Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Crime Encryption Math

French Engineer Claims He's Solved the Zodiac Killer's Final Code (msn.com) 57

The New York Times tells the story of Fayçal Ziraoui, a 38-year-old French-Moroccan business consultant who "caused an online uproar" after saying he'd cracked the last two unsolved ciphers of the four attributed to the Zodiac killer in California "and identified him, potentially ending a 50-year-old quest." Maybe because he said he cracked them in just two weeks. Many Zodiac enthusiasts consider the remaining ciphers — Z32 and Z13 — unsolvable because they are too short to determine the encryption key. An untold number of solutions could work, they say, rendering verification nearly impossible.

But Mr. Ziraoui said he had a sudden thought. The code-crackers who had solved the [earlier] 340-character cipher in December had been able to do so by identifying the encryption key, which they had put into the public domain when announcing their breakthrough. What if the killer used that same encryption key for the two remaining ciphers? So he said he applied it to the 32-character cipher, which the killer had included in a letter as the key to the location of a bomb set to go off at a school in the fall of 1970. (It never did, even though police failed to crack the code.) That produced a sequence of random letters from the alphabet. Mr. Ziraoui said he then worked through a half-dozen steps including letter-to-number substitutions, identifying coordinates in numbers and using a code-breaking program he created to crunch jumbles of letters into coherent words...

After two weeks of intense code-cracking, he deciphered the sentence, "LABOR DAY FIND 45.069 NORT 58.719 WEST." The message referred to coordinates based on the earth's magnetic field, not the more familiar geographic coordinates. The sequence zeroed in on a location near a school in South Lake Tahoe, a city in California referred to in another postcard believed to have been sent by the Zodiac killer in 1971.

An excited Mr. Ziraoui said he immediately turned to Z13, which supposedly revealed the killer's name, using the same encryption key and various cipher-cracking techniques. [The mostly un-coded letter includes a sentence which says "My name is _____," followed by a 13-character cipher.] After about an hour, Mr. Ziraoui said he came up with "KAYR," which he realized resembled the last name of Lawrence Kaye, a salesman and career criminal living in South Lake Tahoe who had been a suspect in the case. Mr. Kaye, who also used the pseudonym Kane, died in 2010.

The typo was similar to ones found in previous ciphers, he noticed, likely errors made by the killer when encoding the message. The result that was so close to Mr. Kaye's name and the South Lake Tahoe location were too much to be a coincidence, he thought. Mr. Kaye had been the subject of a report by Harvey Hines, a now-deceased police detective, who was convinced he was the Zodiac killer but was unable to convince his superiors. Around 2 a.m. on Jan. 3, an exhausted but elated Mr. Ziraoui posted a message entitled "Z13 — My Name is KAYE" on a 50,000-member Reddit forum dedicated to the Zodiac Killer.

The message was deleted within 30 minutes.

"Sorry, I've removed this one as part of a sort of general policy against Z13 solution posts," the forum's moderator wrote, arguing that the cipher was too short to be solvable.

This discussion has been archived. No new comments can be posted.

French Engineer Claims He's Solved the Zodiac Killer's Final Code

Comments Filter:
  • by Anonymous Coward

    Mods != gods

    • As much as I like Reddit, I always come back to Slashdot as, time and again, Reddit mods and admins prove themselves entirely feckless.

      • by thegarbz ( 1787294 ) on Sunday June 27, 2021 @04:35AM (#61525860)

        Sometimes yes, sometimes no. The mod himself gave his reasoning:

        "Do you have any idea how easy it is to generate a valid 'solution' to the Z13? There's a guy in this sub who has come up with 100 or so, all of which match the ciphertext perfectly. Dave Oranchak has come up with thousands of them, iirc. I don't want to have the entire front page of the sub full of guesses at the Z13, so I don't generally allow them.

        Like I said, there's no way to validate a Z13 solution without input from the author, because there are just too many plaintexts that fit it perfectly and no way to choose between them. That, unfortunately, is just how it is.

        edit: had this post been about the Z32, it would have stayed up."

        Now if they wanted to be really above board then maybe they should write that in the sub's rule list, but as it stands the reasoning fits fine.

        • by Anonymous Coward

          Sometimes yes, sometimes no. The mod himself gave his reasoning:

          "Do you have any idea how easy it is to generate a valid 'solution' to the Z13? There's a guy in this sub who has come up with 100 or so, all of which match the ciphertext perfectly. Dave Oranchak has come up with thousands of them, iirc. I don't want to have the entire front page of the sub full of guesses at the Z13, so I don't generally allow them.

          Like I said, there's no way to validate a Z13 solution without input from the author, because there are just too many plaintexts that fit it perfectly and no way to choose between them. That, unfortunately, is just how it is.

          edit: had this post been about the Z32, it would have stayed up."

          So, Z32 info would have stayed up?

          "After two weeks of intense code-cracking, he deciphered the sentence, "LABOR DAY FIND 45.069 NORT 58.719 WEST."...An excited Mr. Ziraoui said he immediately turned to Z13.."

          Unless TFS is just that horribly written, "immediately turned" tens to imply that he was working on Z32, since we're talking about two remaining ciphers.

          And regardless of how "easy" it is to find "solutions" to Z13, the information presented in this decryption tends to align quite well with previous evidence and even suspects. Are we really still dismissing relevance here in favor of pure coincidence, especially as the same cipher discovered in December that is not dismiss

        • by tezbobobo ( 879983 ) on Sunday June 27, 2021 @06:52AM (#61525976) Homepage Journal

          The problem is that the cracker didn't present that finding in isolation. Rather, the result was substantiated by a) the other result being so far away from being a random result and it using the same method, and b) the name matching an existing suspect.

          • by Anonymous Coward

            The problem is that the cracker didn't present that finding in isolation. Rather, the result was substantiated by a) the other result being so far away from being a random result and it using the same method, and b) the name matching an existing suspect.

            That would only be the case if he used the same method. He did not.

            We can forgive your mistake as the slashdot summary falsely claims he used the same method, and you are assuming it is true. However the linked article was paraphrased, and did not claim this, and the original postings showing the decoding methods explicitly show it.

            Using the same method, you get "434333113411"

            That series of numbers matches no suspects name. Or any persons name I'd presume. We don't name children this way :P

            The cracker t

          • by ceoyoyo ( 59147 )

            After a lot of manipulation he managed to get a series of four letters that was similar to, but did not match, the name of a suspect.

            • And? You're missing something. I mean I feel like you read one of the six paragraphs in the summary, but somehow it was one of the middle ones. Try again from the top. Guessing 4 letters is about 15% of the description of what was done, so get a comfy chair if you have a short attention span.

          • Oh I agree, but the mod's reasoning is unchanged. His sub gets flooded with answers all the time so he banned publication there. The internet is a large place, you can state your reasoning wherever you want. For example on a forum called Zodiackillersite.com

      • Indeed. I no longer even visit their tech subreddits; theyâ(TM)re all slightly loopy these days.

      • by Kisai ( 213879 )

        Certain parts of the internet, Reddit, Wikipedia, Linux Kernel, etc attract certain kinds of people who are agitated when told they are wrong.

        It's just the nature of the beast. People and Websites attract those that they are most like, and hence nice people will attract nice people, and assclowns will attract assclowns. When those two interact it results in "I'm taking my toys and going home" moments and usually one side's site devolving into a hate site sooner or later.

    • by Pimpy ( 143938 )

      Or someone that's coming into a community and announcing they've solved everything without bothering to have their work reviewed could be seen as something of an arrogant prick. From the cursory review that others have given his work, it seems there are serious flaws in his methodology, and there's no evidence that he's actually solved anything. This is generally why when you are new to a certain field or community, it's best not to come in pretending like you know everything, especially when you clearly do

  • Lake Tahoe (Score:5, Funny)

    by The Evil Atheist ( 2484676 ) on Sunday June 27, 2021 @03:07AM (#61525710)

    Lawrence Kaye, a salesman and career criminal living in South Lake Tahoe

    close to Mr. Kaye's name and the South Lake Tahoe location

    So he solved the non-travelling salesman problem.

  • by CaptQuark ( 2706165 ) on Sunday June 27, 2021 @03:22AM (#61525754)
    So Mr Ziraoui published his solution back in January and the NY Times finally ran a story about it a few days ago. I'm going to guess his solution hasn't gathered a lot of support from other researchers or we would have heard a lot more about this before now. It doesn't mean his guess it totally incorrect but five months is a long time without any additional news.

    --
    The silence was deafening.
    • Obtaining a "close" decipherment using unorthodox methods does not inspire a lot of confidence.

      • Applying a known decryption key before trying unknown ones is unorthodox? I guess that's why 3DES is so secure.

        • by Entrope ( 68843 ) on Sunday June 27, 2021 @07:02AM (#61525986) Homepage

          TFS makes it clear that this guy did not simply try a known cipher key (because doing that "produced a sequence of random letters from the alphabet"), but tried many until he got text that looked reasonable. And even then it needs a typo, only two repetitions of any plaintext character, and use of an unorthodox coordinate system. The combination of things is what reduces confidence that he actually solved it.

          • Indeed I doubt his answer is correct, but there's nothing unorthodox about what he did. Unless you think that nether brute force attacks nor repeated application of encryption are a thing. But then he wasn't even bruteforcing the second ciphertext, he was far more methodical.

            Also TFS makes it clear he did try a known cipher key and got a random sequence, and then proceeded to on that random sequence.

            Also that "unorthodox coordinate system" was not guessed simply because it fitted the cipher, it was derived

            • by Entrope ( 68843 ) on Sunday June 27, 2021 @11:33AM (#61526656) Homepage

              Radians are, indeed, a unit for measuring angles. However, inches measure linear distance, not angles. Degrees (and minutes and seconds, which are defined as fractions of degrees) are a different unit for measuring angle -- so the postscript is supposedly lying about what the plaintext says?

              Also, Mount Diablo [wikipedia.org] is used as a principal meridian -- there is not a single ("the") principal meridian.

              The post "explaining" the supposed solution argues that the Zodiac Killer wrote a filled triangle where a triangle-with-dot was intended, because this makes the letters of "Diablo" appear in scrambled plaintext. This is then "unscrambled" (through brute force, no real rationale or pattern explained) to give the supposed plaintext "LABOR DAY FIND ... NORT ... WEST".

              The post also argues that "All clues given by the Zodiac must be used and become understandable at the end of this solution" -- but it ignores the Zodiac motif being used to indicate directions (0, 3, 6, 9 on the map, along with 12 on the letter page). It is curiously selective in its use of coordinates.

              Also, you can find web sites to convert geomagnetic to geographic [kyoto-u.ac.jp] coordinates as a function of year, and then to find the location corresponding to that. If we look at where 45.609 N, 58.719 W was according to the 1965 or 1970 instantiations of the models, the locations are in the Tahoe National Forest, not South Lake Tahoe.

              Overall, that post is both incoherent and wrong about basic facts. Unless the writer intended to give the impression that they are as unhinged as the Zodiac Killer, I remain unimpressed.

          • TFS makes it clear that this guy did not simply try a known cipher key (because doing that "produced a sequence of random letters from the alphabet"), but tried many until he got text that looked reasonable. And even then it needs a typo, only two repetitions of any plaintext character, and use of an unorthodox coordinate system. The combination of things is what reduces confidence that he actually solved it.

            Do note that the 2 accepted cracked Zodiac messages contain typos.

            Note too that the media kept reporting that the 2 short messages were "unsolvable". That's not technically correct. They certainly can be solved, but as pointed out elsewhere, it's impossible to know which is several/many possible solutions is correct without the original writer telling us.

      • It was totally unorthodox methods that resulted in the breaking of the German Lorenz code during WW2. Who would have thought that applying statistical methods could break a code that German High Command assumed was unbreakable.
        It was the breaking of this code that allowed the Russians to win the battle of Kursk. The British had supplied the Russians with the complete german order of battle before the engagement began.

        Many breakthrough scientific discoveries have been made by people asking 'What if?' on app

        • by sfcat ( 872532 )
          The Lorenz code was broken because a German signal operator sent the same message twice without resetting the wheels. That then led to the creation of Colossus to brute force the code based upon known aspects of the beginnings of messages. You are thinking of Enigma which was cracked using statistical methods. There weren't enough messages sent via Lorenz for statistical methods to work as it was only used for German High Command.
          • The Lorenz code was broken because a German signal operator sent the same message twice without resetting the wheels. That then led to the creation of Colossus to brute force the code based upon known aspects of the beginnings of messages.

            Which led to The Forbin Project and we know how that ended...

          • They did use statistics. Colossus was used to find the wheel setting of 5 out of 12 wheels (the chi-wheels), by using statistics: Colossus tried every possible chi-wheel setting against the ciphertext and checked the letter frequencies on the result. The breakthrough was realizing that even though the message was still encrypted (by the remaining 7 wheels), finding the correct chi-wheels settings made a noticeable difference in letter frequencies (from random to slightly more distributed as you'd expect in

    • Iâ(TM)d be curious if anyone has actually validated the approach. If it is not reproducible, then that is unlikely to inspire confidence.

      On the other hand if the community chose to ignore this guy, due to intellectual snobbery, then it is another case of arrogance from people who should be a little more open minded.

      • by Anonymous Coward

        Iâ(TM)d be curious if anyone has actually validated the approach. If it is not reproducible, then that is unlikely to inspire confidence.

        On the other hand if the community chose to ignore this guy, due to intellectual snobbery, then it is another case of arrogance from people who should be a little more open minded.

        His message was deleted within 30 minutes. If you're looking for the definition of human arrogance, that pretty much sums it up.

        Pretty damn sad when 50,000 people dedicate time and effort in solving this, and then readily dismiss anyone who does. Either the killer is still alive and within that group, or many have become addicted to (not) cracking the code and don't want to stop. You know, as a matter of "general policy".

      • The approach is to take the original problem of too many keys looking like a message, doing another encryption, and then observing that wow again you can search the key space and find messages
      • by geantvert ( 996616 ) on Sunday June 27, 2021 @06:24AM (#61525950)

        The problem is more likely that the message is too short to be validated. The original message has 13 characters and the 'decrypted' output is only 4 characters long with 1 'error' (KAYE vs KAYR). Assuming that each character can be a letter or a digit (so 36 possibilities), the number of possible messages is 36*36*36*36 = 1,679,616. The number of messages that are 1 characters from KAYE is 4*35 = 140. In practice, that means that the probability to get something like KAYR by luck is 140/1679616 = 1/12000. That may seem a lot until you consider that he probably tried several 'trifid' keys until he got KAYR. With enough tries it may be possible to get any result you want. For example, after 50 attempts you get 'KANG' and you can accuse Elvis Presley. If your 96th attempt gives you 'BUZH' then you can accuse George W Bush etc etc
        Eventually, the relevant question is Why should the key that gives KAYR be used over the one that gives KANG or BUZH?

             

        • Why should the key that gives KAYR be used over the one that gives KANG or BUZH?

          Because context matters. Because the odds of a person named King or Bush living in the same suburb as decrypted in the second cipher *AND* also being part of the active criminal investigation is far lower than anything you give credit for. The answer then would not be 1/12000.

          While I don't think necessarily that it's correct, your critique on it is flawed. When looking at it statistically you can consider the answer of only part of the solution in isolation to be completely independent. Sure you can stack t

  • Has anybody actually looked for the bomb?
    • by Anonymous Coward

      It would be difficult as it was mentioned that the coords are releated to the earth's magnetic field, and as we all know the earth magnetic field moves around a hell of a lot at approx 34 miles/year toward Russia.

      So trying to go back to a location 50+ years ago is a difficult taak, especially if the Zodiac knew how to get an accurate location.

  • He declared the Little Orphan Annie Secret Circle Mystery Message was "be sur too drank your Ovaltang".

  • You have a very short message, so there is no way to verify correct decryption. So you find a solution that provides a connection between the two messages... but at the same time allowing for mistypes, even at a rate of 25% (KAYE vs KAYR)...
    No, it does not look more "right" than countless other possible "solutions".

    • You have a very short message, so there is no way to verify correct decryption. So you find a solution that provides a connection between the two messages... but at the same time allowing for mistypes, even at a rate of 25% (KAYE vs KAYR)... No, it does not look more "right" than countless other possible "solutions".

      Well since there have been countless other possible solutions presented, this pretty much all but guarantees that even when someone comes forward with the actual solution, it will be dismissed and buried by human ignorance and an odd desire to sustain this code-cracking "game".

      An answer from AI, would be far more accepted at this rate.

      • by Anonymous Coward

        That's the whole point. The solutions are not right or wrong, they cannot be said to be either. Someone might have come forward with the "actual" solution (as intended by the Zodiac killer), there is absolutely no way to tell, so there is no point in anyone claiming that THEIR solution is THE solution.

      • by OneHundredAndTen ( 1523865 ) on Sunday June 27, 2021 @08:08AM (#61526202)

        Due to the brevity of the message, and the almost certain impossibility of asking the author, there is no way to verify that a purported solution is the correct one. Consider the following:

        03 ff a4 67 9c d7 ba 59

        This is an eight-character ciphertext. The original plaintext can be retrieved by means of an unambiguous, unique rule. How can one tell what this rule this? Out of the possible 18,446,744,073,709,551,616 plaintexts, at least thousands of them will potentially make sense. How can you tell which one is the one that I actually encrypted? While in the case of the Zodic cipher there is far more context, the number of potential plaintexts is much bigger. It is extremely doubtful that a purported solution can be verified to be the one that the author intended.

        • by hey! ( 33014 )

          Of course it may help that the perpetrator is not a professional cryptographer, and relies on the obscurity and complexity of his encryption *method* rather than the key and nothing but the key. So in a sense no message stands alone, it's tied to other messages using the same algorithm.

        • Due to the brevity of the message, and the almost certain impossibility of asking the author, there is no way to verify that a purported solution is the correct one.

          Why has no one asked Ted Cruz yet?

  • by ArchieBunker ( 132337 ) on Sunday June 27, 2021 @09:42AM (#61526336)

    I’m a fan of the theory that the killer was drafted and sent to Vietnam where he was killed.

  • Numerology is numerology, no matter how much you sprinkle it with cryptography.

  • Everyone knows Ted Cruz is the Zodiac.

No spitting on the Bus! Thank you, The Mgt.

Working...