Wiggles, part 30


Just a little ongoing story to give you something to play with until the next blog post.

BVM KGMMR GWWI XWWG WR BVM WRM OFXM WPMRO JB BVM YJOM WS BVM OBJFGO LMJXFRK HP BW BVM JGNJXM. BVM YJNZ EJLL WS BVM KGMMR GWWI FO IJQYM 1-1.5 IMBMGO LMSB WS BVM XWWG, OW F’X VJCM BW NGJEL IJQYM 5-6 IMBMGO BW KMB BW EVMGM BVM BWP WS BVM OBJFGO SGWI BVM YJG IMMBO BVM NLWOMOB MXKM WS BVM JGNJXM. F’I BJLL, YHB F’I XMSFRFBMLQ RWB J SHLL BEW IMBMGO LWRK, OW F’X RMMX BW NWCMG JB LMJOB 4 BFIMO IQ WER YWXQ LMRKBV YMSWGM F NWHLX YM OHGM BVJB F’X KWBBMR HRXMGRMJBV BVM JGNJXM OPJNM. RJBHGJLLQ, FR BVM XJGZ, EFBV IQ SLJOVLFKVB PWFRBMX XFGMNBLQ FR SGWRB WS IM, FB EJO GMJLLQ VJGX BW KJHKM XFOBJRNM. JSBMG J IFRHBM, FB XJERMX WR IM BVJB BVFO EJO PGWYJYLQ J CMGQ OBHPFX BVFRK F EJO XWFRK. FS BVM BHRRML RJGGWEMX, F’X VJCM J SJFGLQ XFSSFNHLB BFIM JB YJNZFRK HP, WG BGQFRK BW OBWWP HP MRWHKV BW JBBMIPB BHGRFRK JGWHRX. YHB, BVM GWNZ EJLLO EMGM PGMBBQ HRNVJRKFRK, JRX F NWHLXR’B FIJKFRM BVJB BVMGM EJOR’B J NWRRMNBFRK BHRRML HP JVMJX, FS SWG RWBVFRK MLOM BVJR SWG GJFREJBMG XGJFRJKM.

Advertisements

Thinking About Encryption, Part 33


I started diving deeper into the ACA archives, focusing between 2001 and 2005. Along the way I found a couple articles on Route Transposition. To me, RT, Null and Baconian are all very similar in that they’re more like brain teasers than honest ciphers. Granted, they can all be used for hiding messages in various ways, so in that sense, yes, they’re ciphers. But the rules employed seem very arbitrary. In the case of RT, you pick a method for forming a square or rectangle, and then a second method for taking off the cipher text. A few of these methods are actually (close to) the definitions for Columnar Transposition, Scytale, and even Rail Fence. Others are a bit more complicated.

For example, on by rows, off by columns:

thisisa
nexampl
etextab

tnehe tixes aximt spaal b

One obvious weakness of RT is that the plaintext length has to be padded to create an a x b rectangle, which can give away the rectangle’s dimensions and make solving it a bit easier.

The ACA guidelines state that the maximum plaintext lengths are either an 8×8 square, or an 8×10 rectangle. There’s no mention of the types of routes that are available, or are considered “ACA standard.” The ND2005 issue of the Cm lists the six main types: Orthogonal (runs in one direction), Boustrophedon (alternates direction, from the Greek “as the ox turns while plowing”), Diagonal, Spiral (from a corner to the center), Crab Spiral (from the center out to a corner) and Boustrophedon Diagonal. And we have horizontal and vertical mirror flips, so we can rotate the start point around the corners (starting from upper left, upper right, lower left or lower right). In all, there are 48 combinations. And because we can use a different method to take off the text, that’s 48×47 combinations. However, many of the rotations and reflections result in the same ciphertext out.

Say we have “in the worlds of code, there is no one answer”.

Simple orthogonal can be:

inthe . iroee . rewsn
world . nldia . aenoo
sofco . tdesn . nsier
dethe . hstns . ehted
reisn . eohow . ocfos
oonea . wfeoe . dlrow
nswer . ocrnr . ehtni

For simple boustrophedon:

inthe . icone
dlrow . nfdoa
sofco . toeon
ehted . hstns
reisn . edhsw
aenoo . wleie
nswer . orrer

Spiral:

inthe
ereiw
hswso
tnenr
earol
denod
ocfos

Crab Spiral:

htedr
eehoe
rwtcw
eonfs
irion
sldsa
noone

Diagonal

itwlc
nerfh
hooto
wseoa
ddnes
osnne
ioawr

Boustrophedon Diagonal:

inwoo
tercd
hlfen
dotso
shiow
eense
reanr

As can be seen above, the plaintext is still largely readable even after the first transposition. So, if we take off the text in rows or columns, we may retain some of that readability, making it easier to guess the patterns used.

Crab spiral off in columns:

herei sntew orloe htnid odocf osnre wsnae

Losing the spaces, we can find “hereis” at the beginning of the line, and printing the line backwards reveals “answer.” Kind of implies a spiral.

Or, Boustrophedon off in rows:
inthe dlrow sofco ehted reisn aenoo nswer

It’s like we’re not even trying. In fact, this aids in determining the column widths to get us back to our 5×7 rectangle.

In short, you want to avoid maybe 20% of the various “on-by/off-by” combinations just because they leave too many clues. That really reduces the work required by the solver to crack the CON by brute force.

To break a Route Transposition CON, the first step is to get the string length, and determine what the factors are. In my example, I’ve got a length of 35. So, the plaintext is going to be either 5×7 or 7×5. Next, try writing the text in simple rows and columns for both dimensions.

hereisn - On by rows
teworlo
ehtnido
docfosn
rewsnae


herei
sntew
orloe
htnid
odocf
osnre
wsnae


hsohoow - On by columns
enrtdss
rtlnonn
eeoicra
iwedfee


htedr
eehoe
rwtcw
eonfs
irion
sldsa
noone

The first and fourth blocks have the most immediately eye-catching amounts of plaintext.
First, around the outer layer: “thereisnooneanswer”.
Fourth, around the outer layer: “hereisnooneanswer”.

The difference, though, is that when you try to link the letters just before “there”, block four gives you “ted” in the top row, plus “ocfo” in the column immediately below the “d.” Since we know reversed strings are allowed, reversing them gives us “ofcodet”. Put that in front of “hereisnooneanswer”, and we get “ofcodethereisnooneanswer.” This pretty much proves we have a crab spiral, and we know that starts from the center and works out. Obtaining the last of the text is easy.

If we’d kept picking at block one, removing the part we already read, we’d also find:

eworl
ehtnid
docfos

“worlds of code”. Peal that off to reveal:

e
htni

Or, “in the” backwards. Looking more closely at block one, we can finally see that it’s also a crab spiral, just on its side. In fact, blocks one and four are identical, and are simply rotated 90 degrees clockwise.

If that failed, then we would need to form the rectangle using a spiral and/or a diagonal. If the text was 36 characters, we’d have to try a 6×6 square, and a 4×9 rectangle. Still, this is doable with paper and pencil, although brute force in software makes the excerise almost trivial.

I was thinking about writing my own VBScript solver, but the ACA newsletter doesn’t run that many route transposition CONs – maybe one or two a year. BION, one of the ACA’s more active app writers also has a Route worksheet, which I’ll try using next time, first. Overall, though, RT’s may really be more fun to solve by hand (if you can avoid making mistakes).

Some caveats – the routes mentioned above are the obvious ACA-standard ones. You can easily develop non-standard routes, such as “take off every other row,” “every third column,” or “X-diagonals.” One of the other ACA members suggested using magic square numbering, following the jumps of a chess Knight piece, or using a Greek Cross pattern:

. 1 . . 5
2 . 3 6 . 7
. 4 . . 8

and read that off in rows:

1 5 2 3 6 7 4 8

The point is that if you only play with the ACA standard routes, when someone creates a non-standard route, you’ll probably be lost if you rely on software to do the heavy lifting for you.

Summary:
1) Route Transposition is more like a brain teaser than a cipher.
2) There are 6 standard route types, multiplied by rotations and reflections.
3) While there are 48 conceivable standard combinations, some of them give the same results.
4) RT is approachable by hand using paper and pencil.
5) To create an RT cipher, pick the route type for making the rectangle or square, and the route type for pulling the text off for the final cipher. (I.e. – On by reversed rows, off by spiral.)
6) To solve an RT, determine the text length to get the possible rectangle sizes to try (i.e. – 5×5, 6×6 or 4×9).
7) Start by creating the test rectangles on by rows, and on by columns. Look for readable plain text, checking for spirals, crab spirals and diagonals.
8) If #7 fails, write the text in by spiral and by diagonal. Look for reversed plaintext (rows and columns), too.
9) If both #7 and #8 fail, the RT may be non-standard. Consider non-adjacent rows and columns.
10) If all else fails, try making words from the ciphertext letters as anagrams. If you can reconstruct a large block of text this way, it may give you some hints as to the physical relationships between the letters.
11) As a last resort, abandon the idea that this is a Route Transposition and check if you’re not really facing a Rail Fence, Complete Columnar Transposition or Nihilist Transposition instead.

Thinking About Encryption, Part 32


In going through the ACA archives, I found a few articles employing the Baconian cipher, and one partially describing it. I kind of had an idea for how to place the crib (finding where one of the plaintext hint words goes in the CON (construction)), and I figured I’d spend a couple hours writing up the VBScript for at least converting the crib into Baconian format, and see where things went from there. The first part went ok, but then I didn’t have time to sit down at the computer over the entire following weekend, and I kept expanding on the script in my head. That Monday, when I did have a little free time, I was so tired from lack of sleep (construction noises outside kept waking me up) that nothing I wrote worked immediately. I wasted the better part of the day bug fixing and wondering what I was thinking while I was writing code just a few minutes earlier. In the end, I did get a solver pretty much fully up and running, and I’d found the solution for the Baconian CON in the Sept.-Oct. issue of the ACA Cryptogram (Cm) newsletter. So, that was good.

Sir Francis Bacon was a big fan of secret messages, and he felt that the best secret message was one that didn’t look like a secret message. He employed steganography throughout his works, with variations on type fonts, and letter spacings to hide messages. Similar writing in Shakespeare’s works have led many people to believe that Bacon wrote Shakespeare, and William Friedman initially became involved in cryptography as a photographer on a project to analyze Shakespeare’s works around 1916-17. Friedman and his wife Elizabeth (who taught William cryptography), eventually disproved the connection.

There are two variants of Bacon’s cipher, while the ACA generally uses the first one, in which the letters I and J, and U and V, double up to create a 24-letter alphabet. What’s a bit confusing at times is that the entire 26-letter English alphabet is used for the encoding (i.e.- the message text uses 24 letters, but the method for hiding the message uses 26 letters).

The system uses “a” and “b” in a pure binary counting format for representing “A-Z”.

aaaaa = A
aaaab = B
aaaba = C
aaabb = D
...
babbb = Z

In Bacon’s original implementation, a letter in one font face would be interpreted as “a”, and a letter in the other face would be “b”. As the ACA implements their Baconian cipher, any set of rules, the more obscure the better, can be used. Generally, this takes the form of groups of 5-letter words representing a maximum of 25 plaintext letters. Such as:

AUTOR BEGIN TAMED WORMS

Now, technically what I did was use a Null cipher here, where the one odd letter of the first and second halves of the alphabet spells out “ANT.” But, this just demonstrates how similar Baconian is to Null. Any rule can be employed as long as it’s consistent. With the exact same 4 words, if “b” = “GROU”

Then:

AUTOR = ababb = m
BEGIN = aabaa = e
TAMED = aaaaa = a
WORMS = abbaa = n

Giving us “mean ant” using two different systems with one set of four 5-letter words.

Granted, it would be nearly impossible to extract the Baconian rules from something so short, and it also illustrates the difficulty in crafting a good word puzzle this way. The ACA archives have examples of CONs that contain upwards of 3 and even 4 messages in strings of the same 25 word groups, each with their own rules, but the word groups have turned into completely unreadable random-looking strings. Which undermines Bacon’s rule that the message shouldn’t look like it’s enciphered.

If the message is long enough, then a crib can be used to solve it. In the Sept.-Oct. 2018 newsletter, the Baconian cipher included the crib “say.”

s = baaab
a = aaaaa
y = babba

Once the crib is converted to binary, you can slide it across the cipher text (5 letters at a time), looking for a “best fit.”

AUTOR BEGIN TAMED WORMS
baaab aaaaa babba

This placement would fail becase the “A” in AUTOR needs to be a “b”, while the “A” in TAMED needs to be an “a”.

BEGIN TAMED WORMS
baaab aaaaa babba

Would also fail because “M” is “a” in TAMED, but “b” in WORMS.

The ACA members generally select cribs that can have 2 or more possible placements. When this happens, you just have to try plugging “a” and “b” into the words in those placements and see if any of them automatically disqualify themselves. Because a 5-digit binary number can range from 0 to 31, and the Baconian alphabet only uses 24 (or 26) letters, “bbaaa” through “bbbbb” (that’s seven characters) are illegal. If the attempted placement creates something like “bbabb” for an unrelated letter, you know that placement is wrong.

After the crib has been placed correctly, some of the other letters will be partially filled in. If there are letters with only one digit missing (e.g. – “a-bba” or “-bbbb”), completing them will be easy. In the case of “-bbbb,” the only choice is “abbbb” (“Q”) because “bbbbb” is illegal. For “a-bba”, “aabba” gives “G” and “abbba” produces “P”. You can tell from the reconstructed plaintext which one is correct. And, for every cipher letter you get right, there could be 3-4 more plaintext letters that pop out.

Once you have the finished plaintext, you can look at the cipher assignments for “a” and “b” to see if there was some kind of underlying rule. In my above example, I really wanted “b” = “GROUND,” but that would have thrown off the Null cipher, which required the last letter of “TAME?” to be curved, and to lie between “A” and “N.” If I do try my hand at creating Baconian CONs, I’ll submit them to the ACA for publication in the Cm for credit. These things are tricky enough that I doubt I’ll print them in the blog until long after the Cm prints out the solution. Anyway, the easy Baconian CONs are kind of fun to solve, and my solver works well enough. At some point, I’ll upgrade it to suggest “a” and “b” assignments for letters with one missing digit, which might make it auto-solving if something like “?bbaa” only has one solution.

Summary:
1) The Baconian cipher uses regular text to hide the existence of a secondary hidden message.
2) The Baconian alphabet is binary, employing “a” and “b” instead of “0” and “1.”
3) There are two versons of the alphabet, either 24 letters or 26 letters.
4) The 24-letter alphabet combines I with J, and U with V.
5) Placing the crib in ACA Baconians is a matter of eliminating 5-letter word groups that would result in “a” = “b” conflicts.
6) The general ACA Baconian CONs use groups of 5-letter words, for a maximum of 25 letters of plaintext, but this is not a hard-and-fast rule.
7) Other Baconian ciphers can be embedded in any kind of message as desired.
8) Once you’ve recovered enough of the plaintext, you can try to identify the rule used for the “a” and “b” assignments.
9) On its own, Baconian can be an extremely secure cipher-type, because it is both easy to overlook, and the rules could be nigh-impossible to uncover if you have no idea what the plaintext is about.
10) Bacon did not write Shakespeare.

Wiggles, part 27


Just a little ongoing story to give you something to play with until the next blog post.

SGHQH’E B EGQVDH VD UJISI SGBS GBE B RVT FHDSQBZ MIIOHD EKXXIQS XVZZBQ. BS SGH RBEH IW SGH EKXXIQS VE B GIZH BRIKS 12 VDFGHE EPKBQH BDO 3 WHHS ZIDT. SGHQH’E B SQBOVSVID SGBS VW JIK FBD FQBMZ BZZ SGH MBJ SGQIKTG, JIK MVZZ THS TIIO ZKFU. V GBO SI OVEZIFBSH YJ EGIKZOHQ WIQ SGBS IDH, BDO B WHM IW SGH XQVHESE GBO SI XKEG BDO OQBT YH SGQIKTG VS, RKS V OVO YBUH VS IKS SGH ISGHQ EVOH IW SGH XVZZBQ. SGH GIZH GHQH MIKZOD’S RH B FGBZZHDTH. V SGQHM BDISGHQ PKVFU ZIIU IKS SGH GBZW-IXHD OIIQ, XKS YJ CBFUHS ID YJ TKVSBQ FBEH, SIIU IWW YJ RHZS, BDO XKEGHO SGH RINHE IKS IW SGH MBJ. V UDHM, VW V BEUHO WIQ XHQYVEEVID V’O DHLHQ RH BZZIMHO SI SQJ SGVE, BDO V MBE XZBDDVDT ID TIVDT SI BDISGHQ FVSJ SGH DHNS OBJ BDJMBJ. EI, V OVOD’S GBLH SI MIQQJ BRIKS THSSVDT WVQHO VW SGH IMDHQ TIS BDTQJ, BDO V MBED’S GKQSVDT WIQ YIDHJ VW GH OHFVOHO SI UHHX MGBS GH IMHO YH. V TIS OIMD ID YJ GBDOE BDO UDHHE, XKEGHO YJ FIVZHO KX RHZS, EKYBWI BDO ZVTGS SGQIKTG SGH GIZH VD WQIDS IW YH, BDO TIS SI EPKVQYVDT WIQMBQO. V GBO SI OVEZIFBSH YJ EGIKZOHQ BTBVD, RKS V’Y KEHO SI SGBS DIM.

Wiggles, part 26


Just a little ongoing story to give you something to play with until the next blog post.

B IQQS Y JWD LPQZI LIWEL IQ CG AYLW, UZYNNWT IPW JFYLPFBUPI, YRT CYTW LXZW IPW UXBIYZ DYL LYJW BRLBTW, IPWR PWYTWT NYAS IQ IPYI AQZRWZ. DBIP IPW FBUPI QR, B AQXFT IWFF IPYI YFF IPYI DYL NWPBRT IPW NQVWL YRT NZQQCL DYL APWYE JYSW DQQT EYRWFBRU, NXI RQD B DYL AXZBQXL. B PYFJ-AFQLWT IPW TQQZ IQ IPW LIYUW, IPWR EXFFWT IPW NZQQCL QXI QJ IPW DYG. B JWFI IPW EYRWFBRU, SBRT QJ EXLPBRU YRT EXFFBRU BI Y FBIIFW NBI, JWWFBRU IPW DYG BI DBUUFWT. IPWZW DYL Y NBI QJ EFYG XE YRT TQDR, LQ B SWEI EXLPBRU XRIBF IPWZW DYL Y AFBAS YRT Y EBWAW QJ IPW EYRWFBRU TQDR YI IPW JFQQZ LFBT QEWR YDYG JZQC CW. B NWRI TQDR YRT YBCWT IPW FBUPI BRIQ IPW PQFW BR IPW DYFF. IPW QEWRBRU DYL EYZIFG PBTBRU NWPBRT Y LIYAS QJ NQVWL, YRT DYL MXLI FYZUW WRQXUP IQ JBI YR QHWZDWBUPI APBFT. B’HW UQRW IPZQXUP DQZLW.

Wiggles, part 25


Just a little ongoing story to give you something to play with until the next blog post.

YTWY YAWFL YQLLHE BWR W XJQDEH SEJXMR EJLV, WLK LHFYTHA HLK BWR RHWEHK. F’K XWAAG ZG SFMH JL YTH YAWFL JL ZG BWG YJ RXTJJE FL YTH ZJALFLV, WLK AFKH YJ YTH YQLLHE WUYHA XEWRRHR. YTH SFMH TWK WL HEHXYAFX THWKEFVTY, WLK F’K WERJ SAFLV ZG RQZWUJ WLK WL HCYAW UEWRTEFVTY, WLK F’K RDHLK W XJQDEH TJQAR FL YTH YQLLHE, AFKFLV WAJQLK, SQFEKFLV W RZWEE UJAY, WLK OQRY TWIFLV UQL. F VQHRR WY RJZH DJFLY YTH YAWFL XJZDWLG TWK DEWLLHK YJ TWIH W RDQA AQLLFLV JUU FL WLJYTHA KFAHXYFJL, RFLXH YTHAH BWR W RTJAY RFKH YQLLHE FL YTH ZFKKEH, SQY FL 20-30 ZHYHAR FY XWZH YJ W KHWKHLK. YTWY’R BTHAH F DQY ZG UJAY, WLK W RYJXMDFEH JU RYFXMR UJA RBWYYFLV VJMFSQAF (AJWXTHR) WBWG BFYT. F EJIH YQLLHER WLK XWIHR LJB, WLK F WEBWGR MHHD W DJXMHY EHK MHGXTWFL EFVTY FL YTH RYAFLVR XJZDWAYZHLY FL ZG VQFYWA XWRH.

Thinking About Encryption, Part 28


Ok, Fractionated Morse. This is kind of related to Morse code, but only in a way. By itself, Morse is a substitution cipher, where “.” replaces “e”, “-” replaces “t”, “—” is “o”, “…” is “s”, and so on. What FM does is to create a trinary (base-3) counting system, but instead of using 0-2, it uses “.-X”. In a base-3 system, counting would go 0, 1, 2, 10, 11, 12, 20, 21, 22, 100, etc. If you have a 3-digit base-3 number, you can count from 0 to 26 (3*3*3 – 1). And, funny enough, the English alphabet has 26 letters. What do we do about that missing 27th value, though?

Well, I’ll start from the beginning. If you look at the International Morse Code table in the wiki article, the text “COME QUICKLY WATSON” becomes

"-.-. --- -- . --.- ..- .. -.-. -.- .-.. -.-- .-- .- - ... --- -."

That’s a little difficult to read, because there’s no way to differentiate between a letter break and a word break. So, FM uses “X” to separate letters, and “XX” to separate words. This gives us:

"-.-.X---X--X.X--.-XX..-X..X-.-.X-.-X.-..X-.--XX.--X.-X-X...X---X-."

Notice here that we never get three x’s in a row. There’s no “XXX” (sorry, Vin Diesel). This means that we can create a trinary coding system for all “Morse Code-legal” combinations of “.”, “-“, and “X”, using just 26 combinations of 3 symbols each. And we can represent those with the 26 English alphabet letters.

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
. . . . . . . . . - - - - - - - - - X X X X X X X X
. . . - - - X X X . . . - - - X X X . . . - - - X X
. - X . - X . - X . - X . - X . - X . - X . - X . -

Now, if I go back to my plaintext Morse message, and write the characters vertically, from left to right, in groups of three, I get:

K H O O I M P F X K H F D H E Y O F P C N V
- . - - . - - . . - . . . . . X - . - . - X
. X - - X - X - . . X - - X - X - - X . - -
- - X X X . . X X - - X . - - . X X . X - .

If I leave it at this, it’s still too close to the plaintext layout, and anyone that knows the algorithm can read the plaintext with little to no effort. So, we encrypt the trinary table by picking a keyword of any desired length, remove duplicate letters, then write out the rest of the alphabet to fill the table. In some cases, we can shift the alphabet to avoid the Z=Z encoding at the end. For example, with the keyword “GRAHAM,”

X Y Z G R A H M B C D E F I J K L N O P Q S T U V W
. . . . . . . . . - - - - - - - - - X X X X X X X X
. . . - - - X X X . . . - - - X X X . . . - - - X X
. - X . - X . - X . - X . - X . - X . - X . - X . -


X Y Z G R A H M B C D E F I J K L N O P Q S T U V W
a b c d e f g h i j k l m n o p q r s t u v w x y z

KHOOI MPFXK HFDHE YOFPC NV turns into DMJJB FKAUD MAGMR UJAKZ IS.

And now, my Fractionated Morse cipher is complete. With the key word “Graham”, and the alphabet shifted as above,

“COME QUICKLY WATSON” is “DMJJB FKAUD MAGMR UJAKZ IS”.

Deciphering is just the reverse process. Use the key to create the key alphabet and write that over the triplet table. Write the corresponding triplets under each letter of the ciphertext, then pull the triplets out by columns, from left to right, and write them out in rows. Convert the resulting Morse code to plaintext, and you’re done.

A couple notes. First, the ACA guidelines suggest that the plaintext be 100-150 letters long. Then, out of the 28 FM ciphers I have checked, several started with a leading X, but most didn’t. Several ended with a trailing X, but most didn’t. I assume this was for padding to make multiples of 3 symbols. 2 ciphers had shifted key alphabets, and one had a semi-shifted alphabet (GRAHMFIJKLNOPQSTUVWXYZBCDE). Finally, one of the ciphers had digits as well as letters in the plaintext. None have used punctuation so far.

All of this is what drove me crazy in trying to write and debug my VBScript solver, because I kept expecting some level of predictability that wasn’t there.

In general, the ACA will include a crib for certain types of cipher puzzles in order to help make them more solvable. Cribs can be hints for attacking the cipher, or words from the plaintext message. The reason for this is that, normally, when you try to crack a cipher, you have a lot of encrypted material to work with. But the ACA ciphers (called CONs, for CONstructions) that appear in their Cm magazine are only 100-150 characters long, or maybe shorter. That’s not a lot to work with, and the idea is that the CONs are intended to be solvable, even if that may require a lot of work. Of the 28 FM ciphers from the 2011-2015 archives, 28 had cribs. However, the Sept.-Oct. 2018 issue had the FM cipher in the Expert Corner (instead of Cipher Exchange), precisely because there was no crib. The only hint was that the key word was 6 letters long, standard placement (no shifting).

At 6 letters, it’s easy to solve FM with brute force, by using a permutating incrementer (ABC, ACB, BAC, BCA, CAB, CBA) on the keyword. Unfortunately, my VBScript had bugs, and when it failed to solve SO2018, I didn’t know if it was because of something weird in the key, or if it was because of a bug (mostly it was bugs). I spent the better part of a week going through the archives, testing all of the FM ciphers I found, learning about the different variations on the FM theme, and figuring out where the bugs were.

However, it is important to keep in mind that not all of the ACA members use software to solve CONs. For those that use pencil and paper, the key word needs to be selected to embed hints to the answer in the cipher text itself. And, that is what we have with S2018. I’m not going to reprint the cipher here, because I don’t want to rip off the ACA excessively. Suffice it to say that in the cipher text were letter pairs like “XY”, “IY”, and “TY”. This implies that “Y” has to be in the keyword, because otherwise you’d get something like “..XXX.”, and three x’s in a row are illegal. You can use logic to eliminate many letter combinations in the key alphabet. Anyway, once I got my script debugged, it found the solution through brute force in about 15 minutes.

What happens if you have a crib, though?

The interesting thing about Fractionated Morse is that you’re not encrypting the Morse code string. The fractionating imposed by the base-3 counting system leaves the Morse string intact. Instead, FM performs a letter substitution on the characters that represent the triplets. So, if you know (or can guess) one of the words in the plaintext and convert that into Morse Code, you can do pattern matching to narrow down where in the cipher text the crib appears. From that, it’s just a matter of reconstructing the key alphabet.

Say the crib is “chose none.” The Morse code (with X separators) for this is:

XX-.-.X....X---X...X.XX-.X---X-.X.XX

Because there are word separators, and “chose none” is expected to be in the middle of the message, we encapsulate it with leading and trailing “XX”, as well as having “XX” between “chose” and “none.” The problem is that we can’t expect this string to fall exactly on a triplet boundary, meaning we’re going to need to test for 3 unique conditions. In a perfect world, we’d have:

? K G A W P C I L N V U ? (fully wildcard pattern)
- . . X - . . - - X X X
X . X . - X . X . - - .
X - . . - . X X X - . X
(Pattern 1)

But, we can also have:

Z D S C N S G Z H O L I (1_2__2_1____)
X . X . - X . X . - - .
X - . . - . X X X - . X
- . . X - . . - - X X X

(Pattern 2)

And,

? V L A H O A U V W Q G ? (?1_2__2_1___?)
^ X - . . - . X X X - . X
^ - . . X - . . - - X X X
X . X . - X . X . - - .

(Pattern 3)

Unfortunately both patterns 2 and 3 have the same outcome: one letter appears at positions 1 and 8, and a second letter at positions 3 and 6. Pattern 1 doesn’t have any repeating letters, which could be used for the process of elimination, if needed. I’m going to use a random garbage cipher, but let’s pretend we have the cipher message:

AHTBD TCWAC HDRLV JQOPZ DLLMO

The string below fits our pattern, and we can try equating “D” with “Z” and “V”; “T” with “D” and “L”, etc. If something readable comes out of the key alphabet for either, then we’re golden. If not, we have to assume that the pattern match was accidental, and we need to resort to testing for pattern 1 throughout the ciphertext.

1_2__2_1____
DTCWACHDRLVJ

Plugging in the letters from DTCWACHDRLVJ into the plaintext alphabet yields the below garbage (to be expected because I’m too lazy to make a real cipher message here).

__WT__HRJ____AL___C______D
abcdefghijklmnopqrstuvwxyz

Looks pretty unpromising, but the point is to demonstrate the process. Once you’ve located the crib in the ciphertext, it’s just a matter of alternating between filling in the plaintext with the known key alphabet, and guessing at the missing plaintext words, and using that to fill in more of the alphabet.

Summary:
1) Fractionated Morse combines Morse Code with a base-3 counting system to create a substitution-type cipher.
2) You use a keyed alphabet to modify the base-3 A-Z letter assignments.
3) The cipher itself consists of the substituted A-Z letters.
4) Deciphering is just the reverse process.
5) If you know the length of the alphabet key, FM can be easily broken through brute force (if the key is short enough).
6) Otherwise, if you have a crib, then crib placement is a matter of converting the crib to the plaintext triplets, and looking for matching letter patterns in the ciphertext.
7) Once you’ve placed the crib, you can recover part of the key alphabet.
8) Fractionated Morse is not very secure, but it is fun to play with.

Wiggles, part 24


Just a little ongoing story to give you something to play with until the next blog post.

Z FNHVZJHNK VLN JIK AMDNC MHK VPHHNIC. GSJTZHG PB ZH M FJCVIO UIMV AZVO CPSSJPHKNK FMZHIO XO CLJBC MHK MBMSVFNHV XPZIKZHGC, Z KZKH’V LMDN VLMV FMHO JBBJSVPHZVZNC VJ GJ NQBIJSZHG MC M EZK. PHINCC OJP AJPHV VLN CPXTMO COCVNF, TLZAL Z UJPHK NHKINCCIO UMCAZHMVZHG. Z’K FMKN ZV PB VJ VJEOJ M UNT VZFNC, MHK Z AJPIK TMIE PHKNSGSJPHK UJS FZINC XNVTNNH VSMZH CVMVZJHC TZVLJPV NDNS LMDZHG VJ INMDN UJS CVSNNV INDNI. JVLNSTZCN, FO VJTH KZKH’V LMDN M CPXTMO IZHN. TLMV TN KZK LMDN TMC M SNGPIMS VSMZH IZHN, MHK Z LMK M UJIKZHG XZEN MHK M SMZI BMCC. RMBMH KJNCH’V PHKNSCVMHK VLN ZKNM JU XPIE KZCAJPHVC … ZU ZV AJCVC $10 VJ SZKN VLN VSMZH JHN TMO JH JHN KMO, GNVVZHG M 1 FJHVL SMZI BMCC ZC GJZHG VJ AJCV OJP 30 * $20 = $600 (60,000 ONH). JH VLN JVLNS LMHK, NDNSO CVJB XNVTNNH OJPS LJFN CVMVZJH MHK OJPS KNCVZHMVZJH XNAJFNC USNN UJS VLMV FJHVL, MHK OJP AMH PCN VLN AMSK MC FMHO VZFNC ZH JHN KMO MC OJP TMHV. VLNSN TMC MH MXMHKJHNK VSMZH VPHHNI VLSJPGL M LZII JPV AIJCN VJ VLN CALJJI Z MVVNHKNK…

Thinking About Encryption, Part 27


I’m going to talk about Null ciphers this time. Both issues of the ACA Cm magazine I have contain Null ciphers, so I did wonder what they were, but not so much as to actually go read the description on the ACA website. I was more attracted to the idea of the Fractionated Morse cipher, which proved to be a lot more unpredictable than I’d expected. In order to have more examples to play with, I went to the ACA website and downloaded the archive PDF for years 2011 to 2015. At 6 issues a year, that gave me 30 issues to wade through, and 28 Frac. Morse ciphers to experiment on.

Then, I was glancing over all of the “how-to” articles in those issues, which included several related to Null, and its sister, the Sequence Null. The Sept.-Oct. 2018 issue of the Cm., which I’m still working on, has a Null cipher at the beginning of the Cipher Exchange section, marking it as one of the easier ciphers this time (the ciphers in any given department are sorted from easiest to hardest). So, why not?

So, Null ciphers are more mind bender puzzles than anything else, where the message is hidden in a series of plaintext words. One example could be:

PRETTY OBVIOUS NEW YEAR TRIAL ABUNDANT IDOL LADY

if you take the first letter of each word, you get “ponytail.”

conversely,

TRIGGER BARE SPREAD WISH FARE AREA DECLARED

uses the last letters to spell “redhead.”

However, while the ACA guidelines indicate that Null plaintext messages should not be longer than 25 letters, there can be exceptions. Just about any system can be employed: the letter immediately following or preceding a vowel, every second letter, every third letter, or every middle letter.

AGE BROOD DOG ADDLE ABE SAYER SPEED

gives “GOODBYE”.

As I went through the articles on Null, I compiled them in a VBScript. That covers the most obvious choices, but as the authors say, the attraction in creating new puzzles is in developing encryption methods that no one else has used before. That makes programming a solver an endless task. Everytime you think your solver is finally complete, someone finds another algorithm you’ve never seen before.

Really, I’m not good at mind benders. I want to see the answers, and then the next time I encounter something similar I’ll have enough experience to solve it then. But, no, usually I give them a pass if it takes more than a minute or two to solve. On the other hand, the Cm publishes the answers to the ciphers in the third issue after (so, the solutions to the Jan-Feb. issue appear in July-Aug.). The most recent archive PDF covers 2011-2015. While there’s nothing online after that, they do have PDFs for at least the 30 years before. That gives a massive amount of examples, plus solutions, to work with if I get stuck any time in the near future. And, as I say, when I find an encryption method I haven’t seen before, I’ll add it to the script. I’m just not in any rush to do all that homework right now.

So far, the Null patterns that I’ve collected from the 2001-2005 PDF archives include:

1, 2, 3, 4, 5 (one letter per word, repeat)
1, 2, 3 (one letter per word, repeat)
3, 4 (one letter per word, repeat)
1, 3, 2 (one letter per word, repeat)
1, 3, 5, 2, 4 (one letter per word, repeat)
Odd letter from groups of curved or straight letters (FNYL are straight, RUSO are curved)
3, 4, 5, 4 (one letter per word, repeat)
11235 Fibonacci (all words are 5 letters long, so take mod 5)
Letter before last E.
Second letter after second consonant
Unique letter from first or second half of alphabet
Third letters of each word.
3rd and 4th letters of each word.
Letter count: 1, 7, 7…
1st and 4th letter of words, read from back to front.

Despite my apparent waffling, I don’t actively dislike Null ciphers. I did solve the one in the Sept.-Oct. 2018 issue, so I am going to submit my answer for that for credit. As for next time? I’ll wait and see.

RIGID EAGER ALPHA LAUGH LOONY

Wiggles, part 23


Just a little ongoing story to give you something to play with until the next blog post.

WKYI MUJX KG YKFIYIJB HRPNZB YT RBBIJBUKJ KPB KG BZI HKVJIV KG YT AIGB ITI. UB DRW WYRAA RJX WUAFIVT. RB GUVWB, U BZKPNZB UB DRW R 500 TIJ HKUJ ($5), CPB U XUXJ’B ZIRV RJTBZUJN BZRB WKPJXIX AUMI R HKUJ GRAAUJN KV VKAAUJN RDRT. U NARJHIX UJ BZRB XUVIHBUKJ OPWB RW BZIVI DRW R “HAUHM.” BZRB WKPJXIX AUMI R XKKV HAKWUJN, CPB BZI KJI XKKV AIRXUJN KPBWUXI DRW AKHMIX RJX U DRW WBRJXUJN UJ BZI YUXXAI KG BZI KBZIV XKKVDRT. U AKKMIX CIZUJX YI, DZIVI BZI KDJIV RJX KBZIV WUJNIVW DIVI WBUAA WBRJXUJN KJ BZI WBRNI R GID TRVXW RDRT, BRAMUJN BK BZI RPXUIJHI RJX LKWUJN GKV YKVI LZKBKW. U AKKMIX CRHM RB BZRB HKVJIV, ZUXXIJ UJ BZI WZRXKDW CIZUJX WKYI CKSIW RJX KAX CVKKYW. BZRB GARWZ HKPAX ZRFI CIIJ R YKPWI, ISHILB U’X JIFIV WIIJ R YKPWI KPBWUXI KG BZI P.W. CRWI – ORLRJ UW HKYLAIBIAT KFIVVPJ CT GIVRA HRBW. UB DRW YKVI AUMIAT BK CI R HKHMVKRHZ, CPB BZI HKAKV DRW DVKJN. KV, YRTCI R DIUVX VIGAIHBUKJ KG BZI WBRNI AUNZBW KGG BZI XUWHK CRAA ZRJNUJN GVKY BZI HIUAUJN CIZUJX YI. CPB, BZIVI DRW BZRB HAUHM WKPJX…