Introduction
-------------------------------------------------------------------------------
The Wassenaar Arrangement (covering the international military and dual-use
goods export controls) lets vendors market and deploy any kind of encryption
- providing it's either (a) disclosed to national authorities, (b) open-source,
or (c) sold in publicly available commercial products, and... not requiring 
"vendor maintenance" nor "enduser personalization" capabilities.

Despite qualifying, the TWD crypto-system used below is immune to brute-force 
attacks since all the possible solutions are mathematically equally plausible.
As a result, there is no way for someone able to brute-force the keyspace to 
tell which solution, among all those that are not garbage, is the plaintext 
searched for.

Therefore, keeping TWD's algorithm secret or personalizing it does not make it 
safer (as "better than cryptographically-unbreakable" is meaningless attackers
having access to it will not gain any advantage as compared to attackers not 
knowing the algorithm). TWD's algorithm will also never become obsolete.


The challenge
-------------------------------------------------------------------------------
You are invited to break the TWD crypto-system with a 99.99% plaintext-attack,
the easiest way to attack encryption. In contrast, today's clunky standards are
broken in real-time with a few bytes of ciphertext (thanks to their ciphertext
domain-specific algebraic structures).

The plaintext is "The Art of War" from Sun Tzu (544 BC) as a 60,212-byte text
file (in US-ASCII encoding).

Before encrypting the plaintext, a secret English-text paragraph has been added
at a random position.
   
To demonstrate that this crypto-system has been broken, one must find and report
the secret paragraph and its position in a plaintext resulting from a successful
cryptographic attack.

Since 2007, intelligence agencies' failure to do so demonstrates that TWD's 
"unconditionally secure" cryptosystem cannot be attacked because it does not 
artificially reduce its key-space nor it exposes meaningful statistical bias.
As a result, these 99.99% known-plaintext attacks have all been unsuccessful.
In contrast, two AES blocks are enough to break AES-256 ciphertexts because
only one key/plaintext will match the ciphertext's statistical bias.


The rules
-------------------------------------------------------------------------------
1) download the plaintext and the ciphertext;

2) find the secret paragraph hidden in the ciphertext;

3) send us the secret paragraph and its plaintext position, and explain how you
   found it (only successful cryptographic attacks will qualify - robbery won't).


The proof (helping to close a licensing deal)
-------------------------------------------------------------------------------
This ciphertext can be decrypted into the plaintext with the TWD crypto-system 
alone: the same crypto-system can process any other plaintext, whatever the 
contents and their length. Also the machines that encrypt and decrypt can be 
distinct and unconnected.


Your solution
-------------------------------------------------------------------------------
Please send your solution (secret paragraph, position, attack details) by email 
to contact@trustleap.com. Solutions sent via other means will be ignored.


---[End of page; first version: Feb. 25th 2007; last edited: July 2nd 2018]----