Hobbyist Cryptographers Seemingly Solve Infamous Zodiac Killer Cipher

December 11, 2020 Off By Samir Ferdowsi

After 51 years, a group of three hobbyist cryptographers is claiming to have cracked one of the most infamous ciphers created by the infamous Zodiac killer. In a video posted to YouTube, David Oranchak explains the processes he and two others went through to crack "The 340" cipher, which is made up of 340 symbols—some of which are English characters and others of which are cryptic marks:

Screen Shot 2020-12-11 at 5.43.39 PM.png

"Oh my god, so this is a big one. We have a solution for the 340, and it's real," Oranchak says in the video. Well-known cryptographers who analyzed the video and accompanying blog posts for Motherboard said that the group's solution at least seems plausible. Oranchak told Motherboard he has been working on solving the 340 for more than a decade.

The FBI told the website ZodiacKillerFacts.com, run by a writer named Michael Butterfield who has been studying the serial killer since the 1990s, that "On December 5, 2020, the FBI received the solution to a cipher popularly known as Z340 from a cryptologic researcher and independently verified the decryption." The FBI did not immediately respond to a request for comment from Motherboard.

This, the group says, is the solution to the cipher:

"I HOPE YOU ARE HAVING LOTS OF FUN IN TRYING TO CATCH ME 

THAT WASNT ME ON THE TV SHOW 

WHICH BRINGS UP A POINT ABOUT ME 

I AM NOT AFRAID OF THE GAS CHAMBER 

BECAUSE IT WILL SEND ME TO PARADICE ALL THE SOONER 

BECAUSE I NOW HAVE ENOUGH SLAVES TO WORK FOR ME 

WHERE EVERYONE ELSE HAS NOTHING WHEN THEY REACH PARADICE 

SO THEY ARE AFRAID OF DEATH 

I AM NOT AFRAID BECAUSE I KNOW THAT MY NEW LIFE IS

LIFE WILL BE AN EASY ONE IN PARADICE DEATH"

The team’s crucial breakthrough came when applied mathematician, Sam Blake, came up with about 650,000 different cipher manipulations (or order in which to read them). From here, using code-breaking software designed by Jarl Van Eycke, the team’s third member, came up with three valuable clues they say helped solve the puzzle. 

The team was working off of three short phrases: “HOPE YOU ARE,” “TRYING TO CATCH ME,” and “OR THE GAS CHAMBER.” 

On October 22, 1969 an individual called into a show hosted by Jum Dunbar going by the name zodiac. In the call, as the video shows, the caller says, “I need help. I’m sick … I don’t want to go to the gas chamber,” followed by “I’m going to kill those kids.” they immediately then hang up the phone. 

“It was a needle in a haystack,” Blake told ZodiacKillerFacts.com. “Even finding the right haystack to search in was lucky.”

To simplify what is ultimately quite complex cryptography (the solution is best explained in the video embedded above), the team ran those phrases through Van Eyke’s decoding software, and the machine instantly came back with a relatively coherent message. After some more transcribing, the team uncovered the message. 

"The crypto community has been chasing this cipher for decades so I hope they see and verify the solution. The construction of the cipher may tell us a bit more about the Zodiac's profile," Oranchak told Motherboard. "He clearly had enough understanding of ciphers to make an interesting one with enough twists to defeat codebreakers for 51 years. I hope the solution helps law enforcement make some positive movement in this cold case."

Motherboard ran the solution past well-known cryptographer, Matthew D. Green, an Associate Professor of Computer Science at the Johns Hopkins Information Security Institute, and Steven Bellovin, a computer security researcher at Columbia University. Neither could say for sure whether Oranchak's team's solution was definitely correct, but both said the principles the team used were generally sound.

"This is tough. On the one hand, if you pick enough arbitrary manipulations to a cipher, eventually you’ll pop up something that looks like real text. There are literally millions of things you can do to transform a ciphertext, and if you iterate through enough arbitrary ones you’ll eventually pop out what looks like real text," Green said. "Here we’re given a first technique—reading the letters diagonally like a knight hopping through a chessboard—that might be the 10th technique the codebreakers tried, or it might be the 10,000th attempt. It produces garbled text that mostly seems like real words. Using the same key on the next section doesn’t quite work, so the codebreakers need to tweak their technique even further to get useful text. The third section doesn’t follow the same structure at all, so a different technique is used there. So you can see there’s a lot of 'room' here for the codebreakers to try millions of random tweaks, until they get something that obviously decodes. With all that said: this still looks really convincing, in the form of a YouTube video. None of the transformations are that outlandish, and the tricks they use in the middle section seem to involve shifting and ignoring two small sections that could reasonably be characterized as encoding mistakes."

Bellovin said he's not a cryptanalyst, but that "Some parts of the video seem very plausible, including the assumption of encoding errors—that’s a well-attested phenomenon in the real world. In addition, this appears to have been a one-time use cipher, so difficulties for the recipient wouldn’t actually matter. And the techniques described—multiple ciphertext letters for a given plaintext letter, transpositions, splitting a message into sections for encrypting—are well known. What gives me pause is that a number of the transformations seemed ad hoc: read diagonally here, delete letters there, move those others to the end. If you play around enough, you can get something sensible-seeming out of almost anything." 

Oranchak says this has, obviously, been a highlight for him. "I started around 2006 or 2007. My goal was mainly to solve the 340," he said.  “We got VERY lucky … The chase for the solution led to improvements in codebreaking tools and technology.  It also tells us about a transposition scheme that current tools are not yet totally great at solving.  So there is room for improvements that may help solve similar ciphers in the future."