Puzzles Endanger, Then Save, a Nation: The Spy Who Couldn’t Spell

While working on our multi-part series of posts about the history of codebreaking in America during the 20th century, I mentioned that some of the recent revelations about the National Security Agency were the result of Edward Snowden’s actions during his time as a government contractor.

What you might not know is that he has not been the only contractor to sneak information off of government computers in that fashion: a decade before Edward Snowden, there was Brian Patrick Regan.

Regan was a career soldier in the Air Force who eventually reached the rank of Master Sergeant and worked in signals intelligence.

Buried under hundreds of thousands of dollars in credit card debt, Regan decided his only way out of financial ruin was to try to sell US government secrets to a foreign government. He copied page after page of sensitive documents from national defense systems and snuck them out of his office, eventually amassing more than 15,000 pages, CD-ROMs, and other material in his home.

He would later bury bundles of these documents in various locations, including state parks, concealing the GPS coordinates of these valuables caches through a complicated series of encryptions where letters and numbers became three-digit sets.

You see, Regan had spent a fair amount of time studying cryptography, and fancied himself a top-shelf codemaster.

Regan used another set of encryptions of lesser complexity when he attempted to contact agents of the Libyan, Iraqi, and Chinese governments in order to sell off the treasure trove of secrets he’d amassed during his time at the National Reconnaissance Office.

One of these packets — a collection of three parcels intended for Libya — ended up in the hands of an FBI agent named Steven Carr.

From The Spy Who Couldn’t Spell by Yudhijit Bhattacharjee:

In the first envelope was a four-page letter with 149 lines of typed text consisting of alphabets and numbers. The second envelope included instructions on how to decode the letter. The third envelope included two sets of code sheets.

One set contained a list of ciphers. The other, running to six pages, listed dozens of words along with their encoded abbreviations: a system commonly known as brevity codes. Together, the two sets were meant to serve as the key for the decryption.

Some of the document had already been decrypted by FBI agents, and it revealed a member of the US intelligence community — claiming to be CIA, which was unverified, but definitely someone with top secret access — was trying to sell government secrets.

And this person had terrible spelling.

Brian Patrick Regan suffered from severe dyslexia. And, despite concerted efforts to perfect both his encryptions and his plan to net millions by selling government secrets, that dyslexia would be one of the clues that led Steven Carr to Regan’s doorstep.

It took Carr six months to connect Regan to the Libyan package, but once he did, surveillance on Regan began immediately.

When Regan attempted to board a plane to Zurich in 2001 — intending to meet with Iraqi and Libyan embassy officials — he was nabbed by the FBI and taken into custody.

Again, excerpted from The Spy Who Couldn’t Spell:

On searching Regan, officials found a piece of paper tucked between the inner and outer soles of his right shoe, on which were written addresses of Iraqi and Chinese embassies in Europe. The other materials they found on him and in his belongings were more mystifying. In a trouser pocket, Regan was carrying a spiral pad containing a page with 13 words that didn’t add up to anything: like tricycle, rocket and glove.

He had another 26 random words scribbled on an index card. Among the contents of Regan’s wallet was a piece of paper with a string of letters and numbers that read “5-6-N-V-O-A-I …” And in a folder he was carrying in his duffel bag were four sheets with handwritten lines of three-digit numbers.

FBI cryptanalyst Daniel Olson decoded some of the messages found on Regan when he was captured, but he had failed to unravel the multi-stage encryptions that concealed where Regan had buried his secret parcels. The government knew which state parks, but with acres and acres of possible hiding places, they needed more precise information.

And those parcels were the key, because they weren’t just packages to be sold to the highest bidder. No, those parcels doubled as a ransom in order to secure a better deal for himself with the US government. He wanted to blackmail the government for a reduced sentence.

They were his insurance plan.

As Thomas G. West said in Seeing What Others Cannot See, a book about visual thinking and dyslexia, “It’s not hard for a dyslexic to think ‘out of the box’ because they have never been in the box.”

Thankfully, Regan eventually realized that cooperation was in his best interest, and he revealed that each of the elaborate three-digit codes concealed a backdoor key built into the code itself.

Regan designed them this way so that, if he forgot the actual details of the encryption, all he would need is the starter word, a spark that would unlock the built-in key and help him decode the entire message.

This backdoor key system worked in a similar fashion to the Vigenere cipher, where a keyword or key phrase served as the entry point for a longer string of encrypted text. The trouble is… you need to know the cipher word or source in order to crack the code.

For example, during World War II, German agents in Europe used Daphne du Maurier’s Rebecca as the basis of a code for transmitting intelligence from Cairo to support a campaign by the Axis powers against the Allies in North Africa.

The discovery of the book among the possessions of two German radio operators who didn’t read English ultimately led to the breaking of the code, which in turn led to the capture of the German spies in Cairo.

Regan revealed the cipher words for the various hiding spots in state parks — which used cipher words from sources as peculiar as Regan’s own high school yearbook — and soon, the FBI recovered all but one of the buried parcels.

But Regan couldn’t remember the cipher word for the last one.

Daniel Olson would then step in, having learned some of Regan’s techniques as they uncovered the other parcels, and partially decrypting the remaining message enough to spark Regan’s memory. Regan finally came up with the last cipher key, and the final parcel was recovered.

Yes, once again, puzzly perseverance had saved the day!

Regan was found guilty on two counts of attempted espionage and one of gathering national defense information, and sentenced to life imprisonment with parole. Which, quite honestly, is getting off easy, considering that prosecutors were seeking the death penalty for his treasonous acts. (If prosecutors had gotten their way, he would’ve been the first person executed for espionage since the Rosenbergs in the ’50s.)

For the full story, including more in-depth explanations of Regan’s elaborate encryptions, check out The Spy Who Couldn’t Spell by Yudhijit Bhattacharjee.


Thanks for visiting PuzzleNation Blog today! Be sure to sign up for our newsletter to stay up-to-date on everything PuzzleNation!

You can also share your pictures with us on Instagram, friend us on Facebook, check us out on TwitterPinterest, and Tumblr, and explore the always-expanding library of PuzzleNation apps and games on our website!

Puzzle History: Codebreaking and the NSA, part 3

[Image courtesy of NSA’s official Twitter account.]

At the end of part 2 in our series, we left off during the early days of the NSA, as American cryptographers continued to labor under the shadow of the Black Friday change in Russian codes.

You may have noticed that part 2 got a little farther from puzzly topics than part 1, and there’s a reason for that. As the NSA evolved and grew, codebreaking was downplayed in favor of data acquisition. The reasons for this were twofold:

1. Context. You need to understand why given encrypted information is important in order to put it toward the best possible use. As Budiansky stated in part 1, “The top translators at Bletchley were intelligence officers first, who sifted myriad pieces to
assemble an insightful whole.”

2. Russian surveillance and bugging continued to grow more clever and sophisticated, pushing attention away from codebreaking. After all, what good is breaking codes or developing new ones if they can just steal unencrypted intel firsthand by monitoring
agents in the field?

Moving forward, the NSA would continue to pursue all manner of data mining, eventually leaving behind much of the codebreaking and analysis that originally formed the backbone of the organization. But that was in years to come. Cryptography was still a major player in NSA operations from the ’50s and onward.

[The progression of “secret” and “top secret” code words.
Image courtesy of NSA’s official Twitter account.]

In May 1956, NSA cryptanalytic veterans pushed a proposal titled “Recommendations for a Full-Scale Attack on the Russian High-Level Systems,” believing that specially designed computers from IBM could provide the key for cracking the impenetrable Russian cryptography wall. Some cryptographers believed that ever-increasing processor speeds would eventually outpace even sophisticated codes.

By 1960, the NSA had spent $100 million on computers and analytical tools.

The problem? The NSA was collecting so much information that their increasingly small team of cryptoanalysts couldn’t dream of processing even a tiny portion of it.

But the quest for data access would only grow more ambitious.

In the wake of Sputnik’s launch in October of 1957, US signals intelligence would go where no man had gone before. The satellite GRAB, launched alongside Transit II-A in June of 1960, was supposedly meant to study cosmic radiation. (GRAB stood for Galactic Radiation and Background.)

[Image courtesy of NSA’s official Twitter account.]

But it was actually intended to collect radar signals from two Soviet air-defense systems. This was the next step of ELINT, electronic intelligence work. (The younger brother of SIGINT.)

The NSA would later find a huge supporter in President Lyndon Johnson, as the president was heavily invested in SIGINT, ELINT, and any other INTs he could access. This did little to quell the intelligence-gathering rivalry growing between the CIA and NSA.

Of course, that’s not to say that the NSA ceased to do any worthwhile work in codebreaking. Far from it, actually.

During the Vietnam War, NSA analysts pored over North Vietnamese signals, trying to uncover how enemy pilots managed to scramble and respond so quickly to many of the US’s airstrikes conducted during Operation Rolling Thunder.

Careful analysis revealed an aberrant character (in Morse code) in messages that appeared in North Vietnamese transmissions before 90 percent of the Rolling Thunder airstrikes. By identifying when the enemy used that aberrant character, the analysts
were able to warn US pilots whether they were heading toward a prepared enemy or an unsuspecting one during a given sortie.

Other NSA teams worked to protect US communications by playing the role of an enemy analyst. They would try to break US message encryptions and see how much they could learn from intercepted US signals. Identifying flaws in their own procedures — as well as members of the military who were cutting corners when it came to secured communications — helped to make US communications more secure.

[Image courtesy of NSA.gov.]

In 1979, Jack Gurin, the NSA’s Chief of Language Research, wrote an article in the NSA’s in-house publication Cryptolog, entitled “Let’s Not Forget Our Cryptologic Mission.” He believed much of the work done at the agency, and many of the people
hired, had strayed from the organization’s core mission.

The continued push for data acquisition over codebreaking analysis in the NSA led to other organizations picking up the slack. The FBI used (and continues to use) codebreakers and forensic accountants when dealing with encrypted logs from criminal organizations covering up money laundering, embezzlement, and other illegal activities.

And groups outside the government also made impressive gains in the field of encryption, among them IBM’s Thomas J. Watson Research Center, the Center for International Security and Arms Control, and even graduate student programs at universities like MIT and Stanford.

For instance, cryptographer Whitfield Diffie developed the concept of the asymmetric cipher. Joichi Ito explains it well in Whiplash:

Unlike any previously known code, asymmetric ciphers do not require the sender and receiver to have the same key. Instead, the sender (Alice) gives her public key to Bob, and Bob uses it to encrypt a message to Alice. She decrypts it using her private key. It no longer matters if Eve (who’s eavesdropping on their conversation) also has Alice’s public key, because the only thing she’ll be able to do with it is encrypt a message that only Alice can read.

This would lead to a team at MIT developing RSA, a technique that implemented Diffie’s asymmetric cipher concept. (It’s worth noting that RSA encryption is still used to this day.)

[Image courtesy of Campus Safety Magazine.com.]

The last big sea change in encryption came when the government and military realized they no longer had a monopoly on codebreaking technology. Increased reliance and awareness of the importance of computer programming, greater access to computers with impressive processing power, and a groundswell of support for privacy from prying government eyes, led to dual arms races: encryption and acquisition.

And this brings us to the modern day. The revelations wrought by Edward Snowden’s leak of NSA information revealed the incredible depth of government data mining and acquistion, leading some pundits to claim that the NSA is “the only part of government that actually listens.”

Whatever your feelings on Snowden’s actions or government surveillance, there is no doubt that the National Security Agency has grown and changed a great deal since the days of cracking the ENIGMA code or working with the crew at Bletchley Park.

Where will American codebreaking go next? Who knows? Perhaps quantum computing will bring codes so complicated they’ll be impenetrable.

All I know is… it’s part of puzzle history.


I hope you enjoyed this multi-part series on the history of 20th-century codebreaking in America. If you’d like to learn more, you can check out some of the valuable sources I consulted while working on these posts:

Code Warriors: NSA’s Codebreakers and the Secret Intelligence War Against the Soviet Union by Stephen Budiansky

Whiplash: How to Survive Our Faster Future by Joichi Ito

The Secret Lives of Codebreakers by Sinclair McKay


Thanks for visiting PuzzleNation Blog today! Be sure to sign up for our newsletter to stay up-to-date on everything PuzzleNation!

You can also share your pictures with us on Instagram, friend us on Facebook, check us out on TwitterPinterest, and Tumblr, and explore the always-expanding library of PuzzleNation apps and games on our website!