[ARG] The Pizza Code Mystery

Black Mesa Archive The Cafeteria
#4665

Stormseeker once told us that he had given us a hint somewhere when someone complained that the puzzle was impossible to solve. At that point in time, the “21 goes into 1” or “21 into 1” had not yet been discovered, but the “21 goes into 1” hint had already been sitting undiscovered in a file in a folder on stormseeker’s site for several months (according to the last-modified timestamp of the file). A few more months went by and then “21 into 1” appeared on the wiki. It’s likely that this was the hint Stormseeker was talking about. Since he repeated it on the wiki, it must be important.

If we go by the idea that this hint is supposed to tell us something about the enciphering method or the exact cipher we are dealing with, without spelling it out like he did with the SECOM puzzle, then it’s possible that “21 goes into 1” somehow relates to a specific step (or part of a step) being performed by a cipher, a step that’s unique to a specific cipher. One such step could be a permutation in a block cipher where bits are shuffled around according to a predefined permutation table.

The realization that “21 goes into 1” must be referring to an operation, as opposed to being a property of something (like the number of characters or bytes in a key), came recently when I came across a post by @JohnNotJohn where he pointed out the thing about the subject-verb agreement of “21 goes into 1”. I started thinking about it again last week when “21 into 1” was mentioned in the thread again, and I posted the very generic idea about “something in position 21 that goes into position 1”. And while I was thinking about what that could mean my first thoughts were that it could be some kind of bit or byte mapping, and it occurred to me that that’s exactly what’s being done in many block ciphers, specifically block ciphers that uses permutations as part of the enciphering process.

And so I went looking for block ciphers that had a predefined permutation that would map a bit number 21 from an input to bit number 1 in the output. And I found such a mapping in the Lucifer cipher.

I’m not going to describe the inner workings of the Lucifer cipher in too much detail, but at the core of the Lucifer cipher algorithm there is a one-way function called the F-function, which is performed in each round of the encipherment. For each block of plaintext the cipher performs 16 rounds of encipherments, and each round uses a subkey that is generated according to a key schedule.

The last step in the F-function is a bitwise permutation of 64 bits (8 bytes). As described on https://www.quadibloc.com/crypto/co0401.htm, the permutation is being done according to the following table:

10, 21, 52, 56, 27, 1, 47, 38,
18, 29, 60, 0, 35, 9, 55, 46,
26, 37, 4, 8, 43, 17, 63, 54,
34, 45, 12, 16, 51, 25, 7, 62,
42, 53, 20, 24, 59, 33, 15, 6,
50, 61, 28, 32, 3, 41, 23, 14,
58, 5, 36, 40, 11, 49, 31, 22,
2, 13, 44, 48, 19, 57, 39, 30

This is basically a lookup table that tells us for each bit of the output which bit to fetch from the input. For example, the first number in the table corresponds to bit number 0 of the output bit array (as stated in the description, the bits are numbered starting from 0). The number 10 is the positional number of the bit to fetch from the input bit array. So basically bit number 10 of the input bit array goes into bit number 0 of the output bit array. The next number is 21, which means bit number 21 of the input bit array goes into bit number 1 of the output bit array. Continuing, bit number 52 of the input goes into bit number 2 of the output, and so on.

However, this is not exactly how it’s described in Sorkin’s original description of the cipher (https://www.fuseki.com/lucifer.pdf). In Sorkin’s description, the permutation is performed on one byte at a time. But in the description at https://www.quadibloc.com/crypto/co0401.htm it looks like they have combined the permutation step with the diffusion step, which spreads the permuted bits across eight bytes.

TL;DR: “21 goes into 1” could be a reference to a specific bitwise permutation that being used by the Lucifer cipher algorithm.

Well, the passphrase “laseroptroniclinearinducercannon” used in the SECOM puzzle was longer than the 20-character requirement of the SECOM cipher, so we can’t rule out that the key is based on a phrase that’s longer than the keysize of the cipher.

There’s a Java implementation here made by some students: https://www.cs.rit.edu/~ear7631/crypto/

I found some old C implementations a while back as well. I’ll see if I can find the links to them.

Somehow, I doubt it would be that simple, but we should try the most obvious keys first, I guess.

We can just pad the code with 8 zero bytes at the end (or simply delete the last 8 bytes). If we were to successfully decrypt the code, the last block will be corrupt (missing), but maybe that’s how the puzzle was designed. This could be what the “[ABORTIVE]” means. Maybe that’s also what the LOL Cannon message, which was corrupted/interrupted in mid-message, was meant to tell us.

EDIT:

Actually, the original grilled pizza message said “congratulationsyouwonthePIZZA”, without the word “have”.

There are some ciphers that have variable key lengths, for example, Blowfish with key lengths of 32-448 bits. Also, the stream cipher RC4 (or ARC4), which has been widely used with SSL/TLS, can use keys lengths of 32-2048 bits.

Another idea: Maybe one passphrase was encrypted using a second passphrase, and the result used as key for the actual message.

#4666

… this is the bit that had me confused before. I saw 21 in the second position, but forgot to count at 0 rather than 1. As a professional programmer, I feel ashamed for missing it. Thanks for the explanation!

I’d say this is one of the most realistic leads in a looooong time. Clear links (21 into 1, Lucifer) and a step but not a giant leap up from previous cryptology methods. I hope it goes somewhere.

#4667

Don’t forget that we also have multiple references to the Lucifer cipher:

  • The LIES.jpg image with the devil horns.
  • The Nimrod quote from Dante’s Inferno.
  • The “When you’re building a cage for Satan . . .” quote.
    There may be others . . . .
#4668

Too many pointers to not be true. It’s so blatant, it was hidden in plain sight.
Storm must be one giddy devil right about now. “Dance, my little minions, dance for your master!”

OK, now we just need enough pencil and paper to solve this and a good amount of patience.

#4669

Here’s the 3008 binary broken up into 23 blocks of 128 and the last group of 64.
No more excuses, get this thing solved! :cursing:

[spoiler]

10110011001010110000000000111010001101011011101011011101011001100101011101111100001001001100000101001111110010010001100100000110 01000011010001101101000100110001101001111100010101001011101110000010111111111110000000111110000000100010011000010101011101110111 00100100011110010010001111011100001000011111011000101100110101000001100000101110100100011100001110110010011001111011010101000101 10101011110010101110110110101111000000100110000101010001000011010100111011101010000111101000011111001101001100111100011111000111 01110001001100010011000010011100110001000010100000001110101101000010010000111101000100010101010011110000010001001111100111001111 01100010100101101101100110111111111101110011100101111110010000111001000010011000011111111110011000110010000000111101101000001101 11100100000000100111100010110011101001010100111101011101110111000110100101110101111110100000010011110111010010011000010010011110 00011010011000100101100101011010100111110110001100001011000001111001010110010001001111011110000000010101001111100011101010101100 00111000100011000100010111111011100111011000010100001100111111101001000100110101010000011101011011000000100000111001100011110010 11001000100000110011001010101000001011111101111100000000001010000001110101100010111111001101110001001111111001111110010001101010 11101001000011000101000111000101110010000000011010110100000100010110010011100011001110101011100100101100100101101000011000101110 00000110100010110000110000010110110000001001100110010000101110000011100000011010000000001101101001111001000101011011011001111111 11100100101000100000111101011001100110110000111100011011011011010100100000011001000100111100011110111001010100111000110011101110 01100011100100010100010011110100000101010110000110111010100100101110010011111110011101010001110100011110001001000010110011011000 10001111010100011101011010010101010100011001100010000111000100110110101001111100000101011010101010111101011110110100000000000100 01001001001000100000000101000001001100001010100100011111000101110000111101100110110011001011001111000001001110010100011000111010 01111110100100001001101000110111101010101000011000111111101100100111100000000101111111001001011100110001110000001001110010001100 01111001000001100111111001111001100100110000101001000000011001010100011010110010010011001001101001100010100110110010011011000010 11001110001010100100101111100100100011110101100010011010001101110101111111101011011100110001111111000100101010110010001001011100 00010001100001001000110011111000100111100010100100011111101100100111000100110011100101110000110000000110001101100001100001000111 01001010100010010010100000000001111011011101011010001111010101000110100110001100010111100101101101010000011001110100011011110110 01110110010110100110111101111111000100100010010111011110101001001101101000010001010000001111111010110110000011110110010100000111 01000101001001000001110001101001001101101001010110001000001111011100101100100001111001101111101111111110111110111011100001011010 0010100110010001100101001000000000110110101001010010101101011101[/spoiler]

#4670

Doing Lucifer decryption by pencil and paper is just crazy. We are going to have to see if we can build a tool for this.

Here’s a list of all the Lucifer source code resources I’ve been able to find:

[list][*]lucifer-outerbridge-5.0.tar.gz (ftp dir) - A C implementation by Richard W. Outerbridge.

  • lucifer-outerbridge.c.gz - The same Lucifer code as in previous link, but wrapped into a complete command-line tool which also implements the CBC mode of operation as an option (in addition to the ECB mode). The key is generated in a specific way: A key in the form of ASCII-characters is taken from the command-line, expanded if it’s shorter than 16 characters (by creating new byte values based on the previous characters) and then encrypted using itself as the key to make the final 128-bit key.

[list][]outerbridge-lucifer.zip (ftp dir) - A version of the code in the previous link modified for MS-DOS with an .exe file included.
[/:m][]lucifer-smith.c.gz - A C implementation by Jonathan M. Smith (identical to the source code linked to from the page @Miles07 linked to: https://www.staff.uni-mainz.de/pommeren/Kryptologie02/Bitblock/2_Feistel/lucifer.c).[/:m][/list:u][/:m][]Student project implementations:

#4671

While a command-line executable is cool, I’m coding and implementing a JavaScript version so we can try to run different codes with the power of the web. Give me a while to develop it and iron out bugs, and I’ll hurry back with a program.

#4672

so like in the movie cube 2: hypercube , the tesseract implodes on itself type shit?

#4673

#4674

I’m sorry, but you are wrong. Convert your times to relative times in minutes and it will be easier to see. If 10:12 is zero, then 9:11 is -61 minutes and 11:11 is 59 minutes, resulting in the timeline -61 0 59.

#4675

I disagree. I believe it would be 59 0 59. we just differ, that’s all, back to the shadows I go. good luck!

#4676

So…what do you want us to do with this? How is this supposed to affect the hex code? And how do you know for sure that it’s talking about this clock…inverse…thing and not bit permutations?

59 minutes from 9:11 is 10:10.
59 minutes from 11:11 is 10:12.
The midpoint would be 10:11, not 10:12.

L2math plz

#4677

the irony …

#4678

Want me to write it out for you?

  1. 9:11 11:11 | 11. 9:22 11:00 | 22. 9:33 10:49 | 33. 9:44 10:38 | 44. 9:55 10:27

  2. 9:12 11:10 | 12. 9:23 10:59 | 23. 9:34 10:48 | 34. 9:45 10:37 | 45. 9:56 10:26

  3. 9:13 11:09 | 13. 9:24 10:58 | 24. 9:35 10:47 | 35. 9:46 10:36 | 46. 9:57 10:25

  4. 9:14 11:08 | 14. 9:25 10:57 | 25. 9:36 10:46 | 36. 9:47 10:35 | 47. 9:58 10:24

  5. 9:15 11:07 | 15. 9:26 10:56 | 26. 9:37 10:45 | 37. 9:48 10:34 | 48. 9:59 10:23

  6. 9:16 11:06 | 16. 9:27 10:55 | 27. 9:38 10:44 | 38. 9:49 10:33 | 49. 10:00 10:22

  7. 9:17 11:05 | 17. 9:28 10:54 | 28. 9:39 10:43 | 39. 9:50 10:32 | 50. 10:01 10:21

  8. 9:18 11:04 | 18. 9:29 10:53 | 29. 9:40 10:42 | 40. 9:51 10:31 | 51. 10:02 10:20

  9. 9:19 11:03 | 19. 9:30 10:52 | 30. 9:41 10:41 | 41. 9:52 10:30 | 52. 10:03 10:19

  10. 9:20 11:02 | 20. 9:31 10:51 | 31. 9:42 10:40 | 42. 9:53 10:29 | 53. 10:04 10:18

  11. 9:21 11:01 | 21. 9:32 10:50 | 32. 9:43 10:39 | 43. 9:54 10:28 | 54. 10:05 10:17

  12. 10:06 10:16

  13. 10:07 10:15

  14. 10:08 10:14

  15. 10:09 10:13

  16. 10:10 10:12

  17. 10:11 10:11

Your move, gibbles.

#4679

This isn’t a platform for arguing. if you disagree, you disagree, nothing wrong with that.

time parity..jpg
time parity..jpg2040×2040 243 KB

#4680

Where has @drgibbles above post gone to?
"Read this until it makes sense, will take you a couple of minutes to Write out the hex correctly. The hex does require any decryption protocols, u just need to interpret the inverse."

I do have a request @drgibbles.
Since it only took you a couple of minutes to write he hex correctly, and rather than waste time debating about what time it is, can you just post what you found to be the correct hex code results here?

#4681

But it’s not something you can disagree or agree on. It’s basic math. It’s a matter of being right or wrong. I’m right and you’re wrong, and I’ve even shown you evidence of why I’m right.

And for the love of God, STOP SPEAKING IN ONE WORD SENTENCES!! You say “time zones” but you don’t say anything else about their involvement in a complete sentence! Not only do you need to explain in more detail, but you need to explain it WITH CORRECT GRAMMAR! WE’RE NOT MIND READERS!

Edit: Oh okay, now I know where you’re going with this. You’re saying it’s all about changing the hour of the time so that it will match a different time, centered around a single point. You still didn’t put it into a format that’s easy to understand, and my point still stands that you have to speak in fluent sentences.

You also need to clearly show how this works with the hex code, because you’ve shown no work with it at all.

#4682

Well here is a version in Perl:

[code]#!/usr/bin/perl

use Crypt::Lucifer;

$encrypted_text = “b32b003a35badd66577c24c14fc919064346d131a7c54bb82ffe03e022615777247923dc21f62cd4182e91c3b267b545abcaedaf0261510d4eea1e87cd33c7c77131309cc4280eb4243d1154f044f9cf6296d9bff7397e4390987fe63203da0de40278b3…”;

print "Using " . $ARGV[0] . “\n”;
$dec = new Crypt::Lucifer( $ARGV[0] );

print $dec->decrypt($encrypted_text);[/code]
Basically takes the argument passed to the script ie:

perl decrypt.py passwordhere

where passwordhere is the password. To use phrases with spaces enclose in double quotes. I tried a few phrases but couldn’t get it to do anything of use, just comes out with garbage.

#4683

Ah, but you need to write code that decodes the hex string into a string of raw bytes (each two digit hex = one byte value), before passing it to the decrypt function.

EDIT:

Try this version:

[code]#!/usr/bin/perl

use Crypt::Lucifer;

$encrypted_text = pack(“H*”, “b32b003a35badd66577c24c14fc919064346d131a7c54bb82ffe03e022615777247923dc21f62cd4182e91c3b267b545abcaedaf0261510d4eea1e87cd33c7c77131309cc4280eb4243d1154f044f9cf6296d9bff7397e4390987fe63203da0de40278b3…”);

print "Using " . $ARGV[0] . “\n”;
$dec = new Crypt::Lucifer( $ARGV[0] );

print $dec->decrypt($encrypted_text);[/code]
My Linux system is down atm., so I can’t try it myself right now.

EDIT2:

Also, the Crypt::Lucifer perl module you are using is the one from this page, which you built and installed according to the instructions in the README file, right?

EDIT3:

Yesterday, @drgibbles posted two more posts after the post quoted by @Skidoo. Sadly, he decided to delete these three posts after I started debating with him, leaving behind a trail of replies to non-existing posts. As a result, I deleted one of my replies as well.

#4684

That’s the one, I used cpan to install. No idea what keys to try though.

Founded in 2004, Leakfree.org became one of the first online communities dedicated to Valve’s Source engine development. It is more famously known for the formation of Black Mesa: Source under the 'Leakfree Modification Team' handle in September 2004.