Index-shifted Caesar reverse of a custom enc() function
Foundations crypto engagement: recovered the plaintext by inverting a Python enc() that Caesar-shifted each alphabetic character by its string index; non-letters unchanged.
- Case files
- Index-shifted Caesar reverse of a custom enc() function
Received ciphertext and the enc() implementation; wrote a mirrored dec() that subtracts index i per letter and recovered the engagement string.
Mapped enc() shift-by-index behavior; implemented dec() and verified plaintext.
Engagement summary
Received ciphertext and the enc() implementation; wrote a mirrored dec() that subtracts index i per letter and recovered the engagement string.
CIPHER’S SECRET MESSAGE delivered an encrypted blob plus the exact Python encryption routine used in production of that blob. enc() enumerated plaintext characters: alphabetic glyphs were rotated forward by their index i within A–Z or a–z; digits and underscores passed through unchanged. That is a position-dependent Caesar — shift grows with offset into the string. Inversion is deterministic: subtract i (mod 26) for each letter. Running dec() on a_up4qr_kaiaf0_bujktaz_qm_su4ux_cpbq_ETZ_rhrudm produced a_sm4ll_crypt0_message_to_st4rt_with_THM_cracks. No brute force required once the algorithm was reviewed.
Business impact
Homegrown “obfuscation” that ships with its source is not encryption. Anyone with the routine recovers secrets offline. Use vetted libraries (AES-GCM, libsodium) and keep key material out of repositories — do not invent alphabet math for confidentiality.
Algorithm review and decryption script
Mapped enc() shift-by-index behavior; implemented dec() and verified plaintext.
ENCRYPTION (SUPPLIED)
enc.py
def enc(plaintext):
return "".join(
chr((ord(c) - (base := ord('A') if c.isupper() else ord('a')) + i) % 26 + base)
if c.isalpha() else c
for i, c in enumerate(plaintext)
)DECRYPTION
dec.py
cipher = "a_up4qr_kaiaf0_bujktaz_qm_su4ux_cpbq_ETZ_rhrudm"
def dec(ciphertext):
result = []
for i, c in enumerate(ciphertext):
if c.isalpha():
base = ord("A") if c.isupper() else ord("a")
result.append(chr((ord(c) - base - i) % 26 + base))
else:
result.append(c)
return "".join(result)
print(dec(cipher))
# a_sm4ll_crypt0_message_to_st4rt_with_THM_cracksOPERATOR · CRYPTO
savvy@lab:~$ python3 dec.py
a_sm4ll_crypt0_message_to_st4rt_with_THM_cracks
Remediation
Treat any custom cipher in application code as broken by default. Prefer authenticated encryption with managed keys. During code review, flag index-based alphabet transforms as non-cryptographic obfuscation.