Follow Slashdot stories on Twitter


Forgot your password?
Encryption Security

CIA Sculpture Code Partially Cracked 88

A reader wrote in with tidbit about the encrypted sculpture at the CIA's headquarters. One of their analysts, on his own time, after nine years has partially cracked it. I like cool art.
This discussion has been archived. No new comments can be posted.

CIA Sculpture Code Partially Cracked

Comments Filter:
  • h ttp:// [] has information on the Kryptos sculpture, which apparently the CIA will send to anybody who's interested. It includes the complete text of the right and left sides, as well as some hints for encryption. The sculpture also has some morse code signals engraved on it, and these are discussed in the document.

    The information says,

    Though few persons other than the author know the answer for certain, many have contemplated the question. We would like to pass on what knowledge we have gained from our cryptanalysis regarding the message. It is probable, from analysis of the letter distribu- tion, that at least four separate systems of encryption have been employed: Digraphic, Poly-alphabetic, Transposition, and One-Time-Pad.

    Good luck to any Slashdotters who try.

  • It's "kryptos," and the alphabet with those letters moved to then end.
  • >...could unlock the message in a matter of hours or days.

    heh. I'm guessing that, if they really wanted to crack it with their own hardware, they could do it within a matter of minutes, if not seconds...

    Alex Bischoff

  • I wonder how many people, "on their own time", have used the CIA's massive computing resources to crack the code, and then having read the decoded text, have decided not to reveal what it says?

    I mean -- with those kinds of resources, would you really be able to resist finding out what it says?

    Perhaps the undecoded part says "Congratulations, now don't tell. :) "

  • Posted by Windigo The Feral (NYAR!):

    Scryer said:

    Somebody running MapBlast told me the location is in Glen Echo, MD in a CIA parking lot. I wonder whether it was a parking lot in 1980. Think "ID BY ROWS" could relate to parking lot rows?

    Well, from what I've been able to find out, yes, it may be in a CIA parking lot. However, it is in Virginia rather than in Maryland. ;)

    For those who are interested in seeing for yourself where it is, I've got maps from various online map services and posted the lot of them here []. Have fun ;)

  • by gavinhall ( 33 ) on Wednesday June 16, 1999 @11:23AM (#1848103)
    Posted by Windigo The Feral (NYAR!):

    A quickie check of the USGS's mapping sites [] reveals that the magic spot isn't quite in Langley, and doesn't even seem to be near any roads. I've got GIFs saved of the finest grain info I could get without paying cash to the USGS; I'll prolly forward them either to the folks doing the crypto breaking or put them on a website somewhere.

    Also, yes, they probably DID use the magnetic field to hide it. Specifically, a compass. :) The only USGS maps available of that fine grain are typically topographic maps used by hikers and engineers, or county maps. Most of the topo maps also have magnetic declination marked (how far off magnetic north is from real north) because they're meant for use with a compass and landmarks.

    Of interest to those searching--the magic spot seems to be located in Virginia, just outside of Washington, DC along the Virginia/Maryland border. For those ordering maps, the Washington West or Falls Church maps seem to be best bets for finding general area.

    I'll also see what other stuff I can dig up with various mapping sites on the net, too (to get road names and whatnot).

    As for the bits on getting rid of debris and hiding it underground...that sounds suspiciously to me like it could have been hidden in a cave or possibly an abandoned mine (yes, abandoned mines are fairly common in this part of the country). I wouldn't be at all shocked to see that the key was hidden in a mineshaft...

    Good luck!

  • June 16, 1999

    The Kryptos Code Unmasked

    Here are the first three passages of the code on the Kryptos statue as
    deciphered by Jim Gillogly, including misspellings (of "illusion," "underground"
    and "desperately"). The second passage identifies a location near the C.I.A.
    headquarters; the third is taken from Howard Carter's account of the opening of
    King Tut's tomb in 1922.

    ------------------------------------------------ ---
    Related Article
    C.I.A.'s Artistic Enigma Yields All but Final Clue
    (June 16, 1999)
    ------------------------------------------------ ---

    1. Between subtle shading and the absence of light lies the nuance of iqlusion.

    2. It was totally invisible.

    How's that possible? They used the earth's magnetic field. x The information was
    gathered and transmitted undergruund to an unknown location. x Does Langley know
    about this? They should: it's buried out there somewhere. x Who knows the exact
    location? Only WW. This was his last message. x Thirty-eight degrees fifty-seven
    minutes six point five seconds north, seventy-seven degrees eight minutes
    forty-four seconds west. ID by rows.

    3. Slowly, desparatly slowly, the remains of passage debris that encumbered the
    lower part of the doorway was removed.

    With trembling hands I made a tiny breach in the upper left-hand corner. And
    then, widening the hole a little, I inserted the candle and peered in. The hot
    air escaping from the chamber caused the flame to flicker, but presently details
    of the room within emerged from the mist. x Can you see anything?

  • The NSA probably solved this one back in the 60's, and are laughing their asses off now.

    "The number of suckers born each minute doubles every 18 months."
    -jafac's law
  • At first, I could not tell if someone took a sledge hammer to the sculpture.
  • As far as I understand the text decrypted so far, it encourages the decryptor of parts 1-3 to go to the specified location and dig there. The reference to the opening of the grave in Egypt is a dead giveaway. I suspect there will be some part of the code necessary for part 4 buried there.
  • did anyone else see the word "krypto" on the right side???
  • Jim has cracked it to the same extent as Stein; we've been discussing it on the Voynich manuscript mailing list (now there's a cipher worthy of attention). Apparently, the first two sections are like a simple Quagmire III cipher (i.e. a Vigenere cipher with keyed alphabets). It's more difficult that normal because the two sections have different periods, and are run together with no seperator.
  • At least Jim Gillogly claims to have cracked it. See the "KRYPTOS" thread in news:sci.crypt. This article [] announces the break. This one [] mentions an NY Times article (no URL). He says he plans to publish the solution in The Cryptogram, the journal of The American Cryptogram Association []
  • This [] is an interesting link. It may provide some insight into the solution? .
  • This was recently added to the ABC News Website at the bottom..

    Hint of the day:
    "Kryptos" Completed Plaintext. Top Half.

    Between subtle shading and the absence of light lies the nuance of illusion. They used the earth's
    magnetic field. The information was gathered and
    transmitted underground to an unknown location.

    The Last 97 Chars:


  • by GeorgeH ( 5469 ) on Wednesday June 16, 1999 @05:21AM (#1848114) Homepage Journal
    I hope no one tries to export this. Terrorists and child pornographers may use this piece of art to kill us all.
  • Maybe it was developed by Krusty's Krypto Kompany or something.
  • It makes some sense that the last part might be a one time pad, considering the pattern of letters and the embedded "kryptos" that repeats. All you'd have to do is choose the key specifically to produce that pattern when combined with the plaintext.

    The real problem here, of course, is that if that's what they did, the message is unbreakable. Any plaintext message is as likely as any other message. Given any plaintext, and the "abcd...kryptos...etc" pattern that I want it to end up as, all I need to do is subtract the plaintext from the final pattern, and I have my one-time pad key.

    Now that seems kind of unfair, if it was intended to be a puzzle to solve, so perhaps there's a clue embedded in the plaintext of the first section. Or maybe it's just designed to LOOK like that's the way they did it. :-)

  • Well, the original thing would certainly be heavy enough to do that. :)

    That again makes me think whether perhaps all heavy objects should fall under export control, as they can be used as weapons.

    *runs out of the door demanding SAME RIGHTS FOR ALL WEAPONS just to be hit by a piece of frozen shit being dumped from a plane*
  • Why not go straight for the safe to find the message? Isn't this how many codes are cracked?
    Then we can use the computations cycles for other things....

    "Man könnte froh sein, wenn die Luft so rein wäre wie das Bier"
  • Yeah, they could crack it real quick. They could open up the safe that has the message written on it and read it, but that wouldn't be much fun, kind of like using their dedicated hardware wouldn't be much fun.

  • by Athos ( 11806 ) on Wednesday June 16, 1999 @05:12AM (#1848120)

    It's a cookbook!

    A cookbook!


  • I was told once long ago not to carry sharp objects to school. Then they yelled at me when I left my pencil at home.
  • Here's the info for those interested:
    It is an arrangement of the alphabet, known as a Vigenere Square, in which each successive row is shifted one place to the left (In this case, some of the letters are shifted in position to spell the word KRYPTOS), with reference alphabets along the top, bottom, and side. Though used in many ways, this table is very often used for one-time-pad encryption. For example, if someone wanted to encrypt the letter "G", and the key they were using was the letter "F", he would just look down column "G" to row "F" and would see that "G" becomes an,'E'. Since there are 26 rows and column on the Vigenere square, any letter can be encrypted as any other letter depending on the key used.
    This came from the info d ocument [] other posters have mentioned.
  • The CIA and it's predecessor organization (the name of which I forget) do most of the wartime decryption, as well as decrypting any encrypted messages their field agents snare, so it's perfectly appropriate where it is.

    Now, whether or not the NSA should have its own statue, is another question. Actually, sources inform me that they d- {{{p{p{prSAOD"

  • Whatever the cypher is it can't be to simple of someone would have broken it by now, that almost certainly rules out any cyphers with operating on individual characters.

    The lines themselves are not all the same length (which I would expect means that the block length

    the lines are not all of equal length and given the size of the variance it looks like there isn't going to be a common factor of the line lengths apart from one which I imagine means that each line is not a block to itself (see above)

    I'd also be suprised if part of one of the blocks was a key if only part of the message had been cracked. If the key was available then all that would be needed is to find the right cypher.

    So what does this leave? well I don't know, I enjoy tinkering with crypto but I'm no expert - I'd guess that there must be some form of stream element to whatevers been used.

    I think if I speculate any more I'll just make a fool of myself infront of others who do this sort of thing more seriously.

  • http://www.n ode.html []

    (free reg. required, of course)

    Also has a link to the full text so far. Pretty interesting....
    Ce qui est n'est pas clos, du point de vue le plus essentiel.

  • Q: Has anyone used the coordinates as the one-time-pad?

    Just a thought

  • by Zoinks ( 20480 ) on Wednesday June 16, 1999 @05:14AM (#1848130)
    Uh, stupid question, but wouldn't this sort of sculpture be more appropriately placed at the entrance of the NSA?
  • Alright Slashheads, let's show the CIA what we can do. I'm guessing the left side is the message, and the right side is a key of some sort. Anyone want to guess what the encryption method is? I want to see slashdot break the code! (no computer intervention, please)
  • I'm surprised no-one's picked up on it, but I really wonder if those mis-spellings *are* mis-spellings or merely a clue to be used in the final paragraph...

    It looks like a lot of effort has gone into this - I'm not sure the creator would make mistakes like that without a reason...
  • Also, if you start reading letters across from left to right, you can read down at any point and still continue with the same pattern... Thought that was kinda neat...
  • I'm guessing those are enigma wheels.
  • Not if the key is shorter than the plaintext, and therefore had to be used more than once. If the key is shorter than the text, the cyphertext becomes possible to break. (Not that I know how.)
  • Of course! The mystery 97 letters are just an anagram for:

    Grrr! vow blob knob box GHQ puffs quill.

    Where do we send this? Do I win money?
  • Or at least in part -- looks like the anagram generator just grokked the


    part. STILL, we are provided now with vital clues. Someone growling, and the vows of a mysterious quill-smoking blob.
  • The OSS. Office of...Secure Service? I don't remmeber what the acronym stands for. They operated closely during World War II to capture the German Enigma machine, which makes a prominent appearance in Neal Stephenson's Cryptonomicon.
  • Acknowledging your correction, and completing my sentence. Darn no-preview-usin' people like me...

    OSS operated closely with British Intelligence to obtain and crack Enigma, along with many other Axis cryptosystems.
  • I would love to be able to put my CPU idle time to working on this one.
  • by RebornData ( 25811 ) on Wednesday June 16, 1999 @05:25AM (#1848141)
    This Website [] has a bunch of information on the code, including a picture and a detailed description of it from the CIA.
  • if it is encoded with a one time pad, it'd probably be easier to break into the safe in CIA headquarters that contains the results than to crack the crypto.
  • I'm guessing its the coca cola secret recipe....
  • all but the last 97 letters.

    we know.
  • I think breaking into a safe in CIA headquarters would be a pretty exciting journey.....

    Especially if you got out without anyone knowing you were there.....
  • Asking for no computer intervention is missing the point -- unless you know and understand the encryption algorithm you can't brute force attack it.

    If any slashdotters are attempting this, they'd better look at the text file here [] which shows how far people have got already.

    They suspect the message is broken into a number of chunks, which appear to have been encrypted several different ways. They think that the last chunk of the message is encrypted with some kind of one time pad system, meaning the key is the same length as that section of text.

    If you want to guess the key then be my guest, but it really would be smarter to try an intelligent attack involving all tools available to you -- computers and wits included.
  • It's a cookbook!
    Hahahaha. Nice allusion. :)
  • This looks like a Vigenere Cipher...

    I know they are very weak ciphers but it still looks familiar...

    Here... link away pg/cryptology/vig.html [] ttp/html/people/muth/Cipher/ [] ere_doc.html []

    http://sh yptogram8.html []

    Bun-Bun Rules! []
    90% of day read /.
  • probably after the aldridge ames mess - I bet that they could tell you all you want to know about what's inside that safe........
  • said the former CIA director (according to the NY Times article). Also, he said he had "zero memory of it" So the discovery of what the last 97 letters should not be _that_ interesting to obsess about. So the allusion is to a riddle.
  • Niether the NY times nor the abc news site mention the morse code characters on the concrete (or is it granite?) blocks next to (near?? I guess)to the sculpture. The question is - what is their position and possible relevance to the sculpture?
  • Man, I'd give you a +5 for that one. For those who don't know, you should see the movie 'A Christmas Story'
  • You guys are on par with Pat Robertson and his wile-eyed millenium, do I sense a huge amount of sarcasm or delusional ramblings??
  • The news article says only 97 characters remain uncracked, and the info on that website says the last 97 characters are encoded in what is suspected to be a one time pad (seems to me that that's just a way of saying "we can't figure out the algorithm here using just a frequency analysis so we'll call it random.") It looks as though one should concentrate on that part.
  • Doesn't this sound a little like the film "Mercury Rising", where a supersafe algorith is released as a simple puzzle, and a yough kid actually cracks it?
  • The near decryption of this message comes as no surprise to me and many others, given the timing. The message encyrpted within the sculpture will be in itself a mystery. It won't make sense and will sound more like a bunch of artistic, mystical jargon with no purpose other than entertainment.

    The truth about this sculpture, however, goes deeper than a simple puzzle. This sculpture is the creation of a secret underground organization, spanning multiple governments and religeous institutions. The future has become quite clear to them. World War III is imminent. The antichrist has been located in Egypt. It shall be noted that Nostradamous predicted in the 16th century that the Antichrist would be a man presently living in the Middle East, and educated in Egypt. The opening sentence of the message in the sculpture describes the opening of an ancient egyptian grave. This organization has been secretly planning their part in World War III over the past 10 years. It is unknown to me what their motives are.

    Nostradamous predidcted World War III would probably start in July 1999. The people who are decrypted the sculpture do not know about any of this. Are being used as tools. Once the message has been completly decrypted, it will signify the begining of the third and last World-Wide War.
  • It seems odd that there has been no speculation here or on the ABCNews forum of the importance of the last 4 columns of the right side... It may make sense that the first 27 columns form a Vigniere grid 26*26 square, plus top header, side header (as indicated by a number of people). But what about the other 4...

    What have we got in these 4 columns... Excluding the header (ABCD), we have 26 rows of 4, or 104 characters. If we accept the suggestion (ostensibly from the CIA) that the last 97 characters of te left side are encrypted using a one time pad that is the Vigniere square, we still need a key (presumably one letter for each letter to decrypt). Do the last 4 columns of the right side provide this key?

    Consider that the word KRYPTOS has 7 characters, the message we're trying to decrypt has 97, and the block we're looking at has 104...

    Just a naive attempt at a guess at a starting point ;-)...
  • From what the FBI stated in a story not to long ago. The FBI should demand that they have the key so that they can make sure that this is not some sort of criminal activity going on here. You know they don't trust the CIA. Maybe this is some kind of secret message to disclose nuclear secrets to China? Maybe it is child pornography?

    Remember, you can't trust anyone! :)

  • This one is more of an intellectual challenge than any real information. One of those things where the journey is more important (and fun!) than the destination.

    I'd like to take a crack at it in my spare time, however, that is mostly dedicated to sleeping and eating. Ah well. That's what I get for being the only coder in a small company...

  • Perhaps the undecoded part says "Congratulations, now don't tell. :) "

    Or maybe:

    "Congratulations, now don't tell because we know where your live. ;-) "

  • The National Security Agency is part of the Department of Defense; they're really more of a military intelligence and signals intelligence operation than they are Cryptographers 'R' Us. The NSA is (nominally) under the authority of the Director of Central Intelligence (DCI), but in reality they're pretty much left to their own devices.

    The Central Intelligence Agency is its own authority and is staffed exclusively by /civilians/, not military personnel (although some paramilitary units probably do exist on the CIA payroll). They're a much more comprehensive intelligence-gathering unit than the NSA is; they do just about anything and everything intelligence-related, from spy satellites to human intelligence to signals intelligence. Virtually everything the NSA does, the CIA also does (although perhaps on a smaller scale).

    Does this make it clear as mud yet?
  • Okay... so how do you decrypt something with a one time pad IF YOU DONT HAVE THE FRIGGING LETTERS? If you do read the decrypted stuff its weird....
  • One day in the future a bunch of geeks will decrypt this message using a beowulf cluster after they all get too drunk to finish a Quake tourney......
  • Just an interesting little side note I just figured out, the number of columns with the same length makes a nice little bell curve.

    1 row of 29 letters
    5 rows of 30 letters
    15 rows of 31 letters
    5 rows of 32 letters
    1 row of 33 letters

    Probably doesn't mean anything though.
  • From what I read in the article, the location given is that of the sculpture itself. And the CIA might have words with anyone wandering into their courtyard with a shovel...

  • Q: Has anyone used the coordinates as the one-time-pad?

    The one-time pad has to be as long as the encrypted message. So that's not a possibility. The last part has 81 characters.

    "There is no surer way to ruin a good discussion than to contaminate it with the facts."

  • I got it. It says, 'Please don't show this message to Slashdot, they'll slashdot the CIA server and obsess about it!'

    Actually, my theory, and I don't know if it's naive or besides the point... It seems likely that the last portion was encrypted by a one-time pad, at least according to Kryptos. As we know, a one-time pad is unbreakable if the sequence of characters is truly random.

    I don't think the artist meant for the cipher to be unbreakable. That means using a truly unbreakable cipher would be besides the point. So, we are left with two theories:

    1) The one-time pad used is not truly random, and understanding the pseudo-randomness of the sequence is part of the deal. My guess is, the one-time pad used was something like an encoded message. Perhaps even a previous part of the encoded message?

    2) (More plausible, but less interesting) The one-time pad is actually buried at the coordinates specified in the first parts. Has anyone tried to dig there?

    Anyway, I bet this is one of those things that'll basically say something inane like, 'Congratulations! You broke the code.' Hey, there's a few crib ideas...

    "There is no surer way to ruin a good discussion than to contaminate it with the facts."

  • The NSA did solve this one. When I called the
    CIA to tell them I'd solved it, they told me
    somebody at CIA had already done so. When they
    sent me the blurb from a year ago announcing his
    talk (he turned out to be David Stein, but that
    info was blacked out on the announcement), it
    said that found out after he broke it that
    a team of three NSA cryppies had broken the same
    amount some time earlier.

    Nobody has cracked the final 97 characters, though.
  • The "digraphic" part is wrong -- that's like a
    Playfair, and there was on digraphic system in
    the three parts so far decrypted. The first two
    are polyalphabetic with keyed ciphertext and
    plaintext alphabets, and the third is a triple
    complete columnar transposition, with different
    periods than the guess in that document.

    I'm hopeful that the last section is OTP.
    Perhaps Running Key, which is like OTP except that
    it has a coherent non-repeating key... and there's
    a chance that the coherence would be solvable. It
    could also be other stuff, of course, like an
    autokey or a combination polyalphabetic and

    Keep plugging...
  • Somebody running MapBlast told me the location
    is in Glen Echo, MD in a CIA parking lot.

    I wonder whether it was a parking lot in 1980.
    Think "ID BY ROWS" could relate to parking lot
  • Oops, I meant "hopeful that the last section is
    NOT OTP."

    The sculptor, Jim Sanborn, wrote that he had
    given the "keys" to the cipher in a sealed
    envelope to the DCI, so that he could easily
    decrypt it all. While one put a OTP
    key in there, what would be the point?
  • I think the "dedicated hardware" kind of approach
    is overrated. If you have a poor approach, the
    best hardware in the world isn't going to crack
    the problem. If the cipher is a Beaufort, then
    running dedicated Vigenere crackers won't touch
    it, no matter how many of them you've got.
    Hardware is good, but the program is the important
    part. With something like RC5, where you know
    what's on the other end, it's a different story
    and you can optimize the bejeepers out of it.
    With an unknown cipher, simply throwing hardware
    at it doesn't cut the mustard.
  • I wonder whether Webster actually opened the
    envelope (or the triple-sealed envelope,
    depending on the story). I suppose he must
    have, if he remembered that it was obscure.

    What that may mean is that he read the words,
    but did not solve the meta-puzzle that will
    be evident (according to Sanborn) if the last
    part is decrypted.
  • i don't know but i do no is that morse codes looks like the writings of the mayans

A hacker does for love what others would not do for money.