“I really do want Kryptos to remain secret – the plain text, the final section of Kryptos, I would prefer for it to remain secret indefinitely. (…) I would think that every artist would aspire to making an artwork that is not transient. It’s a permanent visual, auditory, conceptual statement. And I did Kryptos with all those things in mind. And one – as an artist, one would prefer to have that piece continue giving rather than have it understood right off the bat and then more or less ignored. And so this has lived way beyond all of my expectations, you know, at 30 years in retaining a secret that it has, and that’s the magic.”

Jim Sanborn (January 30 2020)

 

November 5 2020 — The ciphertext on the left-hand side of the sculpture (as seen from the courtyard) of the main sculpture contains 869 characters in total (865 letters and 4 question marks). The right-hand side of the sculpture comprises a keyed Vigenère encryption tableau, consisting of 867 letters. In our last post about KRYPTOS, we learned how to break a Vigenère code. In this post, we finish the job regarding the entire section II. Follow us on Twitter: @INTEL_TODAY

RELATED POST: KRYPTOS 30-Year Anniversary — Introduction : Sculpture Dedication Ceremony at the CIA (November 3 1990)

RELATED POST: KRYPTOS 30 Years Anniversary — How to Break a Vigenère Code

–

–

Where do we start?

This post will discuss only some part — although a big one — of the message coded in the (LEFT) top panel. Many people have realized something ‘promising’ in the fourth line.

GGWHKK? DQM CPFQZ DQM MIAGPFXHQRLG

The sequence ‘DQM’ appears twice (separated by a length of eight characters). In English, a three-letter word is very likely to be ‘THE’. We are going to start our journey by assuming that the entire text from DQM to the end of the first panel has been coded by a unique method (Vigenère table) using the same key and passphrase. Perhaps, Sanborn even gave us the correct key — KRYPTOS — in the right panels? First, we need to learn a few concepts.

The Vigenère Cipher

A table of alphabets, termed a tabula recta, Vigenère square, or Vigenère table can be used to encrypt a message. It consists of the alphabet written out 26 times in different rows, each alphabet shifted cyclically to the left compared to the previous alphabet, corresponding to the 26 possible Caesar ciphers. At different points in the encryption process, the cipher uses a different alphabet from one of the rows. The alphabet used at each point depends on a repeating passphrase. [Wikipedia]

For example, suppose that the plaintext to be encrypted is:

ATTACKATDAWN

The person sending the message chooses a passphrase and repeats it until it matches the length of the plaintext, for example, the passphrase “LEMON”:

Plaintext         ATTACKATDAWN

Passphrase     LEMONLEMONLE

Ciphertext       LXFOPVEFRHNR

The ‘Keyed’ Vigenère Cipher

The ‘Keyed’ Vigenère Cipher uses an alternate tableau. The “Alphabet Key” helps decide the alphabet to use to encrypt and decrypt the message. Instead of just using the alphabet from A to Z in order, the alphabet key puts a series of letters first, making the cipher even tougher to break. The “passphrase” is the code word/sentence used to select columns in the tableau.

For instance, in the right panels of his sculpture, Sanborn used the key “KRYPTOS” before the normal sequence of the alphabet: KRYPTOSABCDE…

The Index of Coincidence

The Index of Coincidence [IC] measures the probability that any two randomly chosen source-language letters are the same. This probability — also known as the index — is about 0.067 for monocase English while the probability of a coincidence for a uniform random selection from the alphabet is 1/26 = 0.0385.

where c is the size of the alphabet (26 for English), N is the length of the text, and through are the observed ciphertext letter frequencies, as integers.

The IC for ‘Section II’ of KRYPTOS

Therefore, I have calculated the IC for each passphrase length from 1 to 16.

Here are my calculations for length going from 1 to 10. The last number is the average of each columns.

0.0452
0.0455 0.0507 0.0481
0.0434 0.0434 0.05 0.0456
0.0523 0.0646 0.0541 0.0529 0.0560
0.0439 0.0606 0.0485 0.0452 0.0462 0.04888
0.0461 0.0481 0.0512 0.0485 0.0451 0.0496 0.0481
0.039 0.0426 0.0363 0.0527 0.0352 0.0574 0.0379 0.0430
0.0755 0.079 0.0732 0.0674 0.0732 0.0488 0.089 0.0549 0.0701
0.039 0.0345 0.0495 0.0405 0.0375 0.048 0.0541 0.0435 0.0429 0.0432
0.0374 0.0702 0.0455 0.0549 0.0473 0.0511 0.0417 0.0568 0.036 0.0625 0.0503

Please, keep in mind that these numbers do NOT apply to the full section II. Nevertheless, it is absolutely clear that the length of the passphrase is 8.

The peaks above average at length 4, 12 and 16– respectively 0.0560, 0.0565 and  0.0663– are due to some mathematical consequences.

Let me explain this.  The text has been encrypted with a L = 8 long passphrase. Then, when we divide the text in four column, one every two letters has been substituted with the same alphabet.

1 2 3 4
5 6 7 8
1 2 3 4
5 6 7 8
1 2 3 4

So, the probability that two randomly selected letters are identical will depend on whether these letters are in an odd or even position. Therefore such a probability will be about (0.067+0.0385)/2 = 0.0528.

The same logic applies if you divide the text in twelve columns.

1 2 3 4 5 6 7 8 1 2 3 4
5 6 7 8 1 2 3 4 5 6 7 8
1 2 3 4 5 6 7 8 1 2 3 4
5 6 7 8 1 2 3 4 5 6 7 8

Finally, if you divide the text in a length twice longer than the passphrase, all letters are encoded with the same alphabet. Therefore, the IC should again be close to 0.067. At this point, you should have no doubt whatsoever on the fact that the passphrase is 8 letters long.

Comment — Unlike David Stein, my calculations show no roughness/anomaly at length 13. Perhaps, one (or both) of us made a mistake. We both worked out the whole thing by hand. It is of course FUN, but not best for exactitude and reliability…]  Or perhaps, the ‘signal’ detected by Stein is a statistical ‘fluke’ resulting from a short number of letters and the fact that Stein and myself worked on different parts of the real section II. This issue MUST be investigated a bit further. I will make my calculations available to the readers. Obviously, a computer code will decide quickly on this issue. — End of Comment

Anyway, the hard work has been done. The fun can begin.

The Cipher in 8 columns

So, I re-wrote the coded text in eight columns. I know that ALL letters in a given column have been encrypted with the same “Vigenère alphabet”.

Back to our early hunch…

At this point, a frequency analysis of the letters contained in each column will reveal which letters in the plaintext have been substituted in the coded text. But that is a bit mathematical and not nearly as much fun as following our early hunch!

I will now search for the ‘Vigenère alphabets’ [keyed with KRYPTOS] that transform ‘DQM’ into ‘THE’. Clearly, the passphrase characters for the first, second, and third column correspond to the letters: S, S and A.

K  R  Y  P  T  O  S  A B C D E F G H I J L M N Q U V W X Z

S  A B C D E F G H I J L M N Q U V W X Z K  R  Y  P  T  O

S  A B C D E F G H I J L M N Q U V W X Z K  R  Y  P  T  O

A B C D E F G H I J L M N Q U V W X Z K  R  Y  P  T  O  S

How does it look?

How to keep going?

At this point, it seems very likely that we are on the right path. Let us keep going. Anyone will go his own way. I simply noticed that the first three letters in row 41 are ‘WES’ which is likely to be followed by a ‘T’. This implies that the 4th letter in the passphrase is again a ‘A’.

Now, words begin to appear. For instance, GATH in row 7 is likely to be followed by a ‘E’. This implies that the 5th in the passphrase is a ‘B’.

We could go on…. But we can be smarter. We KNOW that the passphrase is eight characters long. And so far, we have identify SSAAB. Assuming that the passphrase is an english word — and this is why you should NEVER use english words in a passphrase — the word obviously must start with a ‘A’ as there are no English words with a double A. So we are looking for a word that looks like this: AB – – – SSA. You will find only one such word in English: ABSCISSA.

The TEXT at Last

And now?

Here is thus the plaintext message:

“They used the Earths magnetic field X The information was gathered and transmitted undergruund to an unknown location X Does Langley know about this? They should Its buried out there somewhere X Who knows the exact location? Only WW This was his last message X Thirty eight degrees fifty seven minutes six point five seconds north Seventy seven degrees eight minutes forty four seconds west ID by rows”

Sanborn acknowledges a mistake

However, we are not done for several reasons. First,  Jim Sanborn has acknowledged that he made an error in the sculpture by omitting an “X” used to separate sentences, for aesthetic reasons. Therefore, the deciphered text that ends “…FOUR SECONDS WEST ID BY ROWS” is NOT correct. Let us now fix that.

“FOUR SECONDS WEST ID BY ROWS” should actually be “FOUR SECONDS WEST X LAYER TWO”.

Question: What “letter” did Jim Sanborn forgot to put in the sculpture?

OK. I will tell you. The last line misses one ‘S”:

DQUMEBEDMHDAFMJGZNUPLGESWJLLAETG

Then, the text reads:

TESFORTYFOURSECONDSWESTXLAYERTWO

Where does Section II begin?

Since our passphrase starts in the middle of a word ‘SSA’ from ‘ABSCISSA’, we can safely conclude that the coded text starts earlier than I had assumed. Clearly, it starts 5 + (8*N) characters earlier!

And indeed, with a bit of additional work, you will come to the conclusion that the 37 characters [5 + (8*4)] before the question mark

VFPJUDEEHZWETZYVGWHKKQETGFQJNCEGGWHKK?

have been encoded with the same key and passphrase. We can now easily decode this too.

And the result is:

“It was totally invisible Hows that possible?”

KRYPTOS — SECTION II

“It was totally invisible Hows that possible? They used the Earths magnetic field X The information was gathered and transmitted undergruund to an unknown location X Does Langley know about this? They should Its buried out there somewhere X Who knows the exact location? Only WW This was his last message X Thirty eight degrees fifty seven minutes six point five seconds north Seventy seven degrees eight minutes forty four seconds west X Layer two”

Quo vadis?

Finally, the puzzle is also — and perhaps most importantly — about solving the underlying riddle. But, we are not ready for this yet. Tiny steps for tiny feet…

When it is done, we may understand so much better the failures of the US Intelligence Agencies since the fall of the Berlin wall. Here is a hint: Hubris.

Stay tuned!

Kryptos: The CIA’s Unsolved Secret Code

“Kryptos remains one of the most famous unsolved codes in the world today.

Since the encrypted sculpture was placed on display by American artist Jim Sanborn on the grounds of the Central Intelligence Agency (CIA) in Langley, Virginia, in 1989, there has been much speculation about the meaning of the encrypted messages it bears.

Of the four messages, three have been solved, with the fourth remaining a mystery. Over the years, hints and slight cracks have appeared in the armour of this puzzle, however its continuity of being one of the greatest enigmas of all time continues to provide a diversion for cryptanalysts, both amateur and professional, who are attempting to decrypt the final section.

Even after unsolving the final section, the final riddle of this enigma within an enigma must be worked out, which from the solutions so far seem to be connected with (1) Illusion in Darkness, (2) Using the Earth’s magnetic field being transmitted to something buried underground and (3) Ancient Egyptian tombs, with the clue (4) still waiting to be solved after more than 2 decades.”

REFERENCES

Kryptos — Wikipedia

Stein, David D. (1999). “The Puzzle at CIA Headquarters: Cracking the Courtyard Crypto” (pdf). Studies in Intelligence. 43 (1).

=

The KRYPTOS Code — The Solution of Section II

KRYPTOS Week 2019 — The Solution of Section II

KRYPTOS 30 Years Anniversary — The Solution of Section II