uh, Mike November 24, 2014 8:19 AM

I hacked at Kryptos a little, some years ago, before retirement. My take is that K4 is not amenable to kryptanalysis, due to an error by the kryptographer. It’s happened before with K2, but luckily (?) near the end of the message.

uh, Mike November 24, 2014 8:25 AM

P.S. In an interview, the artist emphasizes that the CIA should be smarter because they have “intelligence” in their name. To focus on a bad pun in an interview (not good-bad, but just boring) just loses points with me.

keiner November 24, 2014 1:47 PM

“Which part of the word “clock” didn’t you understand? “clock” unequal “wall”…
CIA, huh?

Chris November 25, 2014 1:27 PM

Ive put lot of hours to try to crack it my selfe
Anyways who ever cracks it would be my here for long time

I like the challenge, if there is a flow within the assumption of what the coded message
is regarding to what it should be, in my opinion if that is so then that would be
the artists priority to tell to the public: instead he comes out with a new clew
Meening that if he is not ignorant to what a small spelling mistake can do to the endresult
he knows that there is none, and this new clue is cool.

I think we should listen to the artist in this case

Anura November 25, 2014 1:45 PM

I’m the kind of jerk who would have made the first three codes actual encrypted messages, but the fourth one just gibberish.

Chris November 25, 2014 1:57 PM

Hi guys some of the lings from Hack This are cool.
Dont click on them if you dont know what you are doing 🙂

Chris November 25, 2014 2:10 PM

Fun but be careful all of those links are attack codes, also for linux
Some very intresting i have downlowded them and i will investigate them later
someone having fun but yeah cool, i love it!!!

Chris November 25, 2014 2:14 PM

One is dependent of .NET 3.5 called pixel.png
be very careful with thisone !!!

I allready have 2 machines infected 🙂
Preview of png is enough

Chris November 25, 2014 2:18 PM

Se you tomorrow, however dont click on all links 🙂
Some are cool but some just javascript crap
goodnights, good test Hackthis, i like it!
Many other people wouldnt but for me good time

Chris November 25, 2014 2:39 PM

well it seems not many people on this thread, I have all attack codes except one that was zero bites, going to sleep now, the one I liked was he png file. but!
There are shitloads of references to fontfile etc on internet on many of these java script ones
I fucking love this stuff, who ever send it thanks alot!
Really cool stuff

Alain from Switzerland November 25, 2014 4:02 PM

I have just looked at the Kryptos text for the first time and I have made a maybe “stupid” observation that might even be the “solution”:

The text on panels 1+2 has the following structure


Now, it seems that people trying to solve it usually interpret the “?” as a separator BETWEEN a total of 4 riddles. But usually in a sentence, a “?” comes at the END of a question.

So, maybe the 4th block of letters is just to fill up the sculpture visually with random looking letters?

…just a few bricks to fill the “Berlin Wall” if you want, made up by the artist and “WW” (the then director of the CIA) together to make sure that no one could put in an embarrassing message (cf. article linked in the post)?

And since then the artist adding a few more elements to his piece of art now and then?

Anyway, why think too far, sometimes the solution might be so simple 🙂

Alain Stalder November 25, 2014 4:04 PM

i.e. there would be only 3 riddles, not 4, the rest would be just “noise” to visually balance the second panel, plus maybe to fool people from the start.

Alain Stalder November 25, 2014 4:46 PM

To make it totally clear what I meant:

How people usually read panels 1+2 of the Kryptos sculpture:

<riddle1> <question-mark-as-riddle-separator> <riddle2> <question-mark-as-riddle-separator> <riddle3> <question-mark-as-riddle-separator> <riddle4>

How I read it:

<question-resp-riddle-1> <question-mark-to-denote-question-resp-riddle>
<question-resp-riddle-2> <question-mark-to-denote-question-resp-riddle>
<question-resp-riddle-3> <question-mark-to-denote-question-resp-riddle>

c November 26, 2014 11:13 AM

Alain, it’s like a rule of the internet, wherever people are discussing an unsolved cipher, someone comes along to make the case that it may just be random letters. Unfortunately, it adds little to the conversation unless you have some analysis that points toward that conclusion, since that is always a possibility. You may as well go around to all of these threads and post, “It might be the Gettysburg Address.” Or quotes from the Bible, or Nicki Minaj lyrics, or anything you care to think up. It might be, but without some evidence of it, so what?

As to why a lot of people think it might not be meaningless random letters, one reason is the notes of the NSA cryptanalysts who broke parts 1-3 by hand in 1992, which were released in 2000 or so. Their analysis:

“Given the suspected cryptography, the last section is too short to solve without diverting a great deal of effort from operational problems.”

This has been taken to mean that they recognized the cipher that was used in part 4, that it’s most likely that the CIA cryptographer who helped Sanborn on the ciphers used some system that the Soviets were using during the Cold War, perhaps with a twist since Sanborn has said there is an artistic element he contributed to part 4, and that the NSA was confident they could break it if they could use their full resources on it, but there was no point in proceeding if they could only work by hand or on their personal computers because it would take too long.

My guess would be that the artistic element involves the coordinates given in part 3. I don’t think anything is buried there, I think you are supposed to stand at that location and look at Kryptos and get some clue to part 4 based on what parts/letters you can see from there. I would also guess that NSA employees broke part four on their home computers sometime around 2008, and will release the proof of it just shortly after some civilian solves it.

Alain Stalder November 26, 2014 4:20 PM

Hmn, if I could prove that a random looking string with something like log_2(25^97) = 450 bits is truly random, then I could break essentially all crypto that is currently out there, no chance to prove such a thing unless there would be some dramatic scientific and probably also technological advances.

That was not my point. 🙂

You provided some clues or circumstancial evidence what those last 97 letters in the second panel of the Kryptos sculpture could be, so did I.

My (maybe new) clue is not that those letters could be just random – I am sure lots of people have suggested or considered that before – what I am saying is that possibly those last letters were intentionally tagged by the artist not to be a riddle/ciphertext or possibly initially not even intended to be that by the artist. (Once more the argument: “Questions are marked by a question mark after them; there are 3 question marks in panel 1+2, so there are 3 ciphertexts/riddles/questions to solve, not 4.”).

I wonder if there are some facts regarding whether the artist stated that there are 4 ciphertexts on the sculpture – at the time the sculpture was up, that is, later he obviously referred to that, possibly just artistically “playing” with expectations.

Just maybe also as a gentle “warning” maybe not to invest too much time expecting to solve the 4th riddle, it might at the end just be like Waiting for Godot or maybe more fittingly like in Kafka’s parable before the law…

So: Did the artist, Jim Sanborn, initially state how many ciphertexts there are on the sculpture? Where did the idea that it would be 4 ciphertexts come from originally? Was it just in the eyes of the beholders?

At least that is something that would interest me to know.

As long as nobody could decipher those letters, which leads you follow is essentially a matter of taste, at least in my world 🙂

Alain Stalder November 27, 2014 9:09 AM

Forget my hypothesis, there are 4 question marks on panels 1+2 (not 3), 3 within riddle 2 and one at the end of riddle 3 (i.e. not between the riddles).

DaddyPlaid February 3, 2015 4:26 PM

Was looking at a world map and found an interesting coincidence…


Mike G. April 11, 2015 9:32 AM

K4 is a key. It is in fact, in the shape of a key. But it is not just a common key. It is a BERLIN key. (Look up the explanation). The doorway that it fits into is the decoded K2 matrix. Using David Stein’s original matrix with the XLAYERTWO correction, you’ll see a unique letter pattern in K2 that matches a letter pattern in K4. Matching up these patterns gives you the unlocked position.

CLOCK is Sanborn’s wordplay on C LOCK or SEE LOCK. Using the clue from K2 (WW), you can find another matching letter pattern on K4 and K2 which will give you the LOCKed position. Sanborn is saying that this locked position is the one you should be using. Then it is matter of using several clues found throughout various parts of Kryptos to find the message.

Check out this site to see a visual representation of K4 as a key and Sanborn’s quote about ‘the most obvious key to the sculpture’.

chris May 24, 2015 12:47 PM

The statistics suggest that there is a high probability that K4 is a running key, comparerd to about 50 other types of encription. The key is most likely howard carters diary exerpt (K3). And if its not, then the firt 5 letters of K4 are the reference index to some other text or possible where to start the key in K1 to K3….anyway, running key would explain why it has a rough frequency. The problem is figuring out what text to use for the key and where to start it. The next problem is choosing the correct alphabets. Most of the examples ive seen have it exactly backwards going from a to z but on the sculpture it goes from z to a. On top of this we must guess the mod interval that was used. Does “a” map to 1? Sanborn would have had to map to a multiplicative inverse of mod 26 that was not prime to mod 26 forthe 2 “c”s in the word clock to map to different letters. Also, for “k” to map to “k” the kryptos alphabet must be reversed where “k” is in position 26 (called the z fix). Just my 2 cents worth.

Todd March 23, 2016 10:15 AM

The cipher seems to be based on the workings of a clock, hence the references to the famed Berlin Clock. 26 letters in the alphabet, all corresponding to the hours of a traditional analogue clock. I know nothing about cryptography, heck I suck at math, but I’m guessing the rolling equation(s) used to unlock the cipher can be extrapolated from the ‘set theory’ algorithm. Either that or Schneier is just trying to revive the waning popularity of an otherwise hideous mark on the German cultural landscape.

Todd March 23, 2016 3:54 PM

He gave us five-letter clues: ‘berlin’ and ‘clock’…indicating a rolling 5 set equation. Of particular interest is ‘NYPVTT’ in the cipher. All you have to do is base the equation on the difference between both T’s respectively to unlock the sets used. “Delve into the clock”

Im pretty confident the first set determines the word ‘CLOCK’

Todd nash April 1, 2016 9:14 PM

To elucidate further on my particular train of thought….ive explored the possibility that maybe (shot in the dark) the cipher is based a hexidecimal color gradient or a primary/secondary/tertiary color wheel which is then somehow imposed on the workings of either a traditional clock or a ‘set theory’ clock. I reference Sanborns artistic and pilosophical inclinations, clues, his previous work involving the same or similar elements, the revelations in the k1-3, and the fact that the worlds smartest, egotistical crypto-technological oligarchs have yet to disclose a clear victory.

Todd April 9, 2016 10:28 PM

Inevitably my efforts to unlock the 97-letter encrypted message has failed. Lost in endless avenues that siphon the hours away. From the three rotor Enigma machine, clocks both traditional and based on the esoteric field of’quantity didactics,’ to hexadecimal rgb values. Let’s not forget the voluminous cavern that is ancient Egyptian archaeology.

Forays into the proverbial culdesac. But let’s examine Sanborn motives rather than the elusive piece itself. He has explicitly stated that kryptos in it’s entirety was created to build a sense of community and identity within the walls of the clandestine agency that comissioned his work.

Sanborn’s work will undoubtedly allude to the unseen and seen forces acting upon our world. Forces that can potentially be examined if correlating information is gleaned from a vast undertaking that also happens to be a primary mandate of the NSA and CIA: data collection and analysis. A process that Sanborn has triggered in the minds of thousands of people, both professionals and amateurs.

If anything can be said from all this is that such efforts require the combined force of a very talented and creative community that cannot be bounded in personal pride but must acknowledge the power of collective brainstorming.

Edward March 25, 2021 12:48 AM

I just came across this – I know little about the puzzle to date. Does the Siegessäule (Berlin Victory Column) have any part to play in solving the cipher, such as the the word “VICTORY”? It’s east north east of the current location of the Berlin Europa-Center that houses the Clock of Flowing Time, and the Berlin Clock.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.