Disclaimer: This page has the original puzzles, and additionally the full solution including the reasoning behind the puzzles for Crypto & Privacy Village at BSidesSF 2020. If you would like to work on this, please close this page after copying down the puzzles!
Puzzles
You can either look at the puzzles here or the original PDF.
Message 0:
GOVMYWO DY MBIZDY KXN ZBSFKMI FSVVKQO KD DRO DOXDR LCSNOC SX CKX PBKXMSCMY
Message 1:
YCEMXIEMY XJIDKY UCZGXJMEYMFVMY CWX LZCE BMZBFMTIDK CWZYMFVMY XJMD MVMZSJIDK PMOCEMY VIVINFS OFMQZ LZCE PQYIOY
Z:
IOERTNTHGWERTGTEAHSUIOIASISRSNARSLEEFWTEELSEAHMPGNIETINCSNXCIEEK
LA TABLE:
QNDPNNLSMAANIJRPASNDPKQWDKSSJNMQSRQNCDTXOBVJBKQFOMDVHHAU
ENCORE:
CBACRQRTMXHVGXTNLLYXDSKHIACFRN
Friendly reminder that if you would like to work on these puzzles without any hints or the solutions, please avoid scrolling past this. Message 0, Message 1, Z, La Table, and Encore are the five puzzles.
Puzzle Overview
For a smaller two day conference I wanted to make puzzles that were approachable and with each puzzle teach folks, whether entirely new to classical ciphers or have solved plenty before, something new. The intent of the puzzles was to teach folks to do things in a methodical way to eventually introduce then graduate them to modern day cryptographic concepts.
Consequently, this revealed some very convenient tools many of us challenge makers have and use in our challenges to buy time (or just use to spin up challenges quickly). This was intentional as I’d personally like to see new challenges where challenge makers push themselves outside of their comfort zones, myself included!
The first two puzzles, Message 0 and Message 1, both use the same classical cipher with Message 1 being a variant of the one initially in Message 0. The puzzle Z was a standalone classical cipher wise to break things up. The final two, La Table and Encore, both shared the same classical cipher with Encore additionally being a different classical cipher. All of the puzzles, outside of La Table, shared an Easter egg relating to it being the 10 year anniversary of BSidesSF.
Message 0: Caesar Cipher
GOVMYWO DY MBIZDY KXN ZBSFKMI FSVVKQO KD DRO DOXDR LCSNOC SX CKX PBKXMSCMY
A classical cipher challenge that begins with the beloved Caesar cipher. It’s a fun introductory cipher that lends itself nicely in teaching other ciphers. What mattered here then was incorporating the number 10 in for the BSidesSF 10 year anniversary, alongside having participants learn how to crack classical ciphers by hand (or learn it conceptually then program it) by solving it methodically. To initially help start folks off at the tables that were new to the Caesar cipher, as an example I first wrote down the plaintext alphabet (aka what we’re reading now!):
ABCDEFGHIJKLMNOPQRSTUVWXYZ | "HI" | Plaintext
And to consider the word “hi” there (conveniently in the English alphabet “h” and “i” are right next to each other). How could we say “hi” in another way, but, differently? We could do the following:
ABCDEFG HI JKLMNOPQRSTUVWXYZ | "HI" | Plaintext
BCDEFGH IJ KLMNOPQRSTUVWXYZA | "IJ" | Ciphertext (1 shift)
“IJ” is another way of saying “HI” by writing the alphabet starting with “B” to “Z”, then adding the “A” back at the end. In other words, “HI” is “IJ” in the alphabet of “B” to “A”. We can repeat this for the entirety of the alphabet from A to Z!
ABCDEFGHIJKLMNOPQRSTUVWXYZ | "HI" | Plaintext
BCDEFGHIJKLMNOPQRSTUVWXYZA | "IJ" | Ciphertext (1 shift)
CDEFGHIJKLMNOPQRSTUVWXYZAB | "JK" | Ciphertext (2 shifts)
DEFGHIJKLMNOPQRSTUVWXYZABC | "KL" | Ciphertext (3 shifts)
EFGHIJKLMNOPQRSTUVWXYZABCD | "LM" | Ciphertext (4 shifts)
...
XYZABCDEFGHIJKLMNOPQRSTUVW | "EF" | Ciphertext (23 shifts)
YZABCDEFGHIJKLMNOPQRSTUVWX | "FG" | Ciphertext (24 shifts)
ZABCDEFGHIJKLMNOPQRSTUVWXY | "GH" | Ciphertext (25 shifts)
With the full table (which is conveniently the Vigenère table/square) in hand and switching back to the puzzle I encouraged folks to write down the first word:
GOVMYWO
Then try some shifts!
…aka all of them to get in some practice in doing this methodically (and also more accurately because I adore doing it this way) alongside some good habits such as methodically keeping track of shifts by numbering them:
0 | GOVMYWO | The puzzle itself
1 | HPWNZXP
2 | IQXOAYQ
3 | JRYPBZR
4 | KSZQCAS
5 | LTARDBT
6 | MUBSECU
7 | NVCTFDV
8 | OWDUGEW
9 | PXEVHFX
10 | QYFWIGY
11 | RZGXJHZ
12 | SAHYKIA
13 | TBIZLJB
14 | UCJAMKC
15 | VDKBNLD
16 | WELCOME | and (hopefully) the plaintext!
17 | XFMDPNF
18 | YGNEQOG
19 | ZHOFRPH
20 | AIPGSQI
21 | BJQHTRJ
22 | CKRIUSK
23 | DLSJVTL
24 | EMTKWUM
25 | FNULXVN
Eventually a word appears! I encouraged folks to finish the rest however they desired to, whether using the Vigenère table/square they wrote earlier or via coding.
Note
I wrote [all] the challenges in reverse (by hand in my graph paper journal with pen) from the original plaintext messages to the ciphertexts. If one moves forward in the alphabet (i.e. A -> B, B -> C, C -> D, ...) the shift from "GOVMYWO" to "WELCOME" is +16. However, if we move backwards (i.e. A -> Z, Z -> Y, Y -> X, ... ) the shift is -10. When I wrote them, I did this thinking a shift of +10 (or -16) in my mind.
Message 1: Atbash
YCEMXIEMY XJIDKY UCZGXJMEYMFVMY CWX LZCE BMZBFMTIDK CWZYMFVMY XJMD MVMZSJIDK PMOCEMY VIVINFS OFMQZ LZCE PQYIOY
As noted in the overview, Message 0 and Message 1 use the same classical cipher with Message 1 using a variantion of the cipher in Message 0, i.e. the Caesar cipher. The naming scheme of Message 0 and Message 1 was intended to convey they’re related; I helpfully encouraged new folks in particular to additionally look at the visual similarities in the formatting of the puzzles for future challenges they may encounter, thus learning how to potentially identify ciphers visually.
As I encouraged participants to solve the challenges methodically, many participants tried the same methodology as above with the first word. This puzzle was intended to show participants: puzzle solving isn’t about guessing the correct cipher so much as it’s about narrowing down what methods don’t work, thus don’t rule out [ciphers] until after fully proving that specific [ciphers] reproducible methods don’t work and move on; there’s always more than one way of solving, looking at, or doing something; to try and look at problems in another way! The hint I gave out for this puzzle was: “This is the same thing [as _Message 0], exact same methodology, just different.”
With solving the first puzzle, folks walked away from it with a Vigenère table/square in the alphabet of A-to-Z for the ciphertext, with the plaintext found in the same column in the same table. In Message 1, a Vigenère table/square was used but from Z-to-A for the ciphertext, with the row for the plaintext this time not in the table. As an example:
ABCDEFGHIJKLMNOPQRSTUVWXYZ | "HI" | Plaintext
ZYXWVUTSRQPONMLKJIHGFEDCBA | "SR" | Ciphertext
This is otherwise known as the Atbash cipher, where the alphabet is flipped around (Z-to-A) and matched to the original alphabet (A-to-Z). Hopefully this sounds familiar, but lets repeat this pattern a few more times for the full Atbash table, aka the Vigenère table/square reversed horizontally, to finish out the previous example:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z | "HI" | Plaintext
Z Y X W V U T S R Q P O N M L K J I H G F E D C B A | "SR" | Ciphertext/Atbash
Y X W V U T S R Q P O N M L K J I H G F E D C B A Z | "RQ" | 1 shift
X W V U T S R Q P O N M L K J I H G F E D C B A Z Y | "QP" | 2 shifts
W V U T S R Q P O N M L K J I H G F E D C B A Z Y X | "PO" | 3 shifts
V U T S R Q P O N M L K J I H G F E D C B A Z Y X W | "ON" | 4 shifts
U T S R Q P O N M L K J I H G F E D C B A Z Y X W V | "NM" | 5 shifts
T S R Q P O N M L K J I H G F E D C B A Z Y X W V U | "ML" | 6 shifts
S R Q P O N M L K J I H G F E D C B A Z Y X W V U T | "LK" | 7 shifts
R Q P O N M L K J I H G F E D C B A Z Y X W V U T S | "KJ" | 8 shifts
Q P O N M L K J I H G F E D C B A Z Y X W V U T S R | "JI" | 9 shifts
P O N M L K J I H G F E D C B A Z Y X W V U T S R Q | "IH" | 10 shifts
O N M L K J I H G F E D C B A Z Y X W V U T S R Q P | "HG" | 11 shifts
N M L K J I H G F E D C B A Z Y X W V U T S R Q P O | "GF" | 12 shifts
M L K J I H G F E D C B A Z Y X W V U T S R Q P O N | "FE" | 13 shifts
L K J I H G F E D C B A Z Y X W V U T S R Q P O N M | "ED" | 14 shifts
K J I H G F E D C B A Z Y X W V U T S R Q P O N M L | "DC" | 15 shifts
J I H G F E D C B A Z Y X W V U T S R Q P O N M L K | "CB" | 16 shifts
I H G F E D C B A Z Y X W V U T S R Q P O N M L K J | "BA" | 17 shifts
H G F E D C B A Z Y X W V U T S R Q P O N M L K J I | "AZ" | 18 shifts
G F E D C B A Z Y X W V U T S R Q P O N M L K J I H | "ZY" | 19 shifts
F E D C B A Z Y X W V U T S R Q P O N M L K J I H G | "YX" | 20 shifts
E D C B A Z Y X W V U T S R Q P O N M L K J I H G F | "XW" | 21 shifts
D C B A Z Y X W V U T S R Q P O N M L K J I H G F E | "WV" | 22 shifts
C B A Z Y X W V U T S R Q P O N M L K J I H G F E D | "VU" | 23 shifts
B A Z Y X W V U T S R Q P O N M L K J I H G F E D C | "UT" | 24 shifts
A Z Y X W V U T S R Q P O N M L K J I H G F E D C B | "TS" | 25 shifts
To demonstrate how this was used in Message 1 we’ll use the following [shortest] word from Message 1:
CWX
And accordingly shift it using the above table:
| CWX | The puzzle itself
0 | XDC
1 | WCB
2 | VBA
3 | UAZ
4 | TZY
5 | SYX
6 | RXW
7 | QWV
8 | PVU
9 | OUT | and (hopefully) the plaintext!
10 | NTS
11 | MSR
12 | LRQ
13 | KQP
14 | JPO
15 | ION
16 | HNM
17 | GML
18 | FLK
19 | EKJ
20 | DJI
21 | CIH
22 | BHG
23 | AGF
24 | ZFE
25 | YED
This did rotate around the traditional plaintext and ciphertext setup of Atbash. That was intentional in showing even with the same cipher you can get different results on the order of operations such as flipping around the plaintext and ciphertext. Hopefully foreshadowing!
Z: Rail Fence
IOERTNTHGWERTGTEAHSUIOIASISRSNARSLEEFWTEELSEAHMPGNIETINCSNXCIEEK
As hinted by the title, Z is a rail fence cipher. While I set it to 10 rails (for the BSidesSF 10 year anniversary Easter egg), this was not a standard rail fence as I started the positioning elsewhere. This is a puzzle that, once folks demonstrated and clearly understood they knew how the cipher worked and variations (e.g. different starting positions), I encouraged them to write a tool to complete (or find an existing one) simply because of time. I did secretly hope, and some folks did pick up on this and did solve Z quickly this way, that people would also think how nicely 10 divides into 2, how awfully nicely pretty it looked to be near symmetrical, and maybe think about the puzzle like this:
0 | (TRADITIONAL START LOCATION)
1 |
2 |
3 |
4 | START OR END
5 | START OR END
6 |
7 |
8 |
9 | (TRADITIONAL START LOCATION)
While not technically necessary, the key for La Table was in this puzzle’s deciphered message.
La Table: Vigenère variant (Beaufort)
QNDPNNLSMAANIJRPASNDPKQWDKSSJNMQSRQNCDTXOBVJBKQFOMDVHHAU
While explaining the puzzle sheet to folks, I informed participants that this was the only puzzle that did not use the Easter egg hint (10) in the other puzzles. The key for this puzzle was in Z but not immediately clear to folks who did solve Z, outside of a vague hint that everything they needed for this puzzle was already on their sheets (if they had solved Z and wrote down their Vigenère tables/square) but not technically necessary to solve La Table. The title La Table, or “the table” in French, was also chosen to serve as a hint to the puzzle being Vigenère, especially for participants who heard me lovingly keep referring to their tables they wrote down in Message 0 and Message 1 as a Vigenère table and just coincidentally how useful they are for other puzzles and ciphers that build up on basics like this.
I intentionally wrote a message that did not require filler characters and broke down evenly with the intended block to be 8x6 characters:
0 | QNDPNNLS
1 | MAANIJRP
2 | ASNDPKQW
3 | DKSSJNMQ
4 | SRQNCDTX
5 | OBVJBKQF
6 | OMDVHHAU
Some folks tried out the key from Z but moved on when it didn’t work. When I broke down the Vigenère cipher to folks, I let folks know that there were three distinct outcomes depending on the order of operations:
TOP | MID | LEFT
----------------------
1: Plain -> Cipher -> Key
2: Plain -> Key <- Cipher
3: Cipher -> Plain -> Key
Or in a more visual form:
Encore: Autokey with Vigenère variant (Beaufort)
CBACRQRTMXHVGXTNLLYXDSKHIACFRN
Puzzle Answers
Message 0:
WELCOME TO CRYPTO AND PRIVACY VILLAGE AT THE TENTH BSIDES IN SAN FRANCISCO
Message 1:
SOMETIMES THINGS WORK THEMSELVES OUT FROM PERPLEXING OURSELVES THEN EVERYTHING BECOMES VIVIDLY CLEAR FROM BASICS
Z:
SITTING ON FENCES I AWAIT TO HEAR THE NEXT MESSAGE WHILE PICKING LES SERRURES
LA TABLE:
CROCHETAGE REMINDS ME OF HOW PUZZLES CAN BE SOLVED WITH ONES OWN KEY
ENCORE:
A KEY TO HACK THE WORLD TO A BETTER ONE