The Gentlemen’s Cipher, solved! :-)

by 4 Comments

Because people keep telling me nice things about Klaus Schmeh’s recently-started blog Klausis Krypto Kolumne (and there’s you thinking you couldn’t read German, tcha!), I thought a visit was a little overdue.

The first thing I saw there was his brief page on the Gentlemen’s Cipher, a cipher taken from “the papers of a gentleman recently deceased”, and printed in “The Gentlemen’s Magazine” in April 1748. (It was mentioned in Cryptologia in 1978)

At first glance it seemed an awful lot like a simple (monoalphabetic) substitution cipher; and the repeated 3-gram at the start of lines 4 and 5 was probably “THE”; hence I thought it would probably be easy to break. So for a pleasant change, rather than just passing it on to Tony Gaffney Baloney to break while his half-full kettle boils (as per normal), I thought I’d instead transcribe it and try to solve it myself. Which I did.

In the end, though, all I actually did was paste my transcription into WebDecrypto, which got sufficiently close to the plaintext in a matter of seconds that I could Google it. It turned out to be nine lines from a 1699 poem by Sir Samuel Garth – “To die is landing on some silent shore / Where billows never break nor tempests roar / etc”. All of which is somewhat coincidental: so perhaps The Gentlemen’s Magazine’s correspondent “R.M.” who submitted the cryptogram was having a gentle laugh, having concocted the story of the “gentleman recently deceased”? I think so, but make of it what you will.

Anyway, if you want to see the whole thing, I’ve put up a short page describing The Gentlemen’s Cipher here. Case closed! 🙂

Mona Lisa, multimedia-style… ;-)

by 13 Comments

For over a year, I’ve been collecting links to modern versions of the Mona Lisa made of weird materials – leaves, make-up, chocolate, meat, Lego, coffee, toast, pasta, buttons, jelly beans, mushrooms, Rubik’s cubes, dominoes, ketchup… all sorts of odd stuff.

As such lists go, it’s not even remotely complete (in fact, there were about twenty ASCII Art versions, so I just chose the one that impressed me most). But the fact that I’ve collected over forty different types of Mona Lisa would surely have Leonardo da Vinci squirming in his wormy Renaissance repos. If that were possible. Which it’s not. (Hopefully.)

Just so you know, my favourite (so far) is #23 Buttona Lisa (below), a 3d version covered in buttons, on permanent display at the Hankyu Shopping Centre in Kobe, Japan. Please let me know if you find anything better!

buttona-lisa

Helen Fouché Gaines’ challenge cipher…

by 7 Comments

To add to our list of challenge ciphers (Bellaso’s, d’Agapeyeff’s, Feynman’s, etc), here’s one I hadn’t seen before from Helen Fouché Gaines’ (1956) “Cryptanalysis: A Study of Ciphers and Their Solution”, which I found courtesy of Greg Ross’s Futility Closet website:-

VQBUP PVSPG GFPNU EDOKD XHEWT IYCLK XRZAP
VUFSA WEMUX GPNIV QJMNJ JNIZY KBPNF RRHTB
WWNUQ JAJGJ FHADQ LQMFL XRGGW UGWVZ GKFBC
MPXKE KQCQQ LBODO QJVEL.

The cipher is the last in a series of exercises at the end of a chapter titled “Investigating the Unknown Cipher,” and she gives no hint as to its source. Of the exercises, she writes, “There is none in which the system may not be learned through analysis, unless perhaps the final unnumbered cryptogram.” The solution says simply “Unsolved.”

If you look at the book itself (p.217), all Gaines says is “Here is one which nobody has been able to decrypt:“. Hence it is not at all clear whether this is a composed challenge cipher (i.e. designed to confound) or an accidental challenge cipher (i.e. one found in the wild but never yet solved). I suspect the latter… but perhaps someone will know for sure either way.

Incidentally, the 1968 comment on this mentioned in the Futility Closet post is online here (it’s on p.5): just so you know, the authors there offer an [entirely fictional, I expect] “Nicodemus J. Grumbow award” for anyone solving it.

As far as the ciphertext itself goes, it has a flattish distribution (Q appears 9 times, while T & Y appear only twice each, all 26 letters are used), with a standard deviation of 1.52144, i.e. much flatter than a normal alphabet would present.

It has no repeated trigrams, while QJ & PN appear three times (DO, GW, QL, GG, VQ, PV, NU, NI and XR each appear twice). There are seven doubled letter-pairs, all appearing once only each (PP, GG, JJ, RR, WW, GG, QQ). There are a few visible patterns in the text that vaguely suggest some kind of structuring (JAJGJ, QCQQ, QLQ and QQL), but all of which might just be random.

As a result, it doesn’t appear to be a monoalphabetic substitution, nor a (conventional) polyalphabetic substitution (as there seems to be no obvious cycles, loops, or repeats). The cipher text is 125 characters long, which (as a mathematician) makes me idly wonder whether this was partly enciphered using some kind of a 5x5x5 three-dimensional transposition cipher, the sort of thing a Bond villain would gloat about in his/her evil monologue. I don’t believe for a minute that this is the case, of course, but I thought I’d mention it all the same. 🙂

Any thoughts? Is there anything that suggests to you what kind of a cipher this might be?

Slovakian Voynich facsimile edition (2012)…

by 5 Comments

I found out today that Slovakian publisher CAD Press late last year brought out a new facsimile edition of the Voynich Manuscript, preceded by 176 pages reviewing its history, apparent contents, mad theories, etc. Of course, reading Czech helps, though it contains plenty of other pictures (i.e. quite apart from Voynich imagery) should you wish to buy it as an unreadable coffee table book. 😉

voynichuv-rukopis

As far as I can tell, the author of the preface (Dr. Jitka Lenková, I believe?) seems to be hopeful that the manuscript’s origin will ultimately turn out to be somewhere in Bohemia. Well, I guess a bit of nationalist spin rarely goes amiss with your home audience: but such rhetoric would be a bit nicer if it were accompanied by a bit of, errrm, factuality to back it up, hmmm?

And no, I don’t really think the Voynich has anything to do with Jan z Lazu, about whom I’ve blogged a fair few times. Sorry again!

The Massey twins’ Phaistos Disk decryption claim…

by 22 Comments

I don’t often cover the Phaistos Disk here, simply because it’s almost certainly more of a linguistic mystery than a cipher mystery as such. However, I was particularly taken by some aspects of the analysis offered by Keith & Kevin Massey, so it seemed well worth discussing here.

Incidentally, despite their complementary-yet-competing philological interests, the twins didn’t start their Phaistos Disk adventure together. But, as they put it, “for Kevin to collaborate with his brother Keith was finally inevitable, like dancing with your mad aunt at a wedding reception.

Their Chapters 1-4 summarize a whole load of Phaistos research, while trying to argue for a link between various early European scripts (Cypriotic, Linear B, etc). Their Chapter 5 (pp.48-56) argues for a left-to-right reading of the Phaistos Disk (but not quite as convincingly as they hope, I think). But after all that, their Chapter 6 discards pretty much all their preceding linguistic analysis and instead proposes the hypothesis that Phaistos Disk words with slashes are actually numbers. And that’s essentially where they finish.

Now, for all the twins’ obvious linguistic smarts, I have to say I just don’t buy into this – at least, not in the way it’s currently presented. And here’s my argument why:

(1) The way that the signs are physically imprinted / stamped into the soft unfired surface of the disk is clearly systematic (i.e. it’s a consciously prepared set of shapes, not one that’s being improvised on a shape-by-shape basis), and the choice of those shapes forms part of the same system.

(2) Furthermore, the whole disk had to be fired once and once only. Hence without much doubt the imprints on both sides had to have been made at the same time using the same basic system.

(3) Regardless of whatever direction you believe it was written in, there are substantial word differences between the two sides. Many words repeat on the same side (in fact, there’s even a three-word pattern that repeats on Side A), yet only a single measly three-imprint word repeats between sides.

(4) There is an imbalance between the shapes on the two sides. The most obvious difference is the frequency of the plumed head imprint: 14 instances on Side A but only 5 instances on Side B. Yet there are plenty of others, such as the beehive (once on Side A but five times on Side B). Indeed, the most visually striking difference is the twelve { PLUMED_HEAD + SHIELD } pairs on Side A compared to the single pair on Side B.

These are the basic observations I personally work from, and the problem is that I just don’t see how these square with the number system suggested by the Masseys. Whatever the actual significance of the slashes, it doesn’t seem to me to coincide with any obvious difference in the language as used (because the PLUMED_HEAD + SHIELD pairs occur just about as often in slashed words as in unslashed ones): and (longhand) numbers are almost always a notably differently-structured part of any language.

For me, the big issue is that Side A is significantly more structured and repetitive than Side B. Also, its word lengths have much greater variance (i.e. Side A has both longer and shorter words than are found on Side B), and they use a different mix of shapes. Yet slashed words occur just as often on both sides. I just don’t get it, me.

I suspect that Side A and Side B use different kinds of language (ritual, performative, poetic, pragmatic, whatever) to assist very different functions: and probably courtly functions at that. But seeing it as a homogeneous number container for (say) Cretan tax accounting seems far too mundane. Bean counters never touched this artefact, no they didn’t! 🙂

Some of my pigeon questions answered…

by 19 Comments

A few days ago I posted a list of open questions about the dead cipher pigeon, really as a way of externalizing the annoyance I felt from knowing so few basic facts. To my great delight, Mike Moor from Melbourne and (well-known military history buff) Christos T. stepped forward with a whole wheelbarrowful of answers. And here they are…

“Did any British pigeon handlers ever use “lib.” as an abbreviation?”

Mike Moor points out that the first message sent back on D-Day was by Reuters reporter Montague Taylor, attached to the eg of the war-seasoned (and subsequently Dickin-Medal-receiving!) carrier pigeon Gustav [NPS.42.31066]. At the bottom of the image (clearly on an RAF pigeon message pad), it says “Liberated 0830” (click to see the full message):-

“Why can’t I find a single other message written on the same printed pigeon service pad?”

For this, Mike Moor points to a message sent by Major General Roberts on a page talking about the Canadian armed forces’ involvement in World War Two. [Incidentally, the abortive Canadian raid on Dieppe was known as “Operation Rutter”, I wonder if Stu R knew that?] Even though the quality of the scan is frankly diabolical, it’s very much better than nothing at all, and tells us that this our pigeon message was (without any real doubt) an Army Pigeon Service message pad.

Mike also notes that this was an “Army Book 418B”, the updated version of the Army Book 418 used for pigeon messages in the First World War. It turns out that the National Army Museum near Sloane Square tube in London has an Army Book 418B in its collection described as “Army Book 418B, Pigeon Service Message Book, 1942”, accession number “1975-06-35”: it would be cool to ask the curators there to have a closer look.

“Was the pigeon message we have a hectograph or a carbon copy?”

Mike Moor notes “It is a carbon copy pad with 1 original retained in the book and 2 carbon copies made – which lines up with what you’d expect from the message i.e. 2 copies sent and the blue text of the cipher looks a lot like a carbon copy + black amendments by a second hand presumably prior to sending.” Excellent, thanks! 🙂

“When did Slidex change from having one letter per horizontal key slot to two letters per slot?”

The (plainly utterly indefatigable) Mike Moor points us to some December 1944 Slidex instructions available on Rob van Meel’s site (a copy will cost you two euros plus international postage from the Netherlands), by which time it had changed to two letters per key slot on the horizontal cursor. That narrows the range down dramatically to ‘sometime in 1944’… we’ll just have to keep digging to find out exactly when in 1944. At least this is a question that we can reasonably hope to get a solid answer on!

“When were Slidex Series B code cards introduced?”

In the Series A “RE No. 2” (Army Code No. 14070) Card 35 that I got from the excellent royalsignals.org.uk website, the three columns have had their shape changed to break up the columnar structure somewhat, which I believe may point to a rethink & upgrade of the Slidex code during WW2.

At the same time, another Series A card has two versions, one with an Army code and another with a different W.O. (War Office) code, which I suspect points to a post-WW2 handover from the Army to the War Office. But that’s as good an answer as this question has for now.

“Did Bletchley Park / GCHQ ever catalogue the tons of files brought back by the TICOM teams?”

Christos replies: “There are many TICOM file categories: I, IF, DF, M, D. Captured German documents had to be catalogued and then translated. This must have taken years. The question is whether there is a full list of those files. There is a DF list but I don’t know about any document covering the other files.”

Incidentally, p.38 of TICOM I-109 (a report by Lt Ludwig of Chi Stelle OB.d.L) says:

B. Slidex system.

Bigram substitution system.
In use in the army (front line units) and in air support networks (tentacle networks).
The system was known from the monitoring of exercises in Great Britain before the invastion, e.g. “Spartan”. The cryptanalytic detachments in army and GAF were able to get so much experience on these exercises that decoding worked well right at the start of the invasion.
Recovery was done in the army again at NAA St 5, in the GAF in 14/3 (W control 3).
Decoding was often done with so little delay that the messages could be dealt with like clear text in the evaluation.
The results were of more importance to the army than to the GAF, but theu provided the latter too with valuable indications, e.g. elucisation of the individual corps tentacle networks, reconnaissance operations (e.g. 400 and 414 Squadrons) etc.
The messages decoded daily were exchanged between Army and GAF in the form of written reports.

At last, some genuinely useful Voynich merchandise hits eBay…

by 4 Comments

A fulsome tip of the Cipher Mysteries hat to Luck Thief Luke Fitch for passing on a link to this (actually rather nice-looking, I think) Voynich-themed iPhone4 case shipped all the way from Hong Kong. Luke bought one for his girlfriend for Christmas “and she loves it“, thus proving once and for all that romance and cipher mysteries can indeed co-exist. (Though I’m not entirely sure my wife would 100% agree.)

As I’m sure at least 20% of Cipher Mysteries regulars will know, the image chosen is cropped from page f40v, the end page of the Voynich Manuscript’s Quire 7. The plant depicted is very similar-looking to the (marginally better-known) plant on f33v, which Hugh O’Neill in 1944 thought was a “sunflower”: Robert Brumbaugh also thought this was the case (though much later).

However, because of a number of compelling counter-arguments raised by Jorge Stolfi, the whole sunflower notion now seems to have, errm, had its day in the sun. More recent alternatives include:-
* Dana Scott suggested in 2001 that it might be related to Epiphyllum oxypetalum;
* Edith Sherwood suggests Crocus vernus;
* Berj N. Ensanian suggests that comparisons with giant Pitcher plants present themselves.

What I can say is that it’s a Herbal ‘B’ page written (as usual) in Currier Hand 2, with a ‘title’ (offset text block) on the bottom-most line. There is only a single l-initial word (‘lar’), and a fair smattering of single-leg gallows. I don’t think its roots or leaves are repeated in either of the later pharma sections.

Even though this is quite vividly coloured, I don’t personally believe this is actually a plant… but that’s another story entirely! 🙂

Why so many open pigeony questions?

by 17 Comments

As far as just about any cipher I blog about goes, I have days when a solution seems so comically close I could almost accidentally breathe it in. But I also have days when one seems so tragically far away that it may as well be in a sealed box. On the moon. Guarded by killer robot ninjas. All voiced by James Earl Jones.

What’s at issue isn’t anything like pessimism on my part: rather, it’s the question of why anybody would think these might be solvable without doing a whole load of basic, grindy, grafty research first. Really, I think you almost always have to break the external history of these things before you stand much of a chance of extracting their internal contents.

So, if I list some of the open questions that are bugging me about the dead cipher pigeon story right here right now, perhaps you’ll see why that might be the case:-

* Who owned either of the two pigeons listed on the message?
* Were there any pigeon lofts in Bletchingley itself during WW2?
* Did any British pigeon handlers ever use “lib.” as an abbreviation?
* Why hasn’t a single record from a pigeon loft around Tunbridge Wells or Dorking turned up yet?
* Why can’t I find a single other message written on the same printed pigeon service pad?
* Was the pigeon message we have a hectograph or a carbon copy?
* From its skeleton, how old was the dead pigeon? [What a basic question to have to ask!]
* True or false: “many WW2 pigeon messages were sent encrypted”?
* When were Slidex Series B code cards introduced?
* When did Slidex change from having one letter per horizontal key slot to two letters per slot?
* How many syllabic / bigram ciphers were in use in WW2?
* Where is a copy of the Army syllabic cipher book BX 724 or BX 724/RE?
* Did Bletchley Park / GCHQ ever catalogue the tons of files brought back by the TICOM teams?

Personally, when I look at this fairly long list, I don’t feel hugely confident that we genuinely know even close to enough to enable us to solve this mystery, however engaging and intriguing it may be.

But then again, a single answer to any one of these questions from an unexpected corner might well be enough on its own to turn this miserable tide around. So perhaps we should just try to remain optimistic, for a tiny bit of clarity for any one of these might be enough to get us started. Fingers crossed that we shall see (and very soon!)… 🙂

Cipher talk for kids in Kingston (3rd February 2013)…

by 5 Comments

Roughly once a month on a Sunday morning, I take my son Alex along to a local kids’ group called Surrey Explorers for what is almost always a fascinating and hands-on talk about something a little unusual / challenging / stretchy / geeky / fun. Recent talks included “The Science of Zombies” (given by Surbiton zombie kung fu science fan-girl Anna Tanczos) as well as one on all sorts of weird and wonderful anamorphic art. These are normally held at Kingston University’s Kingston Hill campus, not too far from the A3.

Anyway, given that (a) I think Surrey Explorers is great, and (b) I blog about what is surely the coolest (if occasionally utterly ridiculous) geek thing going, I thought it was time to give something back to the group. Which is why I’ll be giving the best cipher mystery talk for kids ever there, entitled “Codes and Ciphers in History and Mystery – from The Hobbit to Winston Churchill” on 3rd February 2013 at 10.30am till 12.30pm. Hence the answer to the question “What’s on in Kingston for kids in February?”, the answer is now officially meeeeeeee.

As you’d expect, there’ll be no big surprises about the subject matter (errr… the clue’s in the title). I’ll be starting with a bit of interactive Hobbity rune stuff (A.K.A. “Futhark”), moving on to some real-life magical ciphers and recipes, then rapidly whizzing through a millennium or so of concealed writing (particularly those mysterious ones that nobody can yet read, Cipher Mysteries regulars will be utterly unsurprised to hear), before finishing up with the latest on that dead pigeon code that has so enthralled the media over recent months.

To end the day, I’ll answer questions on just about any cipher-related question anyone cares to throw my way, and perhaps give some recommendations about cool kids’ books based on ciphers.

If you have children aged 6-13 who this might be fun for, I hope to see you & them there – I’m a big fan of Surrey Explorers, and wish more people knew about it, so it would be great to have a full house!

PS: if you want links to some cipher articles to get you in the mood, I’d suggest
* The Phaistos Disk
* Voynich Manuscript
* Beale Papers
* Rohonc Codex
* The Dorabella Cipher
* The Unknown Man
* The Zodiac Killer

Pigeon bigram / Slidex update…

by 3 Comments

Having got hold of a WW2 Slidex manual, I’m starting to see what a travesty of a coding system it was – and how a smart German decrypter could (with a bit of practice) decipher it almost in real time.

But Slidex was never intended as a highly secure coding system: it was only supposed to be a convenient way for people to discuss very short-term matters mostly in the clear over the radio or telephone, encoding any individual items or details that should not be overheard by the enemy. In fact because of its obvious lack of security, I don’t believe it was even classified as a “low grade” cipher.

Yet for a whole host of pragmatic reasons, it seems that Slidex was chosen to be used on D-Day for all non-machine cipher traffic. So if the pigeon cipher is in Slidex, can we crack it?

The first big problem we face is that “Slidex as described in the manual” and “Slidex as used in the field” seem to be quite different beasts. For example, though both employ a 12 x 17 (= 204-cell) table, manual-Slidex used a 12 letter horizontal key at the top, whereas field-Slidex (as evidenced by various pictures) seems to have used a pair of characters per key horizontal cursor cell, hence a 24 letter horizontal key. Similarly for the vertical key, manual-Slidex used only 17 characters whereas field-Slidex seems to have used all 26 alphabetic characters. So unless someone kindly comes forward and tells us how Slidex was actually used circa D-Day, we’re kind of stuck in a no-man’s land between manual-Slidex and field-Slidex, uselessly trying to guess what’s inside the Baggins’s nasty little pocket, yessss.

The second big problem is that unless something rather miraculous emerges from GCHQ’s archives, it now seems fairly unlikely we will ever get retrospective access to the daily keys used. Key pairs were tightly controlled and never used for more than 24 hours at a time (keys were normally changed over at midnight each day).

And yet… Slidex is designed to be quick and easy to use, with exactly the same code table and key pair used by both encoder and decoder. And in practice, all the symmetries and shortcuts that yield all that convenience also compromise the security to the point of uselessness.

For example, every 12-column-wide code table is arranged into three groups of four columns: and in each one I’ve seen, each group includes all 26 letters of the alphabet in alphabetic order, as well as a third of the numbers from 00 to 99, and a few SWITCH ON and SWITCH OFF cells. Moreover, in the code half of the cells, all the words are arranged in alphabetic order from top to bottom.

For example, the first four columns of the Royal Engineers Series A code table “No. 1” proceed like this:-

[?] 08  N  T
0/? G   16 24
OFF 09  O  25
00  H   P  U
A   I   17 26
01  1/? 18 ON
B   J   19 V
C   10  2  27
02  11  Q  W
D   K   20 X
03  12  R  28
E   13  S  29
04  L   ON 3
05  14  21 Y
06  M   22 Z
F   ON  T  30
07  15  23 31

(Original picture from Jerry Proc’s Slidex page, second image from bottom. Note there’s also a photo of an Op/Sigs code table there that closely follows the same kind of layout pattern).

Moreover, the German cryptologists interviewed by TICOM after the war noted that before September 1944, most people using Slidex tended to use the leftmost group of columns almost exclusively, which compromised yet further what was already a poor system. And the widespread habit of using Slidex for entire messages made the daily keys easier to get to rather than harder. What a mess!

And so if our mysterious dead pigeon message is in Slidex, all those flaws and poor enciphering practices might give us enough to decrypt it without a daily key, or even without a code table at all! After all, if the Germans could do it (albeit usually with more depth to work with), surely so can we?

Looking again at the bigram, if we precede each bigram with the number of times the first half of the pair occurs, I suspect we can predict fairly reliably which part of the message is in code and which part is in cipher:-

6HV 3PK 3DF 3NF 2JW 2YI 3DD 2CR
4QX
... 1SR 3DJ 6HF 3PG 1OV 3FN 4MI
4AP 1XP 4AB 1UZ 1WY 2YN 3PC
... ... ... ... ... ... ... 4MP
3NW 6HJ 4RZ 6HN 2LX 4KG 4ME 4MK
4KO 3NO 2IB 4AK 1EE 4QU 4AO 4TA
4RB 4QR 6HD 2JO 3FM 4TP 1ZE 6HL
4KX 3GH 4RG 3GH 4TJ 4RZ 2CQ 3FN
4KT 4QK 2LD 4TS 3GQ 2IR

Because so many single instance “1nn” pairs are clustered in the middle section (“1SR … 3PC”), I’m pretty sure that this is in code, and the last part (“4MP … 2IR”) is in cipher. The first part I’m unsure about.

If we now concentrate purely on the final section and look at the frequency counts and patterns there, plenty of other interesting things jump out:-

... ... ... ... ... ... ... 3MP
2NW 4HJ 4RZ 4HN 2LX 4KG 3ME 3MK
4KO 2NO 2IB 2AK 1EE 3QU 2AO 4TA
4RB 3QR 4HD 1JO 2FM 4TP 1ZE 4HL
4KX 3GH 4RG 3GH 4TJ 4RZ 2CQ 2FN
4KT 3QK 2LD 4TS 3GQ 2IR

From the way they cluster, I think that M and Q probably refer to the same column: and from the few single-instance “1nn” bigrams in there, I suspect that “EE” and “ZE” probably both encipher “E” (while “JO” could well encipher “T”).

What’s interesting is that it seems likely that the four columns encipher letters in alphabetic order: so (say) A-F, G-M, N-T, and T-Z in the case of the Royal Engineers code table #1 (there are a couple of extra E and T characters inserted around the table). It may be that this is enough for someone to try to solve this directly without any other information!