Puzzles Endanger, Then Save, a Nation: The Spy Who Couldn’t Spell

While working on our multi-part series of posts about the history of codebreaking in America during the 20th century, I mentioned that some of the recent revelations about the National Security Agency were the result of Edward Snowden’s actions during his time as a government contractor.

What you might not know is that he has not been the only contractor to sneak information off of government computers in that fashion: a decade before Edward Snowden, there was Brian Patrick Regan.

Regan was a career soldier in the Air Force who eventually reached the rank of Master Sergeant and worked in signals intelligence.

Buried under hundreds of thousands of dollars in credit card debt, Regan decided his only way out of financial ruin was to try to sell US government secrets to a foreign government. He copied page after page of sensitive documents from national defense systems and snuck them out of his office, eventually amassing more than 15,000 pages, CD-ROMs, and other material in his home.

He would later bury bundles of these documents in various locations, including state parks, concealing the GPS coordinates of these valuables caches through a complicated series of encryptions where letters and numbers became three-digit sets.

You see, Regan had spent a fair amount of time studying cryptography, and fancied himself a top-shelf codemaster.

Regan used another set of encryptions of lesser complexity when he attempted to contact agents of the Libyan, Iraqi, and Chinese governments in order to sell off the treasure trove of secrets he’d amassed during his time at the National Reconnaissance Office.

One of these packets — a collection of three parcels intended for Libya — ended up in the hands of an FBI agent named Steven Carr.

From The Spy Who Couldn’t Spell by Yudhijit Bhattacharjee:

In the first envelope was a four-page letter with 149 lines of typed text consisting of alphabets and numbers. The second envelope included instructions on how to decode the letter. The third envelope included two sets of code sheets.

One set contained a list of ciphers. The other, running to six pages, listed dozens of words along with their encoded abbreviations: a system commonly known as brevity codes. Together, the two sets were meant to serve as the key for the decryption.

Some of the document had already been decrypted by FBI agents, and it revealed a member of the US intelligence community — claiming to be CIA, which was unverified, but definitely someone with top secret access — was trying to sell government secrets.

And this person had terrible spelling.

Brian Patrick Regan suffered from severe dyslexia. And, despite concerted efforts to perfect both his encryptions and his plan to net millions by selling government secrets, that dyslexia would be one of the clues that led Steven Carr to Regan’s doorstep.

It took Carr six months to connect Regan to the Libyan package, but once he did, surveillance on Regan began immediately.

When Regan attempted to board a plane to Zurich in 2001 — intending to meet with Iraqi and Libyan embassy officials — he was nabbed by the FBI and taken into custody.

Again, excerpted from The Spy Who Couldn’t Spell:

On searching Regan, officials found a piece of paper tucked between the inner and outer soles of his right shoe, on which were written addresses of Iraqi and Chinese embassies in Europe. The other materials they found on him and in his belongings were more mystifying. In a trouser pocket, Regan was carrying a spiral pad containing a page with 13 words that didn’t add up to anything: like tricycle, rocket and glove.

He had another 26 random words scribbled on an index card. Among the contents of Regan’s wallet was a piece of paper with a string of letters and numbers that read “5-6-N-V-O-A-I …” And in a folder he was carrying in his duffel bag were four sheets with handwritten lines of three-digit numbers.

FBI cryptanalyst Daniel Olson decoded some of the messages found on Regan when he was captured, but he had failed to unravel the multi-stage encryptions that concealed where Regan had buried his secret parcels. The government knew which state parks, but with acres and acres of possible hiding places, they needed more precise information.

And those parcels were the key, because they weren’t just packages to be sold to the highest bidder. No, those parcels doubled as a ransom in order to secure a better deal for himself with the US government. He wanted to blackmail the government for a reduced sentence.

They were his insurance plan.

As Thomas G. West said in Seeing What Others Cannot See, a book about visual thinking and dyslexia, “It’s not hard for a dyslexic to think ‘out of the box’ because they have never been in the box.”

Thankfully, Regan eventually realized that cooperation was in his best interest, and he revealed that each of the elaborate three-digit codes concealed a backdoor key built into the code itself.

Regan designed them this way so that, if he forgot the actual details of the encryption, all he would need is the starter word, a spark that would unlock the built-in key and help him decode the entire message.

This backdoor key system worked in a similar fashion to the Vigenere cipher, where a keyword or key phrase served as the entry point for a longer string of encrypted text. The trouble is… you need to know the cipher word or source in order to crack the code.

For example, during World War II, German agents in Europe used Daphne du Maurier’s Rebecca as the basis of a code for transmitting intelligence from Cairo to support a campaign by the Axis powers against the Allies in North Africa.

The discovery of the book among the possessions of two German radio operators who didn’t read English ultimately led to the breaking of the code, which in turn led to the capture of the German spies in Cairo.

Regan revealed the cipher words for the various hiding spots in state parks — which used cipher words from sources as peculiar as Regan’s own high school yearbook — and soon, the FBI recovered all but one of the buried parcels.

But Regan couldn’t remember the cipher word for the last one.

Daniel Olson would then step in, having learned some of Regan’s techniques as they uncovered the other parcels, and partially decrypting the remaining message enough to spark Regan’s memory. Regan finally came up with the last cipher key, and the final parcel was recovered.

Yes, once again, puzzly perseverance had saved the day!

Regan was found guilty on two counts of attempted espionage and one of gathering national defense information, and sentenced to life imprisonment with parole. Which, quite honestly, is getting off easy, considering that prosecutors were seeking the death penalty for his treasonous acts. (If prosecutors had gotten their way, he would’ve been the first person executed for espionage since the Rosenbergs in the ’50s.)

For the full story, including more in-depth explanations of Regan’s elaborate encryptions, check out The Spy Who Couldn’t Spell by Yudhijit Bhattacharjee.


Thanks for visiting PuzzleNation Blog today! Be sure to sign up for our newsletter to stay up-to-date on everything PuzzleNation!

You can also share your pictures with us on Instagram, friend us on Facebook, check us out on TwitterPinterest, and Tumblr, and explore the always-expanding library of PuzzleNation apps and games on our website!

Puzzle History: Codebreaking and the NSA

[Image courtesy of NSA.gov.]

The National Security Agency has been in the news a lot over the last few years.

It arguably all started with Edward Snowden and the revelations about government surveillance, both domestic and foreign, that emerged in his wake. Between President Trump’s intimations of Obama-era wiretapping (which also supposedly involved England’s GCHQ) and recent news stories about NSA contractor Reality Winner leaking information, the NSA continues to draw mainstream attention in the 24-hour news cycle.

When you factor in the declassification of codebreaking intel during and after World War II, we know more about the NSA’s inner workings than ever before.

You might be asking what the NSA has to do with puzzles. Well, everything. Because the NSA was born as a codecracking organization.

The NSA was founded in November of 1952, but its formative stages began during World War II, as codebreakers were recruited in the U.S. starting in 1943. Not only were they tasked with tackling the German ENIGMA code, but their secondary mission was to solve “the Russian problem.” This group was known as Signals Intelligence, or SIGINT.

William Friedman, one of the early figures in American codebreaking, described cryptanalysis as “a unique profession, demanding a peculiar king of puzzle-solving mentality combined with patience. So staffing this new organization was a curious endeavor.”

Those who were recruited came from all walks of life:

Career officers and new draftees, young women math majors just out of Smith or Vassar, partners of white-shoe New York law firms, electrical engineers from MIT, the entire ship’s band from the battleship California after it was torpedoed by the Japanese in the attack on Pearl Harbor, winners of puzzle competitions, radio hobbyists, farm boys from Wisconsin, world-traveling ex-missionaries, and one of the World’s foremost experts on the cuneiform tablets of ancient Assyria.

A large campus was built that echoed the style and efforts of Britain’s Bletchley Park, including Alan Turing’s calculating machines, the bombes. Efforts on both sides of the Atlantic centered on cracking ENIGMA, the German codes used in all sorts of high-level communications. The teams worked alongside the bombes to try to determine which of the 456, 976 possible codes was being used in a given piece of communication.

It was a truly Herculean effort.

But while nearly half the staff focused on the Germans, others focused on cracking Russian codebooks, where words were translated into four-digit codes. Often, decrypting these codes involved “brute force” efforts, poring through numerous messages to pair up messages that used similar numerical groups, meaning they used the same cipher.

This would only work if the Soviets were lazy in their production of so-called “one-time pads,” encryption devices that had a particular code, which would be used once and then thrown away. Brute force codebreaking revealed that some of the one-time pads had been used more than once, a lapse in Soviet security that could work to the advantage of U.S. intelligence.

That deduction led to another stunning discovery: cracking the system used in encrypted messages to tell agents which encryption was used in a given missive. You see, each encoded message contained within it a code that dictated the cipher necessary to decrypt the message.

The Russians would later complicate this work by employing multiplexers: devices that would transmit numerous messages at once, making it harder to separate one message from another in the same dispatch.

[Image courtesy of Virtantiq.com.]

The Germans would unwittingly aid the US in their Russian codebreaking efforts when a POW camp in Bad Aibling, Germany, was captured by the US army, and they uncovered a German device designed to “de-multiplex” Russian messages. The device was called the HMFS, because Hartmehrfachfernschreiber, while a great deal of fun to type, is hard to say quickly.

After World War II ended, U.S. intelligence consolidated their efforts on “the Russian problem,” continuing their work unraveling the Russian codebooks. Slowly, the codemasters began determining which organizations in the Soviet government used which codes. Even if the codes weren’t broken yet, it helped the intelligence community organize and prioritize their efforts.

The problem? They had a very tight timeframe to work in. Those duplicated codebooks were produced during a very small window of time in 1942, and only issued to Soviet agents in the three years that followed. By 1947, SIGINT analysts knew the Soviets would soon run out of the duplicated pads. Once they did, those recurring patterns of encrypted numbers would stop, and the best chance for cracking the Soviet codes would be lost.

Still, there was reason to be encouraged. Some important code words had been identified. TYRE was New York City, SIDON was London, and CARTHAGE was Washington; ENORMOZ appeared often enough that they determined it referred to atomic bomb research in Los Alamos.

It would also be revealed, through careful analysis of decrypted intel, that Soviet agents were embedded in both the U.S. Justice Department and in England’s Bletchley Park campus. The Justice Department agent was identified and tried, but released after the court found insufficient evidence to place her under surveillance in the first place.

This was one consequence of the secrecy surrounding codebreaking: an unwillingness to reveal their codebreaking success by turning over evidence of it. (As for the Bletchley Park spies, one was identified in 1951 and confessed in 1964. The other was never identified.)

By this time, the Russians had gone over ENIGMA machines captured during the German retreat, and had unraveled not only how the devices worked, but how to improve upon them. This would lead to the next-generation Russian Fialka machine.

With ever-increasing complexity when it came to encryption, thanks to increased automation, codebreaking evolved into not just intelligence work, but intelligence analysis. After all, if you don’t know something is important, you don’t necessarily give it the attention it deserves. As researcher Stephen Budiansky put it, “The top translators at Bletchley were intelligence officers first, who sifted myriad pieces to assemble an insightful whole.”

It also led to bigger, faster machines, like Goldberg and Demon, two computation machines designed to more efficiently pore over the vast amount of encrypted information being intercepted by the various U.S. intelligence services.

In 1948, though, the game changed. It changed so dramatically that November 1, 1948, is still remembered in NSA circles as Black Friday.


I hope you’re enjoying this look at the early days of America’s codebreaking efforts. Part 2 will continue next week, with a look at the rise of the NSA, Cold War cryptography, and more!

[Quotes and certain photos were sourced from Code Warriors: NSA’s Codebreakers and the Secret Intelligence War Against the Soviet Union by Stephen Budiansky.]


Thanks for visiting PuzzleNation Blog today! Be sure to sign up for our newsletter to stay up-to-date on everything PuzzleNation!

You can also share your pictures with us on Instagram, friend us on Facebook, check us out on TwitterPinterest, and Tumblr, and explore the always-expanding library of PuzzleNation apps and games on our website!

Codecrafting with Crosswords!

We’ve discussed ciphers and codecracking numerous times in the past, and rightly so. It’s a style of puzzling that has literally affected the outcomes of battles, helped shape key historical moments, and changed the face of spycraft.

And it’s a puzzle form that continues to evolve to this day. We’ve moved far beyond the simple one-to-one replacement encryptions of your standard newspaper cryptogram, and intrepid solvers are always looking for newer and more devious ways to conceal their messages.

Tumblr user Cipherface has cooked up a pretty ingenious system that actually uses another style of puzzling in its execution: crosswords.

Here’s how it works. You write your message out in the open spaces of the crossword, ignoring the black squares.

Then, map out this diagonal path as the first step to encrypting your message.

Do the same with the puzzle’s answer key, and you’ve got your running key, the text used to substitute letters for the letters in your actual message.

Then you run your message through the tabula recta, a table where you use the letter you want revealed and the letter in your running key to pick the letter in your encryption.

Here, we can see Cipherface mapping out the encrypted message using this method.

From the Tumblr writeup:

The idea is to use a crossword puzzle for the transposition and the answers to the previous weeks puzzle as a running key. And the blank spaces are used to insert nulls into the final ciphertext. You then mail it to a friend who uses the date it was mailed to decide which puzzle to use for decryption.

It’s a pretty clever way to leave your encryption key in plain sight, and yet keep your messages secret. The running key keeps changing, so it’s more effective than traditional running keys, which stayed the same for longer periods of time.

Not to mention, using the puzzle’s publishing date? What a quick and easy way to keep your friend informed in an innocuous way. You’d just need to decide ahead of time which newspaper to use.

And it figures. The best way to make a puzzle better? Add another puzzle.


Thanks for visiting PuzzleNation Blog today! Be sure to sign up for our newsletter to stay up-to-date on everything PuzzleNation!

You can also share your pictures with us on Instagram, friend us on Facebook, check us out on TwitterPinterest, and Tumblr, and explore the always-expanding library of PuzzleNation apps and games on our website!

The Puzzle of the Bard

William Shakespeare is a name we all know well. We’ve studied his works in school, used words and phrases he coined or popularized, and we’ve seen numerous films, TV shows, and other adaptations inspired by his writing.

But for more than two centuries, there has been a great deal of debate over whether the man known as William Shakespeare actually wrote all of the brilliant works for which he is acclaimed.

There are whole societies dedicated to either rooting out the truth or proffering their candidate for who really wrote the works of Shakespeare. Many names are bandied about, including a who’s who of luminaries at the time, like Sir Francis Bacon, Christopher Marlowe, John Donne, Queen Elizabeth I, Ben Jonson, Edmund Spenser, Anne Hathaway, Sir Walter Raleigh, and perhaps most ardently, Edward de Vere, the 17th earl of Oxford.

[Image courtesy of The Truth About Shakespeare.]

Now, granted, there’s plenty to suggest Shakespeare collaborated with other writers on some of his works, but we’re not talking about collaboration here. We’re talking about ghostwriting some of the most famous works in human history.

But, you may be asking, other than a shared love of wordplay, what does the Shakespearean authorship question have to do with puzzles?

I’m glad you asked.

Over the years, several theorists have reported finding secret codes or ciphers in the text of Shakespeare’s works which hinted toward the true author.

Samuel Morse, a man who knows one or two things about codes, discussed how Sir Francis Bacon had created such codes, probably as part of his spy work, perhaps even going so far as to create an encrypted signature of sorts that appears in multiple Shakespeare works.

According to a BBC America article on the subject:

One scholar at the time went so far as to produce an enormous “cipher wheel” composed of a 1000-foot piece of cloth that contained the texts of Shakespeare and others for easy comparison and decryption. He claimed that by deciphering codes, he’d discovered the location of a box, buried under the Wye River, that contained documents that would prove Sir Francis’s authorship. But a dredging of the area came up with nothing.

[Orville Ward Owen’s cipher wheel. Image courtesy of Wikipedia.]

Now, there’s little doubt that Bacon was a code master, but there’s equally little evidence that he wrote the works of Shakespeare.

Of course, if there are codes in those works, perhaps Shakespeare placed them there himself.

According to a theory by scholar Clare Asquith, Countess of Oxford and Asquith, Shakespeare’s careful and curious word choices were intended to foment subversive political messages and advance his own agenda of strong Catholic beliefs.

Constancy in love was Shakespeare’s way of alluding to the importance of a true faith in the ‘old religion’, she says. More specifically, his puns and metaphors often circled around certain key phrases. For instance, to be ‘sunburned’ or ‘tanned’, as are his heroines Viola, Imogen and Portia, was to be close to God and so understood as a true Catholic.

[Image courtesy of Amazon.com.]

It’s amazing that we know so little about someone so influential. And it’s only natural that we try to fill in the blanks with our own theorists, be they explanations of Shakespeare’s impressive knowledge or possibilities of alternative authorship.

The man himself is a puzzle, and that is irresistible to some, myself included. Are Shakespeare the man and Shakespeare the bard one and the same?

As it turns out, that question might finally have an answer, thanks to the sleuthing of Dr. Heather Wolfe of the Folger Shakespeare Library in Washington, D.C.

The story begins with Shakespeare’s father:

John Shakespeare, from Stratford-upon-Avon, was ambitious to rise in the world. He was certainly not the first Englishman keen to put his origins as a provincial tradesman behind him. Among his contemporaries in Stratford, he was a figure of fun for his social climbing. English class snobbery has a long pedigree.

His son, who would continue the quest for official recognition after his father’s death, also attracted metropolitan disdain as “an upstart crow beautified with our feathers”. In 1601, after his father’s death, Shakespeare the upstart returned to the college of arms to renew the family application for a coat of arms.

He had made a small fortune in the theatre, and was buying property in and around Stratford. Now he set out to consolidate his reputation as a “Gentleman”. Under the rules that governed life at the court of Elizabeth I, only the Queen’s heralds could grant this wish.

[Image courtesy of The Shakespeare Blog.]

And it’s this application for a family coat of arms that provides the connective tissue between the man and the bard. “They point to someone actively involved in defining and defending his legacy in 1602, shortly after his father’s death,” according to Wolfe.

But whether there are codes lurking in the Bard’s works or not, the mystery of the man himself might be the greatest puzzle of all.


Thanks for visiting PuzzleNation Blog today! Be sure to sign up for our newsletter to stay up-to-date on everything PuzzleNation!

You can also share your pictures with us on Instagram, friend us on Facebook, check us out on TwitterPinterest, and Tumblr, and explore the always-expanding library of PuzzleNation apps and games on our website!

Bringing Home an Ancient Mystery: The Voynich Manuscript

[Image courtesy of BBC.com.]

If you scour the Internet for great unsolved mysteries of this or any era, the Voynich Manuscript is always one of the top results, and with good reason.

A small hand-written volume, the Voynich Manuscript is believed to have originated in the 15th century (thanks to carbon-dating), and it’s written in an as-yet-undeciphered language.

Both amateur and professional cryptographers have attempted to unravel the mysteries of the unknown language, but all have thus far failed. (Oh sure, some people have claimed in the past that they’ve cracked the code, but none of these efforts have held up to scrutiny.)

Some theorize that instead of an encryption, it’s an invented language or a previously unseen invented written form for an established language.

[Image courtesy of Wikipedia.org.]

A few cryptographers have gone so far as to call it unsolvable, while others believe it to be an elaborate hoax or the work of someone afflicted with glossolalia, a written equivalent of speaking in tongues.

And ever since the only known copy was donated to Yale University’s Beinecke Rare Book and Manuscript Library, aspiring solvers have had to rely on online scans of the manuscript in their attempts to crack it.

Until recently, that is.

[One of several fold-out pages in the manuscript.
Image courtesy of Wikipedia.org.]

A Spanish publishing house is currently working on a limited run of exacting replicas of the Voynich Manuscript, purportedly including “every stain, hole, [and] sewn-up tear in the parchment.”

Of course, such meticulous work is reflected in the price of each book, which runs roughly $8000 to $9000 a copy. A third of the 898 copies being offered for sale have already been snatched up in pre-orders.

If you’re still hoping for a chance to tackle the mystery but you’re not looking to break the bank, thankfully Yale University Press is offering a $50 trade hardcover edition of the manuscript for sale later this year.

Whether this finally leads to a solution or simply adds new members to the ever-growing list of disappointed or frustrated aspiring solvers, I can’t say. But it’s exciting to see the mystery is alive and well.


Thanks for visiting PuzzleNation Blog today! Be sure to sign up for our newsletter to stay up-to-date on everything PuzzleNation!

You can also share your pictures with us on Instagram, friend us on Facebook, check us out on TwitterPinterest, and Tumblr, and explore the always-expanding library of PuzzleNation apps and games on our website!

The Great Puzzle Pursuit: Puzzle Hunting Across the U.S.!

Puzzle hunts are interactive solving experiences that often have you wandering around a certain area as you crack codes, unravel riddles, and conquer puzzles.

Whether you’re working alone or you’ve recruited a team to help with the hunt — perhaps solvers whose skills complement your own or fill a gap in your puzzling ability — it takes puzzles a step further, often making for a memorable puzzle experience, akin to Escape the Room challenges.

We’ve covered some puzzle hunts in the past, like BAPHL or the Trials Evolution hunt. We’ve also explored puzzle hunts that combine aspects of scavenger hunts and physical challenges to create a more physically demanding solving experience, like the Great Urban Race.

But I don’t know that we’ve ever covered something quite on the scale of The Great Puzzle Pursuit.

Instead of one city, you have 15 possible cities to test you. Instead of racing other teams over the course of a day or a weekend, you have a seven-month window of opportunity to test your puzzly mettle.

Intrigued yet? I certainly was, so I reached out to the team behind The Great Puzzle Pursuit to find out more about this ambitious solving experience. Co-creator Jason was kind enough to answer my questions about the event.


What inspired the Great Puzzle Pursuit?

A little background about us first. My wife Amy and I have been frequent participants in events like Warrior Dash, Urban Dare, and various scavenger hunts for the last 10 years. Now that I am older I can tell you that breaking both of my ankles previously ensured that I just cannot run like I used to.

So my wife and I, who are enormous fans of puzzles and the outdoors, tried various geocaching activities. Which we loved, but that is more just hide and seek. Then we went on to try various scavenger hunts and found the challenges to generally be silly tasks as opposed to actual puzzles.

After much research, we just couldn’t find exactly what we were looking for so we decided to make it ourselves, launching in Pittsburgh, PA.

You have 15 cities listed as possible points of entry into this puzzle hunt. What are the logistics involved in creating something of this scope? How many team members do you have running GPP?

The logistics in running multiple simultaneous hunts is somewhat of a challenge. In each city, we choose 7 locations — generally monuments, statues, or unique features — and then weave puzzle elements into these locations. Essentially you will need to solve 7 location puzzles and 7 on-site puzzles to complete your city.

[Glenn’s note: Location puzzles lead you to a location, while on-site puzzles can only be solved once you reach a given location.]

The locations are different but the puzzle elements are identical between cities so we can ensure it is a fair competition. Assuming a team bests their city challenge, all teams across the country share one last Meta puzzle. To date only 4 teams have unlocked this final challenge and now qualify for the cash prize nearing $1,200.

My wife and I are the owners and operators and we have a team of 8 that helps us create the challenges, scope out future locations, etc.

How many groups/competitors are involved right now?

We are nearing 300 teams now, with 4 total finishers [people who have completed a city challenge and the meta puzzle]. Two for Pittsburgh, one from Buffalo, and one from Hartford. All teams have until September 15 to finish so we expect to see a few more by then.

What lessons did you learn from season 1 that have informed this season’s event?

What we learned from season 1 is that people want to be challenged. In season 1 we made a puzzle hunt that was difficult but 50% of all teams completed it.

The vast majority said they wanted it to be even harder! So this year we added that 15th and final national puzzle that only the best of the best will be able to unlock.


Thank you to Jason and Amy for taking the time out to talk to us today! You can find out more about the Great Puzzle Pursuit on their website here and on Twitter here!

And remember, there are 15 possible cities to conquer:

  • Austin, Texas
  • Baltimore, Maryland
  • Boise, Idaho
  • Buffalo, New York
  • Cleveland, Ohio
  • Columbus, Ohio
  • Gettysburg, Pennsylvania
  • Hartford, Connecticut
  • Indianapolis, Indiana
  • New York, New York
  • Philadelphia, Pennsylvania
  • Pittsburgh, Pennsylvania
  • St. Augustine, Florida
  • Springfield, Massachusetts
  • Washington, D.C.

Let us know if you’re going to accept the Great Puzzle Pursuit challenge in the comments below!


Thanks for visiting PuzzleNation Blog today! Be sure to sign up for our newsletter to stay up-to-date on everything PuzzleNation!

You can also share your pictures with us on Instagram, friend us on Facebook, check us out on TwitterPinterest, and Tumblr, and explore the always-expanding library of PuzzleNation apps and games on our website!