Because people keep telling me nice things about Klaus Schmeh’s recently-started blog Klausis Krypto Kolumne (and there’s you thinking you couldn’t read German, tcha!), I thought a visit was a little overdue.

The first thing I saw there was his brief page on the Gentlemen’s Cipher, a cipher taken from “the papers of a gentleman recently deceased”, and printed in “The Gentlemen’s Magazine” in April 1748. (It was mentioned in Cryptologia in 1978)

At first glance it seemed an awful lot like a simple (monoalphabetic) substitution cipher; and the repeated 3-gram at the start of lines 4 and 5 was probably “THE”; hence I thought it would probably be easy to break. So for a pleasant change, rather than just passing it on to Tony Gaffney Baloney to break while his half-full kettle boils (as per normal), I thought I’d instead transcribe it and try to solve it myself. Which I did.

In the end, though, all I actually did was paste my transcription into WebDecrypto, which got sufficiently close to the plaintext in a matter of seconds that I could Google it. It turned out to be nine lines from a 1699 poem by Sir Samuel Garth – “To die is landing on some silent shore / Where billows never break nor tempests roar / etc”. All of which is somewhat coincidental: so perhaps The Gentlemen’s Magazine’s correspondent “R.M.” who submitted the cryptogram was having a gentle laugh, having concocted the story of the “gentleman recently deceased”? I think so, but make of it what you will.

Anyway, if you want to see the whole thing, I’ve put up a short page describing The Gentlemen’s Cipher here. Case closed!

The post The Gentlemen’s Cipher, solved! :-) appeared first on Cipher Mysteries.

Word just arrived here by breathless carrier pigeon (well, the little chap had flown from Italy, after all) about a conference in Gotha on 14th-16th February 2013 (yes, this very week!) on historical cryptography. And here’s the rather nice conference artwork:-

Lots of interesting sessions on all manner of European historical stuff, such as from top Italian cipher-breaker Filippo Sinagra, who you may remember from the Nat Geo “Ancient X-Files” Voynich half-episode not so long ago. Filippo’s talk is on Sforza-era cryptography, for which he patiently trawled through the Milanese archives (he very kindly passed me scans a while back). Fascinating stuff that’s right up my street, I just wish I could be there (though sadly that’s not possible this particular time, oh well!)

There’s also a talk on historical code-breaking methodology (or, more accurately, the apparent lack of anything like one) being given by a certain German cipher skeptic – yes, it is indeed that man again, Klaus Schmeh. His introduction notes that: “Publications devoted to the particular methods of cryptanalysis regarding historical ciphers are rare. The presence of numerous works in which decrypted historic secret texts are presented should not obscure the fact that a comprehensive theory is lacking in this area.” Amen to that, Brother Klaus!

Another nice thing is that Christiane Schaefer will be discussing the Copiale Cipher (which she, Beáta Megyesi and Kevin Knight successfully broke) and her team’s follow-on project, an “interactive digital platform” called “CADMUS” for early modern cryptology. All of which sounds a lot like a call to European historians to send them your enciphered early modern documents and they’ll crack ‘em… or you could just send them to me c/o Cipher Mysteries, that would work too.

But perhaps the wild-card of the conference will prove to be Dr. Michael Korey, whose session is intriguingly entitled “Hidden steganography and burned substitution. Some little‐known cypher equipment from the cabinet of curiosities (Kunstkammer) of Dresden”. The description (which I hope it’s ok to reproduce here) goes like this:-

“In the middle of the 16th century, the German territories were considered to be not very progressive by foreign countries in regard to their ability to encrypt their messages or decrypt those sent by others. Matteo Argenti, secretary of cyphers at the Vatican, said the Germans and their neighbours understood so little about cyphers that they preferred to shred and burn the encoded dispatches they received instead of trying to decrypt them. In retrospect, this assessment seems quite premature, considering two pieces coming from the electoral Saxon cabinet of curiosities (Kunstkammer), that so far have not attracted much attention and will be presented here.”

It should be no surprise that I rather like the sound of that. Ummm… I hope someone takes a photo or two (hint, Klaus, *cough*).

For everyone going, I hope you have a great time, it looks like a great conference!

The post Historical Cryptography Conference in Gotha… appeared first on Cipher Mysteries.

It’s been a while, but the time has finally come round for another Voynich London pub meet, on Thursday 7th March 2013 at the Prospect of Whitby in Wapping, a pub with its own gallows and noose (though admittedly these days it’s Somali pirates who get all the press rather than privateers). I’ll be there from 6pm onwards, hope to see some of you there too!

The reason for the weekday (i.e. not the usual Sunday) is that German cipher mystery skeptic Klaus Schmeh is over in the UK for a very few days & the 7th is the only evening he can squeeze into his packed schedule. I can’t change that and would like to catch up with him, so what’s a Cipher Mysteries blogger to do? Make do with the cards he’s dealt, that’s what… it is what it is.

This has, of course, been Schmeh Week on Cipher Mysteries, what with The Gentlemen’s Cipher from Klaus’ blog and this week’s diplomatic cipher conference in Gotha. So if (like me) you’d like to chat with Klaus about the conference, or perhaps chat with me about cipher stuff (if reading all my posts isn’t a rich enough diet for you), then feel free to swing along to Wapping. WW2 cipher pigeon fans welcome too! Cheers!

The post Voynich pub meet with Klaus Schmeh on 7th March 2013… appeared first on Cipher Mysteries.

As quite a few of you already know (because you emailed to tell me, thanks!) Cipher Mysteries’ WordPress hosting got hacked again. Unfortunately by the time I’d downloaded the access logs from the server (the next day), all the nasty activity was too far back in the buffer to see exactly where it came from. Next time I’ll try to remember to be quicker!

I first had a look around with the Cpanel File Manager, as I initially expected the attack to have originated from a compromised file in the file system. I did find a backdoor php file inserted into ./wp-content/uploads, which from the file date was probably left there by the previous (Bangladeshi) hacker: but nothing else, which was a bit strange. So I reinstalled WordPress 3.5.1, fired it up, and… it was still hacked.

Appallingly, it turned out that the hacker had managed – despite my firewall & security plugins – to change some fields in the local database itself. Basically, he (I’ll call him “him”, for I’ve read that hacking is a largely male subculture) changed three entries in the WordPress wp_options table:-

1. blog_charset (which he changed from “UTF-8″ to “UTF-7″)
2. blogname (which he overwrote with a load of script kiddie stuff)
3. widget_text (which was filled with a load of escaped script kiddie stuff)

The most irritating hack was #3, as I could tell it was in JavaScript (hint: disable JavaScript and the problem disappeared) but couldn’t see what file had been changed. And in fact none had, because the script was inserted into a field in the database.

The most interesting hack was #1, because it wasn’t at all obvious to me why changing the charset to UTF-7 would be of benefit. But it turns out that this is a longstanding way of attacking databases (which expect UTF-8, and can be vulnerable to carefully crafted UTF-7 strings causing mySQL to do unexpected things). Here’s a page mentioning this weakness. Just so you know, IE9 doesn’t seem to support UTF-7 satisfactorily, which also had me confused for a while. *sigh*

The hacker may also have made other changes to the database, but I don’t know of any way to see a history of recent mySQL accesses from within WordPress… now there’s an idea for a forensic plugin that would be really useful. Or a Cpanel add-on. Or something.

How did the hacker get in? My guess is by exploiting a just-after-zero-day vulnerability in WordPress 3.5.0, as I hadn’t quite got round to upgrading to 3.5.1, what with work and real life inevitably getting in the way.

Unfortunately, I have no real faith that I’ve solved the problem. Chances are another vulnerability will open up before very long and we’ll go through the same rubbishy process all over again. C’est la vie (du blogging).

The post Another day, another WordPress hacker *sigh*… :-( appeared first on Cipher Mysteries.

Today I received a nice little package of stuff from Holland, courtesy of Rob van Meel, who reprints old military manuals – mostly British, but a few American and German ones too. I get the impression these are mainly for people with an interest in reenactment / war games rather than historians and researchers per se, but given a healthy area of overlap there’s surely room for everyone at the table.

Unsurprisingly, I was most interested in the various Slidex-related manuals Rob had, particularly an updated release of the Slidex manual dated 1st December 1944 (i.e. six months after D-Day). You see, Slidex originated as a system where operators used only a single letter for each of the twelve slots on the horizontal cursor: yet we have later examples where two letters went in each slot (and you could choose either one to signify that column).

If our pigeon cipher is a bigram cipher, then it is one that appears to use 24 letters in its horizontal cursor. So if it was enciphered using Slidex (which seems to be the code most widely used on D-Day), it would have to have used the two-letters-per-slot version. Hence the big question I wanted to try to answer was… when did the changeover from one-letter-per-slot to two-letters-per-slot Slidex happen?

However, going through the revised Slidex manual, it became abundantly clear to me that even in December 1944, the British Armed Forces were still using single-letter-per-slot Slidex, which would seem to rule out Slidex’s having been used in the pigeon cipher before 1945.

At the same time, the two pigeons were (according to their NURP references) born in 1937 and 1940: and the older of the two would have been right at the end of its carrying days in summer 1944, let alone in 1945. As a result, the Venn diagrammatic intersection of possibility (i.e. between the [old pigeon] circle and the [revised Slidex] circle) is shrinking all the time.

Right now, I don’t know what the answer to all this is: to my eyes, what we’re looking at seems a bit more like a bigram cipher than a machine cipher, but even that’s far from certain either way. All the ‘best’ cipher mysteries seem to take a somewhat sadistic pleasure in continuously oscillating either side of the shaky line between certain and uncertain, and this one is surely no exception.

Yet there were other low grade bigram ciphers in use during WW2: two in particular were an Air Support bigram cipher and a Royal Engineers syllabic cipher. These may well be the same two variants of the Syllabic Cipher introduced in 1942 as per Stu Rutter’s page, which I believe were known as BX 724 and BX 724/RE respectively.

I’ve already written to several army museums and archives asking if they have either of these, but so far without any luck. Any suggestions as to private collectors (or collections) who may have a copy of either? Unless you have a better idea, this would seem to be the next sensible thing to check, and the various National Archives files Stu & I checked didn’t seem to have any description of it at all.

In short: probably not Slidex, so remains a work in progress.

The post The WW2 Pigeon Cipher… probably isn’t in Slidex. :-( appeared first on Cipher Mysteries.

Several years ago, I noted here a long-standing story about a 1926 Budapest waiter who (allegedly) killed himself, leaving a suicide note in the form of a crossword. I wondered whether it was an urban legend, or (if it were to prove to be true) whether the crossword might have been printed in a newspaper of the day. But with only a few words of tourist Hungarian to work with, I didn’t really stand a chance in the Hungarian archives.

Well, now Hungarian urban legend-hunter Marinov Iván has eagerly grabbed the baton, and hurdled his way along miles of microfilm in the newspaper archives in search of the truth. As a result, his Hungarian urban legend blog today revealed that this was indeed a real story. According to the 4th March 1926 edition of Az Est, what happened was this (forgive my rough and ready translation / paraphrasing)…

Just after (?) midnight, a man had come into the well-known Emke kávéház [Café Emke] on near the corner of Rákóczi út [Rákóczi Way] and Erzsébet körút [Elizabeth Boulevard]. After having a coffee, he repeatedly tried to call a number using the cafe’s telephone, but without success. About an hour later, the Emke’s cloakroom attendant heard a bang from a toilet: and when she opened the door, she heard a second bang. Inside, she found a young man lying on the floor with a pistol in his hand, and with blood gushing from his head and chest.

Once the ambulance and police arrived, the man’s identity was found to be Antal Gyula [Julius Anthony] of Csengery utca 3 [#3 Csengery Street]. In his pocket there was [- indeed! -] a suicide note containing a crossword. It subsequently turned out that he had lived in “misery and unemployment” for some time, and had been evicted from his apartment at the start of the month, having failed to pay his rent. But as far as his note went, the Est article concluded “A bonyolult keresztrejtvényt azonban eddig még nem sikerült megfejteni“, which I read as “the complexity of the crossword means that it has not yet been deciphered“.

So… what happened next? Iván followed up by looking in lots of other Hungarian newspapers from that year, but they all reported essentially the same bare facts, with only the Pest Newsletter adding that the man was 25 years old, and that the riddle had been “taken to police committee headquarters”. He speculates that had it might have had received more coverage had the man’s job been of higher status than a waiter: sadly, Budapest has long been (and remains to the present day, I believe) a suicide ‘hotspot’, so many other pages of those same newspapers would have contained stories of the same tragic ilk.

Ultimately, Iván failed to find any further references to the story in the newspaper archives, and so it is there that he stopped. Perhaps someone else will now pick up this baton and carry it yet further… perhaps we shall yet get to see Antal’s infamous (but tragically real) crossword!

PS: an Internet search revealed an evocative description of Café Emke in December 1945 in Sándor Márai’s autobiographical “Memoir of Hungary (1944-1948)” (pp.198-205).

The post 1926 Budapest crossword suicide, revealed! (Mostly)… appeared first on Cipher Mysteries.

Despite The Dorabella Cipher‘s brevity, its link to composer Sir Edward Elgar (who wrote it) has brought it a cult following over the years. Like other unbroken ciphers, it has appeared as a mysterious motif in TV plays, novels, and even recently in a children’s book (The Orphan of the Flames).

At first sight, it looks to be merely a straightforward simple substitution cipher of the kind that pen, paper, and an agile mind should crack relatively quickly. But what is mystifying is that even though Elgar apparently used precisely the same pigpen-like (3 sets of 8 orientations each) cipher alphabet elsewhere in his writings and notes, the letter-for-symbol replacements he used there make no sense when applied to his Dorabella Cipher. The key seems to match the lock, but doesn’t open the gate.

Moreover, given that the ciphertext’s statistical distribution sits awkwardly with those of natural languages, code-breakers’ numerous attempts to shoehorn their preferred substitutions into the cipher’s three short lines come across as clunky and false (at best). Worst of all, I’m sorry to say that even prolific cipher-solver Tony Gaffney’s ingenious and elegantly-structured decryption failed to please pretty much anyone apart from him.

However, the upside to all that grim cryptanalysis is the indisputable truth that Elgar messed around with language quite a lot, typically in a playful and mischievous way. In general, he loved subverting the rules of language, speech and music, which arguably culminated in his famous Enigma Variations, which some people like to call ‘musical cryptograms’ because many lightly parody (for example) various close friends’ speech and laughter rhythms.

Yet what has long tipped my own judgment against the Dorabella Cipher’s being a cipher of any sort is that by 14th July 1897 (the date of the note), Elgar (who wrote the note) hadn’t known Dora Penny (to whom or for whom the note was written) very long at all; and they never communicated in any kind of cipher before or after that date. But even so, my opinion was no more than a hunch, based only on various modern references on Elgar’s life I’d read… not very satisfactory, but that’s how these things tend to go.

Anyway, having spent far too long reading and relying on secondary sources on this particular cipher mystery, a few weeks ago I decided to instead go right to the source of the story – Dora Penny’s book “Edward Elgar: Memories of a Variation” (I bought a copy of the 1946 second edition, which has rather more information about the Enigma Variations than the first edition), written under her married name “Mrs Richard Powell”.

What I read there only served to strengthen my historical argument against The Dorabella Cipher’s being a cipher at all. Elgar and Penny first met on 6th December 1895, and the cipher was only the third letter Elgar ever wrote to Dora (if indeed, as she points out, it is a letter at all). (Also, he only started calling her “Dorabella” in 1898, so there’s a case to be made that its name isn’t chronologically accurate… oh well!) From all I could see, it would defy common sense if he had sent her something written in an deliberately intractable cipher: no matter how much of a fascination he personally had with such things, cryptography of any sort was not a discussion subject the two friends seemed to have shared at all.

And yet what we see does so resemble an enciphered cryptogram, a paradox which ultimately gives it its place at the Cipher Mysteries top table: for it really ought to be a simple cipher, but it surely is not one. And I find it hard not to hear Elgar’s voice saying to Dora Penny exactly what he said to her about the Enigma Variations (one of which is ‘hers’) – that surely she “of all people” would be able to unwrap its central mystery, its hidden themes. Wouldn’t his cipher, too, be steganography – hidden in plain sight?

As to the content of the note, I don’t believe that the newly married Elgar would have sent Dora Penny, for all the fun they had together (going out to the races, seeing Wolverhampton Wanderers, reading maps, flying kites, etc) a love letter. So in all probability, I think that what we are looking at here is a three line note or letter from him to her, in broadly the same joking and playful manner that he adopted in his other letters to her (though probably not as Byzantine in lexicographical complexity as later letters would become), regardless of the particular manner in which that effect is achieved.

The only other clue I have to offer is that in July 1897, the Elgars were living in a house called “Forli” (named after the talented Renaissance painter Melozzo da Forli, who incidentally gets mentioned a few times in Elizabeth Lev’s rather good The Tigress of Forli) in Malvern in Worcestershire. And so I wondered whether “Forli” and/or “Malvern” might be effective as cribs into the cryptogram, for Elgar would typically head even very short notes with his current address (several of which are charmingly reproduced as inserts in Dora Penny’s book). OK, it’s not quite “HEILH ITLER” at the start of Enigma messages, but you gotta work with what you’ve got, right?

And so with all these fragmentary clues in mind, I stared and stared and stared at the Dorabella Cipher, trying to see what Elgar (mistakenly) thought Dora Penny would see straight away. And then I stared somemore. After a (fairly long) while, here’s what I noticed:-

Essentially, I suspect that Elgar was so certain that Dora Penny would know what he would be saying in a short note that all he felt he needed to do was to write the general form of the words (even presented in the form of a ciphertext-like medium) and she would still be able to ‘read’ them. [Unfortunately, this proved not to be true!] So, I believe that what we are looking at could well be more like Elgar’s improvised steganographic attempt at a mind-reading trick than a traditional ciphertext per se. Such a process would (probably) produce something like what we see: a non-mathematical stegotext that fails to have the kind of rigorous statistical profile that “proper” ciphers would.

I’m the first to admit that it’s far more of a wobbly observation and a loose speculation than a rigorous proof: but what I’m proposing is that the Dorabella Cipher could turn out to be a quite different class of object from that which code-breakers have been trying (unsuccessfully) to crack. It’s not the end of the road here, but it might possibly be the very start of one… hopefully we shall see!

The post Dorabella Cipher, first two words decrypted (perhaps)… appeared first on Cipher Mysteries.

If you have been following the coverage here of the recent WW2 cipher pigeon story with more than the bleariest of eyes, you’ll know that I’ve repeatedly speculated whether its “W Stot Sjt” signature might well have actually been written by Serjeant William Stout of the Royal Engineers. Though (as we’ve already seen) he died not long after D-Day, I wondered whether it might be possible to find out more about his story by tracking down surviving members of his family and asking them.

Just before Christmas, I finally managed to get in contact with Stout’s daughter, and asked if she could see if she had a copy of his signature or his handwriting. Delightfully, I received from her this last week a small package containing some wartime photographs of her father, a photograph of his grave taken in 1948, and – most surprisingly of all – a 1940 field service post card (“Army Form A. 2042 / R.A.F. Form No. 1929″). Such postcards contained a list of barely informative sentences (“I am quite well”, etc), out of which the sender crossed all those lines that did not apply: there’s an example online here.

Aha, I thought: will the signature pencilled on it turn out to match the signature on the pigeon cipher form? After some lightweight image processing, I placed the two side by side so as to compare them as reliably as I could…

You’ve worked out the answer already, I think: which is that the two names were clearly not written by the same person. Which is a shame: but despite not being a proof, it’s still very far from a disproof. In the busy fog of war, a message could easily have been written by one person (the sender), enciphered and/or copied by a second (the signaller), and then sent by pigeon by a third (the pigeon handler).

In fact, various historians have already commented to me that they thought it quite unlikely that a Serjeant in the R.E. would have had the responsibility (or even the practical means) for enciphering a message in the field. So the fact that our enciphered pigeon message was not written by Serjeant Stout might arguably make more sense than if it had been… but it’s hard to be sure either way.

All the same, it has to be said that the best cipher mysteries tend to yield their secrets slowly (at best): so perhaps we shall have to resign ourselves to waiting a little longer yet for a pigeony breakthrough… we shall see!

The post WW2 Cipher Pigeon “W Stout” signature update… appeared first on Cipher Mysteries.

Moshe Rubin just emailed me to let me know that his extensive October 2011 Cryptologia article “John F. Byrne’s Chaocipher Revealed: An Historical and Technical Appraisal” (vol. 35 issue 4, pp.328-379 [!!!]) can currently be viewed and downloaded for free from Taylor & Francis (who publish Cryptologia), via the “Download full text” button there.

If (like me) you’re into both the social and technical aspects of historical cryptography, it’s a cracking old read, covering both Byrne’s life and his numerous attempts to get the US military to accept his “Chaocipher” invention. Yet Moshe’s article is far from all ra-ra-pro-Byrne stuff: it also makes clear…
* the system’s inherent fragility (because each step changed the state of the two rotors, it suffered from near-worst-case error propagation);
* Byrne’s cryptographic inexperience (the way that he proposed concealing the indicator settings was far from secure); and
* Byrne’s cryptologic naivety (he believed that the flat letter distribution of the ciphertext made it explicitly unbreakable).

If you’ve read Ratcliff’s “Delusions of Intelligence” (a book the GCHQ Historian recommended I read, thanks for that!), you’ll know that this last mindset was precisely what the various German agencies using the Enigma machine suffered from: and if Chaocipher had been extensively used by the Allies in WW2, who’s to say that Hitler’s fragmented array of codebreaking agencies wouldn’t have eventually found a way of breaking into it, just as they did with virtually all the Allies’ low-to-medium-echelon ciphers?

One thing that strikes me most about the whole saga is that even though Byrne (who sometimes wrote under the anagrammatic pseudonym “J. F. Renby”, I was amused to see) seems to have envisaged Chaocipher as an expensive-to-build set of mechanical rotors, I think it is actually very easy to use with two Scrabble alphabets arranged in horizontal rows. (OK, Scrabble wasn’t devised until the 1930s, but my basic point still stands regardless). All the sliding operations (zenith / nadir, etc) then become immediately straightforward, arguably far more so than if you were using a machine to do the same.

Regardless of whether or not Scrabble tiles are the best way to Chaocipherify your plaintext, I’d argue that what sets Byrne’s cryptographic ideas apart most is the way he conceptualized his crypto system in terms that mesh peculiarly well with modern computer science: in fact, it’s quite hard to describe it at all without lapsing into contemporary CompSciSpeak. It’s almost as if Byrne were projecting himself forward into a software world: but then again, one of the chapters of his autobiography was SciFi, so perhaps the future was where he felt most at home!

The post Moshe Rubin’s Cryptologia Chaocipher article, now viewable online… appeared first on Cipher Mysteries.

Just the merest hint of a nudge to your collective set of virtual elbows, to remind you that the first Voynich London pub meet for basically ages is this evening (7th March 2013), at The Prospect of Whitby in Wapping. Though having said that, all cipher mysteries are fair game, not just the Voynich Manuscript: hence cipher pigeon fanciers and armchair treasure hunters are more than welcome to come along too. Plenty of room for everyone!

I’ll be there from 6.15pm or so, hoping to catch up on the latest Euro cipher gossip from Gotha and elsewhere, courtesy of Herr Cipher Skeptic himself, Klaus Schmeh, who’s on a flying visit to London having had a swift peek at the various enciphered books in the British Library (“The Subtlety of Witches”, etc). So if you can make your way to Wapping Wall for even half an hour, it would be really great to see you.

[Even stronger nudge: Tony Gaffney, what on earth do I have to do to persuade you to come along? I haven't seen you in 25 years or so!]

Just so you know: if it’s a nice evening (or if someone happens to bring their dog along with them, John ), the chances are we’ll be located in the terraced area through the pub to the back left (looking out over the Thames). Otherwise, we could be anywhere on the pub’s two floors, depending on how busy it happens to be. Looking forward to it!

The post Voynich pub meet (gentle reminder)… appeared first on Cipher Mysteries.

A paper came out a few days ago on arXiv.org, called “Probing the statistical properties of unknown texts: application to the Voynich Manuscript” written by three Brazilian academics (with assist from two German academics).

The authors grouped Voynichese (i.e. Voynich text) hypotheses into three broad categories:

“(i) A sequence of words without a meaningful message;
(ii) a meaningful text written originally in an existing language which was coded (and possibly encrypted) in the Voynich alphabet; and
(iii) a meaningful text written in an unknown (possibly constructed) language.”

After developing a whole load of word-occurrence-based statistical machinery (defining “intermittency”, etc) and applying them both to real text corpora and to Voynichese, they conclude that the word structure of Voynichese is incompatible with shuffled texts (which is how they model (i)-class hypotheses), and “mostly compatible with natural languages” (the (ii)- and (iii)-class hypotheses). They end up by using their statistical machinery to suggest Voynichese “keywords” – words that, according to their statistical measures, stand out from the text.

Their suggested English keywords (generated from the New Testament) are:-
* begat Pilates talents loaves Herod tares vineyard shall boat demons ve pay sabbath hear whosoever

Their suggested Voynichese keywords (generated from an EVA transcription, though they don’t say which, so possibly Takahashi’s?):-
* cthy qokeedy shedy qokain chor lkaiin qol lchedy sho qokaiin olkeedy qokal qotain dchor otedy

OK, but… what do I think? First off, I’m pleased to see that their results seem incompatible with “shuffled texts” or randomized texts, because that is what nearly all of the various Voynich “hoax” hypotheses rely on. Intuitively, just about anyone who has worked with Voynichese for any period of time is struck by its intense internal structuring on many levels: so it is nice to see the same result coming out from a different angle.

Secondly, what they mean by “mostly compatible” is that while Voynichese passes many of their proposed tests comfortably, it actually fails some of them (and only passes others by the slimmest of whiskers). To me, that implies either (a) an exotically- (and non-obviously-)structured language or constructed lanaguge, or (b) an obfuscated language (e.g. a ciphertext or shorthand): conversely, it seems to imply that Voynichese isn’t a one-to-one-map of any mainstream language (which is what cryptographers such as Elizebeth Friedman have been saying for years). Yet the earliest constructed language we currently know of was devised at least a century after the Voynich’s vellum dating (and about a century after its earliest marginalia), so we can almost certainly rule that possibility out.

I don’t know: while it’s always good to see people approaching the Voynich Manuscript from a new angle, I can’t help but feel that in just about every instance the Voynich’s author remains at least three or four steps ahead of them. The key paradox of Voynichese revolves around the fact that even though it so resembles a natural language, the way its words work as semantic units fails to do so in quite the same way. So for me, the important thing here is to try to understand the tests that failed, and see what they tell us about how Voynich words don’t work… but that will doubtless take a little time.

As for the suggested keywords: personally, I’d be rather more convinced by their statistical machinery if it had automagically suggested the word “Jesus” rather than “boat” or “vineyard” for the New Testament, so I have to say I’m far from persuaded that their list of Voynich cribs will help us unlock its secrets at all… but you never know, so perhaps let’s give them the benefit of the doubt on this one!

The post Brazilian academics: Voynichese “incompatible with random texts”… appeared first on Cipher Mysteries.

The Daily Grail has today’s hot cipher history story: that Dan Brown’s soon-to-be-released novel “Inferno” is somehow based around the Voynich Manuscript. Apparently, the proof of this particular pudding is, well, a cipher, one apparently hidden in plain sight on Brown’s website:-

In Rolf Harris’ immortal phrase, “Can you tell what it is yet?” I hope you can, because all it is is… a 4×4 transposition cipher of “MS 408 YALE LIBRARY”. Yes, that’s it. Which is in itself a fairly underwhelming starting point, considering that the Voynich Manuscript isn’t MS 408 in “Yale Library”, but in Yale University’s Beinecke Rare Book & Manuscript Library. But (of course) that wouldn’t fit in 16 letters.

So, the story of the story is that Dan Brown will once again be wheeling out his “symbologist” Robert Langdon in a Renaissance-art-history-conspiracy-somehow-impinges-on-the-present-day-with-terrible-consequences schtick, but this time in Florence with Dante’s “Inferno” right at the heart of it (hence the title), with only the poor, much-abused Voynich Manuscript for company.

One part I’m not looking forward to is what Brown will have Robert Langdon make of the Voynich: for of all the mysteries I’ve ever seen, the Voynich is surely the least obviously symbol-laden. There’s no “sacred geometry” there, no gematria, no heresy, in fact no religion at all: just about all you could do is tie in the Voynich ‘nymphs’ with the same kind of alt.history “goddess” thing that Brown tried to stripmine in The Da Vinci Code… but all the same, that looks fairly hollow to me. I guess we’ll have to see what angle he does take… at least we won’t have long to wait (14th May 2013).

For me, the central contrast between Dante’s Inferno and the Voynich Manuscript is that they are diametrically opposite in referentiality: while the Inferno (and in fact the whole Divine Comedy) reaches out to touch and even include all of human culture, the Voynich Manuscript’s author seems to have worked with the same kind of monastic intensity to ensure it appears to refer to nothing at all. So, when Dan Brown collides the everything-book with the nothing-book, what kind of po-faced bathos-fest are we in for?

As an aside, I don’t see any numerology in the (original) Inferno: and considering the amount of effort Dante put into satirizing astrologers, alchemists, politicians, liars, frauds and the like in their aptly tortured circles of hell, I’m reasonably sure he’d mete out the same kind of punishment to numerologists. And probably to symbologists, too. And (if we’re lucky) to bad novelists… though you’ll have to put your own candidates forward for that, I’m far too polite.

However, the bit I dread most is when people start to realize that Dante Alighieri’s Inferno was only the first part (of three) of his Divine Comedy: and with the current Hollywood craze for trilogies (The Hobbit trilogy, really?), what are the odds Dan Brown will extend any success with this book out into his own money$pinning Dante-based series, hmmm? The “Ka’chingferno” three-parter, no less!

Update: Erni Lillie upbraids me (and rightly so) in a comment here for omitting to mention his substantial 2004 (though the Wayback Machine only has a copy from 2007) Voynich Inferno essay, where he proposed that the nine “rosettes” on the Voynich Manuscript’s nine-rosette page might well represent the nine layers of Dante’s Inferno. My own experience of working on that particular page would place it closer to Purgatory, but perhaps we’re closer than medieval theologians would have it.

Truth be told, I did remember that I had forgotten something to do with Dante and the Voynich, but couldn’t for the life of me remember what it was I’d forgotten. And now that I’ve found it again, I was delighted to read it all over again, Renaissance warts and all. So, hoping that it’s OK with Erni to bring his work to a new generation of interested readers, here’s a link to a copy of his paper The Voynich Manuscript as an Illustrated Commentary of Dante’s Divine Comedy. Maybe it will turn out to be what Dan Brown’s new book plagiarizes was amply inspired by this time round, who knows?

Personally, I suspect the smart money is indeed on Brown’s having the Voynich’s nine-rosette map turn out to be a map: with the devastating twist *yawn* that it actually represents a physical map of Dante-related locations in Florence, which Robert Langdon is then able to decode at speed thanks to his encyclopaedic knowledge of all things symbolic and Florentine, which ultimately leads him to the dark secret at the heart of a centuries-old conspiracy which he and his unexpected accomplice must choose whether to reveal to the horror of the world.

You know, basically the same as all his other books.

Anyway, looking forward to the launch party at the Duomo, darling. Of course I’d like more olives, thanks for asking, and isn’t the San Giovese simply, errrm, Divine?

The post Dan Brown’s “Inferno” and the Voynich Manuscript… appeared first on Cipher Mysteries.

USC’s irrepressible Kevin Knight and Dartmouth College Neukom Fellow Sravana Reddy will be giving a talk at Stanford on 13th March 2013 entitled “What We Know About the Voynich Manuscript“. Errm… which does sound uncannily like the (2010/2011) paper by the same two people called, errrm, let me see now, ah yes, “What We Know About the Voynich Manuscript“.

Obviously, it’s a title they like.

As I said to Klaus Schmeh at the Voynich pub meet (more on that another time), what really annoys me when statisticians apply their box of analytical tricks to the Voynich is that they almost always assume that whatever transcription they have to hand will be good enough. However, I strongly believe that the biggest problem we face precedes cryptanalysis – in short, we can’t yet parse what we’re seeing well enough to run genuinely useful statistical tests. That is, not only am I doubtful of the transcriptions themselves, I’m also very doubtful about how people sequentially step through them, assuming that the order they see in the transcription of the ciphertext is precisely the same order used in the plaintext.

So, it’s not even as if I’m particularly critical of the fact that Knight and Reddy are relying on an unbelievably outdated and clunky transcription (which they certainly were in 2010/2011), because my point would still stand regardless of whichever transcription they were using.

In fact, I’d say that the single biggest wall of naivety I run into when trying to discuss Voynichese with people who really should know better, is that hardly anyone grasps that the presence of steganography in the cipher system mix would throw a spanner (if not a whole box of spanners) in pretty much any neatly-constructed analytical machinery. Mis-parsing the text, whether in the transcription (of the shapes) and/or in the serialization (of the order of the instances), is a mistake you may well not be able to subsequently undo, however smart you are. You’re kind of folding outer noise into the inner signal, irrevocably mixing the covertext into the ciphertext.

Doubtless plenty of clever people are reading this and thinking that they’re far too smart to fall into such a simple trap, and that the devious stats genies they’ve relied on their whole professional lives will be able to fix up any such problem. Well, perhaps if I listed a whole load of places where I’m pretty sure I can see this happening, you’ll see the extent of the challenge you face when trying to parse Voynichese. Here goes…

(1) Space transposition cipher

Knight and Reddy are far from the first people to try to analyze Voynichese word lengths. However, this assumes that all spaces are genuine – that we’re looking at what modern cryptogram solvers call an “aristocrat” cipher (i.e. with genuine word divisions) rather than a “patristocrat” (with no useful word divisions). But what if some spaces are genuine and some are not? I’ve presented a fair amount of evidence in the past that at least some Voynichese spaces are fake, and so I doubt the universal validity and usefulness of just about every aggregate word-size statistical test performed to date.

Moreover, even if most of them are genuine, how wide does a ciphertext space have to be to constitute a plaintext space? And how should you parse multiple-i blocks or multiple-e blocks, vis-a-vis word lengths? It’s a really contentious area; and so ‘just assuming’ that the transcription you have to hand will be good enough for your purposes is actually far too hopeful. Really, you need to be rather more skeptical about what you’re dealing with if you are to end up with valid results.

(2) Deceptive first letters / vertical Neal keys

At the Voynich pub meet, Philip Neal announced an extremely neat result that I hadn’t previously noticed or heard of: that Voynichese words where the second letter is EVA ‘y’ (i.e. ’9′) predominantly appear as the first word of a line. EVA ‘y’ occurs very often word-final, reasonably often word-initial (most notably in labels), but only rarely in the middle of a word, which makes this a troublesome result to account for in terms of straightforward ciphers.

And yet it sits extremely comfortably with the idea that the first letter of a line may be serving some other purpose – perhaps a null character, or (as both Philip and I have speculated, though admittedly he remains far less convinced than I am) a ‘vertical key’, i.e. a set of letters transposed from elsewhere in the line, paragraph or page, and moved there to remove “tells” from inside the main flow of the text.

(3) Horizontal Neal keys

Another very hard-to-explain observation that Philip Neal made some years ago is that many paragraphs contain a pair of matching gallows (typically single-leg gallows) about 2/3rds of the way across their topmost line: and that the Voynichese text between the pair often presents unusual patterns / characteristics. In fact, I’d suggest that “long” (stretched-out) single-leg gallows or “split” (extended) double-leg gallows could well be “cipher fossils”, other ways to delimit blocks of characters that were tried out in an early stage of the enciphering process, before the encipherer settled on the (far less visually obvious) trick of using pairs of single-leg gallows instead.

Incidentally, my strong suspicion remains that both horizontal and vertical Neal keys are the first “bundling-up” half of an on-page transposition cipher mechanism, and that the other “unbundling” half is formed by the double-leg gallows (EVA ‘t’ and ‘k’). That is to say, that tell-tale letters get moved from the text into horizontal and vertical key sequences, and replaced by EVA ‘t’ (probably horizontal key) or EVA ‘k’ (probably vertical key). I don’t claim to understand it 100%, but that would seem to be a pretty good stab at explaining at least some of the systematic oddness (such as “qokedy qokedy dal qokedy qokedy” etc) we do see.

Regardless of whether or not my hunch about this is right, transposition ciphers of precisely this kind of trickiness were loosely described by Alberti in his 1465 book (as part of his overall “literature review”), and I would argue that these ‘key’ sequences so closely resemble some kind of non-obvious transposition that you ignore them at your peril. Particularly if you’re running stats tests.

(4) Numbers hidden in aiv / aiiv / aiiiv scribal flourishes

This is a neat bit of Herbal-A steganography I noted in my 2006 book, which would require better scans to test properly (one day, one day). But if I’m right (and the actual value encoded in an ai[i][i]v group is entirely held in the scribal flourish of the ‘v’ (EVA ‘n’) at the end), then all the real content has been discarded during the transcription, and no amount of statistical processing will ever get that back, sorry.

(5) Continuation punctuation at end of line

As I noted last year, the use of the double-hyphen as a continuation punctuation character at the end of a line predated Gutenberg, and in fact was in use in the 13th century in France and much earlier in Hebrew manuscripts. And so there would seem to be ample reason to at least suspect that the EVA ‘am’ group we see at line-ends may well encipher such a double-hyphen. Yet even so, people continue to feed these line-ending curios into their stats, as if they were just the same as any other character. Maybe they are, but… maybe they aren’t.

Incidentally, if you analyze the average length of words in both Voynichese and printed works relative to their position on the line, you’ll find (as Elmar Vogt did) that the first word in a line is often slightly longer than other. There is a simple explanation for this in printed books: that short words can often be squeezed onto the end of the preceding line.

(6) Shorthand tokens – abbrevation, truncation

Personally, I’ve long suspected that several Voynichese glyphs encipher the equivalent of scribal shorthand marks: in particular, that mid-word ’8′ enciphers contraction (‘contractio’) and word-final ’9′ enciphers truncation (‘truncatio’) [though '8' and '9' in other positions very likely have other meanings]. I think it’s extraordinarily hard to account for the way that mid-word ’8′ and word-final ’9′ work in terms of normal letters: and so I believe the presence of shorthand to be a very pragmatic hypothesis to help explain what’s going on with these glyphs.

But if I’m even slightly right, this would be an entirely different category of plaintext from that which researchers such as Knight and Reddy have focused upon most… hence many of their working assumptions (as evidenced by the discussion in the 2010/2011 paper) would be just wrong.

(7) Verbose cipher

I’ve also long believed that many pairs of Voynichese letters (al / ol / ar / or / ee / eee / ch, plus also o+gallows and y-gallows pairs) encipher a single plaintext letter. This is a cipher hack that recurs in many 15th century ciphers I’ve seen (and so is completely in accord with the radiocarbon dating), but which would throw a very large spanner both in vowel-consonant search algorithm and in Hidden Markov Models (HMMs), both of which almost always rely on a flat (and ‘stateful’) input text to produce meaningful results. If these kinds of assumptions fail to be true, the usefulness of many such clever anaytical tools falls painfully close to zero.

(8) Word-initial ’4o’

Since writing my book, I’ve become reasonably convinced that the common ’4o’ [EVA 'qo'] pair may well be nothing more complex than a steganographic way of writing ‘lo’ (i.e. ‘the’ in Italian), and then concealing its (often cryptologically tell-tale) presence by eliding it with the start of the following word. Hence ‘qokedy’ would actually be an elided version of “qo kedy”.

Moreover, I’m pretty sure that the shape “4o” was used as a shorthand sign for “quaestio” in 14th century Italian legal documents, before being appropriated by a fair few 15th century northern Italian ciphers (a category into which I happen to believe the Voynich falls). If even some of this is right, then we’re facing not just substitution ciphers, but also a mix of steganography and space transposition ciphers, all of which serves to make modern pure statistical analysis far less fruitful a toolbox than it would otherwise be for straightforward ciphers.

* * * * * * *

Personally, when I give talks, I always genuinely like to get interesting questions from the audience (rather than “hey dude, do you, like, think aliens wrote the Voynich?”, yet again, *sigh*). So if anyone reading this is going along to Knight & Reddy’s talk at Stanford and feels the urge to heckle ask interesting questions that get to the heart of what they’ve been doing, you might consider asking them things along the general lines of:

* what transcription they are using, and how reliable they think it is?
* whether they consider spaces to be consistently reliable, and/or if they worry about how to parse half-spaces?
* whether they’ve tested different hypotheses for irregularities with the first word on each line?
* whether they believe there is any evidence for or against the presence of transposition within a page or a paragraph?
* whether they have compared it not just with abjad and vowel-less texts, but also with Quattrocento scribally abbreviated texts?
* whether they have looked for steganography, and have tried to adapt their tests around different steganographic hypotheses?
* whether they have tried to model common letter pairs as composite tokens?

I wonder how Knight and Reddy would respond if they were asked any of the above? Maybe we’ll get to find out…

Or you could just ask them if aliens wrote it, I’m sure they’ve got a good answer prepared for that by now.

The post Knight & Reddy on the Voynich, & the limits of statistical analysis… appeared first on Cipher Mysteries.

Now here’s an interesting thing. I’ve just read “From El Alamein to the Alps with Pigeons” by Bill Button (who used to write a pigeon column for The Racing Pigeon Weekly under the name “Uno Solo”), which relates – you’ll be unsurprised to hear – his WW2 experiences running pigeon lofts in North Africa and Italy.

I rather enjoyed it, because it brought across a lot of the feeling Sigm (signalmen) had for their pigeons. If a pigeon arrived back injured, they did their best to sort it out and patch it up with whatever they had to hand: and we tend to forget that the Axis aside, war pigeons perpetually had to deal with the threat of their Other Enemy… hawks, hungry for a slice of pigeon pie (though without the pie). No wonder they often flew faster than a mile every minute.

However, for our purposes, page 1 tells us something simple and straightforward that changes our basic perspective on the problem we face. Early in the war, Button had been drafted to a civilian loft in Hurstpierpoint (in West Sussex) owned by a Mr Greer, which supplied 6-12 birds to the Armed Forces (normally the Army) ever 2-3 days:-

“When the birds returned to the ‘home’ loft we had to deliver the messages to what I believe was Arundel Castle. Although we saw many of the messages, they meant nothing to us, having been written in cipher. On arrival as the Castle, we had to report to the cipher room and hand over the messages. Entry was forbidden.“

And so there you have it. Contrary to what you might think, the British Army sent pigeon messages in cipher throughout the war. Hence the whole romantic notion that what we are looking at could only have been sent in high desperation from France on D-Day rather evaporates… it could have been sent pretty much any time from late 1940 onwards, and for one or more of a whole panoply of reasons.

In fact, because [as Mike Moor helpfully pointed out (and more on that another time)] pigeon pads sent out to the British Army by Wing House for D-Day were overstamped “OPERATIONAL MESSAGE – Telephone to War Office Signal Office, WHITEHALL 9400“, there is a strong case to be made that D-Day is in fact the one day this message could not have been sent.

Thus does History iterate slowly towards a better picture of what actually happened.

The post British Army Cipher Pigeon update… appeared first on Cipher Mysteries.

The story of how Ricky McCormick was found dead with two (apparently enciphered) notes in his pocket hit the news a while back, but I hesitated to write it up as a cipher mystery at the time because I didn’t think the media coverage was even remotely reliable. But revisiting the whole affair recently, I found a simply splendid online article courtesy of the River Front Times called “Code Dead” (by Christopher Tritto), which turned my opinion of the whole case right round.

This revealed…
* that McCormick had just travelled back from Florida, from where he had allegedly brought back baseball-sized zip-lock bags of marijuana for Baha Hamdallah, brother of the owner of the gas station where McCormick worked.
* that he was closely associated with some violent (if not actually sociopathic) individuals, such as Gregory Knox
* that the stretch of road his body was found on was used for dumping dead bodies both before and after his death
* that the FBI’s Cryptanalysis and Racketeering Records Unit (CRRU) sat on the two mystifying notes for 12 years before announcing their existence
* that McCormick’s family knew nothing about the notes until they heard them mentioned on the news. (“Now, twelve years later, they come back with this chicken-scratch shit.”)

Moreover…
* McCormick fathered two children with a girl he called “Pretty Baby” before she was 14 (for which he went to prison)
* he experienced chest pains and shortage of breath the week before he died, severe enough for him to check into ER. (Though admittedly he had smoked “at least a pack of cigarettes a day” since he was ten, and typically drank “more than twenty caffeinated beverages a day”).
* McCormick could hardly read or write when he left school. (“The only thing he could write was his name”, and that Ricky “couldn’t spell anything, just scribble.”)

Coincidentally, everyone’s favourite crypto-gal Elonka Dunin lives close to where McCormick’s body was left, and she’s taken an interest in the cipher mystery aspect of the case, even doing a video interview for the River Front Times explaining how monoalphabetic substitution ciphers work (not that that’s what we’re looking at here, *sigh*). But having learnt more about McCormick’s background and situation, she concludes “I don’t think McCormick wrote these notes”, and that “[P]erhaps he was a courier.”

(If you haven’t seen the notes before, the two thumbnails below link to decent quality scans of them – well worth opening up in a browser to see what all the fuss is about.)

So, what *are* we looking at here? Well, the Internet (as always) has plenty of commentary to wade through. The CRRU’s Dan Olson points out that “There are many E’s… that could be used as a spacer”: while Elonka notes the plethora of patterns periodically peppering the pages (such as “WLD”, “NCBE”, “SE” etc). There are also lots of bracket pairs (which have somehow led to the suggestion that it may in part be lists) as well as punctuation marks, most notably an apostrophe, which would loosely imply that the word preceding it (“WLD”) may well be a noun.

Olson seems convinced that the writer of the notes was ingenious and calculating, while Elonka too appears to think that they are of a complexity that would have been beyond McCormick’s abilities. Respectfully, I have to disagree: for I suspect that the main key to the notes’ impenetrability lies not in paranoia or secrecy but in a probable explanation for why McCormick failed school (and, conversely, why school failed McCormick) – dyslexia.

Look again at three highly structured consecutive lines from the notes:

To me, this looks a lot like a mixed-up version of:-
* FIRSE PERSON D 71 NCB[E]
* SECND PERSON’S D 74 NCB[E]
* TRD’S PERSON R D 75 NCB[E]

Specifically, I think “NCB” will turn out to be a local address in St Louis (maybe even initials for Clinton Peabody?) – and if that’s right, why would the numbers not be the flat / house numbers of people buying drugs? McCormick preferred moving round at night (like “a vampire”), and he carried and held big bags of marijuana from Orlando for Baha Hamdallah (according to McCormick’s girlfriend), so the suggestion that he might have been some kind of small-time drug runner or dealer probably isn’t totally wild.

I don’t know, though: it’s all just awful. Victorian-era historians saw their job as weaving narratives around Events In History for the moral edification and correct instruction of Society In General, and even many moderns would find it journalistically tempting to take McCormick’s life of denial and ignominious death as launching pads for some glib commentary on a whole set of social macro-epidemics – guns, drugs, poverty, social inequality, education, dyslexia, whatevuh.

But all I’m actually left with is a feeling of deep sadness – that what we’re glimpsing into in these two notes is the life of a poor, illiterate guy who aspired to ride the horse of opportunity, but only ever got dragged behind it.

So, what strikes me most powerfully is that quite unlike other cipher mysteries, I don’t actually want to read what was written on McCormick’s two notes. I understand people often feel a deep-seated need for closure, but does any kind of (capital-j) Justice have the power to right the wrongs of these slow-motion train-wrecks?

The post Ricky McCormick’s mysterious notes… appeared first on Cipher Mysteries.

When “X. Lamb” unexpectedly announced that the “Tamam Shud” Unknown Man was a certain “H. C. Reynolds” (whose merchant seaman’s ID card she had), I’m sure that she was utterly convinced of the truth of what she was claiming, and that she believed it was simply a matter of time before evidence properly supporting it would emerge.

Indeed at first sight, it seemed both to me and others as though it ought to be fairly straightforward to test her claim. After all, we had a very specific data point to work with (admittedly surrounded by a whole load of media and online speculation, most of it unhelpful and distracting) – a name, a face, a date and a place of birth (Hobart, Tasmania).

Eventually, thanks mainly to solid work from Cheryl Bearden, we determined that this “H. C. Reynolds” was born in February 1900 and had the middle name Charles (which he clearly preferred to his as-yet-unknown first name “H[-----]“): and we were able to reconstruct his brief career as a merchant seaman working for the Union Steam Ship Company, the “Southern Octopus”. It was clear that this Reynolds was no fantasy, but a real flesh-and-blood person: and so, in theory, all we had to do was dig up a link between his maritime career and his life on land, and bingo – all his life would be spread before us.

Pursuing this fairly slender reed of a lead yet further, I managed to discover (from his employee records) his exact date of birth (8th February 1900): and, from the ever-useful “Log of Logs”, that ships’ logs for two of the three ships Reynolds worked on could be found in two different Australian archives. Very kindly, both Diane O’Donovan and John Kozak took the time to go and look at these two log books (one each), and found… nothing. Nada. Zero. And that, I strongly suspected at the time, was going to prove the end of the whole affair: for whatever reason, this H. Charles Reynolds seemed doggedly determined to stay just out of our archival reach. It felt hard not to conclude that we’d never be able to convincingly prove or refute X. Lamb’s assertion that he was the Unknown Man found mysteriously dead on Somerton Beach on 1st December 1948.

Frustratingly, it had been reported early on that a similarly-named-but-apparently-quite-different H. C. Reynolds (a “Horace Charles Reynolds”) had been born in Triabunna on Tasmania on 12th February 1900. But once we knew that “our” H. C. Reynolds had been born on a different day in the same month fifty or so miles away in Hobart, this was a fact that became pigeonholds in the ‘curiously coincidental but annoyingly unhelpful‘ category. And anyway, it was also reported that this particular Horace Charles Reynolds had been a poultry farmer, and that (when asked) his family didn’t believe that he had ever gone to Adelaide, let alone gone to sea. Oh well.

Step forward Debra Fasano: though a little late to the whole H. C. Reynolds party, she carved a path through the fuzz of uncertainty straight to an extremely reliable source – the “Tas BDM” (Tasmanian Births, Deaths, and Marriages) indexes on CD. And the entry she found there turned the whole story round:-

Tasmanian Federation Index 1900-1930 (CD)
Author: Macbeth Genealogical Services
Year: 2006
ISBN: 1920757082

Surname: REYNOLDS
Given name: Horace Charles
Event: Birth
Father: Edwin REYNOLDS
Mother: Mary Ann Matilda BAYLEY
Date: 8 Feb 1900
Sex: Male
Place: Davey Street, Hobart
Registration Number: 200

And with that, all the pieces finally start to fall into place. There weren’t two Horace Charles Reynolds-es born in or near Hobart in February 1900: there was, without much doubt, just the one. Debra adds:

“When looking for Horace’s birth I had a good search of the indexes and couldn’t find anyone else with a similar name, initials, or anything else that might be relevant. I am really strict about evidence and I do think that he is the person who was working as a Purser.”

As to when this Horace Charles Reynolds died, there’s a death notice in the Hobart Mercury (18 May 1953), which seems very probably the same man:-

REYNOLDS. -Suddenly, on May 16, 1953, at a private hospital, Hobart, Horace Charles Reynolds, late of Brookvale, New South Wales, aged 53 years. Private cremation.

We knew that our H. C. Reynolds was born in Hobart and got his first job in Hobart: and from this notice, it seems almost undeniable that Hobart was where he died too.

I say “almost”, because there are a few matters that remain half-open, not least of which is the matter of Reynolds’ family apparently denying that the photo was of him. I wonder, though: had someone seen a quite different Horace Reynolds from Wooroloo who died in 1954 (as per The West Australian Monday 15 March 1954 p 30) and put the two stories together? That particular Horace Reynolds was born 10th April 1903, was NX69883 in the 2nd AIF, and was a farmer married to Elizabeth. My guess is that he will turn out to be the “poultry farmer” mentioned very early on, someone quite different to the one we were actually looking for.

The Tasmanian Horace Charles Reynolds appears to have had no children: but if even if didn’t marry, it’s entirely possible that we could trace his immediate family right to the present day and perhaps ask them if we could find a photo of him – after all, 1953 wasn’t really so very long ago, was it?

Debra Fasano notes that Reynolds had two older brothers:
* Oswald Bayley Reynolds (b. ~1891) was a billing clerk who rose to become a senior bank administrator.
* Archibald Henry Reynolds (b. 1895) was (according to the 1930 and 1933 NSW electoral rolls) a clerk living in Carter Road at Brookvale in NSW.

I also noticed in Trove that Mrs Edwin Reynolds stepped down as Treasurer of her local Triabunna town committee in 1898, so it should perhaps come as no great surprise that Horace Charles Reynolds started out as an Assistant Purser, for he came from a veritable family of clerks. (Or do I mean “a fastidity of clerks”? I never can remember collective nouns).

Finally, Debra notes that a “Charles Reynolds” was also living in Carter Road in the 1930s, and working as (you guessed it) a clerk. Given that we know that our H. Charles Reynolds was already signing himself “Charles Reynolds” by 1919, and that the Horace Charles Reynolds who died in 1953 had been living in Brookvale, what are the odds that these are all pieces of the same cussedly consistent jigsaw? If there is a chink somewhere in this logical chain-mail armour, I have to say that I can’t currently see it.

Anyway, I’ve already been told off once this week for a ‘TL;DR’ (“Too Long; Didn’t Read”) post, so I’d better bring this to a close here. Perhaps someone will be able to use these details to ferret out a living relative of the various Reynolds brothers, and perhaps try to dig up a separate photograph of Horace Charles Reynolds to independently test this whole narrative. It would be nice to get proper closure on this, even if it isn’t quite the result some may have hoped for.

By the way, if you do decide to try to trace this all the way to the end, Debra suggests a number of surnames connected with the Reynolds family that may be of assistance:-

LESTER
VALENTINE
SHEA
SPENCER
FLETCHER
DENNE
ROLSTON
PAGE
TATE
MULLANE
LEVY
ALOMES
HARDY OR HARDING

Happy hunting!

The post Sorry, The Unknown Man is (very probably) not H. C. Reynolds… appeared first on Cipher Mysteries.

According to Stu Rutter’s latest raid on the National Archives, the Allies’ WW2 “Typex” cipher used a single five-letter indicator, placed both at the start and end of messages [so says WO 208/5109, anyway]: and so he concludes that Typex was very probably the system used by our wonderfully mysterious WW2 pigeon cipher. Having said that, I do wonder whether the first five plaintext letters will turn out to be “QQQQQ”, as I recall that many messages had this dummy text group added at the start to avoid stereotyped messages, even though it was itself an even more stereotypical sequence. Perhaps combining this with the ciphertext might let us work back to the rotor contents and settings… just a thought!

[Typex remains a great working hypothesis, though personally I'd still like to see how the Air Support Syllabic Cipher (War Office document BX 724) and Royal Engineer Syllabic Cipher (War Office document BX 724/RE) worked. But that's another story!]

Intriguingly, GCHQ’s archives holds a Typex document which Stu would understandably like to get access to: and at last weekend’s Big Bang Science Fair at London’s ExCel venue (which my son thought was really fantastic), I was very pleasantly surprised to bump into the GCHQ Historian hard at work on the GCHQ stand, busily helping children encipher their own Enigma messages for Bletchley Park’s rebuilt Bombe to try to crack. He told me that GCHQ releases documents more according to security-related criteria than in response to Freedom of Information requests: and even though he would send us through the appropriate paperwork to fill out, we should necessarily be somewhat patient… it’s no secret that it’s not the fastest of processes (for example, they released the last Enigma file only last year). Fingers crossed that all goes through!

Incidentally, the Americans didn’t think Typex was properly fit for purpose, sniffily describing it as “nothing but a glorified German Enigma, with 5 rotors instead of 3 and with arrangements for printing” (NARA: RG 457 HCC Box 804 NR 2323, quoted in Ratcliff “Delusions of Intelligence”, p.167), while British cryptologists also saw flaws in Typex “as early as 1940″, though their recommendations as to how to work around them seem to have been acted upon (“Delusions”, p.179). Yet even though the Germans knew exactly how Typex worked, they had “abandoned work on it” prior to 1942, presumably because of its structural similarity to their own ‘unbreakable’ Enigma variants (“Delusions”, p.178 and p.202).

But here’s something to do with Typex that’s rather interesting (and more social history than overtly cryptographic) which I liked, and think you may well like too.

Having posted a few days ago on the British Army’s pervasive use of ciphers for pigeon messages, I was intrigued to read about the Army “cipher room” at Arundel Castle mentioned by Bill Button: and so decided to snoop around the web for further mentions of WW2 cipher rooms. The nicest things I dug up by far were three reminiscences made by Jessie Dunlop in 2004 (courtesy of her daughter Ann Wild) on the BBC’s “People’s War” website. Rather delightfully, these described her wartime cipher experiences, firstly at Low Grade Cipher School in Eccleston Square, secondly at High Grade Cipher School in Half Moon Lane, London, and then finally at SHAEF Supreme headquarters in an Underground tunnel between Goodge Street and Warren Street Station, at which time she met her future husband Jack.

Confusingly, she misremembered Typex as “xyco” (which is why these posts didn’t show up in web searches), but that’s entirely to be expected – it was a very long time ago, after all. In a follow-up comment from 2004, she further described how xyco / Typex was used:-

“I think it was modelled on the Enigma. It had several drums in the top with a lid to be lifted to reach these. The first one was static and was set each day with the beginning of the day’s code. The rest were also set each day but they revolved. A keyboard like a typewriter was below these and on this the message was typed in. It came out in groups of letters, I think. Sometimes we could add what was called a scrambler, an electrical gadget which we plugged in if the the message was top secret. This was indicated at the end of the message in the code.”

And so it would seem that in the pigeon cipher, we’re looking at
* an enciphered Army message (quite possibly in Typex);
* not sent during Operation Overlord (i.e. not on D-Day or shortly after); and
* not top secret (and hence not using any kind of scrambler).

This is really useful, because it probably means that Stu Rutter need not worry about scramblers or reflectors (I think): for if we are looking at a non-top-secret Typex message, it probably wasn’t using a scrambler. So as long as he has an accurate copy of the the contents and structure of the rotors and the way the Typex worked, who’s to say that Stu’s JavaScript simuator won’t be able to give us the answer? If so, it might arguably be the first Typex message ever decrypted by anyone… and how cool would that be?

Incidentally, one great sanity check might be to ask the Royal Signals Museum in Blandford, Dorset if they could use their Typex machine to encipher some test messages with various rotor settings to validate Stu’s simulator. In return, perhaps they might like to have his simulator on display next to their machine, so that visitors can try it out for (virtually) real? That would be good for everyone, I think.

Anyway, here’s a question for you all: how can we find out if Jessie Dunlop – or indeed anyone else who worked on British Army High Grade Ciphers, whether in SHAEF or elsewhere – is still alive? Perhaps having her looking at our pigeon message might trigger some memories of how it all worked. Something to think about!

The post Cipher Pigeon, Typex, Big Bang, GCHQ, and High Grade Ciphers… appeared first on Cipher Mysteries.

A curious book called “The Devil in Britain and America” by John Ashton (1896) reproduced an image of some writing that…

“is supposed to be the only specimen of Satanic cal[l]igraphy in existence and is taken from the ‘Introductio in Chaldaicam Linguam,’ etc., by Albonesi (Pavia, 1532). The author says that by the conjuration of Ludovico Spoletano the Devil was called up, and adjured to write a legible and clear answer to a question asked him. Some invisible power took the pen, which seemed suspended in the air, and rapidly wrote what is facsimiled. The writing was given to Albonesi (who, however, confesses that no one can decipher it), and his chief printer reproduced it very accurately.” (Preface, pp.v-vi)

This basic “Devil’s Handwriting” story has been reproduced & rehashed many times on the Internet: my thanks to the indefatigable Dave Oranchak for passing it my way last summer, when I used it as a slide for my London Rare Book School talk… (but then forgot to post it here, d’oh! Sorry!)

Though at first sight it all seems rather like an urban myth, it turns out that Albonesi’s book (with the catchy title “Introductio in Chaldaicam linguam, Syriacam atque Armenicam et decem alias linguas characterum differentium alphabeta circiter quadraginta et eorundem invicem conformatio“) is not only very real, but also (according to a book chapter by Daniel Stolzenberg) one of “the foundational texts of Oriental philology, as well as [one] of the earliest studies of comparative linguistics” (p.308). In fact, a copy recently sold at auction for $6899.

So… what was the Devil doing in Albonesi’s details, exactly? Well, it turns out that Albonesi (1469-1540) corresponded with the French linguist, astronomer, diplomat & cabalist Guillaume Postel “on the subject of this and other magical or otherwise unusual alphabets” (p.308, note 21), and the story of Ludovic of Spoleto’s alleged encounter with the Devil seems to have arisen from there.

However, from my own crypto historian viewpoint, I have to say that Trithemius’ idea of hiding ciphers behind a demonological or necromantic facade was very much of the moment circa 1532: so I strongly suspect that what we’re looking at here is probably a cipher concealed behind a devilish story, rather than (say) some kind of quasi-moralistic hoax.

But can we crack it? Well… there are some problems. The best scan I have (at the top of the page, taken from the 1539 edition) isn’t of excellent quality, and it contains many similar-looking characters which could well be copying errors introduced when the book was prepared for printing. Hence transcribing this may not be quite as easy as many other ciphers you’ll see.

Still, it does largely resemble a “pitchfork-themed pigpen” cipher, and the cipher shapes look to have been consciously improvised around Devilish themes (pitchforks and bats?), so there may well be some kind of simple underlying symmetry to its letter/cipher organization that emerges once you get the hang of it. Plaintext is likely to be Latin or Italian, I guess. Unless it’s Adamic, Enochian, or the Green Language, of course, but I’m not holding my breath for any of those.

Guesses: it’s possible the “bats” are groups of “enciphered I” shapes (i.e. III or IIII, etc) while the ‘.’ is an enciphered U/V. The flourished pitchfork might encipher the full stop at the end of a sentence. Might the plaintext turn out to be nothing more than a joke making fun of Albonesi or Postel? Could be! Hopefully we shall see…

PS: I can’t now find the online copy of Albonesi’s book, but here are links to screengrabs of p.426 and p.427, in case you want to see the text surrounding it.

The post The Devil’s Handwriting… appeared first on Cipher Mysteries.

Once upon a time in America, a child maths prodigy at Harvard (taught by famed logician W.V.O.Quine, no less!) volunteered as a guinea pig for Project MKULtra. This involved a long-term series of personality stress tests – specifically, experiments in torture, coercion, mind control and vivid psychological abuse. (All participants had codenames, I read that his was “LAWFUL”).

Less than a decade later, that same now-former child prodigy grew increasingly disenchanted with the industrial world; gave up his professorial post; dropped out of mainstream society, moving to a remote cabin outside Lincoln, Montana; and between 1978 and 1995 sent at least 16 mail bombs to universities and airlines. The FBI dubbed him “UNABOM” (“UNiversity & Airline BOMber”), but the media rechristened him the “Unabomber“. After getting his manifesto “Industrial Society and Its Future” published in The New York Times and The Washington Post (under threat of more bomb attacks), the Unabomber – Ted Kaczynski – was finally identified and arrested in 1996. Though he avoided the death penalty, he will remain in prison for the rest of his life.

What’s relevant for us is that Kaczynski filled his notebooks with a mixture of English, Spanish and a numeric cipher (as a maths professor, naturally he would use numbers to hide his secrets). Helpfully, investigators found the key to the cipher amongst his papers (many of which were later sold at auction), though this seems to have taken the FBI a whole decade to crack (yes, even with the key).

This was a story which Bruce Schneier picked up on in 2006 and then in early 2007, when he had been shown some (but far from all) cryptanalytical notes as to how Kaczynski’s complicated cipher system worked. On his blog, Schneier posted links to three pages he believed were original (and to two other pages he thought had probably been originated by an FBI cryptanalyst), though unfortunately all of these images have since disappeared from both the web and the Wayback Machine (while Schneier himself didn’t keep copies, he told me yesterday).

The only problem is that I don’t (yet) completely believe the story as reported is entirely correct – because the cryptography as described just doesn’t seem (to me) to link up with the ciphertexts in the way that it should.

Firstly, [which I found thanks to this 2003 Zodiac Killer forum page], the original Unabomber trial news reports described how “FBI cryptographer Michael Birch” used the notes that had been found in Kaczynski’s cabin to decipher his notebooks.

The diary, written in pencil on several hundred pages of notepaper and several inches thick, includes details of experiments with explosives. It was among 20,000 documents seized from Kaczynski’s tiny Montana shack.

The diary contents have not been made public, although Birch’s decoded version was given to the defense last year.

Sources familiar with the journal describe it as a sophisticated jumble of numbers, an intricate enigma wrapped in a riddle befitting a Harvard-trained mathematician described by one prospective juror as a “smart weirdo.”

Back in 2003, Douglas Oswell posted a grainy scan of a 42×52 cipher grid sheet that the FBI had released, where the top line seems to be “4 7 7 0 1 3 81 …”. This seems to have been taken from a book called “Harvard and the Unabomber” by Alston Chase. As I understand it, Chase included a list of numeric cipher key equivalents running from 0 (“for”) up to 89 (“delete”), all of which Oswell transcribed and placed online here. However, that numeric key does not seem to match up to the data in the grids, leading people to surmise (rightly) that there was at least one more enciphering / deciphering step involved.

I also found an image of a cipher grid codesheet that had been auctioned, where the top line is “… 7 54 4 2 13 1 72 11 7 36 18 1 5 6 4 12 15 29 27 30 29 47 8 37 75 8 45 41 19 2 21 13 34 2 …”. Though this has diagonal lines marked in (more on that later) and is at least 36 columns wide, the number sequences listed seem to me to employ a subtly different enciphering scheme to the image given by Alston Chase (though I might well be wrong).

Finally, the 2007 KPIX news report to which Bruce Schneier contributed (and which you can see on YouTube) describes a multi-stage horizontal, vertical, and diagonal “unscrambling sequence” (which could only ever work on numbers laid rigidly out on a grid), followed by a “marrying” and/or “merging” stage (combining pairs or groups numbers to yield more meaningful numbers). The report showed long non-gridded lists of numeric ciphers, such as…

73,32,51,91,62,59,33,13,15,11,57,31,7,…
33,82,30,76,31,53,42,35,6,24,51,61,1,75,…
16,41,95,87,91,55,62,51.
96,15,93,32,25,85,44,22,72,36,94,96,…
54,72,15,89,52,87,21,66,72,26,89,51,90,…

…and…

40,44,73,33,10,60,11,48,59,98,47,23,…
82,31,35,19,17,37,13,6,27,94,31,15,3,…
9,18,39,55,61,12,50,13,99,91,83,61,7,…
69,68,21,34,59,25,42,75,80,91,16,35,48,…
5,42,68,9,40,6,17,97,86,71,71,2,81,55,60,…
50,49,78,62,52,57,25,36,34,80,…
15,77,3,81,2,35,86,22,4,8,21,73,7,…
21,47,57,1,99,7,85,44,13,5,67,84,…
12,96,58,19,47,32,18,34,26,96,15,…
83,88,41,44,59,76,10,55,18,30,44,…

Yet only part of the back-end numeric cipher key is apparently given in the report:-

82 = SO
83 = ST
84 = TH
85 = THAT
86 = THE
87 = THERE
88 = THEN
89 = THIS
90 = TO
91 = TR
92 = UN
93 = UNDER
94 = UP
95 = WHAT
96 = WHEN
97 = WHERE
98 = WHO
99 = WH[Y?]

A worksheet was also released, that looks like this:-

This pre-back-end-numeric-cipher calculations seem to involve adding pairs of numbers together (where if the tens column overflows into the hundreds column, that overflow gets added back into the tens column), and then using the final output pair of digits as an index into a table of letters or tokens similar (but not identical) to the one originally given by Alston Chase, i.e.
66 + 4 = 70 –> Y [Chase gives 'X']
54 + 83 = 137 –> 47 –> E [same as Chase]
73 + 79 = 152 –> 62 –> S [same as Chase]
83 + 80 = 163 –> 73 –> (null) [Chase gives 'delete' ('null'?)]
63 + 1 = 64 –> T [same as Chase]
etc.

So, an open-and-shut case? Well… no, not really. Here’s what I don’t understand:-
* Why did the FBI say that it could read the cipher notebooks in 1996, when it then claimed to have cracked them only in 2006?
* Why does the numeric key given in Alston Chase’s book differ so radically from the one (82-99 only) shown by KPIX?
* Did Kaczynski use multiple numeric cipher keys?
* Why did the KPIX news report show lists of comma-delimited numbers as the contents of the notebooks if the method used to unscramble the sequences only worked on rigidly laid out cipher grids?
* Why was the numeric key given in Alston Chase’s book subtly different from the one used in the worked “YESTERDAE” example?

Don’t get me wrong, I’m really not doing anything like advocating Ted Kaczynski’s innocence or somehow endorsing his anti-industrial position etc. Rather, even though I’ve looked carefully at all the cryptographic evidence I’ve been able to find, I just don’t see how it’s supposed to hang together as a consistent piece of cryptological data.

Could it have been… that the original decryption involved not simply “learning how to apply the code to the defendant’s coded writings and the admission into evidence of [Birch's] completed translation” (as claimed), but also having to infer the 100-letter numeric cipher alphabet that was perhaps not included in the “unscrambling sequence” notes? Could it be that the FBI was overanxious to paint a pre-trial picture convincing to jurors that what they had was ‘simply’ an an unambiguous “translation” rather than a (possibly interpretative) “decryption”?

This was, after all, really not long at all after FBI whistleblower Frederic Whitehurst had famously made his numerous allegations of forensic mishandling inside the FBI’s Laboratories, causing (for example) much of the explosive analyses done on the Unabomber case to be considered too unreliable to be used in court. If the ciphered journal was to be, as lead prosecutor Robert Cleary described it, “the backbone of the government’s case”, then there surely must have been internal political pressure for it to have been presented as if it were utterly rock solid evidence,

However, from the subtle difference between the numeric cipher given by Alston Chase and the one (implicitly) presented in the worksheet, I suspect that the FBI’s cryptanalysts didn’t manage to completely lock down the numeric cipher key list in 1996. Helpfully, Kaczynski seems to have made the decryption a little easier by using many letter keys in alphabetical order (a mistake people have made with numeric ciphers for centuries), and hence the decryption as presented to the jury was very probably extremely close to what Kaczynski had written. But if it wasn’t 100%, I don’t personally think it should have been presented as a “translation”.

So, if you’re like me, you’d now like to know a little more about the key to the Unabomber’s cipher journal that was found in his cabin. But given it’s the FBI (and many of the Unabomber records are locked for the next 50+ years), perhaps we won’t. Hopefully we shall see sooner than that… fingers crossed!

The post The Unabomber cipher journal… appeared first on Cipher Mysteries.

Just to let you know that Hungarian urban legend blogger Ivan Marinov emailed me an update on his search for the full story behind the 1926 Budapest crossword suicide case.

Ivan had, as promised, gone through the archives of various Hungarian police journals for 1926 (though the Rendőrségi Lapok-nak archive for the whole of 1926 turned out to be missing), but unfortunately without any great success. The only short article he did find was that (as I understand it) even though detectives had worked feverishly on the case for a month, they hadn’t been able to solve it: but the writer felt (somewhat downheartedly, it has to be said) that suicide had become so commonplace by then that it took attaching a crossword to one to make it noteworthy. And wasn’t it terribly sad that some people found it more interesting to make up a puzzle and die than to live?

However, this isn’t (quite) the end of the line: for example, it may well be that a Hungarian crossword history collector has a copy of this in a dusty file somewhere – or perhaps the Rendőrségi Lapok-nak 1926 archive will turn up in a completely different location. Hopefully we shall see!

The post Crossword suicide, latest update… appeared first on Cipher Mysteries.