bitmongerMarch 26, 2014 9:08 AM

So it's just a substitution cipher?

The real piece of news I feel that should be in the story is how long did it take to crack this trivial thing?

I don't see that part mentioned.

BJPMarch 26, 2014 9:16 AM


Looks like a pair of simple substitution ciphers, with the third character encoding cipher Uno or cipher Dos. Couple that with their apparent belief that not using spaces will make decoding impossible and a little knowledge goes a long way, but not quite far enough.

HopscotchMarch 26, 2014 10:56 AM

That actually makes a really nice example for teaching cryptography 101. Is there a full ciphertext available for students to crack? The picture in the article includes a snippet on the bottom, but it seems to be cropped on the right-hand side.

SteveMarch 26, 2014 10:58 AM

"unless they get this piece of paper, which you can't just have anywhere; you have to hide it."


KentonMarch 26, 2014 11:11 AM

Ha, ha, I love this part:

"...They won't know that we are communicating, and it will be impossible to understand, unless they get this piece of paper, which you can't just have anywhere; you have to hide it.""

User education fail. No matter how hard or simple this cypher was, failure to secure the key was its downfall.

derfMarch 26, 2014 11:53 AM

@bitmonger: They didn't crack it. They found the key.

I like how the example at the bottom of the second image is mis-labeled: GZM should be Sistema de Clave _Uno_, not Dos, according to the key they gave.

LarsonMarch 26, 2014 12:26 PM

Came to think of something...

Would it be possible to implement ciphers relying on elliptic curve cryptography on just pen and paper?

Or are pen+paper schemes always limited to simpler forms of crypto?

hermanMarch 26, 2014 1:17 PM

What is newsworthy, is that the Mexican Police is so inept that they actually needed the key and instructions before they could read that simple cypher.

Chris SMarch 26, 2014 2:21 PM

There's certainly a number of problems with the training materials.

The example using numbers is incorrectly encoded - after the initial "ZZ", should be "XXZ", not "XZZ". There are other difficulties, such as no "letter shift", meaning that once you start encoding numbers, there is no standard way to go back to letters. And for code "Uno", you can't encrypt numbers at all. The use of puncutation for encoded punctuation will provide a big help to anyone doing codebreaking.

Since it uses two keys and overlaps the number substitution, and also since messages are going to be short, it could take some time to assemble enough keyed material to understand the layout. But once you have enough, it should be easy enough to line up all the messages and see patterns.

I would also note that manual codebreaking is a very rarely practiced skill, and I'm not surprised or concerned that a police force didn't decode it. Moreover, we have no indication that they ever found encrypted messages. If most users are deleting both sent and received messages almost immediately, then it could easily have been the case that finding the note was the first indication that a cipher was in use.

The article is rather thin on details, so we don't know if it was the code itself which contributed to the conviction, or if it was the content of messages that were found which was more important.

Still ... cool.

NateMarch 26, 2014 3:30 PM

"If most users are deleting both sent and received messages almost immediately, then it could easily have been the case that finding the note was the first indication that a cipher was in use."

It's possible to delete SMS messages from a cell phone company's logs? And/or there's a jurisdiction somewhere in the world where police don't have automatic access to these logs?

RonKMarch 26, 2014 3:44 PM

@ Larson

Last time I checked, "pen+paper+brain" was Turing-complete, so: possible, yes; practical, probably not.

As Paddy Steed suggested, they could have used Solitaire, because then they'd only have to have the instructions inside a book, something a bit less obvious. Even though Solitaire is not really cryptographically secure, for short enough messages its weaknesses probably don't make a big difference.

Even better would be to use Solitaire as a whitener, and then follow up with something like a four-square cipher. Unfortunately, even Solitaire alone would probably be too complicated for the average drug mule to use.

AnuraMarch 26, 2014 4:16 PM

Another possibility is to use a 36x36 grid with 0-9, A-Z. The column index is the previous ciphertext, and the row index is the current plaintext character. Each character must appear in each column exactly once, but there is no requirement for rows. Choose a letter at random (e.g. via rolling a dice twice) for your first "ciphertext" character, and then it's just simple lookups.

This should significantly increase the number of plaintexts needed to break it, without making it too complicated.

Still fails if you don't keep your key secret.

David in TorontoMarch 26, 2014 4:24 PM

Given that it appears to be two fixed simple substitution ciphers it's possible to break single messages by hand.

Given any message depth and computers ...

I wonder
* how secure they thought this was?
* why the drug traffickers didn't change the code when someone was arrested?

@herman, you're making assumptions. It could have gone down any number of ways ... like:
cop 1: looks like two known criminals are using a code, let's break it
cop 2: why don't we just arrest one of them before we waste the effort to fill out the paperwork to get someone to look at it and time while it sits on their desk
cop 1: ya, that works

David in TorontoMarch 26, 2014 4:27 PM

@Chris - Unless it's significantly harder than two simple substitutions there are literally many thousands of people with the manual skills to break this. If there wasn't the case your daily papers wouldn't have crypto puzzels

Chris AbbottMarch 26, 2014 10:11 PM

A sub cipher for text messages? Why didn't they just use something like TextSecure? You can encrypt over the air and locally on your handset.

yesmeMarch 27, 2014 12:54 AM

They understood that having a simple crypto is better than having none at all. You don't need any device and anyone can understand it. Encrypting and decrypting is a matter of minutes. The only thing they need to do is update the keys regularly and keep the messages short. I probably wouldn't use it as a replacement for AES, but considering the "application" and the people involved, I think it's quite practical.

Anonymous 777April 1, 2014 7:35 PM

There was this nice letter from Prohibition era where farmer bragged about his big sow and invited to see new piglets he had for sale. What happen to this simple form of relaying the message?

LeeHammApril 4, 2014 9:27 AM

@herman. A little assumption betraying racism here? This was in Chile, not México.

DavidMarch 23, 2015 7:36 PM

Wow. A child could've broken that. Simple frequency analysis over multiple messages would work effectively.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.