@ramonster might be on to something with the 752 being jumbled up and just needs sorting. 21 into 1 might be linking how to decode it using Beno/Phal AFTER the 752 was “sorted” and put in the correct format.
If i remember Storm said that IRC clue 5 had some hint towards the Halos File/752 Hex code, after IRC was solved it stated that
"“This is a message left for Dr. Horn. Just to remind you in case of emergencies that the password to the HALOS files is BENALOHPAILLIER. I have programmed HALOS to send in level seven cases. You should bring pizzas.”
This suggests that the Password is actually BENALOHPAILLIER, and not a way to decode it. So we already have the Password.
now the sending in Level Seven cases links back to the OTR Levels, one of which being 7, linking to a One Time Pad and possibly using the password BENALOHPAILLIER to decode it.
Now sorting it out is the problem, when did the 21 into 1 come about?
I’m still skeptical about the relation between the ARG and the website. AI5BM is just the location from where the sos-morse message was sent from, but it doesn’t link to the ARG in any way. I admit that it’s hard to believe that the ‘meet halos’ anagram thing is just a coincidence. But apart from that, the website is only full of quotes from BM scientists and distress signals.
Whether the website is ARG related or not, I think we can safely assume that it’s not related to the hex code.
The best thing to do know is make a list of theories we already had BEFORE Storm mentioned we were close.
The Benaloh and Paillier cryptosystems could be important and “BENALOHPAILLIER” might be password for something.
Also, I think that Storm(assuming this was him) gives a lot of clues in this PM which might lead to something.
Are you absolutely sure about that? AI5BM sounds a lot like A15, a certain door in BM with a code behind it.
It’s entirely possible that KXBM is simply meant as a site to attract people to this ARG, but it’s entirely possible that it also has some clues relating to the current ARG.
Rule 1 of an ARG: Use every possible source until that source is either exhausted or proven false.
Anyways, relating more to what you said, I think we should follow JohnNotjohn’s advice and look through page 80 through page 100. There’s probably something there. After all, JohnNotjohn is a Welshman.
Yeah you’re probably right about it’s meant to attract people to the ARG. And I’ve found that Storm has actually made a reference to the BMRF.us site which makes it pretty confirmed that kxbm.net is related to the ARG.
As I think that all clues we need were present 2 years ago, all that kxbm.net can offer are things that may point us to information we already had the same way Storm pushed usto SECOM while we already could have known that as it was a extension of VIC. This indeed still makes it worth to look into the site.
Anyway, as Storm has said in his PM, we need a password that “will probably be hinted at, perhaps in a less than obvious way”.
Okay did we know 2 years ago that the number 21 could be relevant ?
If so maybe the hex code isn’t hexadecimal. Maybe it is in the 21 system (21 numbers go into 1 cipher)
Like 101 is one hundred and one in decimal but also 5 in binary…
Maybe we have to do that first and decrypt it afterwards with something else.
I began pouring over his PM again, and I noticed that he said something specific:
It has to be AES. It just has to be.
Is it possible we could use AES with the password benalohpailler?
I already tried decrypting using AES. “benalohpaillier” isn’t long enough to create a key, and I have no idea what else I would use.
Storm also stated that this was not encrypted and cannot be decrypted using OpenSSL.
What about the other options there, Rjindael, Twofish or Serpent? Has anyone ever tried them?
And also this could just mean that ‘benalohpaillier’ isn’t the password for the Hex code. After all it was supposed to be the password for Level 7, and the hex code is Level 8.
I don’t think anyone has tried those. They use the same key lengths as AES, so without the key we would still be out of luck.
That likely means that there’s another password.
By the way, what is the password length supposed to be for AES?
keylength varies for AES, but minimum of 128 bits (or 16 bytes / 16 letters). One thing to consider is that “BENALOHPAILLIER” came from a clue where the whole clue was mashed together without spaces. Given that, you could make “BENALOHPAILLIER” into “BENALOH PAILLIER” (note the space) and have your 128 bits.
However, any text-based password is translated into binary for the key, and upper and lower case letters are different binary values. So “Benaloh Paillier” is completely different from “BENALOH PAILLIER.” I tried decrypting it using Cryptool2 (https://www.cryptool.org/en/), AES with both those forms, as well as all lowercase. No luck. I also tried with Twofish, again no luck.
I even tried running an xor on the binary of the 752 and then decoding (with the thinking that 21 into 1 was hinting that an XOR that would convert the number 21 into 1 should be applied before decoding). I tried an XOR for both decimal and hex values of 21. Nothing. (Though now that I think about it, I never tried XORing after decoding).
Oh, and it’s mentioned somewhere on the wiki that storm (in one of his alts) once misspelled BENALOH as BENALLOH, so I tried that too (also makes it 128-bit length)
What I didn’t try was all the possible permutations of capital/lowercase arangements of the password. I just don’t have the time to mess with that.
I also tried DES, Triple DES, and other algorithms available in Cryptool2 as well. All with no luck.
Doing a bit of research, it seems AES, Twofish, and Serpent all use key lenghts of 128, 192, or 256 bits. This means the password would need to be 16, 24, or 32 characters long. BENALOHPAILLIER is only 15 letters.
Rjindael, whichwas used as the basis for AES, can also be used with a 20 or 28 character password, in addition to those mentioned above.
This is just from the Wikipedia entries on those systems.
Alright, long time lurker jumping in.
Looking at the hints given, it really does sound like we’re to use AES with a 256-bit key size. In particular, I get that from the line:
Now regarding password sizes: while it’s possible that the password is somehow exactly keysize-many bits long and is the key, I would think it is more likely than not that the password is hashed to a key of the appropriate size (128, 192, or 256 bits long. Probably the 256 as I mentioned above). So I don’t think it is worth worrying about the particular length of the password.
Two final thoughts:* I’m really hung up on the “21 goes into 1” hint and ‘BENALOHPAILLIER’ password. One idea that I’ve played around with a lot is that both Benaloh and Paillier are homomorphic encryptions. HOMOMORPHICENCRYPTION just so happens to be 21 characters. So I’ve played with using ‘HOMOMORPHICENCRYPTION’ the passphrase and hashing it into a key, and thereby making it such that “21 goes into 1”
- I also like the theory, which has been mentioned a few times, that the new website is supposed to provide some kind of hint, even if it is not necessary for the puzzle’s completion. The big one I see is the Base64 encoding of all the file names. This makes me wonder if we have to do something with Base64 here.
Anyways, I played around with these ideas for a while before posting. I ran mcrypt’s decryption on the raw halos file in several keymodes with several algorithms (mostly rijndael-128). Didn’t get any good results. I’ll script something up to do a more exhaustive search tomorrow, (and more carefully) but I thought I’d share my thoughts first.
Hope I can help more going forward. This is a truly wonderful puzzle Stormseeker.
There was already a clue regarding base64 on another clue which lead to the hint about the password being BENALOHPAILLIER, so its possible, but its already been tried so many ways to crack the 752 code.
anyway im a glutton for punishment, im doing back to 2013 in the comments.
I don’t think its rjandiel or however you spell it, I think that’s been tried several times before. Have you tried keys other than Benalohpaillier yet? Thepizzaisalie or other similar word clues as the cipher key? They might work.
Edit: Black Mesa Research Facility is 24 characters, maybe try that with AES ?
you guys might want to have a relook over what Flav said here. Maybe we already have the clues we needed in the previous IRC clues.
This whole watching thing has me thinking on a whole new level. The Observation Room where you see Gman, behind him is one of the whiteboards in the episode, and can only be gotten to when using noclip to get to the area. Im going to check that board out see if there is anything on it. theres also a few other obersvetion rooms as well. But thats the only one where HE is Watching!
Clue 6 pointed to the HALOS file.
Clue 5 gave the password “BENALOHPAILLIER.”
Clue 3 was the first mention of HALOS, as far as I can tell.
Clue 4, however, doesn’t seem to add much at first. But consider this: it gave a login “HALOS”
Combining the login and the password gives a total of 20 characters, which can be used as a 160-bit key for a Rijndael cipher.
