Yes, it's difficult question since i doubt anyone here have qualification as security auditor.
There are a number of members here who clearly know a lot about security. You don't need to be a security auditor to know how to crack a string.
I disagree, the challenge was to crack
black box protocol and "crack a string" is oversimplification since you could use state of the art cryptography to encrypt a string. And as @Pmalek mentioned, no one could make conclusion how your protocol works only based on 2 pair of string.