Puzzles Endanger, Then Save, a Nation: The Spy Who Couldn’t Spell

While working on our multi-part series of posts about the history of codebreaking in America during the 20th century, I mentioned that some of the recent revelations about the National Security Agency were the result of Edward Snowden’s actions during his time as a government contractor.

What you might not know is that he has not been the only contractor to sneak information off of government computers in that fashion: a decade before Edward Snowden, there was Brian Patrick Regan.

Regan was a career soldier in the Air Force who eventually reached the rank of Master Sergeant and worked in signals intelligence.

Buried under hundreds of thousands of dollars in credit card debt, Regan decided his only way out of financial ruin was to try to sell US government secrets to a foreign government. He copied page after page of sensitive documents from national defense systems and snuck them out of his office, eventually amassing more than 15,000 pages, CD-ROMs, and other material in his home.

He would later bury bundles of these documents in various locations, including state parks, concealing the GPS coordinates of these valuables caches through a complicated series of encryptions where letters and numbers became three-digit sets.

You see, Regan had spent a fair amount of time studying cryptography, and fancied himself a top-shelf codemaster.

Regan used another set of encryptions of lesser complexity when he attempted to contact agents of the Libyan, Iraqi, and Chinese governments in order to sell off the treasure trove of secrets he’d amassed during his time at the National Reconnaissance Office.

One of these packets — a collection of three parcels intended for Libya — ended up in the hands of an FBI agent named Steven Carr.

From The Spy Who Couldn’t Spell by Yudhijit Bhattacharjee:

In the first envelope was a four-page letter with 149 lines of typed text consisting of alphabets and numbers. The second envelope included instructions on how to decode the letter. The third envelope included two sets of code sheets.

One set contained a list of ciphers. The other, running to six pages, listed dozens of words along with their encoded abbreviations: a system commonly known as brevity codes. Together, the two sets were meant to serve as the key for the decryption.

Some of the document had already been decrypted by FBI agents, and it revealed a member of the US intelligence community — claiming to be CIA, which was unverified, but definitely someone with top secret access — was trying to sell government secrets.

And this person had terrible spelling.

Brian Patrick Regan suffered from severe dyslexia. And, despite concerted efforts to perfect both his encryptions and his plan to net millions by selling government secrets, that dyslexia would be one of the clues that led Steven Carr to Regan’s doorstep.

It took Carr six months to connect Regan to the Libyan package, but once he did, surveillance on Regan began immediately.

When Regan attempted to board a plane to Zurich in 2001 — intending to meet with Iraqi and Libyan embassy officials — he was nabbed by the FBI and taken into custody.

Again, excerpted from The Spy Who Couldn’t Spell:

On searching Regan, officials found a piece of paper tucked between the inner and outer soles of his right shoe, on which were written addresses of Iraqi and Chinese embassies in Europe. The other materials they found on him and in his belongings were more mystifying. In a trouser pocket, Regan was carrying a spiral pad containing a page with 13 words that didn’t add up to anything: like tricycle, rocket and glove.

He had another 26 random words scribbled on an index card. Among the contents of Regan’s wallet was a piece of paper with a string of letters and numbers that read “5-6-N-V-O-A-I …” And in a folder he was carrying in his duffel bag were four sheets with handwritten lines of three-digit numbers.

FBI cryptanalyst Daniel Olson decoded some of the messages found on Regan when he was captured, but he had failed to unravel the multi-stage encryptions that concealed where Regan had buried his secret parcels. The government knew which state parks, but with acres and acres of possible hiding places, they needed more precise information.

And those parcels were the key, because they weren’t just packages to be sold to the highest bidder. No, those parcels doubled as a ransom in order to secure a better deal for himself with the US government. He wanted to blackmail the government for a reduced sentence.

They were his insurance plan.

As Thomas G. West said in Seeing What Others Cannot See, a book about visual thinking and dyslexia, “It’s not hard for a dyslexic to think ‘out of the box’ because they have never been in the box.”

Thankfully, Regan eventually realized that cooperation was in his best interest, and he revealed that each of the elaborate three-digit codes concealed a backdoor key built into the code itself.

Regan designed them this way so that, if he forgot the actual details of the encryption, all he would need is the starter word, a spark that would unlock the built-in key and help him decode the entire message.

This backdoor key system worked in a similar fashion to the Vigenere cipher, where a keyword or key phrase served as the entry point for a longer string of encrypted text. The trouble is… you need to know the cipher word or source in order to crack the code.

For example, during World War II, German agents in Europe used Daphne du Maurier’s Rebecca as the basis of a code for transmitting intelligence from Cairo to support a campaign by the Axis powers against the Allies in North Africa.

The discovery of the book among the possessions of two German radio operators who didn’t read English ultimately led to the breaking of the code, which in turn led to the capture of the German spies in Cairo.

Regan revealed the cipher words for the various hiding spots in state parks — which used cipher words from sources as peculiar as Regan’s own high school yearbook — and soon, the FBI recovered all but one of the buried parcels.

But Regan couldn’t remember the cipher word for the last one.

Daniel Olson would then step in, having learned some of Regan’s techniques as they uncovered the other parcels, and partially decrypting the remaining message enough to spark Regan’s memory. Regan finally came up with the last cipher key, and the final parcel was recovered.

Yes, once again, puzzly perseverance had saved the day!

Regan was found guilty on two counts of attempted espionage and one of gathering national defense information, and sentenced to life imprisonment with parole. Which, quite honestly, is getting off easy, considering that prosecutors were seeking the death penalty for his treasonous acts. (If prosecutors had gotten their way, he would’ve been the first person executed for espionage since the Rosenbergs in the ’50s.)

For the full story, including more in-depth explanations of Regan’s elaborate encryptions, check out The Spy Who Couldn’t Spell by Yudhijit Bhattacharjee.


Thanks for visiting PuzzleNation Blog today! Be sure to sign up for our newsletter to stay up-to-date on everything PuzzleNation!

You can also share your pictures with us on Instagram, friend us on Facebook, check us out on TwitterPinterest, and Tumblr, and explore the always-expanding library of PuzzleNation apps and games on our website!

Codecrafting with Crosswords!

We’ve discussed ciphers and codecracking numerous times in the past, and rightly so. It’s a style of puzzling that has literally affected the outcomes of battles, helped shape key historical moments, and changed the face of spycraft.

And it’s a puzzle form that continues to evolve to this day. We’ve moved far beyond the simple one-to-one replacement encryptions of your standard newspaper cryptogram, and intrepid solvers are always looking for newer and more devious ways to conceal their messages.

Tumblr user Cipherface has cooked up a pretty ingenious system that actually uses another style of puzzling in its execution: crosswords.

Here’s how it works. You write your message out in the open spaces of the crossword, ignoring the black squares.

Then, map out this diagonal path as the first step to encrypting your message.

Do the same with the puzzle’s answer key, and you’ve got your running key, the text used to substitute letters for the letters in your actual message.

Then you run your message through the tabula recta, a table where you use the letter you want revealed and the letter in your running key to pick the letter in your encryption.

Here, we can see Cipherface mapping out the encrypted message using this method.

From the Tumblr writeup:

The idea is to use a crossword puzzle for the transposition and the answers to the previous weeks puzzle as a running key. And the blank spaces are used to insert nulls into the final ciphertext. You then mail it to a friend who uses the date it was mailed to decide which puzzle to use for decryption.

It’s a pretty clever way to leave your encryption key in plain sight, and yet keep your messages secret. The running key keeps changing, so it’s more effective than traditional running keys, which stayed the same for longer periods of time.

Not to mention, using the puzzle’s publishing date? What a quick and easy way to keep your friend informed in an innocuous way. You’d just need to decide ahead of time which newspaper to use.

And it figures. The best way to make a puzzle better? Add another puzzle.


Thanks for visiting PuzzleNation Blog today! Be sure to sign up for our newsletter to stay up-to-date on everything PuzzleNation!

You can also share your pictures with us on Instagram, friend us on Facebook, check us out on TwitterPinterest, and Tumblr, and explore the always-expanding library of PuzzleNation apps and games on our website!

The Mystery of the Kryptos Sculpture

[Image courtesy of Kryptos.arcticus.com.]

If I told you that one of the most famous unsolved encrypted messages in the world isn’t lurking in the works of Da Vinci or in some vast government warehouse like the Ark of the Covenant, but rather as part of a sculpture only twenty-five years old, you might be surprised.

You’d probably be less surprised to discover that said sculpture is located in front of the headquarters of the CIA, though.

Kryptos, a flowing sculpture made of petrified wood and copper plating over a small pool of water, was revealed to the world in 1990. Masterminded by artist Jim Sanborn, it was apparently designed to both challenge and honor the Central Intelligence Agency. And for decades now, it has proven to be a top-flight brain teaser for codebreakers both professional and amateur.

From an article on Wired.com:

It all began in 1988 when the CIA Fine Arts Commission commissioned local artist James Sanborn to create a cryptographic sculpture for a courtyard on the CIA campus. Sanborn completed the two-part sculpture in 1990, which included stones laid out in International Morse code near the front entrance of the CIA campus, and a 12-foot-high, verdigrised copper, granite and petrified wood sculpture. The latter, which is the more famous part of Kryptos, was inscribed with four encrypted messages composed from some 1,800 letters carved out of the copper plate.

[Image courtesy of The Magazine.org.]

There are four distinct sections, utilizing different forms of encryption. And amazingly, the fourth section continues to elude codecrackers to this very day.

It took nearly a decade before anyone announced a solution to the first three encryptions. A computer scientist named Jim Gillogly announced in 1999 that he had cracked passages 1, 2, and 3 with computer assistance.

The CIA, not to be one-upped, then revealed that one of their own employees, an analyst named David Stein, had solved those same three passages the year before, using only pencil, paper, and lunchtime man-hours.

But a 2013 Freedom of Information Act request into records of the National Security Agency revealed that an NSA team actually cracked those same three passages back in 1993 as part of a friendly rivalry between the NSA and CIA, provoked by former NSA director and then-deputy CIA director William O. Studeman.

[Image courtesy of G.A. Matiasz.]

Passage 1 employs a Vigenère cipher, a letter-shifting cipher that has been used for centuries, also known as a periodic polyalphabetic substitution cipher, if you want to get fancy with it.

The message, penned by Sanborn himself, reads Between subtle shading and the absence of light lies the nuance of iqlusion. [Iqlusion is an intentional misspelling of “illusion.”]

Passage 2 also employs a Vigenère cipher, but utilizes a different keyword than Passage 1. The message, also composed by Sanborn, points toward something hidden nearby:

It was totally invisible. How’s that possible? They used the earth’s magnetic field. x The information was gathered and transmitted undergruund to an unknown location. x Does Langley know about this? They should: it’s buried out there somewhere. x Who knows the exact location? Only WW. This was his last message. x Thirty eight degrees fifty seven minutes six point five seconds north, seventy seven degrees eight minutes forty four seconds west. x Layer two. [Again, there’s an intentional misspelling here with “undergruund.”]

Passage 3 uses a transposition cipher, which relies on the positioning of given letters in order to properly spell out a message. The message is inspired by the words of Howard Carter, the archaeologist who opened King Tut’s tomb:

Slowly, desparatly slowly, the remains of passage debris that encumbered the lower part of the doorway was removed. With trembling hands I made a tiny breach in the upper left-hand corner. And then, widening the hole a little, I inserted the candle and peered in. The hot air escaping from the chamber caused the flame to flicker, but presently details of the room within emerged from the mist. x Can you see anything? q [Again, there’s an intentional misspelling with “desparatly.”]

[Image courtesy of Unmuseum.org.]

Although some codebreakers believe the misspellings of “iqlusion,” “undergruund,” and “desparatly” are simply Sanborn’s crafty attempts at misdirection, others believe they are clues hinting at how to crack Passage 4, which is only 97 characters long.

Sanborn has even offered hints to help frustrated solvers in their efforts to unravel the mystery of Passage 4. In 2006, he revealed that letters 64 through 69 in the passage, NYPVTT, decrypt to “Berlin.”

And in 2014, Sanborn revealed that letters 70 through 74, MZFPK, decrypt to “clock.” So the message has something to do with the Berlin Clock, although Sanborn has stated “there are several really interesting clocks in Berlin.”

[Image of the Berlin Clock courtesy of Secret City Travel.com.]

Amazingly, even if someone does crack Passage 4 someday, that’s not the end of the journey. All four passages are part of a riddle to unravel to truly solve the Kryptos puzzle, and apparently, doing so requires you to be on CIA property. That’s no small feat.

Jim Sanborn has truly created a beautiful, diabolical puzzle for the ages here. I wonder who will step up to finally solve this masterpiece.


Thanks for visiting PuzzleNation Blog today! Be sure to sign up for our newsletter to stay up-to-date on everything PuzzleNation!

You can also share your pictures with us on Instagram, friend us on Facebook, check us out on TwitterPinterest, and Tumblr, and explore the always-expanding library of PuzzleNation apps and games on our website!