# [Cryptography] Newbie cryptoanalysis question

Tom Mitchell mitch at niftyegg.com
Tue Jun 14 01:29:49 EDT 2016

```On Mon, Jun 13, 2016 at 3:34 AM, Jerry Leichter <leichter at lrw.com> wrote:

> > I am auditing some code that I think that is crap and I have to
> demonstrate it without access to it, it is black box testing.
> >
> > The data is something like this and I have ten rows
> >
> > Variable  Variable TS                   Signature
> > ID1       ID2
> >
> >
> > 3242424   34      2015-10-31 23:59:59   a1a2b3A4A
> > 3242425   34      2015-10-31 23:59:59   123456Aab
> > 3242426   34      2015-10-31 23:59:59   abcdefABC
> >
> > I bet on that Signature is a function of ID1, ID2 and TS without any
> >
> > I think that there is a process that could help me deduce that function.
> Could some one hint me some keywords?
> Unless the function is very simple-minded, determining it strictly from a
> black-box implementation is a very challenging proposition.  There are just
> so many possible quite simple transformations.
>
> If all you want to prove is that no secret is involved, there's a fairly
> straightforward procedure:  Take two different instantiations of the same
> code (which should presumably have different secrets) and show that they
> produce the same output for different inputs.
>
> If you're not in a position to do that, the notion of a "secret" in the
> algorithm makes little sense:  The "secret" *is simply part of the
> algorithm".

This seems to be something simple minded like base 62ish ([a-zA-Z0-9])
encoding.
Perhaps

https://www.kerstner.at/en/2012/07/shortening-strings-using-base-62-encoding/
How reversible or discoverable it is an additional question.
What they are hashing is unclear.

A data set of three to ten lines does not seem to be sufficient short of
luck.

Black box testers in most contexts have bounds and limits if only to
finish testing in the life of the universe.

Keywords to mumble to multiple search engines are the database vendor, data
base method, hash,
encoding and also base 62.
Signature is likely more than just a function of ID1,  ID2 and TS.
Look at the data flow and use to see what signature validates.

--
T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160613/4073fe8b/attachment.html>
```