By request and by design, this #sophospuzzle was easier than previous ones, not least because it consisted of a single stage.

That stage was a sort-of hybrid Caesar cipher with just 24 characters of ciphertext in three groups of eight, each group on one visible face of a Rubik’s cube:

The rules said:

**Substitition.**Shift all repeated letters down the same amount.**Substitition.**Shift each singleton letter down a unique amount, from 1 to 9 places.**Transposition.**Rearrange the three 8-character blocks to spell the answer.

Some of you took an overly-complex programmatic approach, almost as though you felt that, to justify taking the time to write code at all, you needed to find a way to solve the puzzle that would be impossible to do by hand.

You took the nine singleton letters and tried to work out the most likely unique shift amount for each, by trying every possible combination of shifts.

With nine letters, there are 9x8x7x6x5x4x3x2x1 ways (9 factorial, abbreviated 9!) of arranging them by shift amount, for a total of 362,880 different possibilities.

You can start that way, though it doesn’t get you very far. Or, you might say, it gets you *too* far: with only nine letters to play with, you can’t do much in the way of frequency or linguistic analysis, so you have a huge but very partial list.

There’s a much easier way, if you’re willing to start by assuming that the word `SOPHOS` appears in the answer.

In that case, a pattern corresponding to `SO..OS` should appear in the ciphertext.

Don’t forget that due to rule 3, the transposition rule , the letters could be out of sequence. But there are only six ways (3!, or 3x2x1) to rearrange the three 8-character blocks, so this is still an easy thing to verify.

The pattern *does* appear, and right at the start of a transposition block, too!

So the shift for the repeated letters is the distance from `W` to `S` in the alphabet: four places. We can lock in all but the nine singleton characters:

Now we can instantly guess that `P` must be the `H` in `SOPHOS` (a shift of 8) and `R` stands for the `L` in `SIMPLE` (a shift of 6):

That leaves seven unsolved letters and seven unused shifts: 1, 2, 3, 4, 5, 7 and 9.

Let’s look at the ciphertext `K`, and see if we can make it fit between `SOPHOSSE` and `ESIMPLE`.

With the shifts available, `K` could become one of `B`, `D`, `F`, `G`, `H`, `I` or `J` (shifts of 6 and 8 are used up), giving:

All of these look like junk, so we conclude that `.ESIMPLE` doesn’t follow `SOPHOSSE.` It’s also highly unlikely that the string `SOPHOSSE` appears at the end of the plaintext, as it wouldn’t make sense.

So there is only one likely way left to reorder the blocks:

Let’s look for the likely letters between `M` and `ESIMPLE` that are encrypted as `FK`.

They can only be shifted by 1, 2, 3, 4, 5, 7 and 9, as shown above. Also, any shift that gives one of the already-decrypted letters `SOPHEIMPL` can be ruled out (otherwise it would be a repeat and we’d have decrypted it already):

The only combination that makes sense is for `F` to become `A` (a shift of 5) and `K` to become `D` (a shift of 7):

The rest should fall into place easily, given that we can cross-check our guesses with the remaining shifts of 1, 2, 3, 4 and 9.

It’s going to be `SOPHOS SECURITY MADE SIMPLE`, isn’t it?

58 solvers got to the answer in time. Those who agreed to be identified, in finishing order, are as follows:

@pirate_security (under one hour: 27'42") Lee Cronin (under one hour: 40'37") Phil Reah (under one hour: 41'08") @TabChalk @MrAdz350 wjm @BirdPlaneMeteor Pete Midgley @DJM Philip @dkulshitsky Maya Kaczorowski @JRPLambeth @RobertWinkel Veit Heller James Halstead Melissa DeLucchi @agarner @fromCharCode @pjm0 Carmine Bussone Tyler Young Charles Helps Simon Knight Adam Mazack @hackery Colin England Enno Schulz @charleskillmer @SecuritySift @Hearth @iamheer @TimoHirvonen @secolive Eoin @abduelhamit John Dragt @seakingWD Chuck Woodraska maikikun Diana Moldovan Adam Jenkins (with just 1'10" to spare)

Well done to everyone who had a go at the puzzle, and special congratulations to our winners, who were drawn entirely at `/dev/random `as:

**@Hearth****Tyler Young****Eoin****Melissa DeLucchi****[anon]**

Keep your eye on Naked Security (and follow @duckblog on Twitter) if you’d like early warning of the next #sophospuzzle!

I've read this article and still don't get how the decryption works. Can I just pay you all to get a Sophos tshirt?