# 1997-98NEW MEXICOHIGH SCHOOLSUPERCOMPUTINGCHALLENGE Interim Report

 Team Number: 011 School Name: Aztec High School Area of Science: Mathematics Project Title: Mathematical Approach To Text Encryption Through Algorythms Project Abstract: http://mode.lanl.k12.nm.us/97.98/abstracts/011.html Interim Report: http://mode.lanl.k12.nm.us/97.98/interims/011.html Final Report: http://mode.lanl.k12.nm.us/97.98/finalreports/011/finalreport.html

Although it may not be obvious, our modern lifestyle depends on our ability to transfer data securely. Each credit card transaction made every day must be relayed through a network of computers in order for it to be approved. Many businesses upload hundreds of credit card numbers a day to a central corporate computer via computer networks, leaving encryption as the last and only line of defense against crackers that may be accountable for financial loss, for both the consumer and the corporation. Encryption is crucial to how we use computers. Without strong encryption, computers could not be trusted to keep our information private. There are many, more innocent, uses for data encryption, however. Many users like to encrypt data and documents just to ensure that it is kept from prying eyes. This is often where problems become apparent.

Encryption is a process where data -called plaintext- is made unusable by comparing it to a key. In order for the intended recipient to recover the data, the key must be given to the computer. The key is the only thing that keeps others from accessing the data, therefore it would defeat the purpose if the user wrote it down. The problem comes is when the only person who knows the key forgets it.

If you need to read your file, but have lost the key to decrypt it, the first thing that you do would is to try to guess at what you might have used as the key. This is the idea behind a 'brute force' attack. A computer program is used to guess-and-check sequential values until the correct key is hit and the file is usable. This method of decryption is very dependable-but very time consuming as well. Another option would be to use a 'cryptological' attack. Cryptological attacks use some common sense to narrow the number of possible keys before the guessing begins. For example, if the encrypted data consists of a string of twenty characters and then one extended ASCII character, and then twenty more characters followed by another extended character, it is a pretty safe bet to say that the key is twenty-one characters long with some sort of special character at the end. This will make short work of the guessing process, which we still will have to do-in fact, no matter how good cryptanalysis is we must always make at least one guess at some point before we can find the key. The guesswork is what makes cracking a code tough; although it is done hundreds of times per second, it can take days to crack a code using brute force. Using the SGI computer will allow our team to develop methods of decryption exponentially faster than using conventional means.

At this point, our team has been able to encrypt and decrypt a file encrypted with XOR using the brute force method and has developed a method of cryptanalysis that decreases possible permutations of the key by 50%. Our cryptanalysis of DES has led us to develop an explicit algorithm that will infinitely decrease the time required to crack the key. All of this is relatively worthless if the computer must ask the user if each guess has returned a usable result, so we have designed and written an algorithm that will scan the data and determine if it is usable.

In the finalized program, we expect to be able to supply a file encrypted with DES or XOR and have the computer determine the key used to encrypt it. The program will first use a cryptanalysis of XOR, then a brute force attack against XOR. The program will then use a cryptanalysis of DES in order to find the key in the minimum amount of time. We fully expect our program to return a 100% useable and readable result.