tags:

views:

290

answers:

7
Q: 

Identifying algorithm used to generate codes

How would one identify what algorithm is used to generate codes with? Both common, open source ones, and the more difficult, custom unpublished algorithms? For example here are a sample...

x3vbhzcouy
g3zy453f4
srix1gtvri
3ewnubic5vz
4bu9ksba6yj
r1u3rxfd82n
fs30bew9eq
b8gr8w5f3
tz6t998ulr
ycd1zued
oizyviwv
7w6eownv0
s15zxpid9uoo
u8is4ulxm
bqg0c50luq
pqpwn6ty3

How would I go about identifying what algorithm is used to generate codes like this and thus be able to generate my own using the same algorithm??

+1  A: 

It's not easy. If you have the program that reads the code, you can try to figure out how the program works, which gives you clues to how to create a code that the program wants. See here: How to Create a Keygen

If you simply have the codes but not the program that reads them, you are getting into cryptography.

In the worst case, they are just a random series of bytes, and you have no hope of creating your own. This is what you would have if you buy a ticket to an event, and there is a code on it. This code is recorded by the system that sold the ticket, so the ticket can be validated. The only way to create your own ticket would be to randomly generate data, and hope you get lucky. (Or generate an infinite number, eventually one will have to be right!)

Kevin Panko  2009-08-13 14:55:59
"How to Create a Keygen" link domain was snapped. =\
Alix Axel  2009-08-13 15:15:02
+1  A: 

That's not easy. If you have an unencrypted and encrypted sample, you could test several algorithms and try for a match.

Even for relatively simple encryption algorithms, statistical methods are not very useful in determining the encryption technique. Some poor implementations may have a header in the file that can be used to determine the encryption technique.

The most efficient way to identify an encryption algorithm (with no hints) is usually to decrypt the file. Techniques for that are "beyond the scope of this paper," but essentially you would try a bunch of passwords with several popular encryption techniques, using shortcuts (such as popular passwords, testing a small portion of the file, etc.)

xpda  2009-08-13 14:56:39
A: 

Your sample was obviously generated by my own, difficult, custom unpublished algorithm. It is so difficult and custom unpublished, it doesn't even have a name...

drhirsch  2009-08-13 14:59:59
Demonoid web developer here. =D
Alix Axel  2009-08-13 16:53:46
+1  A: 

The key to your problem is knowing the conditions the codes are validated against. If the codes are generated randomly and validated by a third party you don't have access to (e.g. prepaid phone cards, timecode cards for online games, etc.) you are screwed.

Altherac  2009-08-13 15:02:54
You can always brute force it. :P
Alix Axel  2009-08-13 15:04:36
Good luck with long codes :)
Altherac  2009-08-13 15:19:47
+1  A: 

Understanding code algorithms is a large and complex subject. Whole departments of governments are dedicated to this task.

In order to succeed at understanding a specific code requires knowledge of the use of that code. The more specific knowledge you can gain, the better your chances. Some types of knowledge include:

  • The capabilities of the creator of the code (those without a cryptographic background often leave loopholes which can be exploited)
  • The platforms used by the code
  • The background of the creator of the code (often clues come from personal lives)
  • Samples of unencoded text and their equivalents in encoded text

Any/all of these will help.

To get an idea of what is involved, find or buy a copy of Applied Cryptography.

lavinio  2009-08-13 15:09:35
+1  A: 

Like others have said it's difficult to know, however you can do a visual analysis for some hints and with a big enough sample narrow the possibilities and work from there, for example:

Sample: 16 codes
Alphabet Usage: 0-9, a-z (36 chars)
Length of Codes:

 - 8 = 2 samples, no digits
 - 9 = 5 samples, between 2 and 5 digits
 - 10 = 5 samples, between 0 and 4 digits (we know now that digits shouldn't be relevant)

And so on...

Don't assume that the codes are cryptographic, they can be encoded in different bases (like base64) or rot13 for example, or be computed with some sort of check digit algorithm, for example Luhn, ISBN, Verhoeff, etc.

Alix Axel  2009-08-13 15:10:14
+1  A: 

If this is really a list of demonoid invites, it wouldn't even matter if you figured out how to make one. It's not likely they just test if the invite code matches a particular pattern. They probably generate them using the algorithm and then store them in the database.

So even if you make some, they won't be in their DB already.

iddqd  2009-08-13 16:15:21

related questions

How do I find the Excel column name that corresponds to a given integer?
Calculating a cutting list with the least amount of off cut waste.
Red-Black Trees
How to maintain a recursive invariant in a MySQL database?
RFC calculation in Java need help with algorithm
Best word wrap algorithm?
How do you separate game logic from display?
Most effective way for float and double comparison
Choosing a multiplier for a (string) hash function
Optimizing a search algorithm in C
Find the best combination from a given set of multiple sets
What "already invented" algorithm did you invent?
Designing a Calendar system like Google Calendar
How to overload std::swap()
Looking for algorithm that reverses the sprintf() function output
Merge Sort a Linked List
Puzzle: Find largest rectangle (maximal rectangle problem)
graph serialization
Peak detection of measured signal
Big O, how do you calculate/approximate it?
What problems can be solved, or tackled more easily, using graphs and trees?
Followup: "Sorting" colors by distinctiveness
Efficiently get sorted sums of a sorted list
Function for creating color wheels
Fastest way to get value of pi