If you didn’t already know, CryptoKait and I have known each other for just about three years now. In those three years our relationship has evolved from a coach/player relationship into a coworkers relationship, and now into a coworker/roommate relationship, of course all while being best friends along the way, even if that means being lectured in our living room at two in the morning about some cryptography life or death situations that have occurred throughout history (see Mary Queen of the Scots).
Now I’ve learned a lot of cryptography from CryptoKait over the last three years, so I’m here to tell you all of the most important tips and tricks for cryptography in the National Cyber League (NCL) Games. For all the ins and outs of cryptography, see CryptoKait’s Introduction to Cryptography blog since this is pretty much a condensed version of her blog.
Words to know
I definitely stole these from Kait, but they’re still completely relevant because cryptography doesn’t really change.
Cipher – Encryption one letter at a time.
Code – Encryption by word or phrase.
Plaintext – The readable message.
Ciphertext – The encrypted message.
Encrypt/Encode/Encipher – The process of turning plaintext to ciphertext.
Decrypt/Decode/Decipher – The process of turning ciphertext to plaintext.
Break/Crack – The process of turning ciphertext to plaintext.
Key/Keyword/Key Phrase – The needed information to encrypt or decrypt a cipher.
Protocol – The rules, methods, or standards of the encryption.
This chart for numerical cryptography is a life saver no matter how many seasons you’ve played.
Now if you participated in our 2020 Summer Camp, this chart will look pretty familiar from my numerical cryptography blog, but I never teach cryptography without it. This is how Kait taught our team and this is how I continued teaching the team when I took over as the coach. To identify which number base you’re looking at, find the highest single digit (sometimes it’ll be a letter), and use the chart below to identify the encryption type. After that, all you have to do is find a number base to text decoder (some of our favorites are linked into the table).
|Base-n||Characters Found in Encryption Type|
|Base-3 (ternary)||0, 1, 2|
|0, 1, 2, 3, 4, 5, 6, 7|
|0, 1, 2, 3, 4, 5, 6, 7, 8|
|0, 1, 2, 3, 4, 5, 6, 7, 8, 9|
|0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f|
|0-9 and all lowercase letters|
|0-9 and all capital and lowercase letters|
|Base-64||0-9, all capital and lowercase letters, + and / (Usually ends in “=” or “==” which is padding)|
Rumkin should be your best friend.
The cipher tools section of Rumpkin is absolutely incredible! This is 100% my favorite resource for most of the different non-numerical types of cryptography you’ll see in the NCL Games.
For these, the best way to identify which encryption method is being used is to read the instructions on the challenge and look at what the encrypted message looks like.
For example, if there’s a passphrase or secret word given, it’s probably a Vigenere cipher.
If the instructions don’t give much a clue, it’s likely some type of shift cipher, such as Atbash, Caesarian, or ROT13.
And if the instructions give you a couple of random numbers (though the numbers may not always be given) and the encrypted message looks a little something like this:
T w ae hlskCS5.hsi htarifnecpe ok ieNLHO-94isa lcirol -W2
it is definitely a Railfence cipher. (If you want a little practice, use the railfence decryption tool on Rumpkin on the message above.)
And finally, if the encrypted message is a bunch of symbols in an image, it’s some type of Substitution cipher, although there is a chance you may not be able to use Rumkin because Cyber Skyline likes to get creative with these sometimes, so you’ll probably need to do some Googling to figure out what alphabet they’ve used if it’s not a common type.
Now these aren’t necessarily fail safe methods for detecting which ciphers are being used, and these are definitely not the only types you’ll see (there was definitely a cryptography challenge with music notes in one game that I was never able to figure out), but these are the most common ciphers I’ve seen in my last three years of playing in the NCL Games and definitely give you a good starting off point if you’re new to cryptography.
If you have any questions, feel free to leave a comment below or reach out on Twitter. Have fun and happy hacking!