There is a sculpture in front of the CIA headquarters called KRYPTOS. It’s a little taller than a grown man, looks like a giant scroll unfurling and is covered Roman alphanumeric characters and the occasional question mark. The whole thing is a code. Four codes, to be exact. With each code providing a key to the code after it. The whole point of the piece is an homage to the cryptanalysis work done by the CIA and other government agencies. KRYPTOS was unveiled in 1990, and in the 21 years since, only three of the four codes have been broken.
The last code is still being furiously worked on, but each code is a level of magnitude more complex than the previous one, and the last one has been confounding people for years.
Which made me wonder why no one ever thought to go about finding the solution in a more abstract manner.
See, there’s a point where code breaking is hitting something hard until it breaks. Using super-computers to try trillions of permutations until you get something resembling a translated message, for example. But this takes time, and is somewhat akin to hacking your way through a mountain with a pick axe.
But, every code has to be made by some one. And that some one has to hold the key to their code.
Why not go after that person? People are soft after all, and you get a lot more results hitting soft bits than hitting hard bits.
In my head, there’s some young code-breaker who’s realized this. A Captain Kirk-esque figure that’s decided to solve KRYPTOS, not by cracking the code, but rather by stealing the key through social engineering.
Long ago, hackers realized the most vulnerable point in a system is the human element. If you can find a person to talk to, you can probably get them to unwittingly let you into their system. This is the basis of social engineering, tricking people into doing what you need them to do.
Our young code-breaker would apply these ideas to the creator of KRYPTOS. He’d find a way to get into the sculptor’s studio and find the key, or he’d convince the sculptor to give up the information he needed to solve the cypher.
And then, when he presented the completed translation of the KRYPTOS and the questions sprung up about how he managed it, he’d just say…
“I hit the soft bits.”