Hackaday 10th Anniversary: [1o57] And The Art Of Encryption

[Ryan] a.k.a. [1o57] comes from an age before anyone could ask a question, pull out their smartphone, and instantly receive an answer from the great Google mind. He thinks there’s something we have lost with our new portable cybernetic brains – the opportunity to ask a question, think about it, review what we already know, and reason out a solution. There’s a lot to be said about solving a problem all by yourself, and there’s nothing to compare to the ‘ah-ha’ moment that comes with it.

[1o57] started his Mystery Challenges at DEFCON purely by accident; he had won the TCP/IP embedded device competition one year, and the next year was looking to claim his title again. The head of the TCP/IP embedded competition had resigned from his role, and through a few emails, [1o57] took on the role himself. There was a miscommunication, though, and [1o57] was scheduled to run the TCP/IP drinking competition. This eventually morphed into a not-totally-official ‘Mystery Challenge’ that caught fire in email threads and IRC channels. Everyone wanted to beat the mystery challenge, and it was up to [1o57] to pull something out of his bag of tricks.

The first Mystery Challenge was a mechanical device with three locks ready to be picked (one was already unlocked), magnets to grab ferrous picks, and only slightly bomb-like in appearance. The next few years featured similar devices with more locks, better puzzles, and were heavy enough to make a few security officials believe [1o57] was going to blow up the Hoover dam.

With a few years of practice, [1o57] is turning crypto puzzles into an art. His DEFCON 22 badge had different lanyards that needed to be arranged to spell out a code. To solve the puzzle, you’ll need to talk to other people, a great way to meet one of [1o57]’s goals of getting all the natural introverts working together.

Oh. This talk has its own crypto challenge, something [1o57] just can’t get out of his blood:

We talked for a little bit, and 0x06 0x0a1 MFY YWXDWE MEOYOIB ASAE WBXLU BC S BLOQ ZTAO KUBDR HG SK YTTZSLBIMHB

35 thoughts on “Hackaday 10th Anniversary: [1o57] And The Art Of Encryption

    1. Where did you get “POA YOTVSN….” from? Was the hint originally printed as that? If so, then it’s clearly not a substitution but instead a polyalphabetic cipher, like Vigenere, and he changed the key between the original and what’s up there.

      That may be significant, having that text handy…or were you just messing with us somehow? :)

      (and, of course, this is presumably just a hint to solve what’s in the slides, which 1o57 has assured everyone, is very easy. so spending too much time on this hint may be counterproductive…)

        1. Very cool. I didn’t realize OTP was “a thing” here.

          I’ve tried a bunch of things with the resultant text…straight substitution (got nowhere), vigenere with some cribs, etc. I even tried cribbing a couple words and looking for the resultant strings in the OTP itself (using the online tool for the hacakday pad) but couldn’t find any matches.

          I’d think that this wouldn’t be too hard to complete, as this is supposed to be a hint for the other puzzle, and it’s turning out to be the harder of the two. (but only because I just can’t see the answer, I suspect….)

          1. Brian:
            lmao! Well, it turned into a good red herring by making me think there was more to that code. Now to try to get some free time to look at the other thing….

    1. Hey there, I’ve had at least some of the solution since sunday morning but I don’t do twitter. Is there an alternate way to send you the solution without puting the answer in a public forum?

      1. I’ve solved two pieces to the puzzle (and haven’t heard back yet if that’s all – it’s quite possible he’s been too busy to get back to me).

        But the 2nd piece tells you what to do with the first piece. It’s not necessary to message him on twitter or post it publicly anywhere.

  1. How do you start with these I see a bunch of 4 letter codes on slides. I dont know what to do with the reference to the first hotel security reference and the 10th hackaday anniversary reference, I lose any direction or path to take.

  2. Been staring at the hint here off and on all day. Can’t make heads or tails of it. I feel like it must be a simple substitution, but don’t know what the 0x06 and 0x1a are supposed to lead me towards…

    1. Thought that may be the case, not dice. Here’s the binary from the slide for anyone playing along:
      0101010 0000100 1001001 1101110 0000111
      1110001 1000100 0100010 1000000 1110001
      0100100 0001010 1000110 1110001 1110001
      0001010 1001011 1000101 1000111 1000011
      1000001 0001000 0100000 0101101 1110001
      1101101 0101011 0100011 1110001 1110000
      1000100 1110001 0000011 0000110 0000101
      0100000 0000000 0000000 0000000 0001o57

      1. Which is a one time pad, the hint here? Maybe. I’m still thinking a straight substitution cipher but I just haven’t been able to pull out any of the words.

        The 0x06 and 0x1a translate to ascii codes for “ACK” and “SUB”, which the sub makes me think of substitution as well, but perhaps that’s just confirmation bias.

          1. @Jonathan:

            Yes, it’s in the store, but it is publicly available. You just need to know where to look.

            Also, the pad is not perfectly random. I think there’s a prize for anyone who can prove they cracked a message by exploiting this fact.

  3. Brian: Bastard. :)

    (but thanks for letting me off the hook on this…it was driving me buggy. I even wondered if the “ThIs is NoT a hint” tag was in some way actually a hint…)

  4. Is this another one of their plugs for their hackaday store? If so, i’m not biting. If I am going to buy something from somewhere I will.. I don’t want to be baited into solving or buying something just to get a.. frigging ad for a store! >.==.<

    1. The crypto in this post uses something they sell in their store, yes, but it’s not necessary to buy it to solve it (it’s available online if you search for it).

      The “in talk puzzle” itself is all from 1o57 and doesn’t, as far as I know, relate to Hackaday at all other than being presented at their 10th anniversary conference / celebration.

      So go ahead and play the game. Reserve your >.==.< for 1o57 and Brian Benchoff, after you've figured them out….

      Ru Ikhu Je Thyda Oekh Elqbjydu

    1. I think several of us have (pretty sure I got it). But I don’t think anyone has heard from 1o57, as he’s been extraordinarly busy lately.

      Give it a shot — all the slides you need were tweeted by @1o57 in quick succession, and it’s not as hard as you might think.

Leave a Reply to Jonathan HerrCancel reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.