I received the book in mid December 2013 as a early Christmas present and completed reading it on December 24th 2013 and then began working on the ciphers.
I was first trying to copy all of the ciphers by hand to a notepad document and it was taking a long time and discovered I had several mistakes as I would go back thru and double check.
Next I got the bright idea of trying to scan the pages into a text document. That did not work very well either, the scanner program used did not recognize all of the characters in the font used in the book and was more of a problem to fix them than to try and copy by hand, so that was what I did, copied every 1 and 0 and everything else by hand to a text document. Needless to say it took a while to get it done and I still found mistakes as I was going thru the ciphers to solve them.
It has been some time since I have worked with any ciphers so I needed to go back and look up how to work with them. I spent the first bit of time trying to see just what type of ciphers are out there and how to work with them. There are allot of pages on the internet to help.
Next I looked up to see if anyone had already posted all of the answers.
I first ran across this page about the Hard Cover version of the ciphers.
That gave me an idea on how to start and what kind of ciphers were used in the hard cover version. They are different in the soft cover version.
Once I was about a quarter the way thru I ran across this page for the soft cover version.
This site had the answer to one of the ciphers I was working on and my tool that I created did not agree with the answer they had, so I emailed Fabien Sanglard to ask about it, but before he had a chance to answer I found the mistake in my program and I was able to verify the results posted on the site.
It was his suggestion that I write up my answers and post them for others to view.
I already had several of my own tools for other things and created more as needed and then converted some of the C++ versions from the hard cover version to VB.Net to help me. Next there are also allot of tools online to help with different ciphers but they do not all work the same or give the same results for the same Cipher.
When I was over half way thru I ran across this page by the co creator of the ciphers
Disa Johnson that was written April 29 2013 they explain about the way the ciphers were written and at that point only 1 person had submitted the correct answers.
That post got me looking closer at the patterns of the ones I have already solved and I was able to apply that to more and solve others. (Mainly the rail fence and Play Fair ciphers)
Most of the ciphers have at least two levels to decipher them. Some were just reverse the string then split them into the proper words after the first level was done.
Not all of the ciphers require you to have the answer to the one before to solve them so I was able to skip around a little as I got stuck on some.
Once you get the cipher deciphered to get the question, you still need to go to the book for that chapter and find the answer to the question. Then you are done with that chapter.
Next I will go thru and tell what they were. Some were just a matter of running them thru every tool I could find till I got the plain text, I was able to solve some of the column ciphers with pencil and paper. As you go thru them you do start to notice certain patters and are able to eliminate certain ciphers that would not have been used.
I will not post the answers to the questions that were revealed in the ciphers here, you will have to read the book and find them on your own. This post is just for the ciphers and the questions they revealed.
I mainly just copied from my notepad notes what my output was.
Chapter 1: Rough Start
Max vhlm hy max unl wkboxk ingva B nlxw mh ingva fr hpg mktglyxkl
The cost of the bus driver punch I used to punch my own transfers
This cipher is a standard rotation cipher they left all of the spacing and just rotated the alphabet. It is encoded with “Rot 19” and decodes with “Rot 7”. There are 26 letters in the alphabet so to figure this out we subtract 7 from 26 to get 19 that tells us what it was encoded with.
I started with a tool that I made that would rotate what ever number you wanted from 1 to 26. If you rotate 26 you get back to the same text you started with.
Chapter 2: Just Visiting
Estd mzzv esle elfrse xp szh ez ncplep yph topyetetpd hspy T hld l acp-eppy
This book that taught me how to create new identities when I was a pre-teen
This is another rotation cipher. Encode with Rot 11 decode with Rot 15.
Chapter 3: Original Sin
pbzfsobp dkfobtpkx lq pbkfi ppbkfpry aoxtolc iixz lq abpr bobt pbzfsba cl bmvq obail bpbeQ
secivres gnirewsna ot senil ssenisub drawrof llac ot desu erew secived fo epyt redlo esehT
These older type of devices were used to call forward business lines to answering services
This is another rotation cipher but this time they added a twist they reversed the string.
At this point is was getting time consuming to click the button for each number so I created a new tool that would do all of them at once.
In order to see if one of these are correct we need to read from both sides and see if it reveals the plain text. I have another tool that will reverse a text string but that was a pain to copy paste all of the time so I added that ability to the program. if you look close at the screenshot above you can see the reverse plain text as Rot 3 so lets reverse it with this tool and see what we get.
Now that is easier to read and quicker to see if it is a “Rot” cipher or not.
Chapter 4: Escape Artist
the name of the mainframes I hacked at usc in the arpanet days
This cipher is a Atbash cipher where the alphabet is just reversed a=z b=y and so on.
I created a tool for this one too.
Chapter5 : All Your Phone Lines Belong to Me
jbi ujt veo eco ntk iwa lhc eeo anu uir trs hae oni rfn irt toh imi ets shs leu
I took a course in this subject when i ran from the juvenile authorties l (extra letter on the end for fill)
This is a column cipher. They are split into three letters, if you stack them from left to right top to bottom then read down the right column you can see what the plain text is.
The tip by looking at it is that they are split into groups of 3.
Chapter 6: Will Hack For Love
name the company where bonnie was employed when we started dating
The two equal signs on the end is a dead giveaway that this is Base 64 encoded.
There are several tools on line to decode this but I already had a tool from other projects that made this easy.
Chapter 7:Hitched In Haste
number of door codes i had for pacific bell central offices.
This is a Keyed substitution cipher. It uses the key of gte.
Several tools are available online to encode decode this one.
Chapter 8: Lex Luthor
‘siass nuhmil sowsra amnapi waagoc ifinti dscisf iiiesf ahgbao staetn itmlro
I said I wasn’ This famous magician While being a smart ass to prision officials
This cipher is a column cipher if we start stacking the groups of letters starting from the right and read down on the left side then the plain text is clear.
A clue on this one was that they were split into equal parts again.
Chapter 9: The The Kevin Mitnick Discount Plan
tvifafwawehes hsesoonvtlimaeloemtcagmen irnoerrldony
this version of novatel firmware allowed me to change my esn
This is a rail fence cipher the clue given for the number of rails is the amount of groups the text is split into. In this case it is 3.
Chapter 10: Mystery Hacker
gnkusr ooursnsisti ttnotoihiec rolwaintmlk ovtgp
got root on unlv work station using this simple trick
This is a rail fence cipher also. It uses 5 rails and the cypher text is split into 5 parts.
Chapter11: Foul Play
ow gw ty kc qb eb nm ht ud pc iy ty ik tu zo dp gl qt hd
MY BROTHER ADAM LISTENED TO THIS TYPE OF MUSIC
This is a playfair cipher it uses a standard alphabet minus the letter j and no keyword.
When I read the title it made me think of playfair, but none of the titles really seemed to have anything to do with the cipher chosen.
Chapter 12: You Can Never Hide
i identified this number as belonging to eric using unauthorized caller id
This is another railfence cipher uses 2 rails.
Clue was text is split into 2 parts.
Chapter 13: The Wire Tapper
manager who i tipped off about wiretaps on teltec’s lines
This is another “Rot” with a reversed string. encode Rot 24, decode rot 2, reverse the string.
Chapter 14: You Tap Me, I Tap You
c2VuaWxzJ2RhZHltbm9zcGF0ZXJpd2VodHRjZW5ub2NLcm RuYXNlbGVnbmFzb2xvdHlsZm90ZGFob2h3dG5lZ2F5d GlydWNlc2xsZWJjYXBlaHQ=
the pac bell security agent who had to fly to los angeles and rK connect the wiretaps on my dad’s lines
This one was given away by the equals sign on the end as base 64 again. Decode and then reverse the output to get the plain text.
Chapter 15: How the “F” did you get that?
ud mn cf ub mw re lb is ba of gx ty qc qh il ea ym nx bz ub he cf th is
THIS HACKER WE SHOWED OFF SAS TO WHILE AT HAMBURGER HAMLET
This is a playfair cipher using a normal a-z alphabet minus J and no keyword then reverse the result string.
Chapter 16: Crashing Eric’s private party.
i asked eric for the key to this phone company facility
This one I had some trouble with at first until I used the correct key.
This starts with a phone dial cipher to convert the numbers to letters.
once you get the letters then it deciphers with the Vigenere cipher using the keyword heinz.
The problem with this one was, the keyword was not in the section of text that the answer to the previous question came from like the previous ciphers. They only listed the persons first name and not the last. You had to get that from another location in the book. And thus the keyword was the persons last name.
Chapter 17: Pulling back the curtain
100 0000 10 1 01 001 00 1000 1 010 11 000 0 0000 11 000 000111 00011 10000 11111 11110 11000 00111 10000 11111 10000 11111
What number is this 310-477-6565
This is Morse code as 1’s and 0’s instead of dots and dashes. First you get the letters and numbers as a dot would be 0 and a dash would be 1, then you reverse it the dot would be 1 and the dash would be zero. Read up and down to get the plain text
I made a tool to help with this too.
Chapter 18: Traffic analysis
i identified the fbi cell phones that where calling eric by hacking into this ceppwxktmzsbhzc
This one is hex to start with and then we convert to ASCII. Next we run it thru a Vigenere decoder with the key IBFAL (the shortened and reverse of the previous answer).
Chapter 19: Revelations
te el ae fn ba et hs cv rd ni ya js pw rl
hr an mo af ig nw oe oe ie tt ws oe he ne
the real name of an fbi agent whose cover identity was joseph wernle
This one is a column cipher also. I discovered this one by accident using another tool I built that will split a string into how ever many characters you want up to the length of the input. When I split them in two and copied them to a notepad it just happened to only be wide enough for half of them to fit wrapping the remaining half to the next line.
Read up and down to see the plain text.
Chapter 20: Reverse String
yo kb pn oc ox rh oq kb oh kp ge gs yt yt hg sa li mt ob sa po po mk pl md
THE COMPANY TELTEC HACKED INTO TO GET INFORMATION ON PEOPLE
This is a playfair cipher using the key of fbi .
just a note some of the play fair ciphers were split into 2 chars.
Chapter 21: Cat and Mouse
darrell santo’s voice mail password was this
This is hex that converts to ASCII then run thru a Vigenere decoder with the key TRW.
Chapter 22: Detective Work
THIS DEVICE I CONNECTED WITH MY SCANNER TO ALERT ME WHEN FBI WAS NEAR MY LOCATION
This is a playfair cipher using a normal a-z alphabet minus the letter J and no keyword.
Chapter 23: Raided
1001 0111 01 00 0 0 101 011 1111 1110 1011 1111 101 0110 1111 1101 110 010 100 0 0100 11 1011 1011 000 10 101 01
MY FAVORITE DONUTS ARE THESE KIND
This one starts out as Morse code with the 1’s and 0’s reversed (in my tool). Next it is run thru a Vigenére Autokey tool with a key of DDI.
Chapter 24: Vanishing Act
code for a wanted person in las vegas
This one is a playfair cipher with the Key fibdonuts then reverse the output to get the clear text.
The trick here was the spelling of the key. “Donuts” not “Doughnuts”
Chapter 25:Harry Houdini
nhy ite kmn ryo ogm wef eho ctt ntn oau tto sum ooa lge i
i lost once working out at the gym the amount of money
This one was split into 3 chars and then stacked starting from left to right top to bottom
then read from bottom left up.
Chapter 26: Private Investigator
11 0100 000 111 010 0 011 0010 000 010 11 10 1101 01 01 1 000 1 1111 01 0 011 1 010 1 1000 000 010 01 00 01 01 011 00 1101 0010 1 010 1 10 0
001101 110010 001101 110010 001101 100 0000 1 10 101 0 111 0 10 010 0101 0000 11 10 001 10 1 011 00 100 1 10 0 00 0 00 1 000
i looked for infants that were born in a different _______ When researching new idendenties
This one starts out with the Morse code. We need the forward and reverse then stack them.
Read up and down zig zag to get the plain text.
I used the Blank space here to help me focus on the answer to the question revealed in this chapter.
Chapter 27: Here comes the sun
the host name which was used for the security bug database at sun microsystems
This is an autokey cipher using the the key of state.
Chapter 28: Trophy hunter
a security flaw in this program allowed me to break into novell’s firewall
This one starts with Hex encoding, we convert to ASCII. Next we use Vigenre Autokey with the key of elmer , next we reverse the output to get the clear text.
Chapter 29: Departure
the name of the employee that set me up an account on novell’s 3com dial up terminal server
This one is a playfair cipher using the key of sendmail. I used the decoder on this site
http://rumkin.com/tools/cipher/playfair.php instead of this one http://practicalcryptography.com/ciphers/playfair-cipher/ because to properly decode the cipher you had to uncheck the box dealing with double letters.
next reverse the output of that to get the plain text.
Chapter 30: Blindsided
the reason i was fired from the law firm in denver
This one uses the autokey cipher with the key Nunley . Next reverse the output to get the plain text.
Chapter 31: Eyes in the sky
this person was tricked into sending me numerous vms security holes
This one uses the Autotkey cipher with the key of consulting. Next reverse the output to get the plain text.
Chapter 32: Sleepless in Seattle
i compromised this user’s password through network monitoring to hack into shimomura’s server
This one is an Autokey cipher also with the key of Clift. Next reverse the output and to get the plain text.
Chapter 33: Hacking the Samurai
010 1 0001 101 0 111 000 100001 01 101 001 00 111 00 00 1111 000 01 111 1 10 000 0000 1001 000 11 0000 0 111 0 0 0101 010 110 111 111 0 1111 1
101 111 1101 110 01 00 010 111 000 0100 111 01 100 00
I was looking fo* * (the) source to this phone on shimomuras server
This one starts out as Morse code as 1’s and 0’s again. You have to get the forward and reverse of the output stack them and then read zig zag from upper left.
Chapter 34: Hiding in the bible belt
this employee at intermetrics uploaded the motorola compiler for me
This one uses the Bifid Cipher and the keyword of oki. Next you reverse the output to get the plain text.
The interesting thing about this one is I used the tool located here to decipher it with.
http://rumkin.com/tools/cipher/bifid.php with more research on this cipher I discover that it also uses a “period” or length of text to work with. I then looked at these two online tools
http://home.earthlink.net/~fpcorr/Bifid/BifidDecoder.html and http://practicalcryptography.com/ciphers/classical-era/bifid/
This is where I discovered about the period. So after some more investigation I discovered that this cipher was deciphered with a period equal to the length of the cipher text.
Chapter 35: Game Over
someone logged into my “marty” account on this system from the well
This Cipher is also a Bifid cipher, decipherd using the same tool as above.
Key = Marty and the “period” = Cipher text length.
Chapter 36: An FBI Valentine
Chapter 37: Winning the scapegoat sweepstakes
Chapter 38: Aftermath: A Reversal Of Fortune
001101 110010 001101 110010 001101 110010 001101 110010 11 00 011 00 10 110 0000 11 00 1001 110
0100 111 10 11 00 1101 1001 0100
10 100 11 01 101 0010 11 101 011 111 00 100 010 1001 001 1 101 01 010 1010 01 0 1110 10 0111 010 010
The use of statistics what not of much use in the solving of these ciphers in regards of Identification of them with the exception of the obvious things such as Hex,base 64 encoding Etcetera.
I found 3 online cipher ID programs and none came close to the ones I tried to run thru them.
One was from a program that is called Crypto Crack than can be found here:
https://sites.google.com/site/cryptocrackprogram/ . It still has some bugs in it and I was able to crash it using several of the cipher crackers although the ID part did run without problems.
Next was from a online site here.
http://home.comcast.net/~acabion/refscore.html . This runs the statistics on the input unknown cipher.
Last one is this one and it looks like it has been updated since the last time I tried it.
This one gives extended information about the cipher.
The best use of statistics was the use of “N-Gram” files for scoring potential plain text.
On this page for the Bifid Cipher I found information and a “C” version of a cracker program. http://practicalcryptography.com/cryptanalysis/stochastic-searching/cryptanalysis-bifid-cipher/
After converting the “C” to VB.Net I was able to then use the scoring system in several other programs.
See Bifid Cipher Under tools.
Using the tools to try and find what cipher I was dealing with the top result was always for the “Running Key Cipher” so being stuck on chapter 36 I made a tool for that.
See Running Key Cipher
The Index of Coincidence (I.C) I one method for testing what type of cipher it may be.
Looking at the results of 5 Playfair ciphers used in this group of ciphers we see that the I.C. score is varied.
11: playfair cipher no keyword, just normal a-z alphabet -J I.C. = 0.0384 (38 chars)
15: playfair cipher no keyword, just normal a-z alphabet -J ,reverse string I.C. = 0.0346 (48 chars)
22: playfair cipher no keyword, just normal a-z alphabet -J I.C. = 0.0541 (30 Chars)
24: playfair key= fbidonuts,normal a-z alphabet -J, reverse string I.C. = 0.0506 (30 Chars)
29: playfair key of sendmail, do not Encode double letters (down and right one spot), reverse string output. I.C. = 0.0411 (72 Chars After Clean extra)
As we can see by these results the ones without a key had low scores along the lines of a Vigenère cipher with the exception of the one that was only 30 Characters long.
The last one had a lower score than the two biggest I.C scores.
So and I.C. score does not always prove what kind of cipher it may be.
I have shown a few tools above but will show a few more below but will not go into great detail on how they work because of the complexity of them would require an article about them on their own.
When I find time I will do one on the Hill 2 Cipher and the plain text cracker I made.
This was the first tool I made with the scoring system so the source code is kind of ugly but works.
Here we see the unsorted result of running the keyword list thru the program. The keyword list is the list of words from the previous result in this case this is Chapter 35 cipher with the keywords from the result of Chapter 34. From that list the program will create a new list of keywords using the original keyword forwards, backwards and spiral which is why there are so many close together.
Here is a sorted list, since these are negative numbers the lower the number the closer to Zero it is the better the score. Some online tools would change the keywords into several different directions on how they laid out in a alphabet. As you see in this example the keyword was prepended to the alphabet and those letters were removed from the remainder of the alphabet.
The interesting thing here is whether the alphabet was used forwards or backwards it still decrypted the text the same.
I have updated this with the new Quicker Score output to speed this up.
Running Key Cipher:
The running key cipher uses a section of text, perhaps from a book or a newspaper, etc. to encrypt the Phrase that you want to hide.
Here we will use text from chapter 35 that I was able to locate online.
Here is the Phrase we will encrypt pulled at random from the chapter 35 text.
Plain: Several weeks earlier JSZ had set up an account for me on escape com
Here is the text we will use to encrypt it by, again chosen by random.
ET: Shimmy was winging his way to Raleigh JSZ sent me a message that left me up in the air Hi This AM my dad had
Although this text is longer than the Phrase to encrypt the tool will only use what it needs.
So our encrypted text is “KLDQDYHWWASFKIERPMJFSXAOUSPXCVHWSBUSHGFJODQWGNKWVHPXNSR”
When I first built this tool there was no automation so I would pick a section of text and step thru it 1 letter at a time but after working out the scoring system I added the automation.
This program will clean all formatting including punctuation, Spaces,number etc. .
Here we assume that the key text is somewhere in in the chapter 35 text so we will load the N-Gram file in this case Bigrams(2 Characters) and the entire text from chapter 35 that I have a previously cleaned version to speed things up a bit.
A newer version of this program and others I added an extra part of the scoring system to only output the top scores that greatly improved the performance of the programs that used this system.
So far the Bi-gram file was good enough to discover the correct output in every cipher tool I have built so far as long as I had the correct input for the cipher type, as in the wrong input key list will not return decrypted text properly.
In conclusion I would like to thank everyone that posted papers or created web pages on the many ciphers that are out there.
Next I may try and tackle the Kryptos K4 cipher I have a few Ideas that I would like to try.
(None of those worked out but this came close https://pcsxcetrasupport3.wordpress.com/2016/08/04/my-first-deep-look-at-kryptos-k4/ )
Here it is now in November 2016 and I have not had the time to find the solution to the last 3 ciphers but will post this anyway since I could not find any others with this many online.
I will update this if and when I get the answers to the last 3.
If you made it this far, Thank You for reading this rather long blog article and I hope you learned something from it as well I as I did writing the programs and discovering the inner working of so many ciphers.