Back | What?

I got here by accident, is this site usefull for me?

Most probably not.

Someone sent me here to solve exercises, what now?

Congrats! Good luck and I hope you have a good time! Now before you start, please keep reading. In short these are the steps you ought to do.

  • Pick an ID, you use this to hand in the exercises. Do not share this with others. Probably best to use your favorite random generator.
  • Check what handle this would get you and share this handle with your friends and family. This is the handle to keep track of who did what. [Do you see why not to share your ID]
  • Solve some exercises.

I implemented this fast TCXX crypto algoritm what to do with it?

Please stand up and say out loud:

I, [insert name], do hereby solemnly swear that I will never use or promote any of the cryptography algorithms I implemented/designed unless I presented it on a major crypto conference and it survived years of scrutiny by the public. I will, to the best of my ability, try to keep my colleagues/peers/bosses from these evil practices. In the rare occasion that I bear such a vile thought I will as a compensation send the original writer of this text a box of chocolates.

Seriously, TC is short for Toy Cipher...

Someone got a super awesome handle, how do I also get a 'nice' handle?

Simple ;) Brute force it. To get you started:

    from hashlib import sha256
    import secrets

    def id_to_handle(user_id):
        m = sha256()
        h = m.hexdigest()
        # added the higher frequency letters more often so brute forcing a nice handle
        # is easier, we don't really want special characters here...
        alphabet = u"abcdefghijklmnopqrstuvwxyzaeiou_" 
        name = ""
        first_60_bits = int(h[:15], 16)
        for i in range(12):
            name += alphabet[ (first_60_bits >> 5*i) & 0b11111]
        return "{0}_{1}".format(name, h[15:])

    if __name__ == "__main__":
        handle = ""
        user_id = 9826986369
        while not handle.startswith("name_"):
            # user_id = secrets.token_hex(8) # this would be the correct thing to do
            user_id += 1
            handle = id_to_handle(str(user_id))
        print(user_id, handle)

You will need to guess 5 bits per letter. The above code should complete in roughly one minute (depending on you cpu). To get fancier names, you will have to use another tool... This one (unless you want to wait for days) will only give you handles up to 4/5 letters.

How to solve the exercises?

Not necessarily in this order

  • Struggle
  • Read this page
  • Read the exercise carefully
  • Read the extra files supplied with the exercise
  • Request the data needed to solve the exercise (using your ID)
  • Compute the answer
  • Try if the answer is correct (using the same ID as before)
  • Struggle a bit more
  • Find out you flipped the wrong bit
  • Congratz, you solved it!

I cannot solve an exercise, can you help me?

Most probably not.

I found a (security related) bug, what should I do?

Please be nice :) Go to the Gitlab repository and open an issue.

For extra points create a pull request solving the bug.

Why this weird system, why no normal credentials?

In one word GDPR

No, seriously, I don't want to deal with all the bureaucratic nonsense of the GDPR and yes email addresses are also personal data. This system is slightly easier to implement and more fun (I don't have to do add login and registration logic). If you are using this site, than probably brute forcing a nice hash to use as an handle should not be that hard anyway ;) And as a bonus it is in line with the purpose of this site.

I found an ID with a handle that is already used?

First of all, are you sure the whole handle is the same? There is a large part after the _ that is still part of the handle.

If they really are the same, probably someone used a 'weak' ID. Let this be a lesson and pick a random ID.

If you feel evil you can transfer the solutions of this ID to your own. This is irreversible, you could also try to contact the holder of this ID and let him pick a new and stronger ID.

How long should my ID be?

In short: I don't care.

Long answer: If your choose your ID at random, probably around 12 characters would suffice.

I lost/forgot my ID, what to do?

Send an email to and I will give you the address to send the box of chocolates.

I cannot recover your ID, or I would be famous (unless you chose a weak one). I would be the same thing to finding a sha256 collision/preimage.

Wowsers! I can't break this TCXX scheme, should I use it in Production?


Do not use any 'home made' crypto and especially not purposefully weak primitives.