# NSA manual on cracking unknown ciphers partially declassified

*Sculpture Kryptos at the headquarters of the CIA*

US National Security Agency finally declassified third part the famous textbook “Military Cryptanalyst” (MILCRYP), written to train NSA specialists and military cryptanalysts during the Cold War. The last part of the three-volume edition was published with some cuts, but it is still of great value, because we do not have many practical tutorials on breaking ciphers. We are talking about unknown, complex codes, which are composed according to incomprehensible rules. How to approach them? How do I find leads? The book answers these questions.

Perhaps an NSA textbook will help decipher texts that have defied cryptanalysis for decades and centuries. And even millennia, as in the case of Cretan writing from the III millennium BC (Minoan civilization).

The author of the textbook is the military cryptologist Lambros Callimahos, assistant and longtime assistant of William Friedman, “the father of American cryptology”, the author of three textbooks on military cryptography and the developer of nine encryption machines, three of which are patented and six remain classified to this day. It was Friedman’s group that hacked Japanese Purple code at the beginning of World War II.

The three-volume edition was published in October 1977.

The Military Cryptanalytics Trilogy explains how to break all types of codes, including military codes and puzzles, which are created solely for competitive purposes. This is a methodological guide for *classical* cryptography, which operates with letters and numbers. Unlike modern (computer) cryptography, which manipulates bits, although sometimes these areas overlap.

The first two parts have been publicly available since the 80s:

It deals with hacking known types classical cipherssuch as wildcard and permutation ciphers (substitution and permutation of characters). The third part of the textbook was of particular interest.

However, in 1992 the US Department of Justice statedthat the publication of the third book could harm national security by revealing “NSA methods of cracking ciphers.” In the same year, the cryptographic community began to fight for information disclosure. A number of inquiries have been made to the authorities under the Freedom of Information Act. In the end, in December 2020, the book was published.

# Principles of cryptodiagnostics

By expert opinion, key to Callimachos’ book is the chapter entitled Principles of Cryptodiagnosis, which describes a systematic three-step approach to decrypting a message encoded *by unknown method*… The contents of this chapter can be found on pages 323-414 in published pdf…

In a routine mode, intelligence intercepts thousands of messages. If the cipher is already familiar, then the scouts understand the algorithm by which the texts are encrypted. But if they are faced with something new, they must first figure out the encryption method.

As Callimachos describes in detail in this chapter, you should start by collecting all the necessary data. This data is of three types:

- ciphertext;
- any known source plaintext;
- important contextual information.

In “sports” puzzles, a piece of plain text can be passed on to help the reader. In the case of secret military messages, the reader may suspect that certain words are encrypted in the ciphertext, based on past knowledge. For example, there might be key terms such as [НАЧАЛО], [КОНЕЦ] or specific names, places, addresses.

*Examples of indicators*

After collecting all the data, the cracker arranges and rearranges them to find non-random characteristics.

For example, let’s study the following encryption log:

Insofar as $$ – obvious discriminant, the indicator can be in position $$… And if a text group is used to encrypt the indicator, then we can reveal an important pattern if we try to add different groups near the beginning or end. Sometimes subtracting all pairs of groups is required $$ and $$ digit by digit (it is curious that in this place two pages of the textbook remained classified: probably some non-standard techniques were mentioned there). In our case, subtract all five digits of the number $$ sequentially from the digits of the number $$:

6-8 = 8

7−2 = 5

4−1 = 3

7−4 = 3

0-8 = 2

In this way, $$…

Here’s the overall result:

And this is already an ordered sequence. It can be seen that the addition of the first two digits gives the third: $$, $$ and so on, that is, it is a sequence in ascending order. Moreover, if you subtract $$ from the column $$ (the number of text blocks in each message), then from the last two digits we get a continuous trace in the coordinate space 10 × 10:

First coordinate $$ communication with $$ text groups gives us a number $$… This is the coordinate of the beginning of the next message from the mark $$… In that message $$ text groups, which takes us to the point $$… Etc.

In the following example, the encrypted indicators in the group $$ are revealed if the values are subtracted from them $$…

1-8 = 3

4−3 = 1

5−1 = 4

7−6 = 1

1-5 = 6

The theory is confirmed by a similar subtraction of the values $$ from the numbers in the column $$, which gives similar decrypted indicators:

As it was easy to notice, the difference between the values $$ and $$ the same as between $$ and $$… This additionally indicates that they should be used in pairs.

When we have deciphered the indicators, the third stage comes – an attempt to understand and explain these characteristics.

Three named steps – example Bayesian inference… It is “a statistical inference in which evidence and / or observation is used to update or re-infer the probability that a hypothesis might be true; the name Bayesian comes from the frequent use in the derivation of Bayes’ theorem, which was derived from the work of the Reverend Thomas Bayes. ”

With these methods, the cipher breaker takes into account the weight of the evidence and tries to guess the likely cause of the observed effect.

# Unsolved ciphers

It is important for a cryptanalyst to understand the logic of the cryptor, the author of the problem. After all, an experienced encryptor will certainly leave in the cipher at least a few non-random patterns, clues to the solution. Otherwise, the puzzle will become absolutely impossible to decipher.

Imagine that you have created a puzzle, but after many years no one has been able to solve it. This is very sad. In this case, the author starts to issue tips. For example, a puzzle from books “Masquerade” from 1979 was only resolved after the publication of several clues in 1980 in the Sunday Times.

_{The answer to the “Masquerade” puzzle is hidden in 15 illustrations in the book. In each painting, you need to draw a line from the left eye of each creature depicted through the longest number on the left hand and to one of the letters on the border of the page. Then from the left eye through the longest digit on the left leg; from the right eye through the longest number on the right hand; and finally from the right eye through the longest digit on the right leg. From the letters indicated by these lines, words can be formed, either by considering them as anagrams, or by applying the sequence of animals and numbers proposed in the picture.}

If no one has solved the riddle even after many prompts, then the code is too difficult to crack. This means that you will eventually have to reveal the method you used. One example is the most complex cipher Chaocipher… In this case, the messages are almost impossible to decipher if you do not know the method.

History knows examples of how ciphers still lend themselves to breaking after years of effort. Last year, the famous Z340 cipher was unraveled, which developed serial killer zodiac in 1969. Cipher hacked an international team of amateur cryptanalysts after **51 years** hard work. Over the years, the team has carefully and systematically conducted observation list… In the end, it worked.