You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hey there, I hope you are still involved with the solving.
I just got a new idea which fits the puzzle description. What if the target are certificate transparency logs? It would make sense for Cicada usher us into using a more secure internet as they did before with PGP. Back in 2014, CT logs were pretty new which might have give an additional incentive. Plus the drawback of the logs, namely making it public to the whole world. Which would fit both, the "deep web" and the "every pilgrim to seek out" part of the puzzle.
Sadly, getting the logs got harder with the years as most tools (like https://crt.sh/) process recent logs only. The oldest I could find is: https://ct.googleapis.com/logs/us1/mirrors/digicert_ct1/ct/v1/get-entries?start=0&end=1 which is from Sept 2014. I think it is still too young so to speak. The puzzle was released in January 2014. The first logs were generated somewhere between April 2013 and early 2014.
Hashing a few thousand certificates shouldn't take too long. The problem is, I dont know what exactly should be hashed. Havent had time to look at the binary data structure and how to parse it. Especially, I couldnt even find how the fingerprint of the certificate is calculated. The only thing I learned, is the timestamp format 140930000000Z 151005120000Z (YYMMDDHHmmss).
Hey there, I hope you are still involved with the solving.
I just got a new idea which fits the puzzle description. What if the target are certificate transparency logs? It would make sense for Cicada usher us into using a more secure internet as they did before with PGP. Back in 2014, CT logs were pretty new which might have give an additional incentive. Plus the drawback of the logs, namely making it public to the whole world. Which would fit both, the "deep web" and the "every pilgrim to seek out" part of the puzzle.
Sadly, getting the logs got harder with the years as most tools (like https://crt.sh/) process recent logs only. The oldest I could find is: https://ct.googleapis.com/logs/us1/mirrors/digicert_ct1/ct/v1/get-entries?start=0&end=1 which is from Sept 2014. I think it is still too young so to speak. The puzzle was released in January 2014. The first logs were generated somewhere between April 2013 and early 2014.
Hashing a few thousand certificates shouldn't take too long. The problem is, I dont know what exactly should be hashed. Havent had time to look at the binary data structure and how to parse it. Especially, I couldnt even find how the fingerprint of the certificate is calculated. The only thing I learned, is the timestamp format 140930000000Z 151005120000Z (YYMMDDHHmmss).
This helped too, here is webservice with a processed log entry https://certstream.calidog.io/example.json. You can lookup the corresponding log entry in
cert_link.The text was updated successfully, but these errors were encountered: