You should have used Wai Dei's crypto++ library, which has all necessary primitives and the reference el-gamal itself.

I've re-implemented the el-gamal to target this specific code (I was more interested in integer values than in encoded forms of the cipher text). In fact I verified that Alice is able to decrypt messages, something Nokia never bothered to do.

Knowledge has disadvantages.

I was able to generate large number of primes and test with numerous versions of k, and public key for Alice. M was off course 15. I've kept looking for the cipher text that fits 6 characters length. Now I know why everything failed.

Nokia has probably used the web el-gamal calculator, which allows manual entry of Alice's public key. This has actually broken the whole crypto system. In fact what they've invented is not a crypto system at all.

If they really wanted to be cryptic they should have used hash(Snapit) + El-Gamal signature scheme.


When solution appeared, I've reentered values, and got 289 for the public key, which did not make sense. Than I've decided to replace public key with 255, and got the "correct" result.

Congratulations to guy who figured out this.

In any case don't use NFC capability as your wallet (it is based on cryptography), since these guys don't understand cryptographic algorithms.

So let's see what is the last code.