From 1991 onwards, John Walsh – the well-known host of “America’s Most Wanted” – received a series of ominous and threatening letters signed “SCORPION”. Some of these contained a series of Zodiac-style homophonic ciphers: to date, only two of these have been released. Unsurprisingly, these are known as the “Scorpion Ciphers“: but none has yet been cracked.
However, there’s reason to believe (as I pointed out in 2017) that there are some specific regularities with the S1 (‘Scorpion #1’) ciphertext and even more so with the S5 ciphertext that we might be able to exploit. Even though both ciphers at first sight resemble the Zodiac Killer’s ciphers, the Scorpion’s seem to cycle between specific sets of homophonic symbols. In the case of the S5 ciphertext, the cycling seems particularly rigid, in that it cycles between 16 alphabets.
Cryptologically, the problem was that ‘traditional’ homophonic solvers (such as Jarlve’s excellent AZDecrypt) have no way to include extra cipher system constraints, regardless of how stringent they may be. For example, it would be a reasonable hypothesis that S5 uses only a single alphabet for each of its 16 columns: but this is not something that any current solver could use.
After a fair bit of thought, I came up with the idea of putting out a set of challenge ciphers using a completely rigid cycling homophonic cipher, to try to spark interest in solving this class of ciphertext. And so, also back in 2017, I posted up a page containing seven constrained homophonic challenge ciphers. Despite a shockingly high bounty of £10 being on offer for the best solve by the end of 2017, nobody managed to grab my cash.
Had I made even the longest challenge cipher far too difficult? Would nobody ever solve these? Despite my doubts, I remained reasonably confident some clever person would find a way in, sooner or later…
2020: Enter Louie Helm…
And so it was with great delight that I received an email this morning from Louie Helm, asking me to check his solution. As a recap, my challenge cipher #1 (neatly arranged into its five columns) was:
121,213,310,406,516,
108,200,323,416,513,
112,208,308,409,515,
102,216,309,425,509,
114,215,309,417,507,
102,201,323,401,517,
111,200,306,408,500,
113,203,313,407,512,
103,223,313,403,511,
119,213,316,416,511,
102,204,324,418,517,
120,203,324,407,516,
105,209,312,401,504,
117,208,310,408,500,
113,203,301,425,513,
115,201,313,408,515,
115,214,308,406,501,
122,204,322,408,509,
114,209,305,412,504,
117,213,316,402,509,
100,200,310,423,513,
100,214,320,419,509,
114,209,309,419,520,
101,200,320,416,518,
120,211,313,403,509,
103,207,313,421,513,
107,209,305,407,523,
115,224,313,416,508,
102,203,306,416,514,
107,200,310,401,509,
103,212,324,
Louie’s claimed plaintext was:
THEOBJECTOFMYPROP
OSEDWORKONCYPHERI
SNOTEXACTLYWHATYO
USUPPOSEBUTMYTIME
ISNOWSOENTIRELYOC
CUPIEDTHATIHAVEBE
ENOBLIGEDTOGIVEIT
UPATLEASTFORTHENE
XTTWOORTHREEYEARS
…which was completely correct! Fantastic work, well done!!! 🙂
(Extra crypto brownie points on offer for anyone who recognizes the – admittedly somewhat obscure – source of the quotation.)
Crypto-fans may well recognize Louie’s name as having been (along with Jarlve) one half of the recent pair of solvers of Klaus Schmeh’s 1000-bigram (and then even harder 750-bigram) challenge. And here’s Louie’s cool-looking photo:
So: one last time – well done, Louie, you rock. 😉
So… How Did Louie Do It?
This is, of course, the interesting question: and Louie answered it in a forum post on zodiackillersite.com on 02 Jan 2020, which I can do no better than simply quote in full:
I solved it with AZdecrypt v1.17 using my newest 8-gram model released a few days ago on Christmas. The only modification I made was adding 15 lines of code to restrict the solver to only use one homophone for each of the five columns. The solve for cipher #1 succeeded, but the way I modified the solver to do it is very inelegant since it can quickly lock high-scoring letters into place and then deprives the hill climber of further opportunities to test them in other arrangements. A more well-tuned version of this general solution would merely penalize (but not forbid) repeated letters in each column. This would allow the solver to evolve through a less jagged solution landscape and then still eventually arrive at a 1-homophone/column solution in the end. I predict this sort of modification would likely solve cipher #2 and beyond.
Although I used the column constraint (and it appears to have been necessary for a quick solve), the larger story here is probably the recent improvements to AZdecrypt and the release of 8-gram models in 2019.
For instance, if you simply ignore Nick’s constraint and use Jarl’s state of the art solver + his best n-gram file from 2018, you would have needed an 8 word crib to quickly decrypt challenge cipher #1:
AZdecrypt v1.14 + 7-gram jarl reddit: THEOBJECTOFMYPROPOSEDWORKONCYPHER
But in 2019, Jarl moved away from his IoC-based solver to a more capable entropy-based one. This alone drops the required crib needed to solve the cipher down to 2-3 words:
AZdecrypt v1.17 +
6-gram jarl reddit: THEOBJECT — PR — CYPHER
7-gram jarl reddit: THEOBJECT — PRAnd doing the same execrise with the n-gram models I’ve released during 2019 shows they progressed from needing an 8 word crib — down to just a 5 letter crib:
AZdecrypt v1.17 +
6-gram v2 (May 2019): (no cribs sufficient)
6-gram v3 (Jun 2019): THEOBJECTOFMYPROPOSEDWORKONCYPHER — ~90% correct solve
6-gram v4 (Oct 2019): THEOBJECTOFMYPROPOSEDWORKONCYPHER — 100% correct
6-gram v5 (Dec 2019): THEOBJ — PR — CYPHER7-gram v2 (May 2019): THEOBJECT — PR — WORK
7-gram v3 (Jun 2019): THEOBJECTOF — WORK
7-gram v4 (Oct 2019): THEOBJECT — WORK
7-gram v5 (Dec 2019): THEOBJ — WORK8-gram v2 (May 2019): THEOBJECT — WORK — CYPHER
8-gram v3 (Jun 2019): THEOBJ — WORK — YPH
8-gram v4 (Oct 2019): THEOBJ
8-gram v5 (Dec 2019): HEOBJNote: These are just the cribs I got to work in under a minute using a completely unmodified version of AZdecrypt. It’s quite possible that any of us using either of the last two version of AZdecrypt + beijinghouse 8-gram files could have solved this since Oct 2019 simply by letting it run long enough.
So the real story here seems to be that to crack my first challenge cipher, the three things that were necessary were not only Louie Helm’s tweaks to AZDecrypt to exploit the column constraints, but also Jarlve’s huge improvements to AZDecrypt’s homophonic solver during 2019, along with Louie’s now very extensive 8-gram files.
I think this is a great result for Louie (and for Jarl too!), and I have nothing but admiration and applause for the pair of them. Rock and roll, guys!
The (Inevitable) Crypto Punchline…
Of course, challenge cipher #1 was (numerically) the easiest one, in that it was the longest of the set. So the big test will be to see how far through the list of challenge ciphers Louie Helm’s approach will (admittedly with a bit of tidying up) now be able to reach.
Interestingly, Louie immediately noted that my challenge cipher #2 presents some obvious-looking crypto weaknesses:
- the 1st and 10th lines (of five symbols each) are identical
- the 4th and 19th lines are also identical, and share three consecutive symbols with line #22.
He then speculates that it might be worth attacking these patterns in cipher #2 using common words or phrases such as “THERE” / “THOSE” / “I HAVE” / “IN THE” / “IS THE” / “IT WAS”.
Personally, I haven’t looked at the plaintexts since I enciphered them two and a half years ago (and I have no intention of doing so until such time as a proposed decryption arrives here), so I’m not going to be much help. 😉
The only information I’d add is that I took each of the seven short texts from completely different places: so knowing the source of “The object of my proposed work on cypher…” shouldn’t directly assist with the others.
But what I want to now say is: good luck, everyone! The game is afoot!
Hello Nick can you email me a way to contact you? I’m working on a project that may interest you and would like to have your input. Thanks
JR: my email is nickpelling (at) nickpelling (dot) com – it’s not exactly a secret. :-/