Echo Response - Week 3 Quantum Conundrum#

README#

WEEK 3 - Quantum Conundrum#

Challenge: Quantum Conundrum - Breaking the “Unbreakable” Cipher
Date: October 21, 2025
Status: COMPLETED
Category: Reverse Engineering, Cryptanalysis, Binary Analysis
Difficulty: Hard

Challenge Overview#

Scenario#

“The Obscurarium realm’s defenses are hailed as ‘unbreakable’ and ‘quantum-proof’and for good reason. It safeguards one of the most dangerous relics still hidden: the Obscuran Key, a powerful artifact bound to memory, truth, and perception.”

Megacorp Quantum, a vital stronghold of security infrastructure in the Obscurarium Realm, believes no cipher, no codecaster, no force magical or digital can bypass their quantum-safe architecture.

But confidence is no defense against what you’re about to uncover.

Mission: Attempt to break Megacorp Quantum’s encryption system, pry open the encrypted file, and extract the flag hidden within. Determine whether the algorithmic wards truly protect the Obscuran Key.

Investigation Objectives#

Analyze the provided artifacts to answer the following questions:

Analyze publickey.pubkey and decode its contents. Identify the encoding algorithm and what the decoded values represent.
Investigate how the Seed is calculated. What other data is used beyond the public key?
Reverse engineer the decryption program. How many distinct transform passes are applied before the final XOR mask? Explain the first three transformations.
Decrypt the decrypt_me.enc file and submit the flag found in the plaintext output.

Available Artifacts#

The challenge package (QuantumConundrum.zip, password: Conundrum2025) contains:

Artifact	Type	Description
`QuantumConundrum.exe`	Binary	Windows executable - encryption/decryption application
`decrypt_me.enc`	Encrypted File	The locked vault containing the hidden flag
`publickey.pubkey`	Public Key	The key used to lock the data away
`README.txt`	Documentation	Directions on encryption (with missing details)

Key Findings#

Attack Summary#

Target: Megacorp Quantum Encryption System
Claimed Security: “Unbreakable” and “Quantum-Proof”
Actual Security: FULLY COMPROMISED

Investigation Results#

1
1. Public Key Analysis
2
    Encoding: Base64 (NOT encryption!)
3
    Decoded: 24.07.2025|megacorp@quantum.com
4
    Purpose: Static seed component
5

6
2. Seed Calculation
7
    Components: Email + Date + Timestamp + "PublicSalt"
8
    Weakness: Hardcoded salt, no KDF
9
    Vulnerability: Predictable seed generation
10

11
3. Transformation Pipeline
12
    7 distinct layers before XOR
13
    Ring rotation  Add  Subtract  Cyclic shifts
14
       Quadrant swaps  Bit-pair swap  Variable rotation
15
    All reversible through binary analysis
16

17
4. Successful Decryption
18
    Keystream: (char * 7 + index) & 0xFF
19
    Flag extracted: OS{BENDER}
20
    System: BROKEN

Critical Vulnerabilities#

** CRITICAL:**

Base64-encoded “public key” (not actual encryption)
Hardcoded salt: PublicSalt
No key derivation function (KDF)
Weak keystream generation (simple arithmetic)

** HIGH:**

Deterministic encryption
Static date component
No authentication/integrity checks

Reverse Engineering Process#

1. Binary Analysis with Ghidra#

Tool: Ghidra 11.2.1 PUBLIC
Target: QuantumConundrum.exe

Key Functions Identified:

FUN_140002680 - Main orchestration function
FUN_1400019e0 - Matrix building from input stream
FUN_140002070 - Add constant transformation
FUN_1400021f0 - Subtract constant transformation
FUN_140002390 - Cyclic shifts and permutations
FUN_140002540 - Even/odd bit swap
FUN_140001df0 - Keystream derivation
FUN_140001c00 - XOR application

2. The 7 Transformation Layers#

Transform 1: Ring Rotation (90 Clockwise)#

1
Treats NN matrix as concentric rings
2
Each ring rotates independently
3
Outer ring: full 90 rotation
4
Inner rings: same process
5

6
Example 44:
7
 1  2  3  4      13  9  5  1
8
 5  6  7  8     14 10  6  2
9
 9 10 11 12      15 11  7  3
10
13 14 15 16      16 12  8  4

Purpose: Spatial scrambling, initial obfuscation

Transform 2: Add Constant (mod 256)#

1
add_val = year & 0xFF  # 2025 & 0xFF = 225
2
for each cell:
3
    cell = (cell + add_val) mod 256

Example:

Cell: 50 (50 + 225) mod 256 = 19
Cell: 200 (200 + 225) mod 256 = 169

Purpose: Uniform value diffusion

Transform 3: Subtract Constant (mod 256)#

1
sub_val = month  # July = 7
2
for each cell:
3
    cell = (cell - sub_val + 256) mod 256

Example:

Cell: 50 (50 - 7 + 256) mod 256 = 43
Cell: 5 (5 - 7 + 256) mod 256 = 254

Purpose: Value confusion, non-linear transformation

Transform 4: Cyclic Shifts#

1
shift = day % N  # 24 % 64 = 24
2
rows.rotate(-shift)    # Rotate entire rows
3
columns.rotate(-shift) # Rotate entire columns

Purpose: Positional permutation

Transform 5: Quadrant Swaps#

1
Divides matrix into quadrants
2
Swaps in specific pattern
3
May include transposition

Purpose: Geometric diffusion

Transform 6: Even/Odd Bit Swap#

1
def bit_flip_pairs(x):
2
    return ((x >> 1) & 0x55) | ((x & 0x55) << 1)
3

4
Example:
5
  10110011  01101101
6

7
  Bit pairs swap positions

Purpose: Bit-level confusion

Transform 7: Variable Bit Rotation#

1
for r in range(N):
2
    for c in range(N):
3
        spin = (year + month + day + r + c) & 7
4
        cell = rotate_right(cell, spin)

Purpose: Position-dependent obfuscation

3. Keystream Generation#

1
def keystream(seed, need):
2
    out = bytearray()
3
    idx = 0
4
    while len(out) < need:
5
        for ch in seed:
6
            out.append((ord(ch) * 7 + idx) & 0xFF)
7
            idx += 1
8
    return bytes(out)

Weakness: Simple arithmetic, not cryptographically secure

4. Decryption Script#

Complete Python Solution:

1
#!/usr/bin/env python3
2
from pathlib import Path
3
from collections import deque
4

5
EMAIL = "megacorp@quantum.com"
6
DATE = "24.07.2025"
7
SALT = "PublicSalt"
8
FILE = Path("decrypt_me.txt.enc")
9

10
def rot_right(x, amt):
11
    amt &= 7
12
    return ((x >> amt) | ((x << (8 - amt)) & 0xFF)) & 0xFF
13

14
def bit_flip_pairs(x):
15
    return ((x >> 1) & 0x55) | ((x & 0x55) << 1)
16

17
def keystream(seed, need):
18
    out = bytearray()
19
    idx = 0
20
    while len(out) < need:
21
        for ch in seed:
22
            out.append((ord(ch) * 7 + idx) & 0xFF)
23
            idx += 1
24
            if len(out) >= need:
25
                break
26
    return bytes(out)
27

28
def decode(path):
29
    data = path.read_bytes()
30
    ts_len = int.from_bytes(data[-8:-4], "little")
31
    n = int.from_bytes(data[-4:], "little")
32
    timestamp = data[-8 - ts_len:-8].decode("ascii")
33
    block = data[:n * n]
34

35
    seed = EMAIL + DATE + timestamp + SALT
36
    mask = keystream(seed, len(block))
37
    raw = bytes(b ^ m for b, m in zip(block, mask))
38

39
    grid = [list(raw[i * n:(i + 1) * n]) for i in range(n)]
40
    year, month, day = 2025, 7, 24
41

42
    # Reverse transform 7: Variable rotation
43
    for r in range(n):
44
        for c in range(n):
45
            spin = (year + month + day + r + c) & 7
46
            if spin:
47
                grid[r][c] = rot_right(grid[r][c], spin)
48

49
    # Reverse transform 6: Bit-pair swap
50
    for r in range(n):
51
        for c in range(n):
52
            grid[r][c] = bit_flip_pairs(grid[r][c])
53

54
    # Reverse transform 4: Cyclic shifts
55
    shift = day % n
56
    if shift:
57
        rows = deque(grid)
58
        rows.rotate(-shift)
59
        grid = [list(row) for row in rows]
60
        for r in range(n):
61
            row = deque(grid[r])
62
            row.rotate(-shift)
63
            grid[r] = list(row)
64

65
    # Reverse transforms 3 & 2: Subtract & Add
66
    add_val = year & 0xFF
67
    sub_val = month
68
    for r in range(n):
69
        for c in range(n):
70
            v = grid[r][c]
71
            v = (v + sub_val) & 0xFF
72
            v = (v - add_val) & 0xFF
73
            grid[r][c] = v
74

75
    # Reverse transform 1: Ring rotation (via column reading)
76
    buf = bytearray()
77
    for c in range(n):
78
        for r in range(n - 1, -1, -1):
79
            b = grid[r][c]
80
            if b:
81
                buf.append(b)
82

83
    text = buf.decode("utf-8")
84
    flag = text[text.index("{"):text.index("}") + 1]
85
    return text, flag
86

87
if __name__ == "__main__":
88
    poem, flag = decode(FILE)
89
    print(poem)
90
    print('\nFLAG:', flag)

MITRE ATT&CK Mapping#

Tactic	Technique	Application
Discovery	T1082 - System Information Discovery	Binary analysis revealed architecture
Collection	T1005 - Data from Local System	Encrypted file analyzed
Credential Access	T1552.001 - Credentials in Files	Hardcoded salt found in binary
Defense Evasion	T1027 - Obfuscated Files or Information	7-layer transformation

Lessons Learned#

What Megacorp Did Wrong#

Misnamed “Public Key”
- Used Base64 encoding instead of actual public-key cryptography
- No RSA, ECC, or other asymmetric encryption
- Misleading security theater
Weak Seed Generation
- Hardcoded salt: PublicSalt
- No key derivation function (PBKDF2, Argon2)
- Predictable components
Non-Cryptographic Keystream
- Simple arithmetic: (char * 7 + idx) & 0xFF
- Not a CSPRNG
- Linear and predictable
Obfuscation Security
- 7 transformation layers provide complexity
- But all are reversible through analysis
- Complexity without cryptographic strength
No Authentication
- No MAC or HMAC
- No integrity checking
- Vulnerable to tampering

What “Quantum-Proof” Actually Means#

Claimed: Quantum-resistant encryption
Reality: No quantum-resistant algorithms used

True quantum-proof encryption requires:

Lattice-based cryptography (NTRU, FrodoKEM)
Code-based cryptography (Classic McEliece)
Hash-based signatures (SPHINCS+)
NIST post-quantum candidates

This system: Uses none of the above. Pure marketing.

Recommended Fixes#

Immediate Actions#

Replace “Public Key” System

1
- Implement RSA-2048 or ECC P-256 minimum
2
- Use proper PEM/DER key formats
3
- Store private keys securely (HSM/vault)

Implement Real Encryption

1
- Use AES-256-GCM or ChaCha20-Poly1305
2
- Authenticated encryption (AEAD)
3
- Random IV/nonce per encryption

Add Key Derivation

1
- Argon2id (preferred) or PBKDF2
2
- 100,000+ iterations
3
- Random salt per operation

Add Integrity Protection

1
- HMAC-SHA256 or built-in AEAD
2
- Verify before decrypt
3
- Prevent tampering

Skills Demonstrated#

Binary Reverse Engineering: Ghidra disassembly and decompilation
Cryptanalysis: Breaking custom encryption schemes
Algorithm Analysis: Understanding transformation pipelines
Python Scripting: Implementing decryption logic
Bit Manipulation: Understanding bit-level operations
Matrix Operations: Spatial transformations and permutations
Encoding/Decoding: Base64, data structure parsing
Security Assessment: Vulnerability identification
Technical Documentation: Comprehensive reporting

Repository Contents#

1
WEEK 3 - Quantum Conundrum/
2
 README.md (this file)
3
 INVESTIGATION_REPORT.md (detailed analysis)
4
 solve_decrypt.py (decryption script)
5
 Understanding_7_Transformations.md (transformation guide)
6
 artifacts/
7
     publickey.pubkey
8
     decrypt_me.enc
9
     QuantumConundrum.exe (analyzed binary)

Challenge Completion#

Status: ALL 4 OBJECTIVES COMPLETED

Question	Answer	Evidence
Q1	Base64: `24.07.2025\|megacorp@quantum.com`	Public key decoding
Q2	Email + Date + Timestamp + PublicSalt	Seed algorithm analysis
Q3	7 transforms: Ring, Add, Subtract	Binary reverse engineering
Q4	`OS{BENDER}`	Successful decryption

Resources#

Investigator: MR. Umair
Date Completed: October 21, 2025
Challenge Series: OffSec Echo Response - Proving Grounds: The Gauntlet

“But confidence is no defense against what you’re about to uncover.”

Verdict: The “unbreakable” encryption is BROKEN. The Obscuran Key is vulnerable.