Hints on solving the Skyfall #sophospuzzle before it's too late!

Filed Under: Cryptography, Featured, Security threats

The theme of the latest #sophospuzzle is Skyfall and Bond, James Bond. (No, you do not need to have seen the film, or even watched the trailer, to crack the puzzle!)

You're expected to work out a URL, handle a field message from another operative, decode a data file stolen from M's computer, and unravel a secret location - all in a day's work for the world's best-dressed secret agent.

But what if you get stuck?

Here are some hints.

In case you want to pace yourself, we've ROT13ed them so you don't automatically see them all at once. A-M are swapped with N-Z, and N-Z are swapped with A-M.

If you don't have a program or a browser plugin to do the unROT13ing, you can just cut-and-paste the hints into the rot13.com website.

Stage Zero

To advance to Stage One, you need to unravel a URL from a tweet-sized text clue:

44516 54221 43313 slash SHAKE DON'T STIR

We already published a image-based hint under the hashtag #sophospuzzle on Twitter:

As you can see, the digits in the numbers above exclude 0, 7, 8 and 9. Only the digits you can get by rolling dice are present. So, you need to find a well-documented system that combines dice and security:

HINT. Gur bar jr hfrq jnf Qvprjner, juvpu cebivqrf n yvfg sbe pbairegvat n onfr-6 ahzore (trarengrq ol ebyyvat svir qvpr) vagb n jbeq, be sbe pbairegvat n jbeq onpx vagb n svir-qvtvg onfr-6 ahzore.

Stage One

You need to convert a hand of playing cards into letters using a simple substitution table. Two of the four suits are used for the lower half of the alphabet (A-M), the other two for the upper half (N-Z):

The cards have been shuffled, so once you know how the suits were used, you are left with a 16-letter anagram.

HINT. Gur fhvgf pna or nffvtarq va fvk qvssrerag jnlf, fb gurer ner fvk cbffvoyr yrggre cnggreaf sbe gur nantenz:

Urnegf+Pyhof = N-Z, Qvnzbaqf+Fcnqrf = A-M

Urnegf+Qvnzbaqf = N-Z, Pyhof+Fcnqrf = A-M

Urnegf+Fcnqrf = N-Z, Pyhof+Qvnzbaqf = A-M

Pyhof+Qvnzbaqf = N-Z, Urnegf+Fcnqrf = A-M

Pyhof+Fcnqrf = N-Z, Urnegf+Qvnzbaqf = A-M

Qvnzbaqf+Fcnqrf = N-Z, Urnegf+Pyhof = A-M

One of the cards is a joker. You don't know what letter it stands for. But you can infer a lot from the fact that it was used:

HINT. Jvgu gjb cnpxf bs pneqf, naq gjb fhvgf sbe rnpu yrggre, bhe frperg ntrag pna ercerfrag rnpu yrggre sbhe gvzrf. Gur nccrnenapr bs gur wbxre gurersber vzcyvrf gung gurer vf n yrggre ur arrqrq gb rapbqr svir gvzrf. Fb lbh pna ryvzvangr nal yrggre cnggreaf juvpu qba'g unir sbhe-bs-n-xvaq jvgubhg gur wbxre.

The anagram unscrambles to a name. But even with a name dictionary, how to find the right one? Social engineers would use insider knowledge. You can just look below:

HINT. Ur jnf n Serapu pelcgbtencure.

Stage Two

You have a file encrypted using an algorithm you'll be able to guess if you solved Stage One:

It's a list of Wi-Fi access points and locations. How can you unscramble it?

HINT. Vs gur svefg rapelcgrq yvar fgnegf jvgu n ZNP nqqerff, vg'f cebonoyl va gur sbezng kk:kk:kk:kk:kk:kk - naq fvapr (cynvagrkg+xrl) zbq 70 rdhnyf pvcuregrkg, lbh pna rnfvyl erpbire xrl olgrf sbe juvpu lbh pna pbeerpgyl thrff gur cynvagrkg.

Since the key repeats, knowing the keylength helps enormously:

HINT. Vs Ya vf gur agu olgr ba n yvar, naq Xz gur zgu olgr va gur xrl, jr xabj gung Y1 naq X1 ner nyvtarq ba yvar 1. Ohg gur yvarf ner nyy qvssrerag yratguf. Ba yvar 2, X3 zvtug nyvta jvgu Y1; ba yvar 3, vg zvtug or X4. Jr qba'g xabj. Ohg vs gur yvar yratguf inel enaqbzyl (be enaqbzyl rabhtu), X1 naq Y1 fubhyq nyvta ba nirentr bapr va rirel F yvarf, jurer F vf gur xrlyratgu. Fb ybbx sbe yvarf juvpu unir gur fnzr rapelcgvba cnggrea sbe xabja cynvagrkg nf lbh sbhaq ba Y1. Jbex bhg jung senpgvba bs gur svyr gung vf. Abj lbh xabj F.

Guessing at more of the plaintext is a good way to close in on the decryption:

HINT. Vs lbh unir thrffrq T olgrf bs gur xrl, naq lbh xabj gur xrlyratgu F, lbh pna ercrng gur xabja xrl olgrf guebhtu gur svyr naq qrpelcg (T/F)guf bs vg. Lbh pna gura gel shegure cynvagrkg thrffvat. Gur gvzrfgnzc cneg bs rnpu yvar sbyybjf n erthyne sbezng. Gur yng/ybat inyhrf ner erfgevpgrq gb qrpvzny qvtvgf naq cyhf, zvahf naq n qrpvzny cbvag.

Finishing off

For the moment, you're on your own for the final part of Stage Two. Beware. It sounds easy, but many solvers so far have been incautious, and have wasted time following red herrings. Instead of a hint, here's some advice: check your facts. Then check them again.

You can watch out for hints and discussion by using the hashtag #sophospuzzle on Twitter.

Or you can ask privately for hints from duck@sophos.com.

You'll have until 1pm on Monday 05 November 2012, San Francisco time, to solve it. (That's 2012-11-05T21:00Z. By the way, the timestamps mentioned above look much like this one.)

The first ten correct answers will receive a cool new Naked Security T-shirt. Two names drawn randomly from the correct answers will receive NERF gun prizes.

Happy solving!

One Response to Hints on solving the Skyfall #sophospuzzle before it's too late!

1. GreyBeard says:

If the assumption about the format of the ZNP nqqerff is correct and you've found the proper keylength you don't actually need the gvzrfgnzc cneg or the yng/ybat inyhrf to determine (you don't have to "guess") the rest of the key bytes, do you?