I'm thinking of a number (Cop's Thread)

32

1

Robber's Thread here

In this challenge cops will think of a positive integer. They will then write a program or function that outputs one value when provided the number as input and another value for all other positive integer inputs. Cops will then reveal the program in an answer keeping the number a secret. Robbers can crack an answer by finding the number.

Here's the catch: this is not , instead your score will be the secret number with a lower score being better. Obviously you cannot reveal your score while robbers are still trying to find it. An answer that has not been cracked one week after its posting may have its score revealed and be marked safe. Safe answers cannot be cracked.

It probably goes without saying but you should be able to score your answer. That is you should know exactly what value is accepted by your decision machine. Simply knowing that there is one is not enough.

Use of Cryptographic functions

Unlike most cops and robbers challenge which ask you not to use cryptographic functions, this challenge not only entirely allows them but encourages them. You are free to create answers in any way as long as you are trying to win. That being said, answers using other methods are also welcome here. The goal of the challenge is to win, and as long as you don't cheat nothing is off the table.

Post Rock Garf Hunter

Posted 2017-08-28T17:14:25.093

Reputation: 55 382

1If you allow crytographic functions, I would recommend putting a time limit on programs. – Okx – 2017-08-28T17:15:49.160

@Okx Why? Sleeps and other slowdowns can be removed when brute forcing. – Post Rock Garf Hunter – 2017-08-28T17:17:06.363

12I downvoted this challenge because, in most languages, it can be simply cracked using a mapping algorithm or a simple loop. I consider that a bit too easy for a [tag:cops-and-robbers] challenge. – Mr. Xcoder – 2017-08-28T18:02:47.660

2I feel like there are going to be a lot of cops who know one (probably the smallest) accepted value but don't know if there are more right answers or what they are. – histocrat – 2017-08-28T18:03:21.060

12@Mr.Xcoder You are free to downvote however I will point out that that is kind of the point of the challenge and not in my opinion a flaw. The challenge is mostly fun for cops who have to make it as hard to brute force as possible by slowing down computation. More creative answers will should make brute forcing more and more difficult allowing them to use smaller and smaller numbers. – Post Rock Garf Hunter – 2017-08-28T18:05:50.660

@WheatWizard Now that I see your point, I undownvoted. – Mr. Xcoder – 2017-08-28T18:07:09.847

Must the program terminate without erroring for all positive integers? – Stephen – 2017-08-28T18:46:22.300

@Stephen Yes it must. – Post Rock Garf Hunter – 2017-08-28T18:47:24.443

@WheatWizard Do you have to find the decimal representation of the given number in order to crack it? – flawr – 2017-08-28T18:48:35.440

@flawr I'm going to say yes, you need to find the decimal representation of the given number. – Post Rock Garf Hunter – 2017-08-28T18:50:34.313

1@WheatWizard I assume it would not be winning, but it would not be possible to crack e.g. a program that just compares the input to A(9,9) where A is the Ackerman function. – flawr – 2017-08-28T19:00:47.890

1@flawr Yes I got that idea from your comment, however if we start allowing people to crack with descriptions of numbers it becomes hard to discern what is a crack and what is not. Using the Ackerman function however might fall under not being able to score your own answer, as if I give you a large number of similar size you would have trouble determining which is bigger. – Post Rock Garf Hunter – 2017-08-28T19:03:36.143

@WheatWizard Ah right, that is actually a clever requirement in your challenge (that I totally missed :) – flawr – 2017-08-28T20:15:26.217

Looking at the answers below, this challenge would really benefit from a time limit imposed on both correct and incorrect inputs (even if it's 30 minutes or so). Many answers don't even allow testing the found number against the given code – michi7x7 – 2017-08-29T07:55:42.243

I agree with @michi7x7, it should be possible to test the answers with both correct and incorrect inputs and a time limit could ensure that. The limit can be very large – even like 24 hours could be fine, as that would prevent brute forcing, but allow testing of couple of inputs. – fergusq – 2017-08-29T15:49:09.417

So we have two safe answers with a score of 1! This proves what I knew before--this challenge is pretty bad. – Joshua – 2017-09-05T14:26:10.403

@Joshua I don't think this "proves the challenge is bad". You may have the opinion that it is bad but I feel it perfectly fine that some users have attained the perfect score. Would you call a test bad if some students in the class attain a 100%? The test may be bad for different reasons but people doing well does not prove anything about the quality of the test. – Post Rock Garf Hunter – 2017-09-05T14:45:32.140

Could you please rule if this, this, and this answer are valid? I've voiced my concerns in the comments.

– Dennis – 2017-09-06T15:54:23.720

@Dennis I am going to say no, they are not valid. Answers should only accept one value. – Post Rock Garf Hunter – 2017-09-06T16:50:11.867

They might accept only one value. The thing is that we don't know. – Dennis – 2017-09-06T17:54:50.320

@Dennis Ok I don't know. Maybe this challenge should just be closed as unclear anyway. Everyone except me seems to think its not fun and I don't really have a opinion on this issue. It might be best to let it die. – Post Rock Garf Hunter – 2017-09-06T18:36:06.770

1@tfbninja I don't do javascrpit either – Post Rock Garf Hunter – 2017-12-13T18:51:24.013

Answers

10

Tampio, Cracked

m:n tulos on luvun funktio tulostettuna m:ään, missä luku on x:n kerrottuna kahdella seuraaja, kun x on luku m:stä luettuna
x:n funktio on luku sadalla kerrottuna sadalla salattuna, missä luku on x alempana sadan seuraajaa tai nolla
x:n seuraajan edeltäjä on x
x:n negatiivisena edeltäjä on x:n seuraaja negatiivisena
nollan edeltäjä on yksi negatiivisena
x salattuna y:llä on örkin edeltäjä, missä örkki on x:n seuraajan seuraaja jaettuna y:llä korotettuna kahteen
sata on kiven kolo, missä kivi on kallio katkaistuna maanjäristyksestä
kallio on yhteenlasku sovellettuna mannerlaatan jäseniin ja tulivuoren jäseniin
tulivuori on nolla lisättynä kallioon
mannerlaatta on yksi lisättynä mannerlaattaan
maanjäristys on kallion törmäys
a:n lisättynä b:hen kolo on yhteenlasku kutsuttuna a:lla ja b:n kololla
tyhjyyden kolo on nolla
x:n törmäys on x tutkittuna kahdellatoista, missä kaksitoista on 15 ynnä 6
x ynnä y on y vähennettynä x:stä

Run with:

python3 suomi.py file.suomi --io

The instructions for installing the interpreter are included in the Github page. Please tell if you have any difficulties running this.

The program in pseudocode. The program performs very slowly because my interpreter is super inefficient. Also, I didn't use any opt-in optimizations available, which can reduce the evaluation time from several minutes to about 10 seconds.

fergusq

Posted 2017-08-28T17:14:25.093

Reputation: 4 867

1Is there no online interpreter for Tampio? – Shaggy – 2017-08-28T19:15:28.067

@Shaggy Not yet, unfortunately. I should probably ask if it could be added to TIO. – fergusq – 2017-08-28T19:18:33.540

Cracked – Post Rock Garf Hunter – 2017-08-29T16:37:20.330

5

Perl 6Cracked!

In a strict sense, this isn't an acceptable submission because it doesn't try very hard to win. Instead, it hopes to offer a pleasant puzzle.

It is a "pure math" program which is intended to be cracked by contemplation. I'm sure that you could bruteforce the solution (after cleaning up some sloppy programming I've purposefully committed), but for "full credit" (:--)), you should be able to explain what it does on the math grounds.

sub postfix:<!>(Int $n where $n >= 0)
{
	[*] 1 .. $n;
}

sub series($x)
{
	[+] (0 .. 107).map({ (i*($x % (8*π))) ** $_ / $_! });
}

sub prefix:<∫>(Callable $f)
{
	my $n = 87931;
	([+] (0 .. $n).map({
		π/$n * ($_ == 0 || $_ == $n ?? 1 !! 2) * $f(2*π * $_/$n)
	})).round(.01);
}

sub f(Int $in where $in >= 0)
{
	∫ { series($_)**11 / series($in * $_) }
}

You are supposed to crack the function f(). (That's the function that takes one natural number and returns one of the two results.) Warning: As shown by @Nitrodon, the program actually behaves wrongly and "accepts" an infinite number of inputs. Since I have no idea of how to fix it, I just remark for the future solvers that the number I had in mind is less than 70000.

If you try to run this in TIO, it will time out. This is intentional. (Since it's not supposed to be run at all!)

Finally, I tried to write some reasonably clear code. You should be mostly able to read it fluently even if you're not familiar with the language. Only two remarks: the square brackets [op] mean reducing ("folding", in Haskell lingo) a list with the operator op; and the sub called postfix:<!> actually defines a postfix operator named ! (i. e. used like 5! -- it does exactly what you would expect). Similarly for the prefix:<∫> one.

I hope that somebody enjoys this one, but I'm not sure if I got the difficulty right. Feel free to bash me in the comments :—).

Try it online!

Ramillies

Posted 2017-08-28T17:14:25.093

Reputation: 1 923

Cracked – Nitrodon – 2017-08-29T04:45:57.757

4

JavaScript, Cracked

I've obfuscated this as much as I can, to the point where it can't fit within this answer.

Try it here! Click Run, then type in console guess(n)

Returns undefined if you get the wrong answer, returns true otherwise.

Edit: Somehow I overlooked the part about my score being the number. Oh well, my number is very very big. Good luck solving it anyways.

Eli Richardson

Posted 2017-08-28T17:14:25.093

Reputation: 190

Cracked – Gustavo Rodrigues – 2017-08-29T12:03:00.160

3

Jelly, score: ...1 (cracked)

5ȷ2_c⁼“ḍtṚøWoḂRf¦ẓ)ṿẒƓSÑÞ=v7&ðþạẆ®GȯżʠṬƑḋɓḋ⁼Ụ9ḌṢE¹’

Try it online!

1Really expected me to reveal it? Come on! Oh well, it has a score of 134. There, I said it!

Erik the Outgolfer

Posted 2017-08-28T17:14:25.093

Reputation: 38 134

Cracked – Mr. Xcoder – 2017-08-28T17:59:08.583

@Mr.Xcoder It lived long... – Erik the Outgolfer – 2017-08-28T17:59:24.773

I just added Ç€G and the range 1...1000 as input :P – Mr. Xcoder – 2017-08-28T18:08:28.693

You saw the 5ȷ2_ part right? – Erik the Outgolfer – 2017-08-28T18:09:17.250

No, I didn't even look at the code lol. Just added the test suite and saw where the 1 is, then I have pasted the string from the beginning until the 1 in a Python script and counted the number of zeros before it... – Mr. Xcoder – 2017-08-28T18:22:27.790

@Mr.Xcoder You could've just used Ç€T fyi – Erik the Outgolfer – 2017-08-28T18:23:28.607

I know, but I had the Python script ready and wanted to use it :) – Mr. Xcoder – 2017-08-28T18:24:14.790

3

Haskell, cracked

This is purely based on arithmetic. Note that myfun is the actual function, while h is just a helper function.

h k = sum $ map (\x -> (x*x)**(-1) - 1/(x**(2-1/(fromIntegral k)))) [1..2*3*3*47*14593]
myfun inp | inp == (last $ filter (\k -> h k < (-7.8015e-5)  )[1..37*333667-1]) = 1
          | otherwise = 0

main = print $ show $ myfun 42 -- replace 42 with your input

Try it online!

flawr

Posted 2017-08-28T17:14:25.093

Reputation: 40 560

The program must finish without error on all inputs. Does this even finish within a day on unlimited memory? – michi7x7 – 2017-08-28T20:47:39.787

You do need quite a bit of memory but you certainly don't need unlimited memory. It probably depends on the implementation and on on your hardware. But it is obviously designed to take some time to compute in order to make brute force attacks difficult and encourage analyzing the program. Good luck :) – flawr – 2017-08-28T22:09:58.727

Cracked? – Christian Sievers – 2017-08-29T02:28:37.863

3

Python 2 (cracked)

I wouldn't suggest brute force. Hope you like generators! 

print~~[all([c[1](c[0](l))==h and c[0](l)[p]==c[0](p^q) for c in [(str,len)] for o in [2] for h in [(o*o*o+o/o)**o] for p,q in [(60,59),(40,44),(19,20),(63,58),(61,53),(12,10),(43,42),(1,3),(35,33),(37,45),(17,18),(32,35),(20,16),(22,30),(45,43),(48,53),(58,59),(79,75),(68,77)]] + [{i+1 for i in f(r[5])}=={j(i) for j in [q[3]] for i in l} for q in [(range,zip,str,int)] for r in [[3,1,4,1,5,9]] for g in [q[1]] for s in [[p(l)[i:i+r[5]] for p in [q[2]] for i in [r[5]*u for f in [q[0]] for u in f(r[5])]]] for l in s + g(*s) + [[z for y in [s[i+a][j:j+r[0]] for g in [q[0]] for a in g(r[0])] for z in y] for k in [[w*r[0] for i in [q[0]] for w in i(r[0])]] for i in k for j in k] for f in [q[0]]]) for l in [int(raw_input())]][0]

Try it online!

Outputs 1 for the correct number, 0 otherwise.

Sisyphus

Posted 2017-08-28T17:14:25.093

Reputation: 1 521

Cracked – Leaky Nun – 2017-08-29T11:06:10.347

@LeakyNun Wow, a bit faster than I expected. – Sisyphus – 2017-08-29T11:14:38.413

Finding a sudoku solver online isn't hard. – Leaky Nun – 2017-08-29T11:15:21.487

There's some problem with your sudoku checker: you checked the horizontal lines and the vertical lines alright, but you only checked the first three cells. – Leaky Nun – 2017-08-29T11:20:48.760

@LeakyNun You're right, an a should be i+a. I've fixed it, but it's cracked anyway shrug – Sisyphus – 2017-08-29T11:36:01.660

2

Java, Cracked by Nitrodon

import java.math.BigDecimal;

public class Main {
    private static final BigDecimal A = BigDecimal.valueOf(4);
    private static final BigDecimal B = BigDecimal.valueOf(5, 1);
    private static final BigDecimal C = BigDecimal.valueOf(-191222921, 9);
    private static BigDecimal a;
    private static BigDecimal b;
    private static int c;

    private static boolean f(BigDecimal i, BigDecimal j, BigDecimal k, BigDecimal l, BigDecimal m) {
        return i.compareTo(j) == 0 && k.compareTo(l) >= 0 && k.compareTo(m) <= 0;
    }

    private static boolean g(int i, int j, BigDecimal k) {
        c = (c + i) % 4;
        if (j == 0) {
            BigDecimal l = a; BigDecimal m = b;
            switch (c) {
                case 0: a = a.add(k); return f(C, b, B, l, a);
                case 1: b = b.add(k); return f(B, a, C, m, b);
                case 2: a = a.subtract(k); return f(C, b, B, a, l);
                case 3: b = b.subtract(k); return f(B, a, C, b, m);
                default: return false;
            }
        } else {
            --j;
            k = k.divide(A);
            return g(0, j, k) || g(1, j, k) || g(3, j, k) || g(3, j, k) || g(0, j, k) || g(1, j, k) || g(1, j, k) || g(3, j, k);
        }
    }

    private static boolean h(int i) {
        a = BigDecimal.ZERO; b = BigDecimal.ZERO; c = 0;
        return g(0, i, BigDecimal.ONE);
    }

    public static void main(String[] args) {
        int i = Integer.valueOf(args[0]);
        System.out.println(!h(i) && h(i - 1) ? 1 : 0);
    }
}

I wanted to try something different than the usual hash and random functions. You can pass the number as a command line argument. Outputs 1 if the correct number is given and 0 otherwise. For small numbers you can also try it online.

Hint:

The main part of the program implements a variant of a very well known algorithm. Once you know what it does, you will be able to optimize the given program to calculate the secret number.

Explanation:

This program implements the traversal of the quadratic variant (type 2) of the well known Koch curve (image from Wikipedia):

Quadratic_Koch_curve_type2_iterations.png

The secret number is the first iteration which doesn't pass through the point (B, C). As correctly recognized by Nitrodon, except of the first iteration we can safely ignore the recursion of all parts of the curve, which don't pass through the given point. By changing a line in the original program accordingly, we can check the correct number even in the online interpreter.

Sleafar

Posted 2017-08-28T17:14:25.093

Reputation: 2 722

Cracked, I think; the running time is too long to verify directly, but I checked with easier values and my crack seems to work. – Nitrodon – 2017-08-30T05:17:36.233

1

Pyth, Cracked by Erik the Outgolfer*

I tried to obfuscate this as much as possible.

hqQl+r@G7hZ@c." y|çEC#nZÙ¦Y;åê½9{ü/ãѪ#¤
ØìjX\"¦Hó¤Ê#§T£®úåâ«B'3£zÞz~Уë"\,a67Cr@G7hZ

Try it here!

*The number was 9.

Mr. Xcoder

Posted 2017-08-28T17:14:25.093

Reputation: 39 774

cracked – Erik the Outgolfer – 2017-08-28T18:00:36.380

1

Octave, score: ???

It's pretty much guaranteed that no other number will have the exact same 20 random numbers in the end of the list of 1e8 of numbers.

function val = cnr(num)
rand("seed", num);
randomints = randi(flintmax-1,1e4,1e4);
val = isequal(randomints(end+(-20:0))(:), ...
 [7918995738984448
  7706857103687680
  1846690847916032
  6527244872712192
  5318889109979136
  7877935851634688
  3899749505695744
  4256732691824640
  2803292404973568
  1410614496854016
  2592550976225280
  4221573015797760
  5165372483305472
  7184095696125952
  6588467484033024
  6670217354674176
  4537379545153536
  3669953454538752
  5365211942879232
  1471052739772416
  5355814017564672](:));
end

Outputs 1 for the secret number, 0 otherwise.

I ran this in Octave 4.2.0.

"Sleeps and other slowdowns can be removed when bruteforcing."

Good luck with that :)

Stewie Griffin

Posted 2017-08-28T17:14:25.093

Reputation: 43 471

it doesn't seem to even run on tio – Okx – 2017-08-28T17:59:42.423

1@Okx It times out on TIO, but it does run in the desktop version. – Rɪᴋᴇʀ – 2017-08-28T18:01:35.730

1Why the downvote? – Post Rock Garf Hunter – 2017-08-28T18:32:35.250

3@WheatWizard probably because it's theoretically possible that it has multiple numbers. Also, it's kinda boring tbh. I would have liked to see more mathy solutions, RNG is kinda boring. – Rɪᴋᴇʀ – 2017-08-28T18:36:29.790

Can you add a TIO link, please? – Shaggy – 2017-08-28T19:14:23.123

@Shaggy please read above. It doesn't work on TIO. (times out) – Rɪᴋᴇʀ – 2017-08-28T19:21:43.807

1@Riker But because you're guessing at a seed to the RNG, he's using the RNG itself as his function which is actually deterministic. But yeah, considering it's relying on the difficultly of inverting what you hope is a one-way function, one might as well, just encrypt a string "true" with a random number and then the challenge almost amounts to breaking whatever encryption scheme was chosen to discover the private key. – Shufflepants – 2017-08-29T18:12:21.110

1

Ly, score 239, cracked

(1014750)1sp[l1+sp1-]28^RrnI24^=u;

Try it online!

I'm banking on nobody knowing Ly here, although I know how easily that could change... sweats

Explanation:

(1014750)1sp[l1+sp1-]              # meaningless code that counts up to 1014750 and discards the result
                     28^Rr         # range from 255 to 0
                          nI       # get the index from the range equal to the input
                            24^=   # check if it's 16
                                u; # print the result

LyricLy

Posted 2017-08-28T17:14:25.093

Reputation: 3 313

Cracked – Christian Sievers – 2017-08-29T00:30:10.930

1

Brain-Flak, score 1574 (cracked)

<>(((((((((((((((((((([([(((()()()){}){}){}])]){})))){}{}{}{}()){}){})){}{})){}{})){}((((((((()()){}){}){}){}[()]){}){}){}){}())){})){}){}{}{}){})(((((((((((((((((((()()){}){}()){}){}){}()){}){}()){}){})){}{}())){}{})){}{}){}){}){})(((((((((((((((()()){}()){}()){}){}){}()){}){}){}()){}){}){}()){}()){}()){})<>{({}[()])<>({}({})<({}({})<({}({})<({}({}))>)>)>)<>}({}<>(){[()](<{}>)}<>)

Try it online!

Nitrodon

Posted 2017-08-28T17:14:25.093

Reputation: 9 181

Cracked – Post Rock Garf Hunter – 2017-08-29T06:30:53.470

1

dc

#!/bin/dc
[[yes]P] sy [[no]P] sn [ly sp] sq [ln sp] sr [lp ss] st [ln ss] su
?  sa
119560046169484541198922343958138057249252666454948744274520813687698868044973597713429463135512055466078366508770799591124879298416357795802621986464667571278338128259356758545026669650713817588084391470449324204624551285340087267973444310321615325862852648829135607602791474437312218673178016667591286378293
la %
d 0 r 0
=q !=r
10 154 ^ 10 153 ^ +
d la r la
<t !<u
1 la 1 la
>s !>n

Try it online!

Note: This submission has been modified since it was submitted. The original submission (below) was invalid and cracked by Sleafar in the comments below. (An input of 1 gives rise to the output yes, but there is one other number that gives the same result.)

#!/bin/dc
[[yes]P] sy [[no]P] sn [ly sp] sq [ln sp] sr
?  sa
119560046169484541198922343958138057249252666454948744274520813687698868044973597713429463135512055466078366508770799591124879298416357795802621986464667571278338128259356758545026669650713817588084391470449324204624551285340087267973444310321615325862852648829135607602791474437312218673178016667591286378293
la %
d 0 r 0
=q !=r
10 154 ^ 10 153 ^ +
d la r la
<p !<n

Try it online!

John Gowers

Posted 2017-08-28T17:14:25.093

Reputation: 463

The online interpreter returns "yes" for the input "1". Does this count as cracked now? – Sleafar – 2017-08-30T03:47:53.843

@Sleafar Sigh...yes, that was a stupid mistake on my part. – John Gowers – 2017-08-30T06:34:05.650

However, that means that this challenge is now invalid, since there are two inputs that make it print yes, so I'm not sure if you're allowed to claim it. I'll add a corrected version to this post, but leave the original up in case you are. – John Gowers – 2017-08-30T06:44:48.157

1

Ruby, safe, score:

63105425988599693916 

#!ruby -lnaF|
if /^#{eval [$F,0]*"**#{~/$/}+"}$/ && $_.to_i.to_s(36)=~/joe|tim/
  p true
else
  p false
end

Try it online!

Explanation:

The first conditional checks the input number for narcissism. The thread I originally wrote for was coincidentally bumped around the same time I posted this, but I guess nobody noticed. The second converts the number to base 36, which uses letters as digits, and checks if the string contains "joe" or "tim". It can be proven (through exhaustion) that there is only one narcissistic number named either Joe or Tim (Joe), because the narcissistic numbers are finite. Proof that they're finite: the result of taking an n-digit number, raising each digit to the nth power, and summing is bounded above by n*9^n, while the value of an n-digit number is bounded below by n^10. The ratio between these terms is n*(9/10)^n, which eventually decreases monotonically as n increases. Once it falls below 1, there can be no n-digit narcissistic numbers.

histocrat

Posted 2017-08-28T17:14:25.093

Reputation: 20 600

1

PHP, safe, score:

60256

<?php

$a = $argv[1];

$b ='0123456789abcdefghijklmnopqrstuvwxyz';

$c = strlen($b);

$d = '';
$e = $a;
while ($e) {
    $d .= $b[$e % $c];
    $e = floor($e / $c);
}

echo ((function_exists($d) && $d($a) === '731f62943ddf6733f493a812fc7aeb7ec07d97b6') ? 1 : 0) . "\n";

Outputs 1 if correct, 0 otherwise.

Edit: I don't think anyone even tried to crack this because:

it would be easy to brute force.

Explanation:

I take the input and convert it to "base 36", but I don't reverse the remainders to produce the final number. The number 60256 is "1ahs" in base 36. Unreversed, that is "sha1", which is a function in PHP. The final check is that sha1(60256) equals the hash.

jstnthms

Posted 2017-08-28T17:14:25.093

Reputation: 181

0

Swift 3 (53 bytes) - Cracked

func f(n:Int){print(n==1+Int(.pi*123456.0) ?222:212)}

How to run this? – f(n:1).

Test Here.

user70974

Posted 2017-08-28T17:14:25.093

Reputation:

Cracked – Mr. Xcoder – 2017-08-28T18:34:47.847

@Mr.Xcoder Heh well done, guess it was too easy – None – 2017-08-28T18:35:17.250

0

Python 3, score 1 (safe)

Not a very interesting solution, but better a safe cop than a dead cop.

import hashlib

def sha(x):
    return hashlib.sha256(x).digest()

x = input().encode()
original = x

for _ in range(1000000000):
    x = sha(x)

print(int(x==b'3\xdf\x11\x81\xd4\xfd\x1b\xab19\xbd\xc0\xc3|Y~}\xea83\xaf\xa5\xb4]\xae\x15wN*!\xbe\xd5' and int(original.decode())<1000))

Outputs 1 for the target number, 0 otherwise. Input is taken from stdin. The last part (and int(original.decode())<1000) exists only to ensure only one answer, otherwise there would obviously be infinitely many answers.

L3viathan

Posted 2017-08-28T17:14:25.093

Reputation: 3 151

1Can you add a TIO link, please? – Shaggy – 2017-08-28T19:14:40.567

1For future robbers: The integer doesn't seem to be in smaller than 100000000. – Mr. Xcoder – 2017-08-28T19:16:03.213

b'3\xdf\x11\x81\xd4\xfd\x1b\xab19\xbd\xc0\xc3|Y~}\xea83\xaf\xa5\xb4]\xae\x15wN*!\xbe\xd5' doesn't seem to decode...is there really a secret number? – Erik the Outgolfer – 2017-08-28T19:49:15.040

@EriktheOutgolfer Whoops, that was added in last-minute, fixing.. – L3viathan – 2017-08-28T19:53:47.343

@Mr.Xcoder No, it is much smaller. – L3viathan – 2017-08-28T19:54:25.060

1@Shaggy It will timeout on TIO, it took about half an hour on my computer to run the billion iterations of SHA256. – L3viathan – 2017-08-28T19:54:51.080

2Any robbers fancy forming a team to solve this one? We just need to split the numbers less than 1000 up among us so we have time to compute the iterated-SHA digests before the deadline. – John Gowers – 2017-08-29T22:05:38.813

1@JohnGowers do you know BOINC? I would run that. – NieDzejkob – 2017-09-01T16:36:53.387

2

Unless you can prove that 1 is the only solution, this answer is invalid. The burden of proof should be on the person claiming to have a valid answer.

– Dennis – 2017-09-06T04:03:19.037

The example given in that meta question is very different from mine. There a collision (while practically impossible to find) exists with probability 1. The probability of my answer being incorrect is roughly 4e-72 (since it's equivalent with the probability of duplicates when sampling with replacement 999 items from 2^256.

– L3viathan – 2017-09-06T07:44:47.797

https://codegolf.meta.stackexchange.com/questions/13641/is-it-okay-if-a-submission-has-an-extremely-small-chance-of-not-functioning-prop applies – pppery – 2017-09-08T00:57:52.333

0

Python 3, 49 bytes, Cracked by sonar235

x = input()
print(int(x)*2 == int(x[-1]+x[0:-1]))

Try it online!

E.D.

Posted 2017-08-28T17:14:25.093

Reputation: 111

Zero is not a postive integer fyi. I don't know if that was the intended solution but it does work. – Post Rock Garf Hunter – 2017-08-28T21:43:03.593

0 is not the intended solution. – E.D. – 2017-08-28T21:44:13.570

Edited to ensure exactly one solution. – E.D. – 2017-08-28T21:44:45.080

8Uhh, your TIO page is showing the solution... – LyricLy – 2017-08-28T22:20:09.640

2

Also "write a program or function that outputs one value when provided the number as input and another value for all other positive integer inputs"

– Jonathan Allan – 2017-08-28T22:50:07.790

2Cracked by @Sonar235. – Dom Hastings – 2017-08-29T07:26:32.630

0

Python 3, score: ???

Hopefully this, if anything, demonstrates how broken of a problem this really is:

from hashlib import sha3_512

hash_code = 'c9738b1424731502e1910f8289c98ccaae93d2a58a74dc3658151f43af350bec' \
            'feff7a2654dcdd0d1bd6952ca39ae01f46b4260d22c1a1b0e38214fbbf5eb1fb'


def inc_string(string):
    length = len(string)
    if length == 0 or all(char == '\xFF' for char in string):
        return '\x00' * (length + 1)
    new_string = ''
    carry = True
    for i, char in enumerate(string[::-1]):
        if char == '\xFF' and carry:
            new_string = '\x00' + new_string
            carry = True
        elif carry:
            new_string = chr(ord(char) + 1) + new_string
            carry = False
        if not carry:
            new_string = string[0:~i] + new_string
            break
    return new_string


def strings():
    string = ''
    while True:
        yield string
        string = inc_string(string)


def hash_string(string):
    return sha3_512(string.encode('utf-8')).hexdigest()


def main():
    for string in strings():
        if hash_string(string) == hash_code:
            exec(string)
            break


main()

Essentially, what this code does is lazily generate every string possible until one of the strings has a hash that exactly matches hash_code above. The unhashed code takes the basic form of:

num = int(input('Enter a number:\n'))
if num == <insert number here>:
    print(1)
else:
    print(0)

Except <insert number here> is replaced with a number and there are comments in the code for the purpose of making the code nearly unguessable.

I've taken every precaution to ensure that I do not benefit from this post. For starters, it's community wiki so I will not gain rep for it. Also, my score is rather large, so hopefully a much more creative answer will come along and win.

Hope you all aren't too furious at my response, I just wanted to show off why cops and robbers posts usually ban hashing algorithms.

sonar235

Posted 2017-08-28T17:14:25.093

Reputation: 111

Input is taken from stdin. Output is a 1 (for a correctly guessed number) or a 0 (for an incorrectly guessed one). – sonar235 – 2017-08-28T23:54:38.700

I don't know why you have made this a community wiki. This is your answer that looks like it took considerable work to make. I certainly wouldn't call this answer evidence of the question being broken either. This is a clever answer, that could likely score well, (I can't even prove this doesn't work for 1). The point of a question is always to attract answers that approach the question in clever interesting ways (and also to have fun but I can't vouch for your entertainment), and as far as I'm concerned this does that. – Post Rock Garf Hunter – 2017-08-29T00:01:28.943

I don't think it's very clever. It didn't take much to think of, I'm simply hashing the code. It's not new and it's nearly impossible to break. I want to see something interesting out of an answer not just a hashing algo. To each their own I suppose but I do not feel this is worthy. – sonar235 – 2017-08-29T00:08:27.900

@WheatWizard: The primary problem with this one is given the correct number it takes too long to verify. – Joshua – 2017-08-29T17:58:38.663

3In fact this answer is invalid. It will almost certainly (with astronomical probability of no string of length 512 bits matching the hash) exec() something else that probably isn't even valid python code before reaching the intended code. – Joshua – 2017-08-29T18:03:02.807

@Joshua It's certainly a possibility. So far no collisions have been found for sha3-512 and using 512 bits of output can provide 2^512 unique hashes (though I'd say for certain that not even close to that amount are actually reachable). However, I cannot prove that the scenario you describe will occur, and I certainly can't prove that a collision exists. If you can offer some statistics to back up your theory that would be nice to look at. – sonar235 – 2017-08-29T19:22:40.920

1@sonar235: Your fragment template has more than 512 bits in it. – Joshua – 2017-08-29T19:28:27.597

1To expand on Joshua's answer: your bit of code is 102 characters long. In particular, your program will iterate over every 100-character string before it gets to your code. Since your code iterates over characters in the range 0x00-0xFF, that is 256 ^ 100 or 2 ^ 800 strings. Meanwhile, there are only 2 ^ 512 possible 512-bit hashes. That means that the strings you iterate over outnumber the possible hashes at least 2 ^ 288 to one - a number 10,000 times greater than the number of atoms in the universe. The probability of that particular hash going unused is incredibly small. – John Gowers – 2017-08-29T21:55:04.133

On the other hand, you can remedy this problem by golfing your template to print(int(input())==<insert number here>) – pppery – 2017-08-29T23:39:08.743

0

TI-BASIC, score: 196164532 non-competing

Returns 1 for secret number, 0 otherwise.

Ans→rand
rand=1

Refer to the note on this page on the rand command for more info.

kamoroso94

Posted 2017-08-28T17:14:25.093

Reputation: 739

8Is this guaranteed to have exactly one matching input number? – Rɪᴋᴇʀ – 2017-08-29T15:20:51.987

@Riker: I think the TI calculator uses some kind of floating point internally; if RAND uses the same floating point as the rest of it, I'm pretty sure there's only 1 solution. – Joshua – 2017-09-03T15:23:34.600

@Joshua I believe it uses L'Ecuyer's Algorithm.

– kamoroso94 – 2017-09-03T15:30:07.227

@Joshua "pretty sure" isn't enough. Unless you can prove that only 1 solution exists, this isn't a valid answer. – Rɪᴋᴇʀ – 2017-09-03T16:26:02.520

@Riker: Wheat Wizard is enforcing no such thing. – Joshua – 2017-09-04T15:37:02.763

Unless you can prove that 196164532 is the only solution, this answer is invalid. The burden of proof should be on the person claiming to have a valid answer.

– Dennis – 2017-09-06T04:03:33.423

1@Dennis: Probe for 196164532*2; if that's not a solution than there is no other solution. – Joshua – 2017-09-09T03:06:48.800

0

Java, score: 3141592 (Cracked)

\u0070\u0075\u0062\u006c\u0069\u0063\u0020\u0063\u006c\u0061\u0073\u0073\u0020\u004d\u0061\u006e\u0067\u006f\u0020\u007b
\u0073\u0074\u0061\u0074\u0069\u0063\u0020\u0076\u006f\u0069\u0064\u0020\u0063\u006f\u006e\u0076\u0065\u0072\u0074\u0028\u0053\u0074\u0072\u0069\u006e\u0067\u0020\u0073\u0029\u007b\u0066\u006f\u0072\u0028\u0063\u0068\u0061\u0072\u0020\u0063\u0020\u003a\u0020\u0073\u002e\u0074\u006f\u0043\u0068\u0061\u0072\u0041\u0072\u0072\u0061\u0079\u0028\u0029\u0029\u007b\u0020\u0053\u0079\u0073\u0074\u0065\u006d\u002e\u006f\u0075\u0074\u002e\u0070\u0072\u0069\u006e\u0074\u0028\u0022\u005c\u005c\u0075\u0030\u0030\u0022\u002b\u0049\u006e\u0074\u0065\u0067\u0065\u0072\u002e\u0074\u006f\u0048\u0065\u0078\u0053\u0074\u0072\u0069\u006e\u0067\u0028\u0063\u0029\u0029\u003b\u007d\u007d
\u0070\u0075\u0062\u006c\u0069\u0063\u0020\u0073\u0074\u0061\u0074\u0069\u0063\u0020\u0076\u006f\u0069\u0064\u0020\u006d\u0061\u0069\u006e\u0028\u0053\u0074\u0072\u0069\u006e\u0067\u005b\u005d\u0020\u0061\u0072\u0067\u0073\u0029\u0020\u007b\u0069\u006e\u0074\u0020\u0078\u0020\u0020\u003d\u0020\u0049\u006e\u0074\u0065\u0067\u0065\u0072\u002e\u0070\u0061\u0072\u0073\u0065\u0049\u006e\u0074\u0028\u0061\u0072\u0067\u0073\u005b\u0030\u005d\u0029\u003b
\u0064\u006f\u0075\u0062\u006c\u0065\u0020\u0061\u003d\u0020\u0078\u002f\u0038\u002e\u002d\u0033\u0039\u0032\u0036\u0039\u0039\u003b\u0064\u006f\u0075\u0062\u006c\u0065\u0020\u0062\u0020\u003d\u0020\u004d\u0061\u0074\u0068\u002e\u006c\u006f\u0067\u0031\u0030\u0028\u0028\u0069\u006e\u0074\u0029\u0020\u0028\u0078\u002f\u004d\u0061\u0074\u0068\u002e\u0050\u0049\u002b\u0031\u0029\u0029\u002d\u0036\u003b
\u0053\u0079\u0073\u0074\u0065\u006d\u002e\u006f\u0075\u0074\u002e\u0070\u0072\u0069\u006e\u0074\u006c\u006e\u0028\u0028\u0061\u002f\u0062\u003d\u003d\u0061\u002f\u0062\u003f\u0022\u0046\u0061\u0069\u006c\u0022\u003a\u0022\u004f\u004b\u0022\u0020\u0029\u0029\u003b
\u007d\u007d

user902383

Posted 2017-08-28T17:14:25.093

Reputation: 1 360

1I don't think the obfuscation is going to do anything except add an annoying first step. – Engineer Toast – 2017-08-29T19:09:47.690

1Cracked – pppery – 2017-08-29T19:11:37.743

2@EngineerToast no, not really, it was purely for scaring off lazy people. – user902383 – 2017-08-29T19:40:36.660

0

Java, 164517378918, safe

import java.math.*;import java.util.*;
public class T{
    static boolean f(BigInteger i){if(i.compareTo(BigInteger.valueOf(2).pow(38))>0)return false;if(i.longValue()==0)return false;if(i.compareTo(BigInteger.ONE)<0)return false;int j=i.multiply(i).hashCode();for(int k=3^3;k<2000;k+=Math.abs(j%300+1)){j+=1+(short)k+i.hashCode()%(k+1);}return i.remainder(BigInteger.valueOf(5*(125+(i.hashCode()<<11))-7)).equals(BigInteger.valueOf(0));}
    @SuppressWarnings("resource")
    public static void main(String[]a){long l=new Scanner(System.in).nextLong();boolean b=false;for(long j=1;j<10;j++){b|=f(BigInteger.valueOf(l-j));}System.out.println(f(BigInteger.valueOf(l))&&b);}
}

SuperJedi224

Posted 2017-08-28T17:14:25.093

Reputation: 11 342

0

C (gcc), score ???

#include <stdint.h>
#include <stdio.h>
#include <string.h>
#include <wmmintrin.h>

#include <openssl/bio.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>

union State
{
    uint8_t u8[128];
    __m128i i128[8];
} state;

void encrypt()
{
    BIO *key = BIO_new_mem_buf
    (
        "-----BEGIN PUBLIC KEY-----\n"
        "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5CBa50oQ3gOPHNt0TLxp96t+6\n"
        "i2KvOp0CedPHdJ+T/wr/ATo7Rz+K/hzC7kQvsrEcr0Zkx7Ll/0tpFxekEk/9PaDt\n"
        "wyFyEntgz8SGUl4aPJkPCgHuJhFMyUflDTywpke3KkSv3V/VjRosn+yRu5mbA/9G\n"
        "mnOvSVBFn3P2rAOTbwIDAQAB\n"
        "-----END PUBLIC KEY-----\n",
        -1
    );

    RSA *rsa = PEM_read_bio_RSA_PUBKEY(key, &rsa, NULL, NULL);

    uint8_t ciphertext[128];

    RSA_public_encrypt(128, state.u8, ciphertext, rsa, RSA_NO_PADDING);
    memcpy(state.u8, ciphertext, 128);
}

void verify()
{
    if (memcmp
    (
        "\x93\xfd\x38\xf6\x22\xf8\xaa\x2f\x7c\x74\xef\x38\x01\xec\x44\x19"
        "\x76\x56\x27\x7e\xc6\x6d\xe9\xaf\x60\x2e\x68\xc7\x62\xfd\x2a\xd8"
        "\xb7\x3c\xc9\x78\xc9\x0f\x6b\xf0\x7c\xf8\xe5\x3c\x4f\x1c\x39\x6e"
        "\xc8\xa8\x99\x91\x3b\x73\x7a\xb8\x56\xf9\x28\xe7\x2e\xb2\x82\x5c"
        "\xb8\x36\x24\xfb\x26\x96\x32\x91\xe5\xee\x9f\x98\xdf\x44\x49\x7b"
        "\xbc\x6c\xdf\xe9\xe7\xdd\x26\x37\xe5\x3c\xe7\xc0\x2d\x60\xa5\x2e"
        "\xb8\x1f\x7e\xfd\x4f\xe0\x83\x38\x20\x48\x47\x49\x78\x18\xfb\xd8"
        "\x62\xaf\x0a\xfb\x5f\x64\xd1\x3a\xfd\xaf\x4b\xaf\x93\x23\xf4\x36",
        state.u8,
        128
    ))
        exit(0);
}

static inline void quarterround(int offset)
{
    int dest = (offset + 1) % 8, src = offset % 8;

    state.i128[dest] = _mm_aesenc_si128(state.i128[src], state.i128[dest]);
}

int main(int argc, char *argv[])
{
    if (argc != 2)
        exit(0);

    uint64_t input = strtoull(argv[1], NULL, 0);

    state.i128[0] = _mm_set_epi32(0, 0, input >> 32, input);

    for (uint64_t round = 0; round < 0x1p45; round += 2)
    {
        quarterround(0);
        quarterround(2);
        quarterround(4);
        quarterround(6);

        quarterround(7);
        quarterround(1);
        quarterround(3);
        quarterround(5);
    }

    encrypt();
    verify();
    puts("something");
}

Since cryptographic solutions are encouraged, here. Exactly one positive integer will print something, all others will print nothing. This takes a long time, so it cannot be tested online.

Dennis

Posted 2017-08-28T17:14:25.093

Reputation: 196 637

0

Python 3, score:?

def check(x):
    if x < 0 or x >= 5754820589765829850934909 or pow(x, 18446744073709551616, 5754820589765829850934909) != 2093489574700401569580277 or x % 4 != 1:
        return "No way ;-("
    return "Cool B-)"

Try it online!

Simple, but may take some time to brute-force ;-) Looking forward to a fast crack ;-)

Footnote: the first two and the last conditions make the answer unique.

BTW how the score is calculated?

Hint 1

You may expect there will be 264 answers within 0 <= x < [the 25-digit prime], but actually there are only 4, and the last condition eliminates the other 3. If you can crack this, then you will also know the other 3 solutions.

Shieru Asakoto

Posted 2017-08-28T17:14:25.093

Reputation: 4 445

Cracked. – Bubbler – 2018-08-30T07:35:33.707

0

Aceto, safe

  P'*o*7-9JxriM'lo7*9Yxx.P',xe*ikCKxlI.D+∑\a€'#o*84/si5s:i»I9Ji8:i+∑€isi.s1+.i2\H/iQxsUxsxxsxiss*i1dJi/3d2*Ji-d*id*IILCh98*2JixM'e9hxBNRb!p

Outputs TrueFalse if correct, FalseFalse otherwise

The number was

15752963

Try it online!

FantaC

Posted 2017-08-28T17:14:25.093

Reputation: 1 425

-2

C#, Mono, Linux, Alpha, score 1 (safe)

class Program
{
public static void Main()
{
//Excluding out-of-range inputs at ppperry's request; does not change solution
//original code:
//var bytes = System.BitConverter.GetBytes((long)int.Parse(System.Console.ReadLine()));
int i;
if (!int.TryParse(System.Console.ReadLine(), out i || i <= 0 || i > 1000000) { System.Console.WriteLine(0); Environment.Exit(0); }
var bytes = System.BitConverter.GetBytes((long)i);
using (var x = System.Security.Cryptography.HashAlgorithm.Create("MD5"))
{
    for (int i = 0; i < 1000000; ++i)
            for (int j = 0; j < 86400; ++j)
                    bytes = x.ComputeHash(bytes);
}
if (bytes[0] == 91 && bytes[1] == 163 && bytes[2] == 41 && bytes[3] == 169)
    System.Console.WriteLine(1);
else
    System.Console.WriteLine(0);
}
}

Careful. I mean it. There's plenty of alpha simulators out there. Use one with a jitter or this won't finish.

This depends on the fact that Alpha is big-endian, causing System.BitConverter to do the wrong thing if somebody tries this on x86 or x64. I wrote this answer to demonstrate the badness of the challenge more than anything else.

Joshua

Posted 2017-08-28T17:14:25.093

Reputation: 3 043

1This can't have exactly one solution; there are an infinite number of integers, and the MD5 function has a finite number of possible outputs, so there must be a collision – pppery – 2017-08-29T19:16:40.720

@ppperry: There are only 2 billion and change positive ints though. – Joshua – 2017-08-29T19:24:59.180

If you think about it that way, this errors on inputs greater than 2^31, and thus is invalid.

– pppery – 2017-08-29T19:34:37.580

@ppperry: There now it won't error on that. – Joshua – 2017-08-29T19:42:24.347

Unless you can prove that only 1 positive integer will have the right output, this isn't a valid answer. Do you have a proof? – Rɪᴋᴇʀ – 2017-09-03T16:27:14.823

2

Unless you can prove that 1 is the only solution, this answer is invalid. The burden of proof should be on the person claiming to have a valid answer.

– Dennis – 2017-09-06T04:03:02.180

@Dennis: Your position is defeated by the text of the specific challenge: the point of allowing cryptographic functions is allowing stuff like this. – Joshua – 2017-09-06T15:11:09.677

Why do you say that? There are plenty of bijective cryptographic primitives, such as the RSA encryption I use in my own answer. – Dennis – 2017-09-06T15:23:07.373

@Dennis: On the other hand; OP is making no attempt to enforce such a rule, and since enforcing it would fail all safe answers and you have an answer that will not be cracked you must not do so. – Joshua – 2017-09-06T15:34:12.700

Asked: 2017-08-28T17:14:25.093

Viewed: 3 744 times

Active: 2017-12-13T18:48:14.050