In this issue
Issue #24 August 29, 2013 Aug 29, 2013 Aug 29
Issue #9 January 31, 2013 Jan 31, 2013 Jan 31
Issue #1 October 11, 2012 Oct 11, 2012 Oct 11
From Issue #14 April 11, 2013

Code Dependency

A sculpture presents an enduring mystery that resists solutions.

By Mark Siegal Twitter icon 

The Kryptos sculpture at CIA headquarters remains among the world’s most famous unsolved codes despite over 22 years of hints from its creators.

The sculpture’s centerpiece, hidden away in a courtyard, features curved copper plates that together stand nearly 10 feet tall. Carved out of the plates with a jigsaw are 1,732 letters and four question marks. Half of these characters encode four sets of encrypted messages, each more difficult than the last.

Like many Kryptos aficionados, I’ve spent hundreds of hours wrestling with the final unsolved piece of the code. Perhaps the greatest mystery isn’t the part left to extract. Rather, it’s why we’re still trying to solve this infuriatingly addictive puzzle.

Leveling up

Most of Kryptos was solved during the 1990s, initially by staff at the NSA and the CIA who didn’t publicize their accomplishments beyond the intelligence community. The first amateur cryptanalyst to get that far, Jim Gillogly, used his Pentium II. We now have faster computers in our pockets. But the fourth and final section, a tiny passage known as K4, seems to be impenetrable.

K4 has merely 97 characters. Just how short is that? It’s the same length as this paragraph, minus punctuation and spaces.

My fascination with Kryptos started in June 2005 after I heard an NPR story on my drive to work.1 As I slogged through Beltway traffic around D.C., this enigmatic sculpture felt irresistibly close. I could have driven there in under 30 minutes — well, after rush hour — not that it would have done me any good. The CIA allows a vanishingly small number of “approved academic and civic groups” to tour its grounds.

The closest that regular people can get to seeing Kryptos is buying a small replica from the Spy Museum Store or visiting one of the similar pieces made by the artist, Jim Sanborn, such as Antipodes at the Smithsonian’s Hirshhorn Museum and Sculpture Garden. Otherwise, one has to rely on pictures posted by the rare visitor, such as Gillogly or Elonka Dunin, a leading expert on Kryptos.

Kryptos adepts keep poking at K4, tantalized by patterns that emerge from those apparently random characters. Our efforts surge when prompted by new hints or theories. There have been reports of fans becoming truly obsessed, even to the point of quitting their jobs. Some of those stories were later refuted, at least in their intensity. It’s possible that expert cryptanalysts at the NSA or CIA or elsewhere have solved K4 and don’t want it publicized. That’s another reason why Kryptos is so maddening.

The fame of Kryptos has inspired numerous Web sites for those who want to learn more or, ideally but less likely, find the solution. Dunin’s Kryptos page provides an excellent starting point. The Rumkin site has cryptographic tools that could be useful for experimenting with K4, including the decryption techniques used in K1 and K2 and K3. These might be used in tandem or in part for K4.

Individual codebreakers have also developed tools for their own attempts, such as the program Gillogly used to solve K1–K3.2 Purists, like the CIA employee who quietly achieved the same goal a year earlier, can use pencil and paper.

If you think you’ve figured out the answer to K4, Sanborn has a page where you can enter the first 10 letters and see if you’re correct.

Sudoku for masochists

There are several possible reasons why K4 has remained unsolved for so long. It’s very short, which generally makes it harder to gain insights from letter frequencies and n-gram repetitions.3 In addition, K4 could employ masking techniques to make such frequency analyses even less helpful. The encryption might combine multiple techniques in sequence or use a nonstandard technique that relies on aesthetics rather than on methods commonly known to cryptanalysts.

Maybe there was an error in the encryption process that makes solving it all but impossible. Or maybe Sanborn is just messing with us and K4 is an elaborate hoax.

Kryptos remains a great challenge to geeky muscles by demanding both math and programming skills along with a love for ferreting out elusive patterns. Unlike most puzzles, however, Kryptos can become a bottomless time-sink with little prospect of a satisfying reward. When you get stuck and frustrated, the solution isn’t readily available. Rather, it’s locked in a safe deposit box, the location of which Sanborn has kept to himself and a few others.

Like providing a proof for a theorem that previously lacked a solution, trying to decrypt a famously knotty code has elements of megalomania in the act. The possibility is remote that you’ll experience an epiphany that lets you break through where others have failed, even though examples abound of such flashes of genius in the mathematical world.

For the rest of us, it’s lonely and slow going. Two prominent Kryptos experts — Gary Warzin and Dunin — decided to facilitate pooling expertise and started a discussion group in May 2003 for people to work together on a solution to K4. (Warzin passed away in 2005, two months after I joined the group.) Nearly a decade later, the Kryptos Group has about 2,000 members and over 14,000 messages.

“Our goal is to provide a comfortable environment for the open exchange of ideas,” the group charter says. “This can be difficult to achieve when one of the individual goals has always been to be ‘the one’ to crack the cipher.”

Many of these discussions take the form of wild brainstorming. After so long without a solution to K4, it’s like being in sensory deprivation. Almost any theory can feel plausible, though they may seem (and probably are) far too esoteric or convoluted to be the right path.

But sometimes the group strikes gold.

In October 2005, a group member was experimenting with shifts of the known keywords and found the previously undiscovered text LAYERTWO at the end of K2, where the established plaintext was IDBYROWS instead.4 Six months later, Sanborn reached out to Dunin to say he realized that the existing solution for K2 wasn’t quite correct. The group used this information, along with the previous reconnaissance, to determine that XLAYERTWO is the intended plaintext for the end of K2. The confusion arose from Sanborn leaving off a letter from the sculpture, ostensibly for aesthetic reasons, though perhaps an accident of design or construction.

Clues, corrections, and red herrings

Kryptos is unusual among famous unsolved codes in that Sanborn and the former CIA employee who helped teach him about cryptography, Ed Scheidt, are both still around giving mysterious interviews and doling out hints. This can be painful and encouraging.

Sanborn revealed the most substantial clue so far on the 20th anniversary of the dedication of Kryptos at the CIA. He disclosed a complete word from the final plaintext (BERLIN) as well as which encrypted characters it lines up with from K4. This clue was also Sanborn’s way of acknowledging that even he is getting a little exhausted about it taking so long to solve Kryptos.

In addition to that outright bit of text, as well as the K2 correction, many other hints of unknown veracity and usefulness have been cajoled out of Sanborn and Scheidt. Along with interviews, some information has come from their direct conversations with amateur cryptanalysts, particularly those in the Kryptos Group. These often take the form of a joint meal, timed with a Cryptologic History Symposium that NSA sponsors every other year.5

I was at one of the first such meals in 2005, a few months after I joined in on the cracking effort. About a dozen of us from the Kryptos Group were there trying to pump Sanborn and Scheidt for clues over a sushi lunch several blocks from the White House. Whitfield Diffie was present too, but mainly because he’s friends with Scheidt.

Amidst our spicy tuna rolls and polite interrogation, Sanborn asked for help making corrections to Kryptos replicas that he had brought. He wanted them to faithfully represent Kryptos as it exists at the CIA. These prototypes included the six-inch version that can now be purchased from the Spy Museum Store for $150. (He was also gauging our interest about whether we might buy one.)

Extrapolating from those conversations, and from the ways in which this replica differs from the actual sculpture, we can make certain deductions. For example, there’s an extra “L” on the half of Kryptos that doesn’t contain the code. That letter is missing from the replica, so it was probably a mistake made while cutting out all the sculpture’s letters.

There are also differences in the kerning, font, and justification used on the replica. As we pestered Sanborn, he acknowledged that the process of making Kryptos generally didn’t allow him to keep track of and control the typography at that level. This seems to rule out any theories involving steganography using sculpture-wide letterspacing.

Until the solution to K4 is known, it’s impossible to distinguish which of these hints are genuine clues as opposed to red herrings, misunderstandings, or errors that were claimed as intentional. But it’s equally impossible to resist seeking out more hints and trying our best to decipher them.

Be sure to drink your Ovaltine

For some, these continued attempts to crack K4 explain themselves: as with any mystery, it must be solved because it’s there, like a mountain yet to be summited.

Others are curious about the plaintext itself, with or without the sense that this message — or other mysteries that it leads to unlocking — has implications for any Dan Brown-esque intrigues.

People like me don’t care much about K4’s remaining 91 characters of plaintext, even if it turns out to be nothing but a crummy commercial for Ovaltine. We care about the decryption technique. Were any of our theories right? Did we all overlook something obvious?

Whatever your reasons, however long you persevere, Kryptos is a worthy challenge. And I’m not just saying that so one of you will finally solve the damn thing for the rest of us.

Photo by the Central Intelligence Agency.

  1. Around that time, media attention and public interest had been increasing for the already well-known Kryptos, mostly due to a reference on the dust jacket of Dan Brown’s book The Da Vinci Code, released in 2003. I actually first heard of Kryptos in early 1992, before any of it had been solved. A company newsletter for my favorite roleplaying game had printed a question from me in the same issue as another person’s question about Kryptos. 

  2. My own improvised scripts and spreadsheets have proven far less fruitful in terms of breaking new ground. And yet Kryptos has motivated me to do more enthusiastic programming than almost anything else in my life. The main rival would be from when I was in middle school, around the time Kryptos was dedicated: using a hand-me-down Apple II Plus, I made a Batcomputer-style database of my older brother’s friends, complete with secret passwords to access details about their superhero alter egos. 

  3. Although K1 is even shorter, at only 63 characters, it uses an encryption process that seems to be far more forgiving. It also conveniently has a five-letter sequence that is repeated twice, helpfully lining up with one of the keywords needed to decrypt that section. 

  4. I have a role in this correction, as noted on the Kryptos timeline that Dunin maintains, but it’s so minor that mentioning it doesn’t even count as a humblebrag. 

  5. For anyone who might be interested, the next Cryptologic History Symposium is scheduled for October 2013, possibly including another Kryptos Group meal with Sanborn and Scheidt. 

Mark Siegal is a tech nerd who lives near Washington, D.C. His background includes science writing, book publishing, and various magic tricks with spreadsheets.

You can purchase our complete archives, almost 300 articles, as a DRM-free ebook in PDF, EPUB, and MOBI formats. We ceased publication of new work on December 18, 2014.
You can purchase our complete archives, almost 300 articles, as a DRM-free ebook in PDF, EPUB, and MOBI formats.
©2016 Aperiodical LLC. The Magazine's online ISSN: 2334-4970. We ceased publication on December 18, 2014. You can purchase our complete archives, almost 300 articles, as a DRM-free ebook in PDF, EPUB, and MOBI formats. Read our privacy policy. Learn more about us. Billing troubles? Email us. Talk with us on Facebook and Twitter. Consult our FAQ for more answers. iPhone, iPad, and iPod touch are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc.