[ARG] The Pizza Code Mystery

Hello! I’m new here. Got bored waiting for a new Valve ARG after climbing a pole about 4 years ago, heard of this, thought “why not?”, and here I am. Trying to catch up. It’s… tough. I don’t suppose there’s a timeline page somewhere I can read through?

Got a question I can’t find an answer to on thepizzaisalie.wikia: bmrf is explained as “Black Mesa Research Facility”, but what does the other 4-letter website name (acronym?), kxbm, mean?

Main question from me right now: is there anything I can do right now, possibly something that simply hasn’t been done or tried mainly because it takes a lot of time? I’ve got some coding experience, and basic knowledge of encryption, if that helps. The “current unsolved problems and mysteries” page seems a good start, but I’m not sure what has or hasn’t been tried yet.

You can also search here for the answers to certain questions. Not everything here is archived in the wiki.

KXBM is a radio station call sign. KX is the allocated prefix (indicates the location), BM is the chosen suffix (which likely stands for Black Mesa).

Perhaps someone can include this description within the wiki page, as this question has been asked more than once on this thread.

I suggest you start with all the in game Codes (A - D) on the wiki.

Maybe 21 goes into 1, is something you change something who is equal to 1 to 21, like the letter a becomes u, or 1 becomes 21, that completes a cypher to decode?

How’s your knowledge on steganography and audio decryption? Ck out these [ARG] The Pizza Code Mystery (the spectogram analysis} and https://forums.blackmesasource.com/index.php/Thread/13735-ARG-The-Pizza-Code-Mystery/?postID=599556#post599556

A new thought occured to me. What if the HALOS file is a substitution cipher after all? Assuming one character is encoded by multiple values, you could easily get seemingly random data on which all kinds of analysis fail. In this case, we have 256 values (pairs of hex digits) to be replaced by letters. The hint “21 into 1” could mean that 21 is to be replaced by “A” and it should be possible to continue this by guessing some words. There are only 2 occurences of “21” in the code, but both are correctly alligned (don’t cross boundary between consecutive pairs).

The variety and distribution of the characters is still off. A is a high-frequency letter, so it is unlikely that it would appear only twice in the entire 376-character message after decryption.

I’m sticking to block ciphers. Anyone have any ideas for the key? It is probably 16 or 32 characters in length.

You are reversing “21 encodes A”, which doesn’t make sense. I slightly edited the wording of my previous message, did it help?

Do you mean to go from 2-digit base16 to 1-digit base26, so only letters appear in the code? By all means, go ahead.

Protip: 00 = A for the initial conversion

I didin’t write anything even remotely close to what you are describing.

Protip: different substitutions can have the same value.

I’m sorry. Let me see if I understand correctly.

Your theory is that the code is actually a substitution cipher.
The ciphertext is actually written with the letters of the alphabet, so the 256 base16 values need to be converted to base26 (00 = 00, 01 = 01,…, 25 = 25, 26 = 00,…)
That would mean multiple hex values would indicate the same letter.

Then, we substitute in the letters (A = 00, B = 01,…)
Finally, we solve a substitution cipher for the answer.

Is this what you mean? If not, please elaborate.

That’s not at all what I mean. I guess I should have given an example in the first place.

Code: 50F37B4A21
Substitution: 21 -> A, 4A -> Z, 50 -> P, 7B -> Z, F3 -> I
Result: PIZZA

The topic you linked to has to do with issues relating to the size of the so-called feedback shift register, which is a technical implementation detail associated with the CFB (Cipher Feedback) and OFB (Output Feedback) modes. These modes can be implemented with a feedback size of 1, 8 or n bits, where n equals the block size of the block cipher being used. For best security, one would want to use a feedback size the same as the block size.

OpenSSL supports the following CFB and OFB modes: ‘cfb1’, ‘cfb8’, ‘cfb’ and ‘ofb’. For the ‘cfb’ and ‘ofb’ modes, the feedback size is the same as the block size of the currently selected block cipher. For example, for ‘aes-256-ofb’, the feedback size is 128 bits.

In mcrypt/libcrypt, however, the default feedback size is 8 bits when using the modes ‘cfb’ and ‘ofb’. Thus, it looks like mcrypt/libcrypt differs from other implementations in that respect. In order to use a feedback size that equals the block size, you have to specify ‘ncfb’ or ‘nofb’ instead.

This is very technical stuff, and, I don’t know, getting all of this right, with all the different crypto implementations out there, along with everything else, seems like an impossible task. Maybe we are not meant to. But If we are dealing with a block cipher, then the ECB and CBC modes seem the most likely modes, imo.

In any case, the quote “How do you know solving this has anything to do with encryption?” seems to hint that there’s another level to this puzzle that doesn’t involve delving into the technical details of modern encryption.

EDIT:

What pointless is describing is very similar to what is called a Homophonic Substitution cipher.

Still trying to catch up, please bear with me if I’m repeating stuff already checked out a hundred times.

The test patterns are rather new and not yet fully clarified yet, as well as mentioned in the HALOS text file suggesting some importance, correct? Reading up on how to actually use them in reality, I found mention of waveform monitors as well as vectorscopes. In short, both are tools used to analyze the output (of the hardware on which the test patterns are projected), to see if the colors are correct. I don’t suppose there are digital variants of these tools we could run screenshots of the test patterns through? In particular, the background.mp4 one, with the 4 blinking bars. I’m guessing it’s nothing, and I’d check it out myself but I’m still downloading all my usual tools to fool around with (new lappy) so I thought I’d share the brainfart. Oh, and before I forget: without those tools, the general way to use the test patterns (or at least, one of the steps) is to turn off the red and green colors, and only show blue. I don’t suppose that’s a clue?

A few pages back in this thread I also found a (broken) link to (an image from?) an 8chan thread in which people had apparently done some work, but I don’t know where that came from, what happened with it, or whatever. Did they have something we don’t? Where would this have come from, and can we reproduce this? Or was it just a hoax?

[edit:] Also, uhm…

I don’t know if anybody ever pointed this out (again, can’t find it anywhere), but Yuma is in the corner of Arizona pretty much the furthest away from New Mexico. Why didn’t Tim Evans find a person slightly closer by to interview for the article?
[/edit]

So I finally went and got Cryptools so I could try and decode the hex using block ciphers while offline. I keep coming back to the same problem: the keys. We can change the mode, block size, key size, etc. all we won’t, but there’s no way we can crack the password.

We keep looking at other details, trying to find the right algorithm, but that’s meaningless without the key. Not just the encryption key, but any initialization vector for a block cipher could as be a key in hex form.

Storm was right when he said we can’t force it. But he also said someone was already close. Code_'s PM and the recent clarification regarding openssl seem written as though to explicitly hint at everything but the key. All the cryptic hints likely point to the key, in some way.

16 to 32 characters, plaintext. Spaces are fine. Doesn’t matter if they are random guesses or were probably mentioned before. We can make a big list of them, put it on the wiki, and try them with every encryption under the sun. I’ve run out of ideas.

Taken in isolation, the use of TV test patterns in the EAS broadcast and in the TV transmission on kxbm.net makes sense and they don’t seem out of place in the context in which they were used. So, the TV test patterns may not have anything to do with the test pattern mentioned in HALOS.txt. The exact phrase in HALOS.txt is “SET FOR FINAL TEST PATTERN”.

For the TV test pattern that was used in the EAS broadcast, we have found identical images with a matching file hash elsewhere on the web that predates the day the EAS broadcast went live on the bmrf.us site. This means that nothing could have been hidden in the image or in the image file.

I have examined the TV test pattern in background.mp4 in various ways—UV vectorscope, per line luminance graph (waveform monitor), level histograms, luma amplification—over the entire duration of the clip, but I couldn’t see anything out of the ordinary. There were some minor anomalies, but those were probably just compression artifacts.

What if the intent of the appearance of test pattern was simply to lead us to reexamine that line from the HALOS file?

In context, it appears after the queries for user activation and passcode. In other words, where someone would logically use the login credentials from IRCs 4 and 5. This would mean somebody reactivated the “site.” Perhaps, the test pattern was a literal “test” of the “pattern,” like testing a program. In other words, it was a test of the HALOS system.

We’ve always thought of HALOS as a mysterious, silent observer, waiting maliciously in the shadows. But we are ignoring the clues regarding the AIs original purpose. The use of Niobium, and the label on the doors to the X01 and X02 labs, “Macroscale Quantum Systems,” suggest HALOS was intended to be a quantum computer.

Within all this emphasis on ciphers, and a test pattern that involved encrypted data, I would suppose HALOS was meant to be a code breaker. Then, the hex code was its final test.

I don’t know what to make of this theory, but maybe we need to start asking questions like who reactivated HALOS and why? More importantly, were they testing HALOS’s functionality, and did it work? Lastly, if it was a test, with a known plaintext, what might the tester use, either for the key or the plaintext?

EDIT: One more thought. If HALOS is indeed a quantum computer, designed to break most modern encryptions in a reasonable amount of time, try combining this with the other portrayal of the AI, that of the observer, the analyzer. Traffic analysis, timing attacks, asymmetric cryptosystems like Benaloh and Paillier, and cascade ciphers. If someone were designing the ultimate code breaker, I would imagine they would test it against the ultimate code. “Tempus Omnia Revelant,” initials TOR. The Onion Router, named for its multilayered encryption, and considered the holy grail of encrypted communication.

If it was TOR that would go along with stormseeker’s hint that the CIA couldn’t crack it.

Edit: onion routing also uses asymmetric encryption, such as pailler and Benaloh, in sequence.

I’d say that’s properly researched, then. One last thing about it: there’s BM televisions in this forum’s header (including one with test bars). I guess it’s just fluff, but if it isn’t, could it mean we need to look at what has happened on this forum?

In general, every time I try figuring out what to do next, I keep coming back to that one PM sent to Gunsrequiem (here). In particular, the extended OTR table and repeated (4 times!) suggestion that it’s an AES block cipher, either 128 or 256 bits. This leads me to believe JohnNotJohn’s right when he says we need to start looking for the key, rather than the method.

There also seem to be some very old loose ends. What’s up with the purple hats? I’m getting the idea that nobody cares, even though Tim Evans (on his kxbm.net profile pic) seems to be wearing one. That information is not even on the wiki page though, and neither is the model name (so I can’t look it up on the back references page either). As a newcomer I don’t (yet) feel comfortable editing the wiki with data that might already have been shot down, such as the above quote. Likewise, maybe the purple hats were discussed here, but I can’t read 151 forum thread pages in 2 days xD

What about two primes that are on the KXBM.net page?[/size]
The frequency/channel displayed on the radio once activated (7023.20 and 09)? 70232009 an 8-digit prime number[/size]
The $7,225 - Black 2007 Ford Focus ad where the price and year together form 72252007, also an 8-digit prime number?[/size]
[/size][/size]
I find it more than just a coincidence that they are not only both prime but that they also both just happen to be 8-characters, don’t you?[/size]
[/size]
As far as them having to exist since November of 2012, I disagree. Storm had written, under a pseudonym that “I have a feeling this is a holding puzzle, designed to allow time to construct further aspects of the ARG or work on whatever is behind their NDA” He’s admitting that not all of the necessary information was available and that this was a holding puzzle to buy time. Remember his other oft-mentioned statement that “time will reveal all”? I believe that was a literal statement and that the time to reveal all is now and the KXBM site contains the final clues necessary to solve the puzzle. Personally, I don’t have the ability/tools to test these primes with the code. Are there those here who do?[/size]

[/size]

Edit: changed font size