Cicada 3301

[David Guyatt]

A mystery, no less.

Cicada 3301 update: the baffling internet mystery is back

A third instalment of the infamous internet puzzle appeared over the weekend, this time featuring William Blake, Masonic stars and a promise of enlightenment'

Cicada 3301: the baffling internet mystery is back








By Chris Bell

8:11AM GMT 07 Jan 2014
10 Comments


Wanted: willing puzzle fans to help solve the internet's most complicated and enduring mystery. Only those conversant in hexidecimal cryptology, medieval Welsh poetry and classical music theory among many others need apply.

After a 12 month hiatus, Cicada 3301 a complex collection of anonymously-set puzzles, without apparent purpose, that have nevertheless held thousands of amateur web sleuths rapt has made a reappearance.

When the Telegraph first reported on the underground phenomenon last November, global interest intensified in the shadowy organisation and the elaborate series of cryptographic puzzles apparently aimed at recruiting expert programmers.

And the Cicada's re-emergence is exactly on schedule, too. The first set of puzzles, identified by images of the insect, appeared on January 5th 2012.

A message left anonymously on notorious website 4Chan simply read: "We are looking for highly intelligent individuals. To find them, we have devised a test…"

Related Articles

• The internet mystery that has the world baffled
  25 Nov 2013
  
• It's like a digital treasure hunt
  26 May 2007
  
• Can you crack it? GCHQ unveils fiendish code
  11 Sep 2013
  
• Secret codes: how to solve them
  11 Sep 2013
  

After a series of increasingly complex riddles ranging from cyberpunk literature to voicemail messages to posters affixed to streetlights around the globe the mysterious organisation behind the tests went quiet. Only for another set of teasers to appear exactly one year later, on January 4th 2013.
Again, solvers were faced with another formidably eclectic range of subjects from ancient Hebrew code tables to Anglo-Saxon runes to Victoria occultist Aleister Crowley. Within a few weeks the puzzles stopped, with only a select few allowed through to a hallowed "inner sanctum" of Cicada.
And, of course, no-one was left any the wiser as to the source or ultimate purpose of the puzzles. Were they part of an elaborate PR campaign for a new Alternate Reality Game? A recruitment drive by the CIA, NSA or MI6? Or just a bit of fun?
But while another set of posers was anticipated during the first week of 2014, this year was different. Such widespread coverage had lead some commentators to wonder if, like the insect itself, the organisation might be scared back underground.
Worse, some feared it might lead to widespread "trolling" hoaxers trying to pass off their own puzzles as legitimate Cicada tests, further muddying the water.
Indeed, the first week of January has seen dozens of messagesappearing on messageboards purporting to be from Cicada some of which were elaborate enough to be believable. And yet all of which have been proved fake.
Until, that is, just before 11pm on January 5th. A Twitter accountpreviously used by the Cicada organization released a message, bearing the faint image of a cicada, to its 700 followers.
"Hello," it read. "Epiphany is upon you. Your pilgrimage has begun. Enlightenment awaits. Good luck. 3301."
Enthusiasts have since confirmed the message has the necessary PGP signature a common encryption method used for privacy to prove it is legitimately from Cicada 3301.
And so the hunt is underway once more. Already, a debate has begun online into the relevance of "Epiphany", as January 6 is the Christian feast day known as Epiphany.
But by examining the image for steganography a technique used to hide data inside images, sometimes used by paedophiles or terrorist organisations solvers have already revealed a quote: "The work of a private man/ who wished to transcend,/ He trusted himself, / to produce from within."
Further analysis with a program called Outguess has revealed a link toSelf-Reliance, a treatise on transcendentalism by American poet Ralph Waldo Emerson.
When run through a cipher, the excerpt reveals the phrase "For Every Thing That Lives Is Holy" and a new image a collage of artworks from The Marriage of Heaven and Hell, by the English poet and painter William Blake.
Specifically, it features a collage of his works Nebuchadnezzer, The Ancient Of Days and Newton with a faint marking of a cicada tucked into the bottom of the picture.
But the images are arranged in such a way that some solvers are now debating whether the image is supposed to represent a Thelema star (a hexagram developed by Aleister Crowley) or an image of a Masonic Square.
Either way, the pursuit of a solution continues. Enthusiasts wishing to join in the debate can access an internet chat relay while a Wiki is constantly updating and sharing progress, with helpful explanations.
And after three years, who knows perhaps, in terms of determining the purpose and source of Cicada 3301, we may be finally getting closer to what that initial image promises: "enlightenment".

[David Guyatt]

Earlier:

The internet mystery that has the world baffled

For the past two years, a mysterious online organisation has been setting the world's finest code-breakers a series of seemingly unsolveable problems. But to what end? Welcome to the world of Cicada 3301

Cicada 3301: the baffling internet mystery is back








By Chris Bell

11:00AM GMT 25 Nov 2013
1143 Comments


One evening in January last year, Joel Eriksson, a 34-year-old computer analyst from Uppsala in Sweden, was trawling the web, looking for distraction, when he came across a message on an internet forum. The message was in stark white type, against a black background.

"Hello," it said. "We are looking for highly intelligent individuals. To find them, we have devised a test. There is a message hidden in this image. Find it, and it will lead you on the road to finding us. We look forward to meeting the few that will make it all the way through. Good luck."

The message was signed: "3301".

A self-confessed IT security "freak" and a skilled cryptographer, Eriksson's interest was immediately piqued. This was he knew an example of digital steganography: the concealment of secret information within a digital file. Most often seen in conjunction with image files, a recipient who can work out the code for example, to alter the colour of every 100th pixel can retrieve an entirely different image from the randomised background "noise".

It's a technique more commonly associated with nefarious ends, such as concealing child pornography. In 2002 it was suggested that al-Qaeda operatives had planned the September 11 attacks via the auction site eBay, by encrypting messages inside digital photographs.

Related Articles

• iOS 7: users destroy iPhones after fake waterproof advert
  24 Sep 2013
  
• It's like a digital treasure hunt
  26 May 2007
  
• Can you crack it? GCHQ unveils fiendish code
  11 Sep 2013
  
• Secret codes: how to solve them
  11 Sep 2013
  
• Cicada 3301: the internet mystery is back
  07 Jan 2014
  
• Farewell Araucaria, the mixed-up cinephile
  27 Nov 2013
  

Sleepily it was late, and he had work in the morning Eriksson thought he'd try his luck decoding the message from "3301". After only a few minutes work he'd got somewhere: a reference to "Tiberius Claudius Caesar" and a line of meaningless letters. Joel deduced it might be an embedded "Caesar cipher" an encryption technique named after Julius Caesar, who used it in private correspondence. It replaces characters by a letter a certain number of positions down the alphabet. As Claudius was the fourth emperor, it suggested "four" might be important and lo, within minutes, Eriksson found another web address buried in the image's code.
Feeling satisfied, he clicked the link.
It was a picture of a duck with the message: "Woops! Just decoys this way. Looks like you can't guess how to get the message out."
"If something is too easy or too routine, I quickly lose interest," says Eriksson. "But it seemed like the challenge was a bit harder than a Caesar cipher after all. I was hooked."
Eriksson didn't realise it then, but he was embarking on one of the internet's most enduring puzzles; a scavenger hunt that has led thousands of competitors across the web, down telephone lines, out to several physical locations around the globe, and into unchartered areas of the "darknet". So far, the hunt has required a knowledge of number theory, philosophy and classical music. An interest in both cyberpunk literature and the Victorian occult has also come in handy as has an understanding of Mayan numerology.
It has also featured a poem, a tuneless guitar ditty, a femme fatale called "Wind" who may, or may not, exist in real life, and a clue on a lamp post in Hawaii. Only one thing is certain: as it stands, no one is entirely sure what the challenge known as Cicada 3301 is all about or who is behind it. Depending on who you listen to, it's either a mysterious secret society, a statement by a new political think tank, or an arcane recruitment drive by some quasi-military body. Which means, of course, everyone thinks it's the CIA.
For some, it's just a fun game, like a more complicated Sudoku; for others, it has become an obsession. Almost two years on, Eriksson is still trying to work out what it means for him. "It is, ultimately, a battle of the brains," he says. "And I have always had a hard time resisting a challenge."
On the night of January 5 2012, after reading the "decoy" message from the duck, Eriksson began to tinker with other variables.

Taking the duck's mockery as a literal clue, Eriksson decided to run it through a decryption program called OutGuess. Success: another hidden message, this time linking to another messageboard on the massively popular news forum Reddit. Here, encrypted lines from a book were being posted every few hours. But there were also strange symbols comprising of several lines and dots Mayan numbers, Eriksson realised. And duly translated, they led to another cipher.
Up until now, Eriksson would admit, none of the puzzles had really required any advanced skills, or suggested anything other than a single anonymous riddle-poser having some fun. "But then it all changed," says Eriksson. "And things started getting interesting."
Suddenly, the encryption techniques jumped up a gear. And the puzzles themselves mutated in several different directions: hexadecimal characters, reverse-engineering, prime numbers. Pictures of the cicada insect reminiscent of the moth imagery in Thomas Harris's The Silence of the Lambs became a common motif.
"I knew cicadas only emerge every prime number of years 13, or 17 to avoid synchronising with the life cycles of their predators," says Eriksson. "It was all starting to fit together." The references became more arcane too. The book, for example, turned out to be "The Lady of the Fountain", a poem about King Arthur taken from The Mabinogion, a collection of pre-Christian medieval Welsh manuscripts.
Later, the puzzle would lead him to the cyberpunk writer William Gibson specifically his 1992 poem "Agrippa" (a book of the dead), infamous for the fact that it was only published on a 3.5in floppy disk, and was programmed to erase itself after being read once. But as word spread across the web, thousands of amateur codebreakers joined the hunt for clues. Armies of users of 4chan, the anarchic internet forum where the first Cicada message is thought to have appeared, pooled their collective intelligence and endless free time to crack the puzzles.
Within hours they'd decoded "The Lady of the Fountain". The new message, however, was another surprise: "Call us," it read, "at telephone number 214-390-9608". By this point, only a few days after the original image was posted, Eriksson had taken time off work to join the pursuit full time.
"This was definitely an unexpected turn," he recalls. "And the first hint that this might not just be the work of a random internet troll." Although now disconnected, the phone line was based in Texas, and led to an answering machine. There, a robotic voice told them to find the prime numbers in the original image. By multiplying them together, the solvers found a new prime and a new website: 845145127.com. A countdown clock and a huge picture of a cicada confirmed they were on the right path.
"It was thrilling, breathtaking by now," says Eriksson. "This shared feeling of discovery was immense. But the plot was about to thicken even more." Once the countdown reached zero, at 5pm GMT on January 9, it showed 14 GPS coordinates around the world: locations in Warsaw, Paris, Seattle, Seoul, Arizona, California, New Orleans, Miami, Hawaii and Sydney. Sat in Sweden, Eriksson waited as, around the globe, amateur solvers left their apartments to investigate. And, one by one reported what they'd found: a poster, attached to a lamp post, bearing the cicada image and a QR code (the black-and-white bar code often seen on adverts these days and designed to take you to a website via your smartphone).
"It was exhilarating," said Eriksson. "I was suddenly aware of how much effort they must have been putting into creating this kind of challenge." For the growing Cicada community, it was explosive proof this wasn't merely some clever neckbeard in a basement winding people up, but actually a global organisation of talented people. But who?
Speculation had been rife since the image first appeared. Some thought Cicada might merely be a PR stunt; a particularly labyrinthine Alternate Reality Game (ARG) built by a corporation to ultimately and disappointingly promote a new movie or car.
Microsoft, for example, had enjoyed huge success with their critically acclaimed "I Love Bees" ARG campaign. Designed to promote the Xbox game Halo 2 in 2004, it used random payphones worldwide to broadcast a War of the Worlds-style radio drama that players would have to solve.

But there were complicating factors to Cicada. For one, the organisers were actively working against the participants. One "solver", a female known only as Wind from Michigan, contributed to the quest on several messageboards before the community spotted she was deliberately disseminating false clues. Other interference was more pointed. One long, cautionary diatribe, left anonymously on the website Pastebin, claimed to be from an ex-Cicada member a non-English military officer recruited to the organisation "by a superior". Cicada, he said, "was a Left-Hand Path religion disguised as a progressive scientific organisation" comprising of "military officers, diplomats, and academics who were dissatisfied with the direction of the world". Their plan, the writer claimed, was to transform humanity into the Nietzschen Ãœbermensch.
"This is a dangerous organisation," he concluded, "their ways are nefarious." With no other clues, it was also asssumed by many to be a recruitment drive by the CIA, MI6 or America's National Security Agency (NSA), as part of a search for highly talented cryptologists. It wouldn't have been the first time such tactics had been used.
Back in 2010, for example, Air Force Cyber Command the United States' hacking defence force, based at Fort Meade in Maryland secretly embedded a complex hexadecimal code in their new logo. Cybercom head Lt Gen Keith Alexander then challenged the world's amateur analysts to crack it (it took them three hours). And in September this year, GCHQ launched the "Can You Find It?" initiative a series of cryptic codes designed to root out the best British cryptographers. As GCHQ's head of resourcing Jane Jones said at the time, "It's a puzzle but it's also a serious test the jobs on offer here are vital to protecting national security."
[SUB]GCHQ's 'Can You Find It?' puzzle[/SUB]
Dr Jim Gillogly, former president of the American Cryptogram Association, has been cracking similar codes for years and says it's a tried and tested recruitment tactic.
"During the Second World War, the top-secret Government Code and Cypher School used crossword puzzles printed in The Daily Telegraph to identify good candidates for Bletchley Park," he says. "But I'm not sure the CIA or NSA is behind Cicada. Both are careful with security, the recent Snowden case notwithstanding. And starting the puzzle on [the anarchic internet forum] 4chan might attract people with less respect for authority than they would want working inside."
But that doesn't rule out other organisations. "Computer and data security is more important than ever today," says Dr Gillogly. The proliferation of wireless devices, mobile telephones, e-commerce websites like Amazon and chip-and-pin machines, means the demand for cryptologists has never been higher. (Something the UK government acknowledged last year when it announced it was setting up 11 academic "centres of excellence" in cyber security research.)
"One of the more important components of security systems is the efficacy of the cryptography being used," says Dr Gillogly. "Which means cryptanalysts are in higher demand than ever before - no longer just with the intelligence services. It could just as easily be a bank or software company [behind Cicada]."
Eriksson himself agrees. As a regular speaker at Black Hat Briefings the secretive computer security conferences where government agencies and corporations get advice from hackers he knows certain organisations occasionally go "fishing" for new recruits like this. But to him the signs point to a recruitment drive by a hacker group like Anonymous.
"I can't help but notice," he says, "that the locations in question are all places with some of the most talented hackers and IT security researchers in the world." Either way, their identity would prove irrelevant. When the QR codes left on the lamp posts were decoded, a hidden message pointed the solvers towards a TOR address. TOR, short for The Onion Router, is an obscure routing network that allows anonymous access to the "darknet" the vast, murky portion of the internet that cannot be indexed by standard search engines. Estimated to be 5,000 times larger that the "surface" web, it's in these recesses where you'll find human-trafficking rings, black market drug markets and terrorist networks. And it's here where the Cicada path ended.
After a designated number of solvers visited the address, the website shut down with a terse message: "We want the best, not the followers." The chosen few received personal emails detailing what, none have said, although one solver heard they were now being asked to solve puzzles in private. Eriksson, however, was not among them. "It was my biggest anticlimax when I was too late to register my email at the TOR hidden service," he says. "If my sleep-wake cycle had been different, I believe I would have been among the first." Regardless, a few weeks later, a new message from Cicada was posted on Reddit. It read: "Hello. We have now found the individuals we sought. Thus our month-long journey ends. For now." All too abruptly for thousands of intrigued solvers, it had gone quiet.
Except no. On January 4 this year, something new. A fresh image, with a new message in the same white text: "Hello again. Our search for intelligent individuals now continues." Analysis of the image would reveal another poem this time from the book Liber Al Vel Legis, a religious doctrine by the English occultist and magician Aleister Crowley. From there, the solvers downloaded a 130Mb file containing thousands of prime numbers. And also an MP3 file: a song called The Instar Emergence by the artist 3301, which begins with the sound of guess what cicadas.
Analysis of that has since led to a Twitter account pumping out random numbers, which in turn produced a "gematria": an ancient Hebrew code table, but this time based on Anglo-Saxon runes. This pointed the solvers back into the darknet, where they found seven new physical locations, from Dallas to Moscow to Okinawa, and more clues. But that's where, once again, the trail has gone cold. Another select group of "first solvers" have been accepted into a new "private" puzzle this time, say reports, a kind of Myers-Briggs multiple-choice personality test.
But still, we are no closer to knowing the source, or fundamental purpose, of Cicada 3301. "That's the beauty of it though," says Eriksson. "It is impossible to know for sure until you have solved it all." That is why for him, and thousands of other hooked enthusiasts, January 4 2014 is so important: that's when the next set of riddles is due to begin again. "Maybe all will be revealed then," he grins. "But somehow, I doubt it."

[David Guyatt]

Their creed if you will.

An excerpt from the warning pastebin in 2013:
you have wondered who we are so we shall now tell you we are an international group we have no name
we have no symbol we have no membership rosters we do not have a public
website and we do not advertise ourselves we are a group of individuals
who have proven ourselves much like you have by completing this
recruitment contest and we are drawn together by common beliefs a
careful reading of the texts used in the contest would have revealed
some of these beliefs that tyranny and oppression of any kind must end
that censorship is wrong and that privacy is an inalienable right.

We are not a *hacker* group nor are we a *warez* group we do not engage
in illegal activity nor do our members if you are engaged in illegal activity
we ask that you cease any and all illegal activities or decline membership
at this time we will not ask questions if you decline however if you lie to
us we will find out.

You are undoubtedly wondering what it is that we do. We are much like a
*think tank*; in that our primary focus is on researching and developing
techniques to aid the ideas. We advocate liberty privacy security. You
have undoubtedly heard of a few of our past projects and if you choose
to accept membership we are happy to have you on-board to help with
future projects.

+++

1. 3301 cicada, this has been modified from your orriginal text in order to remove your uber sekret 0hd4y identifications signature. If you think it belongs to any particular applicant it does not; and you DO know what I mean. u mad?
   
   
2. 
   
   
3. ---BEGIN FU ENCODING STRIPPED MESSAGE---
   
   
4. DO NOT SHARE THIS INFORMATION!
   
   
5. 
   
   
6. Congratulations your month of testing has come to an end out of the thousands who attempted it you are one of only a few who have succeeded.
   
   
7. 
   
   
8. There is one last step although there will not be any hidden codes or secret messages or physical treasure hunts this last step is only honesty we have always been honest with you and we shall continue to be honest with you and we expect you to be honest with us in return.
   
   
9. 
   
   
10. You have all wondered who we are and so we shall now tell you we are an international group we have no name we have no symbol we have no membership rosters we do not have a public website and we do not advertise ourselves we are a group of individuals who have proven ourselves much like you have by completing this recruitment contest and we are drawn together by common beliefs a careful reading of the texts used in the contest would have revealed some of these beliefs that tyranny and oppression of any kind must end that censorship is wrong and that privacy is an inalienable right.
    
    
11. 
    
    
12. We are not a *hacker* group nor are we a *warez* group we do not engage in illegal activity nor do our members if you are engaged in illegal activity we ask that you cease any and all illegal activities or decline membership at this time we will not ask questions if you decline however if you lie to us we will find out.
    
    
13. 
    
    
14. You are undoubtedly wondering what it is that we do we are much like a *think tank* in that our primary focus is on researching and developing techniques to aid the ideas we advocate liberty privacy security you have undoubtedly heard of a few of our past projects and if you choose to accept membership we are happy to have you on-board to help with future projects.
    
    
15. 
    
    
16. Please reply to this email with the answers to the next few questions to continue:
    
    
17. 
    
    
18. * Do you believe that every human being has a right to privacy and anonymity and is within their rights to use tools which help obtain and maintain privacy cash strong encryption anonymity software etc?
    
    
19. 
    
    
20. * Do you believe that information should be free?
    
    
21. 
    
    
22. * Do you believe that censorship harms humanity?
    
    
23. 
    
    
24. We look forward to hearing from you.
    
    
25. 
    
    
26. 3301
    
    
27. ---END FUUUUUUUUUUU---
    
    
28. 
    
    
29. We look forward to hearing from you.
    
    
30. 
    
    
31. Anonymous
    

[Magda Hassan]

This is so intruiging. Since I have a hard enough time completing the cryptic crossword each day I don't think I'm in the running for the solving this puzzle. Looking forward to see where this travels. Merry prankster? Enlightenment? Or more sinister?:alberteinstein:::angeldevil:::ongwriting::::fortuneteller::

[David Guyatt]

Updates

The Beginning The Twitter Image In early January 2014, people gathered together to wait for the next signs of life from Cicada 3301. After several attempts to mislead solvers, eventually, a genuine message from cicada was found. On January 6th, the twitter used by cicada in 2013 was re-examined; after being in active for about a year, it featured a tweet linking to an image on imgur. In line with earlier rounds, this image contained a message, which can be recovered using the program outguess. Executing outguess -r zN4h51m.jpg zN4h51m_output on a linux machine returns this message. Unlike any previous attempts by the numerous distractors, the authenticity of this message was established by verifying its PGP signature. It contains a valid signature for the PGP key used by cicada in the past. The Book Cipher The message looked like a book cipher - and indeed, book ciphers have been used by cicada in the past. The community quickly found the book in question - Self-Reliance and Other Essays by Ralph Waldo Emerson. To illustrate how to solve this, let us take the first line of the message: 1:2:3:1 This references the first paragaph of the text, the second sentence, of which the third word and finally the first letter. To make a long story short, this returns &quot;always&quot; - the first character is 'a'. Following this scheme (with the exception being the sole number &quot;3&quot; in the cipher referencing the third character, an l in the authors name) and appending the vertically spelled &quot;.onion&quot; to the result, we finally come up with this: auqgnxjtvdbll3pv.onion The resulting onion domain was quickly investigated. The First Onion This onion has since gone offline. The William Blake Collage The onion domain featured this image, which is a collage of at least one painting by William Blake. Following the usual procedure for investigating images, it was noticed that this image contains a message, again, extractable by outguess. This message in its entirety can be found here. The following is its content, omitting the PGP header and signature: e = 65537 n = 75579125746085351644267182920580212556413102071876330957950694457000592\ 10248050757270234679993673844203148013173091173786572116639 - -----BEGIN COMPRESSED RSA ENCRYPTED MESSAGE----- Version: 1.99 Scheme: Crypt::RSA::ES::OAEP eJwBswBM/zEwADE2MgBDeXBoZXJ0ZXh0LE2jxJS1EzMc80kOK+hra1GKnXgQKQgVitIy8NgA7kxn 2u8jNQDvlu0uymNNiu6XVCCn66axGH0IZ9w4Af3K/yRgjObsfA1Q7QqpXNALJ9FFPgYl5rh07cBP M9kbSH6DynU/5cYgQod2KymjWcIvKx3FkjV4UOGakDnBf1eQp1uwvn3KxDVwTyzPqbMnZvOA06Ec AfKtyz1hEK/UBXkeMeVrnV5SQQ== =yTUshDMKN65aPaKAR0OU8g== - -----END COMPRESSED RSA ENCRYPTED MESSAGE----- The message can be seperated into two parts. The first part, spanning the first 3 rows, declares two values, an N and an e. The next part, hugged by &quot;BEGIN COMPRESSED RSA ENCRYPTED MESSAGE&quot;, contains information about an encryption scheme, also called a chiffre, as well as data encoded in base64. Base64 is a scheme to encode unprintable bytes into printable characters. The Scheme line tells us that the following message is encrypted using the cipher RSA. The next step was clear: decrypt the message. To do that, we needed something we didn't have: the private key. A brief explanation is in order. A Brief Overview of RSA RSA is a moderately complex cipher to understand; Numberphile provides a good introduction to the topic. Its main advantage is that, as a public key encryption scheme, it allows sharing of encryption keys without transmitting the key in plaintext or agreeing on a key in advance. Public key cryptography solves the problem of how two parties can communicate securely without a pre-existing secure channel of communication. In RSA, N and e are variables commonly used in the mathematical aspects of the cipher. In fact, they constitute the public key. The public and private keys are mathematically related. Without going too much into detail, they both are related to N. N is the product of two large primes, called p and q. If an attacker manages to factor N, which is publicly available, into its two prime factors p and q, then it becomes trivial to calculate the corresponding private key. In reality, factoring large integers that have only two prime factors is a computationally hard problem . In RSA, an N with 2048 or 4096 bits is typically used as the large size provides enough complexity to make the factorization of p and q computationally infeasible in the short term. Finding the Private Key (or, Brute Forcing RSA) To our luck, the N used to encrypt the message was far smaller than 2048 or 4096 bits. The N we were given was 432 bits (130 decimal digits) long. The solving community exhausted a lot of options in an attempt to find the private key. They searched for suspicious information in the data provided until that point, investigated images, brainstormed correlations, followed connections and so forth. As time went on and nothing was discovered, the solvers began to discuss the worst case scenario: finding p and q via brute computational force. After a while it was agreed that a parallelized approach would render the best results, as a breakthrough in finding the hidden data would not impede on factorizing the number and vice versa. So a small group of people banded together to think about the most effective way to share their computing power in order to factor N. It was decided that a distributed approach would be the only feasible option, since even a slightly less complex N than the ones used today is a lot of work for a single processor. Distributing the workload however could achieve results in way less time, and the community was eager to help. We quickly agreed on cado-nfs, a program that did everything we could ever ask for. To make a long story short: after about 8 hours of debugging, fixing, patching and testing as well as additional 9 hours of distributively working on the prime, the results were in: p = 97513779050322159297664671238670850085661086043266591739338007321 q = 77506098606928780021829964781695212837195959082370473820509360759 These individuals successfully brute forced a 432-bit RSA key. Make no mistake -- this is an incredible feat for a group of people spread across the world with consumer-grade hardware. At this point, the writer would like to take a moment to express their gratitude for the people participating in this effort. Without the people donating their time, efforts and resources, this would have taken a lot longer than originally anticipated. Also, a special thanks needs to go to the people who managed the servers, especially the one unnamed person who rented a server from Amazon to complete the last, locally computed phase of the calculation. With all words of thanks being said, let's continue. Putting The Private Key To Use Now that we have the information, we have to make something out of it. To make sure we do it right, it would be wise to simply do what cicada did to encrypt the message and reverse it. We also have a clue for this in the outguessed message. The line Scheme: Crypt::RSA::ES::OAEP contains a dead giveaway. The programming language Perl uses double colons to achieve modulization, therefore, we can safely conclude that Perl was used to encrypt this message. To, again, shorten a long story, a program to decrypt the message can be found here. The Second Onion This onion has since gone offline. The Growing String After the successful decryption of the RSA message, we had a single resource: cu343l33nqaekrnw.onion This is the address of a Tor Hidden Service. Upon visiting the service, the following document was displayed: <!--Patience is a virtue--> 634292ba49fe336edada779a34054a335c2ec12c8bbaed4b92dcc05efe98f76abffdc2389bdb9de2cf20c009acdc1945ab095a52609a5c219afd5f3b3edf10fcb25950666dfe8d8c433cd10c0b4c72efdfe12c6270d5cfde291f9cf0d73cb1211140136e4057380c963d70c76948d9cf6775960cf98fbafa435c44015c5959837a0f8d9f46e094f27c5797b7f8ab49bf28fa674d2ad2f726e197839956921dab29724cd48e1a81fc9bab3565f7513e3e368cd0327b47cf595afebb78d6b5bca92ba021cd6734f4362a0b341f359157173b53d49ea5dff5889d2c9de6b0d7e8c615286ce596bfa83f50b6eeabd153aaf50cd75f39929ba11fb0f8e8d611442846 The page appeared to be static. However, after some time, we noticed that the string was slowly growing. Every few minutes, two characters were appended to the end of the string. This process continued for approximately 23 hours. The time intervals between new bytes were found to be multiples of five. Various users recorded the minutes between updates, the time that they occurred, and the data appended at those times. http://pastebin.com/5bTLHqCN http://imgur.com/lTRRxTT http://pastebin.com/qn8jmPJr (GMT +1) http://i.imgur.com/prAeqPS.png The above datasets are most likely not complete, and no guarantee of accuracy is made. After 23 hours, the process stopped and no more characters/bytes were appended to the string. The final string was: 634292ba49fe336edada779a34054a335c2ec12c8bbaed4b92dcc05efe98f76abffdc2389bdb9de2cf20c009acdc1945ab095a52609a5c219afd5f3b3edf10fcb25950666dfe8d8c433cd10c0b4c72efdfe12c6270d5cfde291f9cf0d73cb1211140136e4057380c963d70c76948d9cf6775960cf98fbafa435c44015c5959837a0f8d9f46e094f27c5797b7f8ab49bf28fa674d2ad2f726e197839956921dab29724cd48e1a81fc9bab3565f7513e3e368cd0327b47cf595afebb78d6b5bca92ba021cd6734f4362a0b341f359157173b53d49ea5dff5889d2c9de6b0d7e8c615286ce596bfa83f50b6eeabd153aaf50cd75f39929ba11fb0f8e8d611442846 This string is 512 characters long. We assume it is hexadecimal. However, about an hour after the string finished growing, at approximately 05:31:40 GMT the document changed. The old 512-character code was gone, along with the HTML comment. In its place was the following document: https://infotomb.com/oyfhl.txt We link to it because it is very large. Note that the HTML comment was changed from <!--Patience is a virtue--> to <!--761--> This is significant. We noticed that, by applying the Gematrius Primus from the 2013 puzzle to the phrase 'Patience is a virtue' and summing the result, one obtains 761. The number is also a palindromic prime. The new string was 3641299 (?) characters long. We noticed that it contained a significant amount of repeated text. Analsysis of this new string revealed that it contained three JPEG image files. This was discovered when we: Converted the string into its binary representation Flipped all the bits (i.e. 0 becomes 1, 1 becomes 0) [Note: this is equivalent to XOR 111111] Looking at that XOR'd binary string, we noticed that the first two bytes were 0xFF 0xD8 Wikipedia tells us that these are the first two bytes of a JPEG image. We walked through the data left to right, and later on in the string, we discovered the same byte sequence again. This indicated the presence of more than one JPEG image. We analysed the rest of the string in a similar fashion, and discovered a total of three JPEG images. The third JPEG image was in reverse order, and so had to be un-reversed. For further clarification, the order was this (.... = JPEG data, [ ] = one complete image): [0xFF 0xD8........................][0xFF 0xD8........................][........................0xD8 0xFF] After transforming the bytes into their proper JPEG format (note that you must reverse the byte sequence of the third image before doing this): dd if=onioninvert.bin of=onion1.jpg bs=1 skip=0 count=168876 dd if=onioninvert.bin of=onion2.jpg bs=1 skip=168876 count=1476614 dd if=onioninvert.bin of=onion3rev.jpg bs=1 skip=1645490 count=175159 we obtained the following three images: Liber primus Liber Primus Intus Intus Runes Runes Add a photo to this gallery Image Analysis Each of the images contain hidden messages and other information. These were found and analyzed simultaneously. As a result, this section does not proceed in chronological order. Intus outguess -r intus.jpg out.txt yields https://infotomb.com/esd78.txt Liber Primus outguess -r liber_primus.jpg out.txt yields https://infotomb.com/hb0ba.txt Runes outguess -r runes.jpg out.txt yields https://infotomb.com/vmtyf.txt Here we break to explain something: Below are two images. The first image is from 2013's puzzle and was obtained through use of XOR. It was used to solve portions of that year's puzzle. The second was created by puzzle solvers in 2014 and is derived from the first. Here we refer to 2013's image, which was released by Cicada 3301, as 'Gematria Primus 2013'. We refer to 2014's image as 'Gematria Primus 2014'. It is paramount to understand that 2013's image was created by Cicada 3301, while 2014's was created by puzzle solvers and was created from rearranging 2013's image. Gematria primus Gematria Primus 2013 Runes-warning Gematria Primus 2014 Add a photo to this gallery We now return to the puzzle. Using the Gematria Primus 2013, the runes in the 'Runes' image become: R NGRAMW JIHEIIAI MAEYW EAAAEN YEP JAEAED IXDISEO NGLREO THAEIA DMAENG EOAE JI EOAIAI EOIPEO YI D MAENGHICOEI EAEMC THAEIAA EOAIAY IX SIAEIMDI THAEIAA CFY CAE MAEEO ICEEO AE A DLRWI YEP JAEAED AEA YI NICCROEI DAEMEOREMIC NGEYEM IEYIA YI NGAE ACC AEA YIEA MIANJIAC EAAEA RHH E C CRDAIC This stumped us for some time. Then, someone created Gematria Primus 2014 by rearranging Gematria Primus 2013. From Gematria Primus 13, take the left block of three columns and stack it on top of the right block of three columns. Then, find the letter you wish to decode. Find the position of that letter in the vertical list, beginning at the top. Take that number and find the character that many characters into the list, from the bottom up. Applying this process to each letter/rune yields (newlines added for readability): A WARNING BELIEVE NOTHING FROM THIS BOOK EXCEPT WHAT YOU KNOW TO BE TRUE TEST THE KNOWLEDGE FIND YOUR TRUTH EXPERIENCE YOUR DEATH DO NOT EDIT OR CHANGE THIS BOOK OR THE MESSAGE CONTAINED WITHIN EITHER THE WORDS OR THEIR NUMBERS FOR ALL IS SACRED By substituting each character for its respective value in Gematria Primus 2013, we noticed that the sum of each line adds up to a prime (emirps marked by *): A WARNING BELIEVE NOTHING FROM THIS BOOK = 757* EXCEPT WHAT YOU KNOW TO BE TRUE = 1009* TEST THE KNOWLEDGE = 691 FIND YOUR TRUTH = 353* EXPERIENCE YOUR DEATH = 769* DO NOT EDIT OR CHANGE THIS BOOK = 911* OR THE MESSAGE CONTAINED WITHIN = 1051* EITHER THE WORDS OR THE NUMBERS = 859 FOR ALL IS SACRED = 677 The 5 Gram Message Shortly after the warning in the previous section was found, it was discovered that by XORing the hexadecimal messages hidden within each of the three images the following message resulted: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 IDGTK UMLOO ARWOE RTHIS UTETL HUTIA TSLLO UIMNI TELNJ 7TFYV OIUAU SNOCO 5JI4M EODZZ Good luck. 3301 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGBQJSy23PAAoJEBgfAeV6NQkPeJwP/0IoafJ1SbmhD+KNbL5I2EdH jgPRnZNrKCyMpWFSIw1qs6ujuw6VnW/rfnOD+df4kpzoAwEFfZDcRnBVsvIzOJ31 Txj9jXD22ki/CNRY88NyIzW9fjKs+iOylsa7Tx+6PBb3ndoYNEwnQwLIq3K4S3kQ tgMzE3LiVq2pQwqFNdN+zGqcq7POEs0GmnL1aNpqU+Wrba4gSfoWwQBWUDv3S/s8 vY0hEqhWNd76wphig6hH6OyIaX/t1eYfcsSYhzAE5oKKahGr1E7cX1GBpHCIr1WM ZwNaGVArQAkyEzT++tmF01O9h218CiTUFoBM/Zxyra7vxI2UOYS/pLonuV+eXARY YfPHaZZxfk3bUWXcxioRukFSY2+xNdPfuBIT8rcJqa1kPJOzeZVC/IcwHA2mmG4l 3ltiVcDnQrZgz6Im3/ugFg8bqW12qqZ6XizRP3EXm4EnyhpfKZnXKPLEOvPKCj6j 1kYCrLmGtTTPFx79fZfryGXQIEAmipRbjVS5sVbUCfgmqUagmdU6v9VI53n6+r0J b2amxREA+2MflkEoVJUaLQJ1rKZLFFJ9J17zUaXKMllsDBWXJS4Mb54o2+8bkEcM 3cP+16XV9pf2wZBkJE0AwoXI4L8JEyjNZZcGSLy8BojlAupX3Fg9KKt71XXrm9FD tuBhMYWo/TDz+4UzLB+I =57tj -----END PGP SIGNATURE----- After some trial and error analysis, it was discovered that this ciphertext had been created using a simple column transposition cipher. By arranging the ciphertext into 14 columns like so: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 I D G T K U M L O O A R W O E R T H I S U T E T L H U T I A T S L L O U I M N I T E L N J 7 T F Y V O I U A U S N O C O 5 J I 4 M E O D Z Z And reordering the columns like so: 2 8 9 1 12 13 11 4 5 7 3 0 6 10 G O O D W O R K U L T I M A T E T R U T H I S T H E U L T I M A T E I L L U S I O N J O I N U S A T F V 7 L Y U C M E O Z Z D 5 J 4 O N I O A message is obtained: GOOD WORK ULTIMATE TRUTH IS THE ULTIMATE ILLUSION JOIN US AT FV7LYUCMEOZZD5J4ONIO Assuming that the final N was omitted in order to fit the bounds of the column transposition cipher, and applying proper formatting, the following Tor hidden service address is obtained: fv7lyucmeozzd5j4.onion And off we went. The Third Onion This onion has since been taken offline. In this section the puzzle fractures into several directions. The author has chosen not to subdivide this section and instead opts for pure chronological formatting. Events in this section are detailed in the exact order they occurred. The first visitor to this hidden service was greeted with a blank page. The page remained blank for a short time and then changed to the following document: <!--1033--> 87de5b7fa2 As with the RSA onion, the string slowly grew over time, with two new characters (one byte) being added at widely varying intervals. Some timing data was collected for further analysis. In the meantime, a solver ran the tool DirBuster against the hidden service and discovered an apparent misconfiguration of the backend Apache server. The server was leaking a system status page. Whether this was intentional is unknown. However, shortly after the page was discovered, it appears that Cicada was alerted that the status page had been discovered because the content of that page changed. Appended to the end of the server status was yet another very long string. This string was found to contain two image files in a similar ordering as the RSA onion, except that there was some data between them (OOB or Out Of Bounds data): [0xFF 0xD8..............................] [Data in between JPGs] [..............................0xD8 0xFF] After building the first JPG from the hex: xxd -p -r < server-status.hex > server-status.jpg One obtains the image shown below on the left. Doing the same for the reversed copy of the second JPG yields the same image as the first, shown on the right -- except for that OOB data. Onion3 Onion 3 Image Onion3 Onion 3 Image 2 Add a photo to this gallery Comparing the first and second images cmp -l server-status.jpg rev.server-status.jpg one obtains the OOB data: a02373230202020202833313020202020213433302020202021333130202020202135313a06363 330202020202939313020202020203331302020202020323330202020202028313a06323230202 020202534323020202020202139302020202025343230202020202632323a08313020202020203 2333020202020203331302020202029393130202020202636333a0135313020202020213331302 02020202134333020202020283331302020202022373230a0a Note that all of these bytes are within the printable range of ASCII characters, and many of them appear to be ASCII for digits (e.g. 0x30, 0x39). Converting this string to binary: xxd -b oob.hex oob.bin and reversing that:: xxd -r oob.bin oob-rev.bin we obtain: 272 138 341 131 151 366 199 130 320 18 226 245 91 245 226 18 320 130 199 366 151 131 341 138 272 Among other things, this is a magic square whose magic number is -- you guessed it -- 1033. Magicsquare Add a photo to this gallery For those following along, here's a nice one-liner to get that matrix from the original image: dd if=server-status.jpg bs=1 skip=$((0x00521e4)) count=357 status=noxfer | rev | xxd -p -r With matrix and Gematria Primus 2014 in hand, we began to interpret the runes in the image. The runes in the upper half of the image read: SOME WISDOM THE PRIMES ARE SACRED THE TOTIENT FUNCTION IS SACRED ALL THINGS SHOULD BE ENCRYPTED In the bottom half of the image, the red runes read: KNOW THIS: The table underneath, translated to value form using Gematria Primus 2013, yields: 272 138 341 131 151 366 199 130 320 18 226 245 91 245 226 18 320 130 199 366 151 131 341 138 272 which is the exact same matrix found earlier from the OOB data. About a day went by with little activity other than speculation on the meaning of this matrix. Then the string from the main page stopped growing. According the the HTTP header, the final update occurred on January 11 at 01:09:01 GMT. The final document was: <!--1033--> 87de5b7fa26ab85d2256c453e7f5bc3ac7f25ee743297817febd7741ededf07ca0c7e8b1788ea4131441a8f71c63943d8b56aea6a45159e2f59f9a194af23eaabf9de0f3123c041c882d5b7e03e17ac49be67cef29fbc7786e3bda321a176498835f6198ef22e81c30d44281cd217f7a46f58c84dd7b29b941403ecd75c0c735d20266121f875aa8dec28f32fc153b1393e143fc71616945eea3c10d6820bd631cf775cf3c1f27925b4a2da655f783f7616f3359b23cff6fb5cb69bcb745c55dff439f7eb6a4094bd302b65a84360a62f94c8b010250fcc431c190d6ed8cc8a3bfce37dddb24b93f502ad83c5fa21923189d8be7a6127c4105fcf0e5275286f2 The final string was 512 characters (assuming hex, 256 bytes or equivalently 2048 bits). It was observed that this string matched the growing string from the previous onion. Author Note: Past this point recorded information becomes extremely difficult to understand due to an almost unbelievable amount of noobs discovering Uncovering Cicada, and we are unable to retrace these steps due to the pertinent onions being taken offline in quick succession. We have done our best to interpret and verify what we could, and while we present this information in good faith, we are simply unable to provide as firm a guarantee of accuracy as was present in the sections above. On January 11 at 10:07 UTC, the Apache server status page changed once again to display a new hexadecimal string: https://infotomb.com/laqs9.txt This string contained the following two images in the same style as before [0xFF 0xD8...............] [...............0xD8 0xFF] LiberPrimuspage5 LiberPrimusPage6 Add a photo to this gallery First Image Outguessing the first image yields a signed message: https://infotomb.com/t5uuz.txt The hex string from that message encodes a JPG image: OutguessfromLiberPrimusPage6 Add a photo to this gallery The runes in this image were solved later (read on). Translating the runes from the first image with Gematria Primus yields (Author's Note: we haven't verified this yet): uWGsSfc rSugpWW fwxtclW ym WS tcnF GmXXmmw FpdGXr oW Xmi ff euG SuF yp rF ipF cF Fnw bxmd rXi fpc SSFc rTp fjmo ScwX bFw bWls ry jF r mcTSFtcpw mgS cGpu Sc rew Xpi bybx flir rm cgb yr cfu TpXjwtfW jgb FTffWpT pfax jmepGsosm wSjl wxuT FwmT dyjc sXxoGrmbw rmi dyjc xhuypl jGymfjpSuX wSj dwxu alasmXSx Fm Xmi py Fmuf After some time with trial and error, it was discovered that this ciphertext had been created with a Vignere cipher. Reversing the cipher yields: WELCOME: WELCOME, PILGRIM TO THE GREAT JOURNEY TOWARD THE END OF ALL THINGS. IT IS NOT AN EASY TRIP, BUT FOR THOSE WHO FIND THEIR WAY HERE IT IS A NECESSARY ONE. ALONG THE WAY YOU WILL FIND AN END TO ALL STRUGGLE AND SUFFERING, YOUR INNOCENCE, YOUR ILLUSIONS, YOUR CERTAINTY, AND YOUR REALITY. ULTIMATELY, YOU WILL DISCOVER AN END TO SELF. Second Image Outguessing the second image yields garbage output. The runes on it translate to (Author's Note: we haven't verified this yet): my yS Fxrjse ewn djusxytetm Sry ds neFdX pbunWGjXF jgb pTx pnwwilmF lpbuoWX rXWf rrSjm rmi dyj hlfu juXlTW SjoSrrm umsc WS liFFcl wi lt peup WXpTtb tme ulole Sjp uW lcg WgsXtm bmrTfp wrj rxc G jWQ je ym dyjcFXuf pfa ccW r ujr ambp gpbunWGf nxe ygiWGumtcgWW jF bpwd fyx Fuf Sjp xlTWa lT cyuX ce lFSixTsFhF Tyflcer pfax rbe Fcbf After reversing the Vignere cipher: IT IS THROUGH THIS PILGRIMAGE THAT WE SHAPE OURSELVES AND OUR REALITIES. JOURNEY DEEP WITHIN AND YOU WILL ARRIVE OUTSIDE. LIKE THE INSTAR, IT IS ONLY THROUGH GOING WITHIN THAT WE MAY EMERGE: WISDOM: YOU ARE A BEING UNTO YOURSELF. YOU ARE A LAW UNTO YOURSELF. EACH INTELLIGENCE IS HOLY. FOR ALL THAT LIVES IS HOLY. The red footer of that page reads :AN INSTRUCTION: COMMAND YOUR OWN SELF : Back to the server page: Fourteen minutes after the status page update containing the two above images, on January 11 at 10:22 UTC the status page changed once again: https://infotomb.com/hw0l5.txt The first image from the previous update remained intact in the new string. However, the data of the second was replaced almost entirely with different hexademical. Attempting to render it as a JPG yields a corrupt and incomplete image. Outguessed Image Solved The runes in the small outguessed image obtained from the first new page were also encoded with a Vignere cipher. Using the key is 'welcome pilgrim to the' we obtained the Vignere offsets 22, 11, 9, 24, 26, 10, 11, 16, 19, 9, 23, 25, 19, 10, 13, 26, 27, 11 and using these offsets to decode the original runetext we obtained A U O W Y F X L 5 L C S F J 3 N O N IA N which formatted as a hidden service address yields avowyfgl5lkzfj3n.onion Lel Small image cleartext illustration Add a photo to this gallery The Fourth Onion This onion has since been taken offline. Upon visiting the fourth onion we were greeted with the following document: </head><body><!--3301--> bf1d5574ca36efd524e6c34c26cbd628b19aa835aceb94ea7f2ca7f33d1b8f51476bc597d4bf9ad5111d8f39ef5351b3b090bce47f023002fe69928e79f6f8147f6fe051f2f159041f932f5190308d7441fc3cecead0851662d3217485827e640a4183fa5bc8cef5ff7d1473d2746a37fbc8b94318ff0d3aeb467017c0ea5cb33b3e6967453986e1450b35ad47861f679cf7db5a6c170bcfb67544983ec1e36b27ee8c5721da39d27dbfa0cdc15ba3cbaa425e8a8b96b81ab665f3ebc41563a0e9270695d3d68887cfab2c07b290718307f764afba684b17fcfd71323f64206e5fa378b4ee89e80885733080065dd34a5c838898906b8d43de9f1d8eb6922bad <hr> <address>Apache Server at 127.0.0.1 Port 5243</address> </body> </html> This string is 512 characters (256 bytes).]2014 recruitment puzzles

[Magda Hassan]

Updates

The Beginning The Twitter Image In early January 2014, people gathered together to wait for the next signs of life from Cicada 3301. After several attempts to mislead solvers, eventually, a genuine message from cicada was found. On January 6th, the twitter used by cicada in 2013 was re-examined; after being in active for about a year, it featured a tweet linking to an image on imgur.In line with earlier rounds, this image contained a message, which can be recovered using the program outguess. Executingoutguess -r zN4h51m.jpg zN4h51m_output on a linux machine returns this message.Unlike any previous attempts by the numerous distractors, the authenticity of this message was established by verifying its PGP signature. It contains a valid signature for the PGP key used by cicada in the past.The Book Cipher The message looked like a book cipher - and indeed, book ciphers have been used by cicada in the past. The community quickly found the book in question - Self-Reliance and Other Essays by Ralph Waldo Emerson.To illustrate how to solve this, let us take the first line of the message:1:2:3:1 This references the first paragaph of the text, the second sentence, of which the third word and finally the first letter. To make a long story short, this returns &quot;always&quot; - the first character is 'a'. Following this scheme (with the exception being the sole number &quot;3&quot; in the cipher referencing the third character, an l in the authors name) and appending the vertically spelled &quot;.onion&quot; to the result, we finally come up with this: auqgnxjtvdbll3pv.onion The resulting onion domain was quickly investigated.The First Onion This onion has since gone offline.The William Blake Collage The onion domain featured this image, which is a collage of at least one painting by William Blake.Following the usual procedure for investigating images, it was noticed that this image contains a message, again, extractable by outguess. This message in its entirety can be found here. The following is its content, omitting the PGP header and signature:e = 65537 n = 75579125746085351644267182920580212556413102071876330957950694457000592\ 10248050757270234679993673844203148013173091173786572116639 - -----BEGIN COMPRESSED RSA ENCRYPTED MESSAGE----- Version: 1.99 Scheme: Crypt::RSA::ES::OAEPeJwBswBM/zEwADE2MgBDeXBoZXJ0ZXh0LE2jxJS1EzMc80kOK+hra1GKnXgQKQgVitIy8NgA7kxn 2u8jNQDvlu0uymNNiu6XVCCn66axGH0IZ9w4Af3K/yRgjObsfA1Q7QqpXNALJ9FFPgYl5rh07cBP M9kbSH6DynU/5cYgQod2KymjWcIvKx3FkjV4UOGakDnBf1eQp1uwvn3KxDVwTyzPqbMnZvOA06Ec AfKtyz1hEK/UBXkeMeVrnV5SQQ== =yTUshDMKN65aPaKAR0OU8g== - -----END COMPRESSED RSA ENCRYPTED MESSAGE----- The message can be seperated into two parts. The first part, spanning the first 3 rows, declares two values, an N and an e. The next part, hugged by &quot;BEGIN COMPRESSED RSA ENCRYPTED MESSAGE&quot;, contains information about an encryption scheme, also called a chiffre, as well as data encoded in base64. Base64 is a scheme to encode unprintable bytes into printable characters.The Scheme line tells us that the following message is encrypted using the cipher RSA. The next step was clear: decrypt the message. To do that, we needed something we didn't have: the private key. A brief explanation is in order.A Brief Overview of RSA RSA is a moderately complex cipher to understand; Numberphile provides a good introduction to the topic. Its main advantage is that, as a public key encryption scheme, it allows sharing of encryption keys without transmitting the key in plaintext or agreeing on a key in advance. Public key cryptography solves the problem of how two parties can communicate securely without a pre-existing secure channel of communication.In RSA, N and e are variables commonly used in the mathematical aspects of the cipher. In fact, they constitute the public key. The public and private keys are mathematically related. Without going too much into detail, they both are related to N. N is the product of two large primes, called p and q. If an attacker manages to factor N, which is publicly available, into its two prime factors p and q, then it becomes trivial to calculate the corresponding private key.In reality, factoring large integers that have only two prime factors is a computationally hard problem . In RSA, an N with 2048 or 4096 bits is typically used as the large size provides enough complexity to make the factorization of p and q computationally infeasible in the short term.Finding the Private Key (or, Brute Forcing RSA) To our luck, the N used to encrypt the message was far smaller than 2048 or 4096 bits. The N we were given was 432 bits (130 decimal digits) long.The solving community exhausted a lot of options in an attempt to find the private key. They searched for suspicious information in the data provided until that point, investigated images, brainstormed correlations, followed connections and so forth. As time went on and nothing was discovered, the solvers began to discuss the worst case scenario: finding p and q via brute computational force.After a while it was agreed that a parallelized approach would render the best results, as a breakthrough in finding the hidden data would not impede on factorizing the number and vice versa. So a small group of people banded together to think about the most effective way to share their computing power in order to factor N. It was decided that a distributed approach would be the only feasible option, since even a slightly less complex N than the ones used today is a lot of work for a single processor. Distributing the workload however could achieve results in way less time, and the community was eager to help. We quickly agreed on cado-nfs, a program that did everything we could ever ask for. To make a long story short: after about 8 hours of debugging, fixing, patching and testing as well as additional 9 hours of distributively working on the prime, the results were in:p = 97513779050322159297664671238670850085661086043266591739338007321 q = 77506098606928780021829964781695212837195959082370473820509360759 These individuals successfully brute forced a 432-bit RSA key. Make no mistake -- this is an incredible feat for a group of people spread across the world with consumer-grade hardware. At this point, the writer would like to take a moment to express their gratitude for the people participating in this effort. Without the people donating their time, efforts and resources, this would have taken a lot longer than originally anticipated. Also, a special thanks needs to go to the people who managed the servers, especially the one unnamed person who rented a server from Amazon to complete the last, locally computed phase of the calculation. With all words of thanks being said, let's continue.Putting The Private Key To Use Now that we have the information, we have to make something out of it. To make sure we do it right, it would be wise to simply do what cicada did to encrypt the message and reverse it. We also have a clue for this in the outguessed message. The lineScheme: Crypt::RSA::ES::OAEP contains a dead giveaway. The programming language Perl uses double colons to achieve modulization, therefore, we can safely conclude that Perl was used to encrypt this message. To, again, shorten a long story, a program to decrypt the message can be found here.The Second Onion This onion has since gone offline.The Growing String After the successful decryption of the RSA message, we had a single resource:cu343l33nqaekrnw.onion This is the address of a Tor Hidden Service. Upon visiting the service, the following document was displayed: <!--Patience is a virtue--> 634292ba49fe336edada779a34054a335c2ec12c8bbaed4b92dcc05efe98f76abffdc2389bdb9de2cf20c009acdc1945ab095a52609a5c219afd5f3b3edf10fcb25950666dfe8d8c433cd10c0b4c72efdfe12c6270d5cfde291f9cf0d73cb1211140136e4057380c963d70c76948d9cf6775960cf98fbafa435c44015c5959837a0f8d9f46e094f27c5797b7f8ab49bf28fa674d2ad2f726e197839956921dab29724cd48e1a81fc9bab3565f7513e3e368cd0327b47cf595afebb78d6b5bca92ba021cd6734f4362a0b341f359157173b53d49ea5dff5889d2c9de6b0d7e8c615286ce596bfa83f50b6eeabd153aaf50cd75f39929ba11fb0f8e8d611442846The page appeared to be static. However, after some time, we noticed that the string was slowly growing. Every few minutes, two characters were appended to the end of the string. This process continued for approximately 23 hours. The time intervals between new bytes were found to be multiples of five. Various users recorded the minutes between updates, the time that they occurred, and the data appended at those times.http://pastebin.com/5bTLHqCNhttp://imgur.com/lTRRxTThttp://pastebin.com/qn8jmPJr (GMT +1)http://i.imgur.com/prAeqPS.pngThe above datasets are most likely not complete, and no guarantee of accuracy is made.After 23 hours, the process stopped and no more characters/bytes were appended to the string. The final string was:634292ba49fe336edada779a34054a335c2ec12c8bbaed4b92dcc05efe98f76abffdc2389bdb9de2cf20c009acdc1945ab095a52609a5c219afd5f3b3edf10fcb25950666dfe8d8c433cd10c0b4c72efdfe12c6270d5cfde291f9cf0d73cb1211140136e4057380c963d70c76948d9cf6775960cf98fbafa435c44015c5959837a0f8d9f46e094f27c5797b7f8ab49bf28fa674d2ad2f726e197839956921dab29724cd48e1a81fc9bab3565f7513e3e368cd0327b47cf595afebb78d6b5bca92ba021cd6734f4362a0b341f359157173b53d49ea5dff5889d2c9de6b0d7e8c615286ce596bfa83f50b6eeabd153aaf50cd75f39929ba11fb0f8e8d611442846This string is 512 characters long. We assume it is hexadecimal.However, about an hour after the string finished growing, at approximately 05:31:40 GMT the document changed. The old 512-character code was gone, along with the HTML comment. In its place was the following document:https://infotomb.com/oyfhl.txtWe link to it because it is very large.Note that the HTML comment was changed from<!--Patience is a virtue--> to<!--761--> This is significant. We noticed that, by applying the Gematrius Primus from the 2013 puzzle to the phrase 'Patience is a virtue' and summing the result, one obtains 761. The number is also a palindromic prime.The new string was 3641299 (?) characters long. We noticed that it contained a significant amount of repeated text.Analsysis of this new string revealed that it contained three JPEG image files. This was discovered when we:Converted the string into its binary representation Flipped all the bits (i.e. 0 becomes 1, 1 becomes 0) [Note: this is equivalent to XOR 111111] Looking at that XOR'd binary string, we noticed that the first two bytes were0xFF 0xD8 Wikipedia tells us that these are the first two bytes of a JPEG image. We walked through the data left to right, and later on in the string, we discovered the same byte sequence again. This indicated the presence of more than one JPEG image. We analysed the rest of the string in a similar fashion, and discovered a total of three JPEG images. The third JPEG image was in reverse order, and so had to be un-reversed.For further clarification, the order was this (.... = JPEG data, [ ] = one complete image):[0xFF 0xD8........................][0xFF 0xD8........................][........................0xD8 0xFF]After transforming the bytes into their proper JPEG format (note that you must reverse the byte sequence of the third image before doing this):dd if=onioninvert.bin of=onion1.jpg bs=1 skip=0 count=168876dd if=onioninvert.bin of=onion2.jpg bs=1 skip=168876 count=1476614dd if=onioninvert.bin of=onion3rev.jpg bs=1 skip=1645490 count=175159 we obtained the following three images:Liber primus Liber Primus Intus Intus Runes RunesAdd a photo to this gallery Image Analysis Each of the images contain hidden messages and other information. These were found and analyzed simultaneously. As a result, this section does not proceed in chronological order.Intusoutguess -r intus.jpg out.txt yields https://infotomb.com/esd78.txtLiber Primusoutguess -r liber_primus.jpg out.txt yields https://infotomb.com/hb0ba.txtRunesoutguess -r runes.jpg out.txt yields https://infotomb.com/vmtyf.txtHere we break to explain something:Below are two images. The first image is from 2013's puzzle and was obtained through use of XOR. It was used to solve portions of that year's puzzle. The second was created by puzzle solvers in 2014 and is derived from the first. Here we refer to 2013's image, which was released by Cicada 3301, as 'Gematria Primus 2013'. We refer to 2014's image as 'Gematria Primus 2014'. It is paramount to understand that 2013's image was created by Cicada 3301, while 2014's was created by puzzle solvers and was created from rearranging 2013's image.Gematria primus Gematria Primus 2013 Runes-warning Gematria Primus 2014Add a photo to this gallery We now return to the puzzle. Using the Gematria Primus 2013, the runes in the 'Runes' image become: R NGRAMW JIHEIIAI MAEYW EAAAENYEP JAEAED IXDISEO NGLREO THAEIADMAENG EOAE JI EOAIAI EOIPEO YI DMAENGHICOEI EAEMC THAEIAA EOAIAY IXSIAEIMDI THAEIAA CFY CAE MAEEO ICEEO AEA DLRWI YEP JAEAED AEA YI NICCROEIDAEMEOREMIC NGEYEM IEYIA YI NGAEACC AEA YIEA MIANJIAC EAAEA RHH EC CRDAIC This stumped us for some time. Then, someone created Gematria Primus 2014 by rearranging Gematria Primus 2013. From Gematria Primus 13, take the left block of three columns and stack it on top of the right block of three columns. Then, find the letter you wish to decode. Find the position of that letter in the vertical list, beginning at the top. Take that number and find the character that many characters into the list, from the bottom up. Applying this process to each letter/rune yields (newlines added for readability):A WARNING BELIEVE NOTHING FROM THIS BOOK EXCEPT WHAT YOU KNOW TO BE TRUE TEST THE KNOWLEDGE FIND YOUR TRUTH EXPERIENCE YOUR DEATH DO NOT EDIT OR CHANGE THIS BOOK OR THE MESSAGE CONTAINED WITHIN EITHER THE WORDS OR THEIR NUMBERS FOR ALL IS SACRED By substituting each character for its respective value in Gematria Primus 2013, we noticed that the sum of each line adds up to a prime (emirps marked by *):A WARNINGBELIEVE NOTHING FROM THIS BOOK =757* EXCEPT WHAT YOU KNOW TO BE TRUE= 1009* TEST THE KNOWLEDGE =691 FIND YOUR TRUTH=353* EXPERIENCE YOUR DEATH=769* DO NOT EDIT OR CHANGE THIS BOOK=911* OR THE MESSAGE CONTAINED WITHIN= 1051* EITHER THE WORDS OR THE NUMBERS=859 FOR ALL IS SACRED=677 The 5 Gram Message Shortly after the warning in the previous section was found, it was discovered that by XORing the hexadecimal messages hidden within each of the three images the following message resulted:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1IDGTK UMLOO ARWOE RTHIS UTETL HUTIA TSLLOUIMNI TELNJ 7TFYV OIUAU SNOCO 5JI4M EODZZ Good luck.3301 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)iQIcBAEBAgAGBQJSy23PAAoJEBgfAeV6NQkPeJwP/0IoafJ1SbmhD+KNbL5I2EdH jgPRnZNrKCyMpWFSIw1qs6ujuw6VnW/rfnOD+df4kpzoAwEFfZDcRnBVsvIzOJ31 Txj9jXD22ki/CNRY88NyIzW9fjKs+iOylsa7Tx+6PBb3ndoYNEwnQwLIq3K4S3kQ tgMzE3LiVq2pQwqFNdN+zGqcq7POEs0GmnL1aNpqU+Wrba4gSfoWwQBWUDv3S/s8 vY0hEqhWNd76wphig6hH6OyIaX/t1eYfcsSYhzAE5oKKahGr1E7cX1GBpHCIr1WM ZwNaGVArQAkyEzT++tmF01O9h218CiTUFoBM/Zxyra7vxI2UOYS/pLonuV+eXARY YfPHaZZxfk3bUWXcxioRukFSY2+xNdPfuBIT8rcJqa1kPJOzeZVC/IcwHA2mmG4l 3ltiVcDnQrZgz6Im3/ugFg8bqW12qqZ6XizRP3EXm4EnyhpfKZnXKPLEOvPKCj6j 1kYCrLmGtTTPFx79fZfryGXQIEAmipRbjVS5sVbUCfgmqUagmdU6v9VI53n6+r0J b2amxREA+2MflkEoVJUaLQJ1rKZLFFJ9J17zUaXKMllsDBWXJS4Mb54o2+8bkEcM 3cP+16XV9pf2wZBkJE0AwoXI4L8JEyjNZZcGSLy8BojlAupX3Fg9KKt71XXrm9FD tuBhMYWo/TDz+4UzLB+I =57tj -----END PGP SIGNATURE----- After some trial and error analysis, it was discovered that this ciphertext had been created using a simple column transposition cipher. By arranging the ciphertext into 14 columns like so:0 1 2 3 4 5 6 7 8 9 10 11 12 13 I D G T K U M L O O A R W O E R T H I S U T E T L H U T I A T S L L O U I M N I T E L N J 7 T F Y V O I U A U S N O C O 5 J I 4 M E O D Z Z And reordering the columns like so:2 8 9 1 12 13 11 4 5 7 3 0 6 10 G O O D W O R K U L T I M A T E T R U T H I S T H E U L T I M A T E I L L U S I O N J O I N U S A T F V 7 L Y U C M E O Z Z D 5 J 4 O N I O A message is obtained:GOOD WORK ULTIMATE TRUTH IS THE ULTIMATE ILLUSIONJOIN US AT FV7LYUCMEOZZD5J4ONIO Assuming that the final N was omitted in order to fit the bounds of the column transposition cipher, and applying proper formatting, the following Tor hidden service address is obtained:fv7lyucmeozzd5j4.onion And off we went.The Third Onion This onion has since been taken offline. In this section the puzzle fractures into several directions. The author has chosen not to subdivide this section and instead opts for pure chronological formatting. Events in this section are detailed in the exact order they occurred.The first visitor to this hidden service was greeted with a blank page. The page remained blank for a short time and then changed to the following document:<!--1033--> 87de5b7fa2 As with the RSA onion, the string slowly grew over time, with two new characters (one byte) being added at widely varying intervals. Some timing data was collected for further analysis.In the meantime, a solver ran the tool DirBuster against the hidden service and discovered an apparent misconfiguration of the backend Apache server. The server was leaking a system status page. Whether this was intentional is unknown. However, shortly after the page was discovered, it appears that Cicada was alerted that the status page had been discovered because the content of that page changed. Appended to the end of the server status was yet another very long string. This string was found to contain two image files in a similar ordering as the RSA onion, except that there was some data between them (OOB or Out Of Bounds data):[0xFF 0xD8..............................] [Data in between JPGs] [..............................0xD8 0xFF]After building the first JPG from the hex:xxd -p -r < server-status.hex > server-status.jpg One obtains the image shown below on the left. Doing the same for the reversed copy of the second JPG yields the same image as the first, shown on the right -- except for that OOB data.Onion3 Onion 3 Image Onion3 Onion 3 Image 2Add a photo to this gallery Comparing the first and second images cmp -l server-status.jpg rev.server-status.jpg one obtains the OOB data:a02373230202020202833313020202020213433302020202021333130202020202135313a06363 330202020202939313020202020203331302020202020323330202020202028313a06323230202 020202534323020202020202139302020202025343230202020202632323a08313020202020203 2333020202020203331302020202029393130202020202636333a0135313020202020213331302 02020202134333020202020283331302020202022373230a0a Note that all of these bytes are within the printable range of ASCII characters, and many of them appear to be ASCII for digits (e.g. 0x30, 0x39).Converting this string to binary:xxd -b oob.hex oob.bin and reversing that::xxd -r oob.bin oob-rev.bin we obtain:272 138 341 131 151366 199 130 320 18226 245 91245 22618320 130 199 366151 131 341 138 272 Among other things, this is a magic square whose magic number is -- you guessed it -- 1033.MagicsquareAdd a photo to this gallery For those following along, here's a nice one-liner to get that matrix from the original image:dd if=server-status.jpg bs=1 skip=$((0x00521e4)) count=357 status=noxfer | rev | xxd -p -r With matrix and Gematria Primus 2014 in hand, we began to interpret the runes in the image. The runes in the upper half of the image read:SOME WISDOM THE PRIMES ARE SACRED THE TOTIENT FUNCTION IS SACRED ALL THINGS SHOULD BE ENCRYPTED In the bottom half of the image, the red runes read:KNOW THIS: The table underneath, translated to value form using Gematria Primus 2013, yields:272 138 341 131 151366 199 130 320 18226 245 91245 22618320 130 199 366151 131 341 138 272 which is the exact same matrix found earlier from the OOB data.About a day went by with little activity other than speculation on the meaning of this matrix. Then the string from the main page stopped growing. According the the HTTP header, the final update occurred on January 11 at 01:09:01 GMT. The final document was:<!--1033--> 87de5b7fa26ab85d2256c453e7f5bc3ac7f25ee743297817febd7741ededf07ca0c7e8b1788ea4131441a8f71c63943d8b56aea6a45159e2f59f9a194af23eaabf9de0f3123c041c882d5b7e03e17ac49be67cef29fbc7786e3bda321a176498835f6198ef22e81c30d44281cd217f7a46f58c84dd7b29b941403ecd75c0c735d20266121f875aa8dec28f32fc153b1393e143fc71616945eea3c10d6820bd631cf775cf3c1f27925b4a2da655f783f7616f3359b23cff6fb5cb69bcb745c55dff439f7eb6a4094bd302b65a84360a62f94c8b010250fcc431c190d6ed8cc8a3bfce37dddb24b93f502ad83c5fa21923189d8be7a6127c4105fcf0e5275286f2 The final string was 512 characters (assuming hex, 256 bytes or equivalently 2048 bits). It was observed that this string matched the growing string from the previous onion.Author Note: Past this point recorded information becomes extremely difficult to understand due to an almost unbelievable amount of noobs discovering Uncovering Cicada, and we are unable to retrace these steps due to the pertinent onions being taken offline in quick succession. We have done our best to interpret and verify what we could, and while we present this information in good faith, we are simply unable to provide as firm a guarantee of accuracy as was present in the sections above.On January 11 at 10:07 UTC, the Apache server status page changed once again to display a new hexadecimal string:https://infotomb.com/laqs9.txtThis string contained the following two images in the same style as before[0xFF 0xD8...............] [...............0xD8 0xFF]LiberPrimuspage5 LiberPrimusPage6Add a photo to this gallery First ImageOutguessing the first image yields a signed message:https://infotomb.com/t5uuz.txtThe hex string from that message encodes a JPG image:OutguessfromLiberPrimusPage6Add a photo to this gallery The runes in this image were solved later (read on).Translating the runes from the first image with Gematria Primus yields (Author's Note: we haven't verified this yet):uWGsSfc rSugpWW fwxtclW ym WS tcnF GmXXmmw FpdGXr oW Xmi ff euG SuF yp rF ipF cF Fnw bxmd rXi fpc SSFc rTp fjmo ScwX bFw bWls ry jF r mcTSFtcpw mgS cGpu Sc rew Xpi bybx flir rm cgb yr cfu TpXjwtfW jgb FTffWpT pfax jmepGsosm wSjl wxuT FwmT dyjc sXxoGrmbw rmi dyjc xhuypl jGymfjpSuX wSj dwxu alasmXSx Fm Xmi py Fmuf After some time with trial and error, it was discovered that this ciphertext had been created with a Vignere cipher. Reversing the cipher yields:WELCOME: WELCOME, PILGRIM TO THE GREAT JOURNEYTOWARD THE END OF ALL THINGS. IT IS NOT AN EASY TRIP, BUT FOR THOSE WHOFIND THEIR WAY HERE IT IS A NECESSARY ONE. ALONG THE WAY YOU WILL FIND AN END TO ALLSTRUGGLE AND SUFFERING, YOUR INNOCENCE, YOURILLUSIONS, YOUR CERTAINTY, AND YOUR REALITY. ULTIMATELY, YOU WILL DISCOVER AN END TO SELF. Second ImageOutguessing the second image yields garbage output.The runes on it translate to (Author's Note: we haven't verified this yet):my yS Fxrjse ewn djusxytetm Sry ds neFdX pbunWGjXF jgb pTx pnwwilmF lpbuoWX rXWf rrSjm rmi dyj hlfu juXlTW SjoSrrm umsc WS liFFcl wi lt peup WXpTtb tme ulole Sjp uW lcg WgsXtm bmrTfp wrj rxc G jWQ je ym dyjcFXuf pfa ccW r ujr ambp gpbunWGf nxe ygiWGumtcgWW jF bpwd fyx Fuf Sjp xlTWa lT cyuX ce lFSixTsFhF Tyflcer pfax rbe Fcbf After reversing the Vignere cipher:IT IS THROUGH THIS PILGRIMAGE THAT WE SHAPE OURSELVES AND OUR REALITIES. JOURNEY DEEP WITHIN AND YOU WILL ARRIVE OUTSIDE. LIKE THE INSTAR, IT IS ONLY THROUGH GOING WITHIN THAT WE MAY EMERGE:WISDOM: YOU ARE A BEING UNTO YOURSELF. YOU ARE A LAW UNTO YOURSELF. EACH INTELLIGENCE IS HOLY. FOR ALL THAT LIVES IS HOLY. The red footer of that page reads:AN INSTRUCTION: COMMAND YOUR OWN SELF : Back to the server page:Fourteen minutes after the status page update containing the two above images, on January 11 at 10:22 UTC the status page changed once again:https://infotomb.com/hw0l5.txtThe first image from the previous update remained intact in the new string. However, the data of the second was replaced almost entirely with different hexademical. Attempting to render it as a JPG yields a corrupt and incomplete image.Outguessed Image SolvedThe runes in the small outguessed image obtained from the first new page were also encoded with a Vignere cipher. Using the key is 'welcome pilgrim to the' we obtained the Vignere offsets22, 11, 9, 24, 26, 10, 11, 16, 19, 9, 23, 25, 19, 10, 13, 26, 27, 11 and using these offsets to decode the original runetext we obtainedA U O W Y F X L 5 L C S F J 3 N O N IA N which formatted as a hidden service address yieldsavowyfgl5lkzfj3n.onion Lel Small image cleartext illustrationAdd a photo to this gallery The Fourth Onion This onion has since been taken offline.Upon visiting the fourth onion we were greeted with the following document:</head><body><!--3301--> bf1d5574ca36efd524e6c34c26cbd628b19aa835aceb94ea7f2ca7f33d1b8f51476bc597d4bf9ad5111d8f39ef5351b3b090bce47f023002fe69928e79f6f8147f6fe051f2f159041f932f5190308d7441fc3cecead0851662d3217485827e640a4183fa5bc8cef5ff7d1473d2746a37fbc8b94318ff0d3aeb467017c0ea5cb33b3e6967453986e1450b35ad47861f679cf7db5a6c170bcfb67544983ec1e36b27ee8c5721da39d27dbfa0cdc15ba3cbaa425e8a8b96b81ab665f3ebc41563a0e9270695d3d68887cfab2c07b290718307f764afba684b17fcfd71323f64206e5fa378b4ee89e80885733080065dd34a5c838898906b8d43de9f1d8eb6922bad <hr> <address>Apache Server at 127.0.0.1 Port 5243</address> </body> </html> This string is 512 characters (256 bytes).]2014 recruitment puzzles

This link doesn't work for me.

[Magda Hassan]

Updates

The Beginning The Twitter Image In early January 2014, people gathered together to wait for the next signs of life from Cicada 3301. After several attempts to mislead solvers, eventually, a genuine message from cicada was found. On January 6th, the twitter used by cicada in 2013 was re-examined; after being in active for about a year, it featured a tweet linking to an image on imgur.In line with earlier rounds, this image contained a message, which can be recovered using the program outguess. Executingoutguess -r zN4h51m.jpg zN4h51m_output on a linux machine returns this message.Unlike any previous attempts by the numerous distractors, the authenticity of this message was established by verifying its PGP signature. It contains a valid signature for the PGP key used by cicada in the past.The Book Cipher The message looked like a book cipher - and indeed, book ciphers have been used by cicada in the past. The community quickly found the book in question - Self-Reliance and Other Essays by Ralph Waldo Emerson.To illustrate how to solve this, let us take the first line of the message:1:2:3:1 This references the first paragaph of the text, the second sentence, of which the third word and finally the first letter. To make a long story short, this returns &quot;always&quot; - the first character is 'a'. Following this scheme (with the exception being the sole number &quot;3&quot; in the cipher referencing the third character, an l in the authors name) and appending the vertically spelled &quot;.onion&quot; to the result, we finally come up with this: auqgnxjtvdbll3pv.onion The resulting onion domain was quickly investigated.The First Onion This onion has since gone offline.The William Blake Collage The onion domain featured this image, which is a collage of at least one painting by William Blake.Following the usual procedure for investigating images, it was noticed that this image contains a message, again, extractable by outguess. This message in its entirety can be found here. The following is its content, omitting the PGP header and signature:e = 65537 n = 75579125746085351644267182920580212556413102071876330957950694457000592\ 10248050757270234679993673844203148013173091173786572116639 - -----BEGIN COMPRESSED RSA ENCRYPTED MESSAGE----- Version: 1.99 Scheme: Crypt::RSA::ES::OAEPeJwBswBM/zEwADE2MgBDeXBoZXJ0ZXh0LE2jxJS1EzMc80kOK+hra1GKnXgQKQgVitIy8NgA7kxn 2u8jNQDvlu0uymNNiu6XVCCn66axGH0IZ9w4Af3K/yRgjObsfA1Q7QqpXNALJ9FFPgYl5rh07cBP M9kbSH6DynU/5cYgQod2KymjWcIvKx3FkjV4UOGakDnBf1eQp1uwvn3KxDVwTyzPqbMnZvOA06Ec AfKtyz1hEK/UBXkeMeVrnV5SQQ== =yTUshDMKN65aPaKAR0OU8g== - -----END COMPRESSED RSA ENCRYPTED MESSAGE----- The message can be seperated into two parts. The first part, spanning the first 3 rows, declares two values, an N and an e. The next part, hugged by &quot;BEGIN COMPRESSED RSA ENCRYPTED MESSAGE&quot;, contains information about an encryption scheme, also called a chiffre, as well as data encoded in base64. Base64 is a scheme to encode unprintable bytes into printable characters.The Scheme line tells us that the following message is encrypted using the cipher RSA. The next step was clear: decrypt the message. To do that, we needed something we didn't have: the private key. A brief explanation is in order.A Brief Overview of RSA RSA is a moderately complex cipher to understand; Numberphile provides a good introduction to the topic. Its main advantage is that, as a public key encryption scheme, it allows sharing of encryption keys without transmitting the key in plaintext or agreeing on a key in advance. Public key cryptography solves the problem of how two parties can communicate securely without a pre-existing secure channel of communication.In RSA, N and e are variables commonly used in the mathematical aspects of the cipher. In fact, they constitute the public key. The public and private keys are mathematically related. Without going too much into detail, they both are related to N. N is the product of two large primes, called p and q. If an attacker manages to factor N, which is publicly available, into its two prime factors p and q, then it becomes trivial to calculate the corresponding private key.In reality, factoring large integers that have only two prime factors is a computationally hard problem . In RSA, an N with 2048 or 4096 bits is typically used as the large size provides enough complexity to make the factorization of p and q computationally infeasible in the short term.Finding the Private Key (or, Brute Forcing RSA) To our luck, the N used to encrypt the message was far smaller than 2048 or 4096 bits. The N we were given was 432 bits (130 decimal digits) long.The solving community exhausted a lot of options in an attempt to find the private key. They searched for suspicious information in the data provided until that point, investigated images, brainstormed correlations, followed connections and so forth. As time went on and nothing was discovered, the solvers began to discuss the worst case scenario: finding p and q via brute computational force.After a while it was agreed that a parallelized approach would render the best results, as a breakthrough in finding the hidden data would not impede on factorizing the number and vice versa. So a small group of people banded together to think about the most effective way to share their computing power in order to factor N. It was decided that a distributed approach would be the only feasible option, since even a slightly less complex N than the ones used today is a lot of work for a single processor. Distributing the workload however could achieve results in way less time, and the community was eager to help. We quickly agreed on cado-nfs, a program that did everything we could ever ask for. To make a long story short: after about 8 hours of debugging, fixing, patching and testing as well as additional 9 hours of distributively working on the prime, the results were in:p = 97513779050322159297664671238670850085661086043266591739338007321 q = 77506098606928780021829964781695212837195959082370473820509360759 These individuals successfully brute forced a 432-bit RSA key. Make no mistake -- this is an incredible feat for a group of people spread across the world with consumer-grade hardware. At this point, the writer would like to take a moment to express their gratitude for the people participating in this effort. Without the people donating their time, efforts and resources, this would have taken a lot longer than originally anticipated. Also, a special thanks needs to go to the people who managed the servers, especially the one unnamed person who rented a server from Amazon to complete the last, locally computed phase of the calculation. With all words of thanks being said, let's continue.Putting The Private Key To Use Now that we have the information, we have to make something out of it. To make sure we do it right, it would be wise to simply do what cicada did to encrypt the message and reverse it. We also have a clue for this in the outguessed message. The lineScheme: Crypt::RSA::ES::OAEP contains a dead giveaway. The programming language Perl uses double colons to achieve modulization, therefore, we can safely conclude that Perl was used to encrypt this message. To, again, shorten a long story, a program to decrypt the message can be found here.The Second Onion This onion has since gone offline.The Growing String After the successful decryption of the RSA message, we had a single resource:cu343l33nqaekrnw.onion This is the address of a Tor Hidden Service. Upon visiting the service, the following document was displayed: <!--Patience is a virtue--> 634292ba49fe336edada779a34054a335c2ec12c8bbaed4b92dcc05efe98f76abffdc2389bdb9de2cf20c009acdc1945ab095a52609a5c219afd5f3b3edf10fcb25950666dfe8d8c433cd10c0b4c72efdfe12c6270d5cfde291f9cf0d73cb1211140136e4057380c963d70c76948d9cf6775960cf98fbafa435c44015c5959837a0f8d9f46e094f27c5797b7f8ab49bf28fa674d2ad2f726e197839956921dab29724cd48e1a81fc9bab3565f7513e3e368cd0327b47cf595afebb78d6b5bca92ba021cd6734f4362a0b341f359157173b53d49ea5dff5889d2c9de6b0d7e8c615286ce596bfa83f50b6eeabd153aaf50cd75f39929ba11fb0f8e8d611442846The page appeared to be static. However, after some time, we noticed that the string was slowly growing. Every few minutes, two characters were appended to the end of the string. This process continued for approximately 23 hours. The time intervals between new bytes were found to be multiples of five. Various users recorded the minutes between updates, the time that they occurred, and the data appended at those times.http://pastebin.com/5bTLHqCNhttp://imgur.com/lTRRxTThttp://pastebin.com/qn8jmPJr (GMT +1)http://i.imgur.com/prAeqPS.pngThe above datasets are most likely not complete, and no guarantee of accuracy is made.After 23 hours, the process stopped and no more characters/bytes were appended to the string. The final string was:634292ba49fe336edada779a34054a335c2ec12c8bbaed4b92dcc05efe98f76abffdc2389bdb9de2cf20c009acdc1945ab095a52609a5c219afd5f3b3edf10fcb25950666dfe8d8c433cd10c0b4c72efdfe12c6270d5cfde291f9cf0d73cb1211140136e4057380c963d70c76948d9cf6775960cf98fbafa435c44015c5959837a0f8d9f46e094f27c5797b7f8ab49bf28fa674d2ad2f726e197839956921dab29724cd48e1a81fc9bab3565f7513e3e368cd0327b47cf595afebb78d6b5bca92ba021cd6734f4362a0b341f359157173b53d49ea5dff5889d2c9de6b0d7e8c615286ce596bfa83f50b6eeabd153aaf50cd75f39929ba11fb0f8e8d611442846This string is 512 characters long. We assume it is hexadecimal.However, about an hour after the string finished growing, at approximately 05:31:40 GMT the document changed. The old 512-character code was gone, along with the HTML comment. In its place was the following document:https://infotomb.com/oyfhl.txtWe link to it because it is very large.Note that the HTML comment was changed from<!--Patience is a virtue--> to<!--761--> This is significant. We noticed that, by applying the Gematrius Primus from the 2013 puzzle to the phrase 'Patience is a virtue' and summing the result, one obtains 761. The number is also a palindromic prime.The new string was 3641299 (?) characters long. We noticed that it contained a significant amount of repeated text.Analsysis of this new string revealed that it contained three JPEG image files. This was discovered when we:Converted the string into its binary representation Flipped all the bits (i.e. 0 becomes 1, 1 becomes 0) [Note: this is equivalent to XOR 111111] Looking at that XOR'd binary string, we noticed that the first two bytes were0xFF 0xD8 Wikipedia tells us that these are the first two bytes of a JPEG image. We walked through the data left to right, and later on in the string, we discovered the same byte sequence again. This indicated the presence of more than one JPEG image. We analysed the rest of the string in a similar fashion, and discovered a total of three JPEG images. The third JPEG image was in reverse order, and so had to be un-reversed.For further clarification, the order was this (.... = JPEG data, [ ] = one complete image):[0xFF 0xD8........................][0xFF 0xD8........................][........................0xD8 0xFF]After transforming the bytes into their proper JPEG format (note that you must reverse the byte sequence of the third image before doing this):dd if=onioninvert.bin of=onion1.jpg bs=1 skip=0 count=168876dd if=onioninvert.bin of=onion2.jpg bs=1 skip=168876 count=1476614dd if=onioninvert.bin of=onion3rev.jpg bs=1 skip=1645490 count=175159 we obtained the following three images:Liber primus Liber Primus Intus Intus Runes RunesAdd a photo to this gallery Image Analysis Each of the images contain hidden messages and other information. These were found and analyzed simultaneously. As a result, this section does not proceed in chronological order.Intusoutguess -r intus.jpg out.txt yields https://infotomb.com/esd78.txtLiber Primusoutguess -r liber_primus.jpg out.txt yields https://infotomb.com/hb0ba.txtRunesoutguess -r runes.jpg out.txt yields https://infotomb.com/vmtyf.txtHere we break to explain something:Below are two images. The first image is from 2013's puzzle and was obtained through use of XOR. It was used to solve portions of that year's puzzle. The second was created by puzzle solvers in 2014 and is derived from the first. Here we refer to 2013's image, which was released by Cicada 3301, as 'Gematria Primus 2013'. We refer to 2014's image as 'Gematria Primus 2014'. It is paramount to understand that 2013's image was created by Cicada 3301, while 2014's was created by puzzle solvers and was created from rearranging 2013's image.Gematria primus Gematria Primus 2013 Runes-warning Gematria Primus 2014Add a photo to this gallery We now return to the puzzle. Using the Gematria Primus 2013, the runes in the 'Runes' image become: R NGRAMW JIHEIIAI MAEYW EAAAENYEP JAEAED IXDISEO NGLREO THAEIADMAENG EOAE JI EOAIAI EOIPEO YI DMAENGHICOEI EAEMC THAEIAA EOAIAY IXSIAEIMDI THAEIAA CFY CAE MAEEO ICEEO AEA DLRWI YEP JAEAED AEA YI NICCROEIDAEMEOREMIC NGEYEM IEYIA YI NGAEACC AEA YIEA MIANJIAC EAAEA RHH EC CRDAIC This stumped us for some time. Then, someone created Gematria Primus 2014 by rearranging Gematria Primus 2013. From Gematria Primus 13, take the left block of three columns and stack it on top of the right block of three columns. Then, find the letter you wish to decode. Find the position of that letter in the vertical list, beginning at the top. Take that number and find the character that many characters into the list, from the bottom up. Applying this process to each letter/rune yields (newlines added for readability):A WARNING BELIEVE NOTHING FROM THIS BOOK EXCEPT WHAT YOU KNOW TO BE TRUE TEST THE KNOWLEDGE FIND YOUR TRUTH EXPERIENCE YOUR DEATH DO NOT EDIT OR CHANGE THIS BOOK OR THE MESSAGE CONTAINED WITHIN EITHER THE WORDS OR THEIR NUMBERS FOR ALL IS SACRED By substituting each character for its respective value in Gematria Primus 2013, we noticed that the sum of each line adds up to a prime (emirps marked by *):A WARNINGBELIEVE NOTHING FROM THIS BOOK =757* EXCEPT WHAT YOU KNOW TO BE TRUE= 1009* TEST THE KNOWLEDGE =691 FIND YOUR TRUTH=353* EXPERIENCE YOUR DEATH=769* DO NOT EDIT OR CHANGE THIS BOOK=911* OR THE MESSAGE CONTAINED WITHIN= 1051* EITHER THE WORDS OR THE NUMBERS=859 FOR ALL IS SACRED=677 The 5 Gram Message Shortly after the warning in the previous section was found, it was discovered that by XORing the hexadecimal messages hidden within each of the three images the following message resulted:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1IDGTK UMLOO ARWOE RTHIS UTETL HUTIA TSLLOUIMNI TELNJ 7TFYV OIUAU SNOCO 5JI4M EODZZ Good luck.3301 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)iQIcBAEBAgAGBQJSy23PAAoJEBgfAeV6NQkPeJwP/0IoafJ1SbmhD+KNbL5I2EdH jgPRnZNrKCyMpWFSIw1qs6ujuw6VnW/rfnOD+df4kpzoAwEFfZDcRnBVsvIzOJ31 Txj9jXD22ki/CNRY88NyIzW9fjKs+iOylsa7Tx+6PBb3ndoYNEwnQwLIq3K4S3kQ tgMzE3LiVq2pQwqFNdN+zGqcq7POEs0GmnL1aNpqU+Wrba4gSfoWwQBWUDv3S/s8 vY0hEqhWNd76wphig6hH6OyIaX/t1eYfcsSYhzAE5oKKahGr1E7cX1GBpHCIr1WM ZwNaGVArQAkyEzT++tmF01O9h218CiTUFoBM/Zxyra7vxI2UOYS/pLonuV+eXARY YfPHaZZxfk3bUWXcxioRukFSY2+xNdPfuBIT8rcJqa1kPJOzeZVC/IcwHA2mmG4l 3ltiVcDnQrZgz6Im3/ugFg8bqW12qqZ6XizRP3EXm4EnyhpfKZnXKPLEOvPKCj6j 1kYCrLmGtTTPFx79fZfryGXQIEAmipRbjVS5sVbUCfgmqUagmdU6v9VI53n6+r0J b2amxREA+2MflkEoVJUaLQJ1rKZLFFJ9J17zUaXKMllsDBWXJS4Mb54o2+8bkEcM 3cP+16XV9pf2wZBkJE0AwoXI4L8JEyjNZZcGSLy8BojlAupX3Fg9KKt71XXrm9FD tuBhMYWo/TDz+4UzLB+I =57tj -----END PGP SIGNATURE----- After some trial and error analysis, it was discovered that this ciphertext had been created using a simple column transposition cipher. By arranging the ciphertext into 14 columns like so:012345678910111213 IDGTKUMLOOARWO ERTHISUTETLHUT IATSLLOUIMNITE LNJ7TFYVOIUAUS NOCO5JI4MEODZZ And reordering the columns like so:289112131145730610 GOODWORKULTIMA TETRUTHISTHEUL TIMATEILLUSION JOINUSATFV7LYU CMEOZZD5J4ONIO A message is obtained:GOOD WORK ULTIMATE TRUTH IS THE ULTIMATE ILLUSIONJOIN US AT FV7LYUCMEOZZD5J4ONIO Assuming that the final N was omitted in order to fit the bounds of the column transposition cipher, and applying proper formatting, the following Tor hidden service address is obtained:fv7lyucmeozzd5j4.onion And off we went.The Third Onion This onion has since been taken offline. In this section the puzzle fractures into several directions. The author has chosen not to subdivide this section and instead opts for pure chronological formatting. Events in this section are detailed in the exact order they occurred.The first visitor to this hidden service was greeted with a blank page. The page remained blank for a short time and then changed to the following document:<!--1033--> 87de5b7fa2 As with the RSA onion, the string slowly grew over time, with two new characters (one byte) being added at widely varying intervals. Some timing data was collected for further analysis.In the meantime, a solver ran the tool DirBuster against the hidden service and discovered an apparent misconfiguration of the backend Apache server. The server was leaking a system status page. Whether this was intentional is unknown. However, shortly after the page was discovered, it appears that Cicada was alerted that the status page had been discovered because the content of that page changed. Appended to the end of the server status was yet another very long string. This string was found to contain two image files in a similar ordering as the RSA onion, except that there was some data between them (OOB or Out Of Bounds data):[0xFF 0xD8..............................] [Data in between JPGs] [..............................0xD8 0xFF]After building the first JPG from the hex:xxd -p -r < server-status.hex > server-status.jpg One obtains the image shown below on the left. Doing the same for the reversed copy of the second JPG yields the same image as the first, shown on the right -- except for that OOB data.Onion3 Onion 3 Image Onion3 Onion 3 Image 2Add a photo to this gallery Comparing the first and second images cmp -l server-status.jpg rev.server-status.jpg one obtains the OOB data:a02373230202020202833313020202020213433302020202021333130202020202135313a06363 330202020202939313020202020203331302020202020323330202020202028313a06323230202 020202534323020202020202139302020202025343230202020202632323a08313020202020203 2333020202020203331302020202029393130202020202636333a0135313020202020213331302 02020202134333020202020283331302020202022373230a0a Note that all of these bytes are within the printable range of ASCII characters, and many of them appear to be ASCII for digits (e.g. 0x30, 0x39).Converting this string to binary:xxd -b oob.hex oob.bin and reversing that::xxd -r oob.bin oob-rev.bin we obtain:272 138 341 131 151366 199 130 320 18226 245 91245 22618320 130 199 366151 131 341 138 272 Among other things, this is a magic square whose magic number is -- you guessed it -- 1033.MagicsquareAdd a photo to this gallery For those following along, here's a nice one-liner to get that matrix from the original image:dd if=server-status.jpg bs=1 skip=$((0x00521e4)) count=357 status=noxfer | rev | xxd -p -r With matrix and Gematria Primus 2014 in hand, we began to interpret the runes in the image. The runes in the upper half of the image read:SOME WISDOM THE PRIMES ARE SACRED THE TOTIENT FUNCTION IS SACRED ALL THINGS SHOULD BE ENCRYPTED In the bottom half of the image, the red runes read:KNOW THIS: The table underneath, translated to value form using Gematria Primus 2013, yields:272 138 341 131 151366 199 130 320 18226 245 91245 22618320 130 199 366151 131 341 138 272 which is the exact same matrix found earlier from the OOB data.About a day went by with little activity other than speculation on the meaning of this matrix. Then the string from the main page stopped growing. According the the HTTP header, the final update occurred on January 11 at 01:09:01 GMT. The final document was:<!--1033--> 87de5b7fa26ab85d2256c453e7f5bc3ac7f25ee743297817febd7741ededf07ca0c7e8b1788ea4131441a8f71c63943d8b56aea6a45159e2f59f9a194af23eaabf9de0f3123c041c882d5b7e03e17ac49be67cef29fbc7786e3bda321a176498835f6198ef22e81c30d44281cd217f7a46f58c84dd7b29b941403ecd75c0c735d20266121f875aa8dec28f32fc153b1393e143fc71616945eea3c10d6820bd631cf775cf3c1f27925b4a2da655f783f7616f3359b23cff6fb5cb69bcb745c55dff439f7eb6a4094bd302b65a84360a62f94c8b010250fcc431c190d6ed8cc8a3bfce37dddb24b93f502ad83c5fa21923189d8be7a6127c4105fcf0e5275286f2 The final string was 512 characters (assuming hex, 256 bytes or equivalently 2048 bits). It was observed that this string matched the growing string from the previous onion.Author Note: Past this point recorded information becomes extremely difficult to understand due to an almost unbelievable amount of noobs discovering Uncovering Cicada, and we are unable to retrace these steps due to the pertinent onions being taken offline in quick succession. We have done our best to interpret and verify what we could, and while we present this information in good faith, we are simply unable to provide as firm a guarantee of accuracy as was present in the sections above.On January 11 at 10:07 UTC, the Apache server status page changed once again to display a new hexadecimal string:https://infotomb.com/laqs9.txtThis string contained the following two images in the same style as before[0xFF 0xD8...............] [...............0xD8 0xFF]LiberPrimuspage5 LiberPrimusPage6Add a photo to this gallery First ImageOutguessing the first image yields a signed message:https://infotomb.com/t5uuz.txtThe hex string from that message encodes a JPG image:OutguessfromLiberPrimusPage6Add a photo to this gallery The runes in this image were solved later (read on).Translating the runes from the first image with Gematria Primus yields (Author's Note: we haven't verified this yet):uWGsSfc rSugpWW fwxtclW ym WS tcnF GmXXmmw FpdGXr oW Xmi ff euG SuF yp rF ipF cF Fnw bxmd rXi fpc SSFc rTp fjmo ScwX bFw bWls ry jF r mcTSFtcpw mgS cGpu Sc rew Xpi bybx flir rm cgb yr cfu TpXjwtfW jgb FTffWpT pfax jmepGsosm wSjl wxuT FwmT dyjc sXxoGrmbw rmi dyjc xhuypl jGymfjpSuX wSj dwxu alasmXSx Fm Xmi py Fmuf After some time with trial and error, it was discovered that this ciphertext had been created with a Vignere cipher. Reversing the cipher yields:WELCOME: WELCOME, PILGRIM TO THE GREAT JOURNEYTOWARD THE END OF ALL THINGS. IT IS NOT AN EASY TRIP, BUT FOR THOSE WHOFIND THEIR WAY HERE IT IS A NECESSARY ONE. ALONG THE WAY YOU WILL FIND AN END TO ALLSTRUGGLE AND SUFFERING, YOUR INNOCENCE, YOURILLUSIONS, YOUR CERTAINTY, AND YOUR REALITY. ULTIMATELY, YOU WILL DISCOVER AN END TO SELF. Second ImageOutguessing the second image yields garbage output.The runes on it translate to (Author's Note: we haven't verified this yet):my yS Fxrjse ewn djusxytetm Sry ds neFdX pbunWGjXF jgb pTx pnwwilmF lpbuoWX rXWf rrSjm rmi dyj hlfu juXlTW SjoSrrm umsc WS liFFcl wi lt peup WXpTtb tme ulole Sjp uW lcg WgsXtm bmrTfp wrj rxc G jWQ je ym dyjcFXuf pfa ccW r ujr ambp gpbunWGf nxe ygiWGumtcgWW jF bpwd fyx Fuf Sjp xlTWa lT cyuX ce lFSixTsFhF Tyflcer pfax rbe Fcbf After reversing the Vignere cipher:IT IS THROUGH THIS PILGRIMAGE THAT WE SHAPE OURSELVES AND OUR REALITIES. JOURNEY DEEP WITHIN AND YOU WILL ARRIVE OUTSIDE. LIKE THE INSTAR, IT IS ONLY THROUGH GOING WITHIN THAT WE MAY EMERGE:WISDOM: YOU ARE A BEING UNTO YOURSELF. YOU ARE A LAW UNTO YOURSELF. EACH INTELLIGENCE IS HOLY. FOR ALL THAT LIVES IS HOLY. The red footer of that page reads:AN INSTRUCTION: COMMAND YOUR OWN SELF : Back to the server page:Fourteen minutes after the status page update containing the two above images, on January 11 at 10:22 UTC the status page changed once again:https://infotomb.com/hw0l5.txtThe first image from the previous update remained intact in the new string. However, the data of the second was replaced almost entirely with different hexademical. Attempting to render it as a JPG yields a corrupt and incomplete image.Outguessed Image SolvedThe runes in the small outguessed image obtained from the first new page were also encoded with a Vignere cipher. Using the key is 'welcome pilgrim to the' we obtained the Vignere offsets22, 11, 9, 24, 26, 10, 11, 16, 19, 9, 23, 25, 19, 10, 13, 26, 27, 11 and using these offsets to decode the original runetext we obtainedA U O W Y F X L 5 L C S F J 3 N O N IA N which formatted as a hidden service address yieldsavowyfgl5lkzfj3n.onion Lel Small image cleartext illustrationAdd a photo to this gallery The Fourth Onion This onion has since been taken offline.Upon visiting the fourth onion we were greeted with the following document:</head><body><!--3301--> bf1d5574ca36efd524e6c34c26cbd628b19aa835aceb94ea7f2ca7f33d1b8f51476bc597d4bf9ad5111d8f39ef5351b3b090bce47f023002fe69928e79f6f8147f6fe051f2f159041f932f5190308d7441fc3cecead0851662d3217485827e640a4183fa5bc8cef5ff7d1473d2746a37fbc8b94318ff0d3aeb467017c0ea5cb33b3e6967453986e1450b35ad47861f679cf7db5a6c170bcfb67544983ec1e36b27ee8c5721da39d27dbfa0cdc15ba3cbaa425e8a8b96b81ab665f3ebc41563a0e9270695d3d68887cfab2c07b290718307f764afba684b17fcfd71323f64206e5fa378b4ee89e80885733080065dd34a5c838898906b8d43de9f1d8eb6922bad <hr> <address>Apache Server at 127.0.0.1 Port 5243</address> </body> </html> This string is 512 characters (256 bytes).]2014 recruitment puzzles

This link doesn't work for me.

Is this the one?
http://the-cicada-puzzles.wikia.com/wiki...ent_Puzzle

[David Guyatt]

Updates

The Beginning The Twitter Image In early January 2014, people gathered together to wait for the next signs of life from Cicada 3301. After several attempts to mislead solvers, eventually, a genuine message from cicada was found. On January 6th, the twitter used by cicada in 2013 was re-examined; after being in active for about a year, it featured a tweet linking to an image on imgur.In line with earlier rounds, this image contained a message, which can be recovered using the program outguess. Executingoutguess -r zN4h51m.jpg zN4h51m_output on a linux machine returns this message.Unlike any previous attempts by the numerous distractors, the authenticity of this message was established by verifying its PGP signature. It contains a valid signature for the PGP key used by cicada in the past.The Book Cipher The message looked like a book cipher - and indeed, book ciphers have been used by cicada in the past. The community quickly found the book in question - Self-Reliance and Other Essays by Ralph Waldo Emerson.To illustrate how to solve this, let us take the first line of the message:1:2:3:1 This references the first paragaph of the text, the second sentence, of which the third word and finally the first letter. To make a long story short, this returns &quot;always&quot; - the first character is 'a'. Following this scheme (with the exception being the sole number &quot;3&quot; in the cipher referencing the third character, an l in the authors name) and appending the vertically spelled &quot;.onion&quot; to the result, we finally come up with this: auqgnxjtvdbll3pv.onion The resulting onion domain was quickly investigated.The First Onion This onion has since gone offline.The William Blake Collage The onion domain featured this image, which is a collage of at least one painting by William Blake.Following the usual procedure for investigating images, it was noticed that this image contains a message, again, extractable by outguess. This message in its entirety can be found here. The following is its content, omitting the PGP header and signature:e = 65537 n = 75579125746085351644267182920580212556413102071876330957950694457000592\ 10248050757270234679993673844203148013173091173786572116639 - -----BEGIN COMPRESSED RSA ENCRYPTED MESSAGE----- Version: 1.99 Scheme: Crypt::RSA::ES::OAEPeJwBswBM/zEwADE2MgBDeXBoZXJ0ZXh0LE2jxJS1EzMc80kOK+hra1GKnXgQKQgVitIy8NgA7kxn 2u8jNQDvlu0uymNNiu6XVCCn66axGH0IZ9w4Af3K/yRgjObsfA1Q7QqpXNALJ9FFPgYl5rh07cBP M9kbSH6DynU/5cYgQod2KymjWcIvKx3FkjV4UOGakDnBf1eQp1uwvn3KxDVwTyzPqbMnZvOA06Ec AfKtyz1hEK/UBXkeMeVrnV5SQQ== =yTUshDMKN65aPaKAR0OU8g== - -----END COMPRESSED RSA ENCRYPTED MESSAGE----- The message can be seperated into two parts. The first part, spanning the first 3 rows, declares two values, an N and an e. The next part, hugged by &quot;BEGIN COMPRESSED RSA ENCRYPTED MESSAGE&quot;, contains information about an encryption scheme, also called a chiffre, as well as data encoded in base64. Base64 is a scheme to encode unprintable bytes into printable characters.The Scheme line tells us that the following message is encrypted using the cipher RSA. The next step was clear: decrypt the message. To do that, we needed something we didn't have: the private key. A brief explanation is in order.A Brief Overview of RSA RSA is a moderately complex cipher to understand; Numberphile provides a good introduction to the topic. Its main advantage is that, as a public key encryption scheme, it allows sharing of encryption keys without transmitting the key in plaintext or agreeing on a key in advance. Public key cryptography solves the problem of how two parties can communicate securely without a pre-existing secure channel of communication.In RSA, N and e are variables commonly used in the mathematical aspects of the cipher. In fact, they constitute the public key. The public and private keys are mathematically related. Without going too much into detail, they both are related to N. N is the product of two large primes, called p and q. If an attacker manages to factor N, which is publicly available, into its two prime factors p and q, then it becomes trivial to calculate the corresponding private key.In reality, factoring large integers that have only two prime factors is a computationally hard problem . In RSA, an N with 2048 or 4096 bits is typically used as the large size provides enough complexity to make the factorization of p and q computationally infeasible in the short term.Finding the Private Key (or, Brute Forcing RSA) To our luck, the N used to encrypt the message was far smaller than 2048 or 4096 bits. The N we were given was 432 bits (130 decimal digits) long.The solving community exhausted a lot of options in an attempt to find the private key. They searched for suspicious information in the data provided until that point, investigated images, brainstormed correlations, followed connections and so forth. As time went on and nothing was discovered, the solvers began to discuss the worst case scenario: finding p and q via brute computational force.After a while it was agreed that a parallelized approach would render the best results, as a breakthrough in finding the hidden data would not impede on factorizing the number and vice versa. So a small group of people banded together to think about the most effective way to share their computing power in order to factor N. It was decided that a distributed approach would be the only feasible option, since even a slightly less complex N than the ones used today is a lot of work for a single processor. Distributing the workload however could achieve results in way less time, and the community was eager to help. We quickly agreed on cado-nfs, a program that did everything we could ever ask for. To make a long story short: after about 8 hours of debugging, fixing, patching and testing as well as additional 9 hours of distributively working on the prime, the results were in:p = 97513779050322159297664671238670850085661086043266591739338007321 q = 77506098606928780021829964781695212837195959082370473820509360759 These individuals successfully brute forced a 432-bit RSA key. Make no mistake -- this is an incredible feat for a group of people spread across the world with consumer-grade hardware. At this point, the writer would like to take a moment to express their gratitude for the people participating in this effort. Without the people donating their time, efforts and resources, this would have taken a lot longer than originally anticipated. Also, a special thanks needs to go to the people who managed the servers, especially the one unnamed person who rented a server from Amazon to complete the last, locally computed phase of the calculation. With all words of thanks being said, let's continue.Putting The Private Key To Use Now that we have the information, we have to make something out of it. To make sure we do it right, it would be wise to simply do what cicada did to encrypt the message and reverse it. We also have a clue for this in the outguessed message. The lineScheme: Crypt::RSA::ES::OAEP contains a dead giveaway. The programming language Perl uses double colons to achieve modulization, therefore, we can safely conclude that Perl was used to encrypt this message. To, again, shorten a long story, a program to decrypt the message can be found here.The Second Onion This onion has since gone offline.The Growing String After the successful decryption of the RSA message, we had a single resource:cu343l33nqaekrnw.onion This is the address of a Tor Hidden Service. Upon visiting the service, the following document was displayed: <!--Patience is a virtue--> 634292ba49fe336edada779a34054a335c2ec12c8bbaed4b92dcc05efe98f76abffdc2389bdb9de2cf20c009acdc1945ab095a52609a5c219afd5f3b3edf10fcb25950666dfe8d8c433cd10c0b4c72efdfe12c6270d5cfde291f9cf0d73cb1211140136e4057380c963d70c76948d9cf6775960cf98fbafa435c44015c5959837a0f8d9f46e094f27c5797b7f8ab49bf28fa674d2ad2f726e197839956921dab29724cd48e1a81fc9bab3565f7513e3e368cd0327b47cf595afebb78d6b5bca92ba021cd6734f4362a0b341f359157173b53d49ea5dff5889d2c9de6b0d7e8c615286ce596bfa83f50b6eeabd153aaf50cd75f39929ba11fb0f8e8d611442846The page appeared to be static. However, after some time, we noticed that the string was slowly growing. Every few minutes, two characters were appended to the end of the string. This process continued for approximately 23 hours. The time intervals between new bytes were found to be multiples of five. Various users recorded the minutes between updates, the time that they occurred, and the data appended at those times.http://pastebin.com/5bTLHqCNhttp://imgur.com/lTRRxTThttp://pastebin.com/qn8jmPJr (GMT +1)http://i.imgur.com/prAeqPS.pngThe above datasets are most likely not complete, and no guarantee of accuracy is made.After 23 hours, the process stopped and no more characters/bytes were appended to the string. The final string was:634292ba49fe336edada779a34054a335c2ec12c8bbaed4b92dcc05efe98f76abffdc2389bdb9de2cf20c009acdc1945ab095a52609a5c219afd5f3b3edf10fcb25950666dfe8d8c433cd10c0b4c72efdfe12c6270d5cfde291f9cf0d73cb1211140136e4057380c963d70c76948d9cf6775960cf98fbafa435c44015c5959837a0f8d9f46e094f27c5797b7f8ab49bf28fa674d2ad2f726e197839956921dab29724cd48e1a81fc9bab3565f7513e3e368cd0327b47cf595afebb78d6b5bca92ba021cd6734f4362a0b341f359157173b53d49ea5dff5889d2c9de6b0d7e8c615286ce596bfa83f50b6eeabd153aaf50cd75f39929ba11fb0f8e8d611442846This string is 512 characters long. We assume it is hexadecimal.However, about an hour after the string finished growing, at approximately 05:31:40 GMT the document changed. The old 512-character code was gone, along with the HTML comment. In its place was the following document:https://infotomb.com/oyfhl.txtWe link to it because it is very large.Note that the HTML comment was changed from<!--Patience is a virtue--> to<!--761--> This is significant. We noticed that, by applying the Gematrius Primus from the 2013 puzzle to the phrase 'Patience is a virtue' and summing the result, one obtains 761. The number is also a palindromic prime.The new string was 3641299 (?) characters long. We noticed that it contained a significant amount of repeated text.Analsysis of this new string revealed that it contained three JPEG image files. This was discovered when we:Converted the string into its binary representation Flipped all the bits (i.e. 0 becomes 1, 1 becomes 0) [Note: this is equivalent to XOR 111111] Looking at that XOR'd binary string, we noticed that the first two bytes were0xFF 0xD8 Wikipedia tells us that these are the first two bytes of a JPEG image. We walked through the data left to right, and later on in the string, we discovered the same byte sequence again. This indicated the presence of more than one JPEG image. We analysed the rest of the string in a similar fashion, and discovered a total of three JPEG images. The third JPEG image was in reverse order, and so had to be un-reversed.For further clarification, the order was this (.... = JPEG data, [ ] = one complete image):[0xFF 0xD8........................][0xFF 0xD8........................][........................0xD8 0xFF]After transforming the bytes into their proper JPEG format (note that you must reverse the byte sequence of the third image before doing this):dd if=onioninvert.bin of=onion1.jpg bs=1 skip=0 count=168876dd if=onioninvert.bin of=onion2.jpg bs=1 skip=168876 count=1476614dd if=onioninvert.bin of=onion3rev.jpg bs=1 skip=1645490 count=175159 we obtained the following three images:Liber primus Liber Primus Intus Intus Runes RunesAdd a photo to this gallery Image Analysis Each of the images contain hidden messages and other information. These were found and analyzed simultaneously. As a result, this section does not proceed in chronological order.Intusoutguess -r intus.jpg out.txt yields https://infotomb.com/esd78.txtLiber Primusoutguess -r liber_primus.jpg out.txt yields https://infotomb.com/hb0ba.txtRunesoutguess -r runes.jpg out.txt yields https://infotomb.com/vmtyf.txtHere we break to explain something:Below are two images. The first image is from 2013's puzzle and was obtained through use of XOR. It was used to solve portions of that year's puzzle. The second was created by puzzle solvers in 2014 and is derived from the first. Here we refer to 2013's image, which was released by Cicada 3301, as 'Gematria Primus 2013'. We refer to 2014's image as 'Gematria Primus 2014'. It is paramount to understand that 2013's image was created by Cicada 3301, while 2014's was created by puzzle solvers and was created from rearranging 2013's image.Gematria primus Gematria Primus 2013 Runes-warning Gematria Primus 2014Add a photo to this gallery We now return to the puzzle. Using the Gematria Primus 2013, the runes in the 'Runes' image become: R NGRAMW JIHEIIAI MAEYW EAAAENYEP JAEAED IXDISEO NGLREO THAEIADMAENG EOAE JI EOAIAI EOIPEO YI DMAENGHICOEI EAEMC THAEIAA EOAIAY IXSIAEIMDI THAEIAA CFY CAE MAEEO ICEEO AEA DLRWI YEP JAEAED AEA YI NICCROEIDAEMEOREMIC NGEYEM IEYIA YI NGAEACC AEA YIEA MIANJIAC EAAEA RHH EC CRDAIC This stumped us for some time. Then, someone created Gematria Primus 2014 by rearranging Gematria Primus 2013. From Gematria Primus 13, take the left block of three columns and stack it on top of the right block of three columns. Then, find the letter you wish to decode. Find the position of that letter in the vertical list, beginning at the top. Take that number and find the character that many characters into the list, from the bottom up. Applying this process to each letter/rune yields (newlines added for readability):A WARNING BELIEVE NOTHING FROM THIS BOOK EXCEPT WHAT YOU KNOW TO BE TRUE TEST THE KNOWLEDGE FIND YOUR TRUTH EXPERIENCE YOUR DEATH DO NOT EDIT OR CHANGE THIS BOOK OR THE MESSAGE CONTAINED WITHIN EITHER THE WORDS OR THEIR NUMBERS FOR ALL IS SACRED By substituting each character for its respective value in Gematria Primus 2013, we noticed that the sum of each line adds up to a prime (emirps marked by *):A WARNINGBELIEVE NOTHING FROM THIS BOOK =757* EXCEPT WHAT YOU KNOW TO BE TRUE= 1009* TEST THE KNOWLEDGE =691 FIND YOUR TRUTH=353* EXPERIENCE YOUR DEATH=769* DO NOT EDIT OR CHANGE THIS BOOK=911* OR THE MESSAGE CONTAINED WITHIN= 1051* EITHER THE WORDS OR THE NUMBERS=859 FOR ALL IS SACRED=677 The 5 Gram Message Shortly after the warning in the previous section was found, it was discovered that by XORing the hexadecimal messages hidden within each of the three images the following message resulted:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1IDGTK UMLOO ARWOE RTHIS UTETL HUTIA TSLLOUIMNI TELNJ 7TFYV OIUAU SNOCO 5JI4M EODZZ Good luck.3301 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)iQIcBAEBAgAGBQJSy23PAAoJEBgfAeV6NQkPeJwP/0IoafJ1SbmhD+KNbL5I2EdH jgPRnZNrKCyMpWFSIw1qs6ujuw6VnW/rfnOD+df4kpzoAwEFfZDcRnBVsvIzOJ31 Txj9jXD22ki/CNRY88NyIzW9fjKs+iOylsa7Tx+6PBb3ndoYNEwnQwLIq3K4S3kQ tgMzE3LiVq2pQwqFNdN+zGqcq7POEs0GmnL1aNpqU+Wrba4gSfoWwQBWUDv3S/s8 vY0hEqhWNd76wphig6hH6OyIaX/t1eYfcsSYhzAE5oKKahGr1E7cX1GBpHCIr1WM ZwNaGVArQAkyEzT++tmF01O9h218CiTUFoBM/Zxyra7vxI2UOYS/pLonuV+eXARY YfPHaZZxfk3bUWXcxioRukFSY2+xNdPfuBIT8rcJqa1kPJOzeZVC/IcwHA2mmG4l 3ltiVcDnQrZgz6Im3/ugFg8bqW12qqZ6XizRP3EXm4EnyhpfKZnXKPLEOvPKCj6j 1kYCrLmGtTTPFx79fZfryGXQIEAmipRbjVS5sVbUCfgmqUagmdU6v9VI53n6+r0J b2amxREA+2MflkEoVJUaLQJ1rKZLFFJ9J17zUaXKMllsDBWXJS4Mb54o2+8bkEcM 3cP+16XV9pf2wZBkJE0AwoXI4L8JEyjNZZcGSLy8BojlAupX3Fg9KKt71XXrm9FD tuBhMYWo/TDz+4UzLB+I =57tj -----END PGP SIGNATURE----- After some trial and error analysis, it was discovered that this ciphertext had been created using a simple column transposition cipher. By arranging the ciphertext into 14 columns like so:012345678910111213 IDGTKUMLOOARWO ERTHISUTETLHUT IATSLLOUIMNITE LNJ7TFYVOIUAUS NOCO5JI4MEODZZ And reordering the columns like so:289112131145730610 GOODWORKULTIMA TETRUTHISTHEUL TIMATEILLUSION JOINUSATFV7LYU CMEOZZD5J4ONIO A message is obtained:GOOD WORK ULTIMATE TRUTH IS THE ULTIMATE ILLUSIONJOIN US AT FV7LYUCMEOZZD5J4ONIO Assuming that the final N was omitted in order to fit the bounds of the column transposition cipher, and applying proper formatting, the following Tor hidden service address is obtained:fv7lyucmeozzd5j4.onion And off we went.The Third Onion This onion has since been taken offline. In this section the puzzle fractures into several directions. The author has chosen not to subdivide this section and instead opts for pure chronological formatting. Events in this section are detailed in the exact order they occurred.The first visitor to this hidden service was greeted with a blank page. The page remained blank for a short time and then changed to the following document:<!--1033--> 87de5b7fa2 As with the RSA onion, the string slowly grew over time, with two new characters (one byte) being added at widely varying intervals. Some timing data was collected for further analysis.In the meantime, a solver ran the tool DirBuster against the hidden service and discovered an apparent misconfiguration of the backend Apache server. The server was leaking a system status page. Whether this was intentional is unknown. However, shortly after the page was discovered, it appears that Cicada was alerted that the status page had been discovered because the content of that page changed. Appended to the end of the server status was yet another very long string. This string was found to contain two image files in a similar ordering as the RSA onion, except that there was some data between them (OOB or Out Of Bounds data):[0xFF 0xD8..............................] [Data in between JPGs] [..............................0xD8 0xFF]After building the first JPG from the hex:xxd -p -r < server-status.hex > server-status.jpg One obtains the image shown below on the left. Doing the same for the reversed copy of the second JPG yields the same image as the first, shown on the right -- except for that OOB data.Onion3 Onion 3 Image Onion3 Onion 3 Image 2Add a photo to this gallery Comparing the first and second images cmp -l server-status.jpg rev.server-status.jpg one obtains the OOB data:a02373230202020202833313020202020213433302020202021333130202020202135313a06363 330202020202939313020202020203331302020202020323330202020202028313a06323230202 020202534323020202020202139302020202025343230202020202632323a08313020202020203 2333020202020203331302020202029393130202020202636333a0135313020202020213331302 02020202134333020202020283331302020202022373230a0a Note that all of these bytes are within the printable range of ASCII characters, and many of them appear to be ASCII for digits (e.g. 0x30, 0x39).Converting this string to binary:xxd -b oob.hex oob.bin and reversing that::xxd -r oob.bin oob-rev.bin we obtain:272 138 341 131 151366 199 130 320 18226 245 91245 22618320 130 199 366151 131 341 138 272 Among other things, this is a magic square whose magic number is -- you guessed it -- 1033.MagicsquareAdd a photo to this gallery For those following along, here's a nice one-liner to get that matrix from the original image:dd if=server-status.jpg bs=1 skip=$((0x00521e4)) count=357 status=noxfer | rev | xxd -p -r With matrix and Gematria Primus 2014 in hand, we began to interpret the runes in the image. The runes in the upper half of the image read:SOME WISDOM THE PRIMES ARE SACRED THE TOTIENT FUNCTION IS SACRED ALL THINGS SHOULD BE ENCRYPTED In the bottom half of the image, the red runes read:KNOW THIS: The table underneath, translated to value form using Gematria Primus 2013, yields:272 138 341 131 151366 199 130 320 18226 245 91245 22618320 130 199 366151 131 341 138 272 which is the exact same matrix found earlier from the OOB data.About a day went by with little activity other than speculation on the meaning of this matrix. Then the string from the main page stopped growing. According the the HTTP header, the final update occurred on January 11 at 01:09:01 GMT. The final document was:<!--1033--> 87de5b7fa26ab85d2256c453e7f5bc3ac7f25ee743297817febd7741ededf07ca0c7e8b1788ea4131441a8f71c63943d8b56aea6a45159e2f59f9a194af23eaabf9de0f3123c041c882d5b7e03e17ac49be67cef29fbc7786e3bda321a176498835f6198ef22e81c30d44281cd217f7a46f58c84dd7b29b941403ecd75c0c735d20266121f875aa8dec28f32fc153b1393e143fc71616945eea3c10d6820bd631cf775cf3c1f27925b4a2da655f783f7616f3359b23cff6fb5cb69bcb745c55dff439f7eb6a4094bd302b65a84360a62f94c8b010250fcc431c190d6ed8cc8a3bfce37dddb24b93f502ad83c5fa21923189d8be7a6127c4105fcf0e5275286f2 The final string was 512 characters (assuming hex, 256 bytes or equivalently 2048 bits). It was observed that this string matched the growing string from the previous onion.Author Note: Past this point recorded information becomes extremely difficult to understand due to an almost unbelievable amount of noobs discovering Uncovering Cicada, and we are unable to retrace these steps due to the pertinent onions being taken offline in quick succession. We have done our best to interpret and verify what we could, and while we present this information in good faith, we are simply unable to provide as firm a guarantee of accuracy as was present in the sections above.On January 11 at 10:07 UTC, the Apache server status page changed once again to display a new hexadecimal string:https://infotomb.com/laqs9.txtThis string contained the following two images in the same style as before[0xFF 0xD8...............] [...............0xD8 0xFF]LiberPrimuspage5 LiberPrimusPage6Add a photo to this gallery First ImageOutguessing the first image yields a signed message:https://infotomb.com/t5uuz.txtThe hex string from that message encodes a JPG image:OutguessfromLiberPrimusPage6Add a photo to this gallery The runes in this image were solved later (read on).Translating the runes from the first image with Gematria Primus yields (Author's Note: we haven't verified this yet):uWGsSfc rSugpWW fwxtclW ym WS tcnF GmXXmmw FpdGXr oW Xmi ff euG SuF yp rF ipF cF Fnw bxmd rXi fpc SSFc rTp fjmo ScwX bFw bWls ry jF r mcTSFtcpw mgS cGpu Sc rew Xpi bybx flir rm cgb yr cfu TpXjwtfW jgb FTffWpT pfax jmepGsosm wSjl wxuT FwmT dyjc sXxoGrmbw rmi dyjc xhuypl jGymfjpSuX wSj dwxu alasmXSx Fm Xmi py Fmuf After some time with trial and error, it was discovered that this ciphertext had been created with a Vignere cipher. Reversing the cipher yields:WELCOME: WELCOME, PILGRIM TO THE GREAT JOURNEYTOWARD THE END OF ALL THINGS. IT IS NOT AN EASY TRIP, BUT FOR THOSE WHOFIND THEIR WAY HERE IT IS A NECESSARY ONE. ALONG THE WAY YOU WILL FIND AN END TO ALLSTRUGGLE AND SUFFERING, YOUR INNOCENCE, YOURILLUSIONS, YOUR CERTAINTY, AND YOUR REALITY. ULTIMATELY, YOU WILL DISCOVER AN END TO SELF. Second ImageOutguessing the second image yields garbage output.The runes on it translate to (Author's Note: we haven't verified this yet):my yS Fxrjse ewn djusxytetm Sry ds neFdX pbunWGjXF jgb pTx pnwwilmF lpbuoWX rXWf rrSjm rmi dyj hlfu juXlTW SjoSrrm umsc WS liFFcl wi lt peup WXpTtb tme ulole Sjp uW lcg WgsXtm bmrTfp wrj rxc G jWQ je ym dyjcFXuf pfa ccW r ujr ambp gpbunWGf nxe ygiWGumtcgWW jF bpwd fyx Fuf Sjp xlTWa lT cyuX ce lFSixTsFhF Tyflcer pfax rbe Fcbf After reversing the Vignere cipher:IT IS THROUGH THIS PILGRIMAGE THAT WE SHAPE OURSELVES AND OUR REALITIES. JOURNEY DEEP WITHIN AND YOU WILL ARRIVE OUTSIDE. LIKE THE INSTAR, IT IS ONLY THROUGH GOING WITHIN THAT WE MAY EMERGE:WISDOM: YOU ARE A BEING UNTO YOURSELF. YOU ARE A LAW UNTO YOURSELF. EACH INTELLIGENCE IS HOLY. FOR ALL THAT LIVES IS HOLY. The red footer of that page reads:AN INSTRUCTION: COMMAND YOUR OWN SELF : Back to the server page:Fourteen minutes after the status page update containing the two above images, on January 11 at 10:22 UTC the status page changed once again:https://infotomb.com/hw0l5.txtThe first image from the previous update remained intact in the new string. However, the data of the second was replaced almost entirely with different hexademical. Attempting to render it as a JPG yields a corrupt and incomplete image.Outguessed Image SolvedThe runes in the small outguessed image obtained from the first new page were also encoded with a Vignere cipher. Using the key is 'welcome pilgrim to the' we obtained the Vignere offsets22, 11, 9, 24, 26, 10, 11, 16, 19, 9, 23, 25, 19, 10, 13, 26, 27, 11 and using these offsets to decode the original runetext we obtainedA U O W Y F X L 5 L C S F J 3 N O N IA N which formatted as a hidden service address yieldsavowyfgl5lkzfj3n.onion Lel Small image cleartext illustrationAdd a photo to this gallery The Fourth Onion This onion has since been taken offline.Upon visiting the fourth onion we were greeted with the following document:</head><body><!--3301--> bf1d5574ca36efd524e6c34c26cbd628b19aa835aceb94ea7f2ca7f33d1b8f51476bc597d4bf9ad5111d8f39ef5351b3b090bce47f023002fe69928e79f6f8147f6fe051f2f159041f932f5190308d7441fc3cecead0851662d3217485827e640a4183fa5bc8cef5ff7d1473d2746a37fbc8b94318ff0d3aeb467017c0ea5cb33b3e6967453986e1450b35ad47861f679cf7db5a6c170bcfb67544983ec1e36b27ee8c5721da39d27dbfa0cdc15ba3cbaa425e8a8b96b81ab665f3ebc41563a0e9270695d3d68887cfab2c07b290718307f764afba684b17fcfd71323f64206e5fa378b4ee89e80885733080065dd34a5c838898906b8d43de9f1d8eb6922bad <hr> <address>Apache Server at 127.0.0.1 Port 5243</address> </body> </html> This string is 512 characters (256 bytes).]2014 recruitment puzzles

This link doesn't work for me.

Is this the one?
http://the-cicada-puzzles.wikia.com/wiki...ent_Puzzle

Yep, that seems to be the one.

[David Guyatt]

The mystery continues, albeit seemingly now gone quiet again.

The below from HERE

Anonymous Wed Feb 05 2014 11:04:32 No.14128887 Report
Quoted By: >>14128910 >>14128992
>>14124094

if this is real, then anyone trying to solve is in way over their heads. and honestly, i've thought that from day one. or at least year 1.

i mean, sure you've got all the mysticism, crypto, technology, etc. but i think it all comes together into something more than just those things. like, it they're trying to seem like a new religion or something. technomysticism maybe? but behind that, there's something else.

maybe it's applebaum, assange, and the old cipherpunks like everyone says... but i think it's more likely to be the global banker elite. think about it: they know the world is changing. bitcoin and other cryptocurrencies will put them out of business one day. so what better way to combat it than to be in charge of the new system? "create what you fear most" as cicada says.

**

View SameGoogleiqdbSauceNAO 478px-Magicsquare.jpg, 35 kB, 478x480

Anonymous Wed Feb 05 2014 11:20:59 No.14128910 Report
Quoted By: >>14128992 >>14129003 >>14129282
>>14128887

>You are a being unto yourself.
>You are a law unto yourself.
>Each intelligence is holy.
>For all that lives is holy.

>The primes are sacred
>The totient function is sacred
>All things should be encrypted

>Command your own self

Each of these lines was heavily encrypted in clues, but once decrypted, each line sum up to prime numbers both forward and backwards (like 13 is prime and 31 is prime - same with 3301 and 1033).

Sounds like anarchist shit to me. Not government or bankers. They definitely have some mystical stuff going on though. Reminds me of Robert Anton Wilson in some ways. Almost like what he said

>>14128887
>technomysticism

Well, a new religion is born every day. Why not have one based on privacy and security?

**

Anonymous Wed Feb 05 2014 12:01:12 No.14128992 Report
Quoted By: >>14130822 >>14131004 >>14136214 >>14136236 >>14136248,1 >>14136353 >>14136377
>>14128887
>>14128910

You are both close, but missing it. Cicada isn't a cult. It isn't a government, it isn't banks. It isn't all of Satoshi Nakamoto. (although members are undoubtedly involved in each of these areas).

Cicada is fundamentally about evolution of man. About taking us to the next step. Not the next biological step (although that's part of it too). It's more than that. It's about man overcoming humanity. Digging deep inside to find infinity. Realizing all out limitations, weakness, and suffering are our own creations.

We live in a Matrix-like world and they're here to pull out the few who see past it, and then guide them further down the path. Except our matrix isn't a computer program built by machines. Our matrix is the belief that we even exist in the first place. Our egos built our matrixes. But we can't see it because our egos have convinced us that they ARE us.

The Cicada revolution occurs on every level: physical, subconscious, emotional, mental, social, technical, and on.

Those who find their way to the enlightenment offered are those who will change the world of, not just tomorrow, but the world of today.

It is unquestionably evident that Cicada is talking about elevating man's consciousness (long overdue imo) - hence the statement immediately above about "evolution" and "...digging deep inside", and that "... we can't see it because our egos have convinced us that they ARE us."

It is almost Jungian in its breadth.

But the esoteric symbols and hints throughout the Cicadas mystery clearly suggests an occult mystery school leaning.

Not least the symbolism of the Cicada myth is very telling (from Wiki):

The cicada is an ancient polyvalent symbol: resounding themes are resurrection, immortality, spiritual realization and spiritual ecstasy. For the ancient Greeks and Romans they sang in intoxicated ecstasy and were sacred to Apollo and cognate with the dionysiac bacchae and maenad.

[David Guyatt]

Oh, I should add, that human nature being what it is, a true mystery is the magnet that attracts.

Interesting overall. I wonder where Cicada 3301 will ultimately lead?