bitmonger March 26, 2014 9:08 AM

So it’s just a substitution cipher?

The real piece of news I feel that should be in the story is how long did it take to crack this trivial thing?

I don’t see that part mentioned.

BJP March 26, 2014 9:16 AM


Looks like a pair of simple substitution ciphers, with the third character encoding cipher Uno or cipher Dos. Couple that with their apparent belief that not using spaces will make decoding impossible and a little knowledge goes a long way, but not quite far enough.

Hopscotch March 26, 2014 10:56 AM

That actually makes a really nice example for teaching cryptography 101. Is there a full ciphertext available for students to crack? The picture in the article includes a snippet on the bottom, but it seems to be cropped on the right-hand side.

Steve March 26, 2014 10:58 AM

“unless they get this piece of paper, which you can’t just have anywhere; you have to hide it.”


Kenton March 26, 2014 11:11 AM

Ha, ha, I love this part:

“…They won’t know that we are communicating, and it will be impossible to understand, unless they get this piece of paper, which you can’t just have anywhere; you have to hide it.””

User education fail. No matter how hard or simple this cypher was, failure to secure the key was its downfall.

derf March 26, 2014 11:53 AM

@bitmonger: They didn’t crack it. They found the key.

I like how the example at the bottom of the second image is mis-labeled: GZM should be Sistema de Clave Uno, not Dos, according to the key they gave.

Larson March 26, 2014 12:26 PM

Came to think of something…

Would it be possible to implement ciphers relying on elliptic curve cryptography on just pen and paper?

Or are pen+paper schemes always limited to simpler forms of crypto?

herman March 26, 2014 1:17 PM

What is newsworthy, is that the Mexican Police is so inept that they actually needed the key and instructions before they could read that simple cypher.

Chris S March 26, 2014 2:21 PM

There’s certainly a number of problems with the training materials.

The example using numbers is incorrectly encoded – after the initial “ZZ”, should be “XXZ”, not “XZZ”. There are other difficulties, such as no “letter shift”, meaning that once you start encoding numbers, there is no standard way to go back to letters. And for code “Uno”, you can’t encrypt numbers at all. The use of puncutation for encoded punctuation will provide a big help to anyone doing codebreaking.

Since it uses two keys and overlaps the number substitution, and also since messages are going to be short, it could take some time to assemble enough keyed material to understand the layout. But once you have enough, it should be easy enough to line up all the messages and see patterns.

I would also note that manual codebreaking is a very rarely practiced skill, and I’m not surprised or concerned that a police force didn’t decode it. Moreover, we have no indication that they ever found encrypted messages. If most users are deleting both sent and received messages almost immediately, then it could easily have been the case that finding the note was the first indication that a cipher was in use.

The article is rather thin on details, so we don’t know if it was the code itself which contributed to the conviction, or if it was the content of messages that were found which was more important.

Still … cool.

Nate March 26, 2014 3:30 PM

“If most users are deleting both sent and received messages almost immediately, then it could easily have been the case that finding the note was the first indication that a cipher was in use.”

It’s possible to delete SMS messages from a cell phone company’s logs? And/or there’s a jurisdiction somewhere in the world where police don’t have automatic access to these logs?

RonK March 26, 2014 3:44 PM

@ Larson

Last time I checked, “pen+paper+brain” was Turing-complete, so: possible, yes; practical, probably not.

As Paddy Steed suggested, they could have used Solitaire, because then they’d only have to have the instructions inside a book, something a bit less obvious. Even though Solitaire is not really cryptographically secure, for short enough messages its weaknesses probably don’t make a big difference.

Even better would be to use Solitaire as a whitener, and then follow up with something like a four-square cipher. Unfortunately, even Solitaire alone would probably be too complicated for the average drug mule to use.

Anura March 26, 2014 4:16 PM

Another possibility is to use a 36×36 grid with 0-9, A-Z. The column index is the previous ciphertext, and the row index is the current plaintext character. Each character must appear in each column exactly once, but there is no requirement for rows. Choose a letter at random (e.g. via rolling a dice twice) for your first “ciphertext” character, and then it’s just simple lookups.

This should significantly increase the number of plaintexts needed to break it, without making it too complicated.

Still fails if you don’t keep your key secret.

David in Toronto March 26, 2014 4:24 PM

Given that it appears to be two fixed simple substitution ciphers it’s possible to break single messages by hand.

Given any message depth and computers …

I wonder
* how secure they thought this was?
* why the drug traffickers didn’t change the code when someone was arrested?

@herman, you’re making assumptions. It could have gone down any number of ways … like:
cop 1: looks like two known criminals are using a code, let’s break it
cop 2: why don’t we just arrest one of them before we waste the effort to fill out the paperwork to get someone to look at it and time while it sits on their desk
cop 1: ya, that works

David in Toronto March 26, 2014 4:27 PM

@Chris – Unless it’s significantly harder than two simple substitutions there are literally many thousands of people with the manual skills to break this. If there wasn’t the case your daily papers wouldn’t have crypto puzzels

Chris Abbott March 26, 2014 10:11 PM

A sub cipher for text messages? Why didn’t they just use something like TextSecure? You can encrypt over the air and locally on your handset.

yesme March 27, 2014 12:54 AM

They understood that having a simple crypto is better than having none at all. You don’t need any device and anyone can understand it. Encrypting and decrypting is a matter of minutes. The only thing they need to do is update the keys regularly and keep the messages short. I probably wouldn’t use it as a replacement for AES, but considering the “application” and the people involved, I think it’s quite practical.

Anonymous 777 April 1, 2014 7:35 PM

There was this nice letter from Prohibition era where farmer bragged about his big sow and invited to see new piglets he had for sale. What happen to this simple form of relaying the message?

LeeHamm April 4, 2014 9:27 AM

@herman. A little assumption betraying racism here? This was in Chile, not México.

David March 23, 2015 7:36 PM

Wow. A child could’ve broken that. Simple frequency analysis over multiple messages would work effectively.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.