something GHz pentium 4’s for the time period you’re suggesting. I can’t help with the space issue, though.

    If you (or anyone else) wants help with the crack, email me at CrackRaymonChen@petiejoe.com . I came to the conclusion that I’m not comfortable enough with encryption theory to spearhead an attack, but I currently work in a lab with at least 5 unused high-powered workstations that I could utilize for short periods of time.

  88. Jonny D says:

    I’ve collected Raymond’s posts for the last 3 months, and there are only 48 characters that account for over 99 percent of all the characters used.

    That is still too big a space to search, but there are some more rules to help:

    -Must end in ‘.’ (assumption)

    -must be 6 words (at least 5 spaces- assumption)

    -must have 2 ‘e’,

    -cannot conatain 3 or more identical characters in succession.

    – must obey stats for 2 identical characters in succession (stats to be calculated by me..)

    -must have at least one of the top 3 english digraphs to be considered.

    Let me know if there are more ways to whittle this down.

  89. Myria says:

    I think it would be much easier to brute force the ideas than attempt to brute force the hash.  Only problem is, you won’t be able to know whether any guess was right!

    Here’s my guesses as to what it will be:

    – Microsoft finishes Vista in time for 2006, "surprising" everyone.

    – Microsoft announces that native code must be signed in order to run elevated, or must be on a known good hash list (games from the last 10 years).

    – Microsoft announces that Singularity is their next OS, and native code will only run in a sandbox.

    Of course, I’m just thinking of bad things because I’m a troll.

    Melissa

  90. David Conrad says:

    Gabe: Sorry, I was talking about hash functions in general. I hadn’t noticed that in Raymond’s code he was explicitly converting the strings to ASCII.

  91. antgiant says:

    I have updated my code to try significantly fewer possibilities some ideas of my own and

    some of Jonny D’s ideas, thanks for the pointers.

    It’s avaliable here (http://antgiant.livejournal.com/744.html)

  92. Ben Bryant says:

    what has he got in his pocketses, my precious? Raymond may not have intended a challenge, but it is an excellent challenge nevertheless.

    "Revealing my prediction now may influence the event itself" is a HUGE clue. Althouh the timing seems almost right, his phrasing likely rules out Vista scheduling because although he can theoretically influence Vista scheduling, surely the act of revealing the prediction will not in itself influence the scheduling. Except perhaps if his colleagues band together to try to prove him wrong. But still it is unlikely that as a Microsoft person he would announce a pessimistic prediction with the intention of revealing it. A positive prediction about the Vista schedule would hardly constitute a psychic prediction. So I think a software product schedule prediction can be safely ruled out.

    It is unlikely to be anything that he is the one that has direct influence over it, because he intends to reveal the prediction so there would be no big difference in revealing it now or later. More likely something that his readers could influence by discussing it across a zillion blogs.

  93. REblog says:

    While analyzing a malware sample today, I came across an interesting function. It uses red-herring local

  94. REblog says:

    While analyzing a malware sample today, I came across an interesting function. It uses red-herring…

  95. REblog says:

    While analyzing a malware sample today, I came across an interesting function. It uses red-herring…

  96. REblog says:

    While analyzing a malware sample today, I came across an interesting function. It uses red-herring…

Comments are closed.