61 comments

[ 3.7 ms ] story [ 104 ms ] thread
Is the answer in English? Are there any tips on cracking a code when you don't know the language being used?
Yes the answer is in English. It's pretty easy to crack but may take some time if this is your first time. To do this you need to use Letter Frequency. Since 'e' is the most common letter in the English language you can look for the most common character in the text and assume it is 'e', and if it isn't try another letter. For a list of the most common letters, see here: http://en.wikipedia.org/wiki/Letter_frequency.
It's quite simple to get through.
If you have zero experience in cryptography, how would you go about learning the necessary to crack this?
A good think about how you would exchange letters can solve this code as they've just given you the most simple example.

You could read through a few ebooks available on cyptography freely on the internet, but you don't even need to do that in this case, I could just tell you.

The most common letter used in the english language is 'e'. Now identify the dot pattern that is the most common. Voila, you can translate a lot of the code. For the other letters, I would investigate some sort of chart that ranks the most common letters in the English alphabet. With a bit of playing you can do this with a pencil and paper.

Obviously computer cryptography is more advanced, but your question related to this code specifically.

> Obviously computer cryptography is more advanced

Wouldn't a single message from an unknown cipher be almost impossible to crack? You'd either need to know the algorithm or have multiple encoded messages along with the keys, right?

Not necessarily, because some ciphers retain statistical information about the plaintext . any prior knowledge about the shape of the plaintext can give you better than flat random chance of recognizing he decrypt.
You can also look for characters that are easily identifiable. For example, assuming the text is in english, there aren't many options for a word that uses only a single letter. So the single character in the fifth line is most likely an "I" or an "a". These can also go into your chart.
SPOILER ALERT

This looks like straight character substitution, so it's essentially just trial and error, but the best vector for attack is the following:

Look at the shorter words first (2 and 3 character words), guess what one word might be, then match the same characters in the other short words. Once you have a few that seem to pair up, you can start building the longer words from the answers you've got from the shorter ones.

Puzzles like this one isn't far off doing a crossword or sudoku. There isn't really a cypher to it, no maths etc. It's just having the patience to guess at a few placements then seeing if that fits the wider model.

Why am I being marked down for that? It's clearly marked spoiler so anyone who doesn't want tips can avoid it; yet in spite of that, I was very careful not to give any answers away. All I did was suggest techniques to crack the code. And most importantly, my post answers the question raised - which is the whole fucking point of a comments system.

If anyone didn't want to hints then they should have just skipped over the post the moment they read "spoiler alert" rather than knee jerk reacting with a down-vote for a post that others might have found helpful.

I swear to god the use of the peer review system on HN has been in steady decline over the last few years.

Step off the ledge, man. Downvotes happen.
I think being off work recovering from a minor op, and thus house-bound, is making me ratty. :(
It's just internet points, no worries. Everyone who matters can see you were trying to help. Hope you recover soon.
True, but on the receiving end a down vote feels like someone saying "No! You are Wrong!" and then offering nothing constructive.

Some days, I wish I could down vote down votes.

Sometimes downvotes are just fat-finger errors.
That is called upvoting.
No worries, best of luck with the convalescence!
Still, it's a common courtesy that if you downvote someone, you tell them why. I think most of us are here for hopefully enlightened discussions, driven by a yearning to learn, share, and explore various topics. We want to be taken seriously, for the most part, and take seriously what we say. Yes, at the end of the day it's just "internet points", but that's belittling our experiences and interactions here to be so dismissive to suggest one should just ignore them.

If that was the intended design, then perhaps votes should be hidden from users as well, so that we'd never know if we were voted up or down; but, I think the design is intended to somewhat subtly clue us in about whether our opinions and statements are popular, controversial, or whatever. It's a feedback loop, and most forms of conversation involve such indirect feedback loops in the form of non-verbal communication -- though in real-life, it's heavily augmented by body language, facial expressions, voice tone and inflection, etc. We don't have those luxuries here, and so the only non-verbals we're left with are the up-arrows.

It's one thing to receive a single down-vote, hell you can't please everyone, right? However, when you try in earnest to participate in a conversation, and you receive the equivalent of a "shut up" from the crowd, then you're left wondering: did I miss the entire point? Did I accidentally offend someone? Was I factually incorrect?

For a healthy conversational atmosphere, it helps to resolve these issues, so that we can improve our communication -- and hopefully avoid the need for any downvotes in the future.

I'd guess because you didn't answer his question "where can I go learn about this?". You told him how to do it.
I'm curious, what's the difference between the two: being told how to do it, and being told where to go to be told how to do it?
(comment deleted)
If you go read a book like the one I recommended you'll be getting an education in the various sorts of ciphers out there and techniques to break them. The specific answer given above is how to break this particular cipher, thus it's not really far off giving the answer. The topic is more broad and interesting than that.
Another note, this cipher would be harder to crack if the spaces weren't present.
Only barely harder, and only for human scanners. Spaces stick out like a sore thumb in a straightforward substitution, even worse than Es!
I would also add using letter frequency is quite handy also. As knowing which letters are tend to be seen more frequent you can shorten your trip. Also it's nice thing to do instead of crosswords :)
I'd say the long words offer the better opportunities. Look at the puzzle that has the encrypted word, PIKODENHFENJIKM. How many English words, when used to make look up table based on this key, generate the word when encoded with this key? Only one.

        lookup = {c: d for c, d in zip(pattern, word)}
        return "".join(lookup[c] for c in pattern) == word
Now you have a fifteen letter word solved in the puzzle. It's not hard after that.
There is the free "Cryptography 1" course on Coursera ( https://www.coursera.org/course/crypto ).

I'm taking it right now. There's a lot of maths and theory, and it's quite a difficult course, but it's been a great way to learn the foundations of cryptography.

"To learn more about the types of ciphers and codes that terrorists, spies, and criminals use to conceal their communications, see ..." made me laugh. Remember kids, only bad guys use encryption.
That's not what they're trying to say; criminals just happen to be the reason the FBI cares about code breaking.
The FBI is interested in legal peaceful advocates for government change. Why did they leave that part out of their pitch? Propaganda, even if they didn't "mean" it, because they have alert convinced themselves of the lie.
I am not smart enough to understand what this comment means, sorry.
not too long ago, the act of making, using, or distributing encryption software made you a criminal in the eyes of the fbi
In reality, it has never been a crime to use or distribute encryption software.
you can use scrabble word pattern searches to determine that there is only one english word that matches the pattern of the largest set of characters in this cypher. the rest falls into place from there.
can you elaborate ? longest word appears to be 9 letters which has a lot of matches.
It's nine letters, but there are repeats in specific places. Letters 1 and 6 are the same, 3 and 5 are the same, 4 and 9 are the same, limiting your options.
agreed but how can such a pattern be entered into a scrabble word finder?
No idea about that because I've never used one - I just rolled my own from python.
From the javascript:

var bugRiddenCrashPronePieceOfJunk= (navigator.userAgent.indexOf('MSIE 5')!==-1 && navigator.userAgent.indexOf('Mac')!==-1)

I don't necessarily disagree with the sentiment, but I don't think FBI should disparage Microsoft and Apple with their variable names.

They are disparaging MSIE 5 for MacOS X in particular, which is indeed a piece of junk that no one should be using. That's just facts.
Pretty sure this is referring only to IE for Mac, not IE and MacOS separately.
Microsoft and Apple both have publicly disparaged the obsolete IE for Mac, so why shouldn't the FBI? It's very, very out of date and highly-vulnerable. It's not like something that would show up on CNN.
Don't work for the fbi, they're fucking bastards.
"Bad things come in threes"?

1) I have to change my name at social security cause it got messed up. The mental health like to stress me. One time a person knocked on our door needing 911. They employ actor/agents all the time.

They store away shit they can pull on you like warrants.

2) Jury duty. They cut my phones so I cannot call. I'm gonna get a warrant. This replaces the shit they can pull on me.

3) Blood work

----

Evil fucks. I know God is perfectly just. I'm supposed to worry or some shit.

4) Dad had surgury--fucks with me.

5) I got a plugged ear

----

The shit gets piled higher if you don't give a fuck.

----

6) Cut the phones.

was this supposed to be hard? I hope they don't plan their recruiting out of it