Original URL: http://www.theregister.co.uk/2011/12/05/gchq_code_breaking_puzzle_solved/
GCHQ spooks' code-breaking puzzle solved
'Rather disappointing', says prof - both puzzle and prize
Posted in Developer, 5th December 2011 11:30 GMT
Watch Now : Virtual Machine Movement with Hyper-V
The GCHQ-set code-breaking puzzle was solved over the weekend.
The signals intelligence agency last week set a puzzle at canyoucrackit.co.uk [1] in its attempt to unearth potential recruits beyond its traditional graduate programme. Late last week it emerged that the successful completion page for the puzzle was available by a simple Google search.
Many people have since cracked the code properly including Dr Gareth Owen, a computer scientist and senior lecturer at the University of Greenwich in England. Owen has posted a full video explanation of how to solve the three-part puzzle here [2].
Would-be code-breakers were presented with a 16x10 grid of paired hexadecimal numbers. The first stage involves recognising executable code as well as unpicking some steganography.
Stage two involves developing a virtual machine to execute code.
The final stage involves constructing a file with 'gchqcyberwinAAAABBBBCCCC' where A, B, C are the codes from earlier in the challenge. This code, when run, generates a web address which has the keyword (the web address is wrong if you put the wrong a,b,c in).
"The last stage contains a deliberate security hole, which GCHQ emailed me to say was deliberate to make solving the problem easier - but it turns out I took a short cut instead and bypassed this bit," Owen explained.
Reaching the successful completion page was a "rather disappointing end to quite a lot of work," as he puts it.
GCHQ is offering would/be applicants who crack the code a starting salary of just £25k, very low for a skilled job, as the Daily Telegraph notes [3].
As one Reg reader put it in an email to Vulture Central: "Why are we paying world-class cyber security experts what we pay passport-stampers at the border-control-agency?" ®