Now that I got your attention 
, here’s my reasoning.
More specifically, Dan Olson of FBI says:
"Lines 1-3 and 11-13 contain a distinct higher level of randomness than lines 4-6 and 14-16. This appears to be intentional and indicates that lines 1-3 and 11-13 contain valid ciphertext whereas lines 4-6 and 14-16 may be fake."
http://zodiackillerciphers.com/wiki/ind … _Dan_Olson
While the first part is certainly true, lines 1-3 and 11-13 do not contain any repeats, so they are "more random", but I believe the conclusion he makes is without merit. I’ve tried constructing multiple ciphertexts similar to Z340, that contain a valid plaintext taken from other Zodiac letters, using a simple homophonic substitution used in Z480. It turns out it is very trivial to get the same characteristics of no repeats on some lines and several repeats on others. In fact, you can do it to pretty much any line without even having to alter your plaintext in any way. The key is to have multiple homophones for each plaintext letter, which is certainly the case for Z340 with whopping 63 cipher symbols for 26 letters of presumably English alphabet, and secondly, you need to switch from sequential use of homophones to random order from line to line. Here’s why — if you pick homophones strictly sequentially, and you are lucky with your plaintext not to have too many repeating rare letters, you won’t have any repeats for a long time. If you pick homophones for the same letters randomly, you bound to get more repeats. So if Zodiac used sequential homophones selection for lines 1-3, but then switched to random for lines 4-10, and then went back to sequential for lines 11-13 and then back to random for the rest of cipher, you’d have the exact same "unevenness of randomness" exhibited by Z340 for pretty much any plaintext. Why would he do that? To make deciphering harder, to break up the homophone cycles.
But in fact, Zodiac didn’t even do that. If you observe more carefully, only lines 1-3 are "special", and lines 11-13 just happen to look "more random" because the ciphertext has 17 columns. Don’t believe me? Go the the excellent Webtoy tool:
http://www.oranchak.com/zodiac/webtoy/stats.html
and change the layout of Z340 from the default "20×17" grid to double the number of columns (click on "10×34"). It combines each of 2 original rows into 1 long row. You’ll see now that only row 1 (original rows 1-2) has a few repeats, which is expected for a sequential homophonic substitution cipher. Row 6 (starts with U+R), which is a combination of original rows 11-12, now has a huge number of repeats, so is row 7 (original rows 13-14). Row 8 has surprising low number of repeats, but original rows 15-16 also had low repeats, and it could just be due to plaintext being non-repeating in that section.
So you see, rows 11-13 in the original ciphertext are *not* that special, and the whole idea of the cipher being split in two and then the left half placed on top of the right half, which is what Dan Olson suggested on a few occasions, doesn’t seem likely.
I know that I’m contradicting what a well known and respected FBI crypto-analyst has said, and I have a total of a couple of months of experience and knowledge trying to break Z340, compared to decades of experience on Dan’s part, so I could be totally off in my conclusions. But logic above suggests otherwise. What do you think, am I missing something?
Now, the fact that rows 1-2, even when combined into one, have much lower number of repeats compared to the rest of the ciphertext is a very good sign! It does suggest that we are looking at a homophonic substitution, and that Z likely started with sequential assignment of homophones. Although it could also be because the plaintext has few repeats in the first two lines, but it is less likely.
I though Dan Olson said the cipher WAS homophonic substitution?
Here’s the thing, we have software that can solve the 408 in a matter of seconds. People have hammered the 340 with all this great software for years and never cracked it. This would suggest it is not homophonic substitution. It’s probably something else with Z’s homophonic substitution step after the initial encryption.
First we assume of course that the 340 is a normal cipher in the sense that it’s encrypted plaintext also of length 340.
Traditional homophonic encryption has been essentially ruled out due to repeated failure to get a solution through ZkDecrypto or manually through familiar methods of attacking homophonics. ZkD also rules out traditional homophonic encryption if the message is in German, French, Italian or Spanish.
Homophonic encryption that was preceded by a Caesar shift of the plaintext has been ruled out – it’s been shown that ZKD deals with such ciphers with no extra difficulty.
Vigenere, either pre- or post-homophonic step, has been ruled out due to the lack of familiar IoC peaks expected for Vigenere encrypted messages.
Bifid encryption preceding homophonic encryption has been ruled out through analysis here on the forum.
Columnar or diagnoal transposition ruled out by FBI.
Linear transposition not ruled out, but has to be more complex than rearranging lines at random or inserting a couple of filler lines.
Message being split into 4 quadrants with a different key in each is ruled out as unsolvable because the quadrants contain too few repeats.
Message being split into halves at line 10 with 2 different keys is ruled out because the halves do not solve indidivually, either.
I didn’t challenge the assumption that Z340 uses homophonic substitution. I do agree that it is likely what it is, with some other, unknown at this time, extra step(s) in the middle. I only challenge the notion that lines 11-13 being "more random" has any implication on how the ciphertext should be manipulated (i.e. the extra steps involved). Considering they are not actually "more random" at all, as shown in my initial post above. All I’m saying, we shouldn’t always take everything said even by real experts as absolute gospel every time. I’ve spend quite a bit of time thinking about the supposed 11-13 lines "anomaly" pointing to how Z340 was constructed. Instead, I should’ve done my own analysis and realized there was no anomaly at lines 11-13, and didn’t waste my time "folding" Z340 in half in various ways. Now, I’m not saying there isn’t something else that suggests it should be folded/split. Perhaps even FBI and Dan Olsen know something that we don’t, and he just can’t tell us, so he uses this phantom anomaly to point us in the right direction. 🙂
It’s probable that the SLA letter could be a clue that the cipher was constructed in Norwegian, maybe old Norse. I think before we rule out the possibility that Z used a homophonic substitution, an attempt at encrypting the message in Norwegian would be worthwhile.
daikon-
Just as a disclaimer, I am one of the main programmers on ZKDecrypto, and I agree with your points on Dan Olson. And I’m not the only one. Back when this came about, there was quite a bit of discussion on other forums, which I believe are now lost, sadly.
The overall consensus with most of the crypto folk was that the Dan Olson "findings" were not of much use, and I still tend to agree.
-glurk
(PS. It really is a shame that those older posts are lost, some due to intentional deletion, and others due to accident. But it is what it is, and many of those people don’t even actively post any longer, so… Well. Just lost discussion and information.)
(PSS. Some discussion is here: http://www.ciphermysteries.com/2011/09/ … 40-ciphers )
——————————–
I don’t believe in monsters.
glurk,
Ah, thanks for the confirmation! Being a relative newcomer to the Zodiac ciphers, I was a bit hesitant to post my doubts about FBI findings, since they are… well… _FBI_ findings. Good to hear that I’m not the only one who found their analysis to be a bit, hmmmm, shallow, shall we say? 🙂 I’m really glad I decided to join this forum. Hopefully my small contributions will in some way help solve this long-standing puzzle.
It’s probable that the SLA letter could be a clue that the cipher was constructed in Norwegian, maybe old Norse. I think before we rule out the possibility that Z used a homophonic substitution, an attempt at encrypting the message in Norwegian would be worthwhile.
I may be mistaken but I think that has been tried.
There was a Norwegian mathematician (a guy writing a doctoral thesis, IIRC) who looked at the 340 a while back. Pretty sure he examined the possibility that the plain text is Norwegian.
It’s sort of a moot point, though: It seems clear that the 340 isn’t a simple substitution cipher, so the "clew" cannot be – simply – that the plain text is not English.
We may not know the full story of their analysis. What we know about this is that 9 rows in the 340 have no repeats and 6 of them happen to be 1,2,3,11,12,13. They may have tested this to be somewhat uncommon perhaps?
I think it’s certainly a possibility that the 340 is in an untested language.
We may not know the full story of their analysis. What we know about this is that 9 rows in the 340 have no repeats and 6 of them happen to be 1,2,3,11,12,13. They may have tested this to be somewhat uncommon perhaps?
I think it’s certainly a possibility that the 340 is in an untested language.
That’s certainly possible, yes. But there has to be some twist in addition to that, no?
The 340 can’t simply be the 408 all over again *, only with a non-English language as the plain text – or am I wrong?
* In terms of the method he used.
We may not know the full story of their analysis. What we know about this is that 9 rows in the 340 have no repeats and 6 of them happen to be 1,2,3,11,12,13. They may have tested this to be somewhat uncommon perhaps?
I think it’s certainly a possibility that the 340 is in an untested language.
That’s certainly possible, yes. But there has to be some twist in addition to that, no?
The 340 can’t simply be the 408 all over again *, only with a non-English language as the plain text – or am I wrong?
* In terms of the method he used.
I believe it’s a possibility.
Or even in a broader sense, something that daikon may be hinting at, that something at the language level differs from what is expected, for English.
Jarlve,
You are very perceptive. 🙂 That’s exactly what I’m trying to test/confirm/disprove: whether Z340 *is* plain English and *is* a straight homophonic substitution cipher, but the plaintext is just in some way very different from an expected properties of English text. Z408 was already quite a bit "unusual" due to its liberal use of the letter "L" for example, so its chi2 stat was way off the expected for a normal English text. Which is also why I think ZKD v1.2 is a step in the wrong direction, as unlike v1.0 it appears to use chi2 as one of the factors to score the solved plaintext by default. It doesn’t hurt too much overall though, as IoC and 4/5-gram stats will still pull the solver in the right direction.
So I thought maybe Z340 uses a lot of somewhat rare words. What would they be for someone calling himself "Zodiac"? The obvious first thought – something about stars, constellations and zodiac signs. That hunch paid off right away as I was able to come up with a simple plaintext encoded with a 63-symbol straight homophonic substitution which fooled the current auto-solvers (ZKD+AZD): viewtopic.php?p=37034#p37034
The version of excellent AZD that you currently have in development was able to crack it though. Do you have plans to release this new improved version soon I hope?
So in what other ways an English text can be so different from "normal" English texts, as to fool auto-solvers? Misspellings obviously don’t matter, as Z408 was solved with a sizable number of those, and even several encryption errors on Zodiac’s part. I have another hunch, but I just don’t have the time right now to come up with a meaningful non-random text for another test. Maybe tomorrow.
Hm. Let’s say the plain text is written in a language which uses a non-Latin alphabet, then – would that qualify?
People used slide rulers in those days.
Hm. Let’s say the plain text is written in a language which uses a non-Latin alphabet, then – would that qualify?
If you mean that it’s an English text that uses different letters (different font?) then that would make no difference, as the substitution would be exactly the same, it would just map to different letters. If you mean it’s in a completely different language, other than English, I would love to test this hypothesis, and it should be fairly easy by using the correct IoC and 4/5-gram corpus for the corresponding language. The only problem is you need to be fluent in that language to see if the resulting plaintext means something, since you’ll be parsing a continuous stream of letters without word breaks. Personally, I’m only capable of doing that in English, and even then barely enough to read Z408. 🙂
I can see Zodiac writing a message in, say, Spanish. Or maybe even Latin. What other languages might have been popular in the ’60-’70s in the US? Esperanto maybe?
