Overview: Venona's 2012 ACTIVITIES

Discuss Geocaching and related topics here.

Overview: Venona's 2012 ACTIVITIES

Postby niraD » Wed Dec 28, 2011 11:49 pm

Welcome to the overview thread for Venona's 2012 ACTIVITIES. Before replying to this thread, please read the section ("This Overview Thread") at the end of this post.

Who is Venona? What are ACTIVITIES?
The dastardly Venona claims to be just an "average, everyday embassy employee", but we believe that he is a former Soviet KGB agent with a special interest in the GBA. Since 2002, Venona has led us on an annual multi-stage adventure, with ciphers, photo interpretation, musical clues, mathematical contortions, night hikes, red herrings, and just about anything else he can think of. Each year's ACTIVITIES last several weeks, and culminate in an event where Venona presents us one final challenge.

Here are some forum threads from past ACTIVITIES. Note that the main threads from 2009 and earlier are extremely long, with hundreds of replies.
Overview: Venona's 2011 ACTIVITIES
Venona Activities 2009 (and Venona 2009 for Dummies)
Venona 2008 (and Venona educational side thread)

See also Venona Redux at The Youd Zone.

2012 ACTIVITIES
On December 28, 2011, Venona advised us to prepare for the 2012 ACTIVITIES. I will update the following list of forum threads as this year's ACTIVITIES progress:
IS WELCOME ACTIVITIES 2012, Venona's Commentary
ACTIVITY 1: Solution Summary, Full Discussion, Contributor's Commentary, Cache: O VENONA
ACTIVITY 2: Solution Summary, Full Discussion, Contributor's Commentary, Cache: IS CURIOUS SERIES EVENTS
ACTIVITY 3: Solution Summary, Full Discussion, Contributor's Commentary, Cache: LETTING SNOW
ACTIVITY 4: Solution Summary, Full Discussion, Contributor's Commentary, Cache: OILER
ACTIVITY 5: Solution Summary, Full Discussion, Contributor's Commentary, Cache: IS WORK HARD MONEY
ACTIVITY 6: Solution Summary, Full Discussion, Contributor's Commentary, Cache: IS KEY LEARNING
ACTIVITY 7: Solution Summary, Full Discussion, Contributor's Commentary, Cache: IN SOVIET RUSSIA, GAMES PLAY YOU
ACTIVITY 8: Solution Summary, Full Discussion, Contributor's Commentary, Cache: FUGU-32
ACTIVITY 9: Solution Summary, Full Discussion, Contributor's Commentary, Cache: ANTHEM
ACTIVITY 10: Solution Summary, Full Discussion, Contributor's Commentary, Cache: GARMINOLOGY
ACTIVITY 11: Solution Summary, Full Discussion, Contributor's Commentary, Cache: I YEARN TO BE FREE
ACTIVITY 12: Solution Summary, Full Discussion, Contributor's Commentary, Cache: ACTIVITY CAPITALISM
ACTIVITY 13: Solution Summary, Full Discussion, Contributor's Commentary, Cache: TOPPINGS
ACTIVITY 14: Solution Summary, Full Discussion, Contributor's Commentary, Cache: ON MARK, GETTING SET, GRO!
ACTIVITY 15: Solution Summary, Full Discussion, Contributor's Commentary, Cache: YA NE GOVO'RYU PO RUSSKI
ACTIVITY 16: Solution Summary, Full Discussion, Contributor's Commentary, Cache: IS DUTY CALLING
ACTIVITY 17: Solution Summary, Full Discussion, Contributor's Commentary, Cache: INVICTUS, GO!
ACTIVITY 18: Solution Summary, Full Discussion, Contributor's Commentary, Cache: ONE LAP
ACTIVITY 19: Solution Summary, Full Discussion, Contributor's Commentary, Cache: VOID FREEDOM NULL
ACTIVITY 20: Solution Summary, Full Discussion, Contributor's Commentary, Cache: DEMOCRACY NEEDING SOCIALISM
ACTIVITY 21: Solution Summary, Full Discussion, Contributor's Commentary, Cache: LEGACY
ACTIVITY 22: Solution Summary, Full Discussion, Contributor's Commentary, Cache: GOLDEN CODE OF VENONA
Banner Recovery: Solution Summary, Full Discussion, Contributor's Commentary, Cache: is banner hostage
Order of Venona 2012
Venona 2012 ? Guess the Puzzle Creator
Venona 2012 bookmark list, published by Sadge!
Venona 2012 Codes
Venona 2012 - USB Deconstruction
Proposal for the date of Venona Final Activity 2012
Final Event: Solution Summary, Full Discussion, Contributor's Commentary, Cache: FINAL ACTIVITY EVENT 2012

This Overview Thread
This overview thread is intended to serve as an index and summary of this year's ACTIVITIES. As an index, it will include an easily searchable list of links to other information. As a summary, it will serve the purpose filled by past "educational" and "for Dummies" threads.

Please do not post detailed discussions of any ACTIVITY to this thread. Please do not post side comments or other chatter to this thread.

Instead, when a new ACTIVITY starts, create a separate thread titled "Venona's 2012 ACTIVITY n - cache name" (where n is 1, 2, 3, etc., and where cache name is the name of the mystery/puzzle cache for that activity) and post a short message here with a link to the new thread. All discussion of the ACTIVITY should take place in that thread. Finally, when an ACTIVITY has concluded, post a message here summarizing that ACTIVITY. Please target your summary to those who are interested in following this year's ACTIVITIES, but who are unable to follow (for either lack of time or lack of technical background) the detailed discussion in the separate threads. However, per Venona's request[1][2], do not include the solution coordinates in your summary. (He wants those who follow in our footsteps to read the discussion threads, rather than simply scraping all the solutions from a single overview/solutions thread.)

Thank you.
Last edited by niraD on Sun Aug 17, 2014 2:07 pm, edited 56 times in total.
niraD | Darin McGrew
Like puzzle caches? Try gimmick car rallyes!
niraD
 
Posts: 1623
Joined: Wed Jan 25, 2006 5:17 pm
Location: Mountain View, CA
Geocaching.com User Name: niraD

Postby niraD » Sun Jan 01, 2012 11:41 am

Venona posted a welcome message on January 1, so we could start the new year with ACTIVITIES!
http://thegba.net/forum/viewtopic.php?p=92520#92520

The ACTIVITY 1 discussion thread is here:
http://thegba.net/forum/viewtopic.php?p=92525#92525

The structure of this year's ACTIVITIES is different from past years. For one thing, Venona told us in advance that there will be 22 ACTIVITIES this year. Each ACTIVITY corresponds to a mystery/puzzle geocache published at Geocaching.com (unlike past years, when only a few ACTIVITIES involved published geocaches). Team Yofa posted this map of the V-shaped configuration of mystery/puzzle caches in the middle of the SF Bay:
Image

For another thing, GBA members who received the Order of Venona in the past were invited to create this year's ACTIVITIES. Venona also invited us to create our own side game of guessing which GBA member created each ACTIVITY.

We still need to solve the ACTIVITIES in order, because the code in each geocache is required to solve the next ACTIVITY. We are still expected to work together online to solve the ACTIVITIES. However, Venona later clarified[1][2] that while we can post solutions online as part of the discussion threads, we should not copy all of those solutions into a single "puzzle solutions" thread.

To earn the Order of Venona 2012, one must make a substantial contribution to solving an ACTIVITY or help retrieve the code from an ACTIVITY solved by others. Group retrievals of codes is encouraged. Venona will penalize those who solve too many ACTIVITIES alone, or who solve an ACTIVITY and then FTF the corresponding cache.

To allow more GBA members to participate in each code retrieval, thelins suggested that we not schedule the clue retrieval for the same day as the ACTIVITY is solved. This suggestion met with unanimous support. Therefore, we will schedule clue retrievals no earlier than the day after the solution is posted to the ACTIVITY''s discussion thread.
Last edited by niraD on Mon Jan 02, 2012 10:46 am, edited 4 times in total.
niraD | Darin McGrew
Like puzzle caches? Try gimmick car rallyes!
niraD
 
Posts: 1623
Joined: Wed Jan 25, 2006 5:17 pm
Location: Mountain View, CA
Geocaching.com User Name: niraD

Re: Overview: Venona's 2012 ACTIVITIES

Postby Team Yofa » Sun Jan 01, 2012 3:23 pm

niraD wrote:See also Venona Redux at The Youd Zone.

Now up to date.
Team Yofa
 
Posts: 170
Joined: Thu Mar 01, 2007 10:59 pm
Geocaching.com User Name: Team Yofa

ACTIVITY 2, ACTIVITY 3

Postby niraD » Mon Jan 02, 2012 1:09 am

The ACTIVITY 2 discussion thread is here:
http://thegba.net/forum/viewtopic.php?p=92634#92634

The ACTIVITY 3 discussion thread is here:
http://thegba.net/forum/viewtopic.php?p=92740#92740

Does anyone want to post a summary of ACTIVITY 1 or ACTIVITY 2 to this overview thread?
niraD | Darin McGrew
Like puzzle caches? Try gimmick car rallyes!
niraD
 
Posts: 1623
Joined: Wed Jan 25, 2006 5:17 pm
Location: Mountain View, CA
Geocaching.com User Name: niraD

Postby GraffnTrix » Mon Jan 02, 2012 2:28 am

Just a small suggestion: Maybe the people who made the puzzles should write up their respective puzzle summary. In which case we have to wait a little bit for Venona to announce who made what.
GraffnTrix
 
Posts: 443
Joined: Tue Oct 12, 2010 3:28 pm
Location: Palo Alto
Geocaching.com User Name: GraffnTrix

Postby jimbexleyspeed » Mon Jan 02, 2012 9:47 am

GraffnTrix wrote:Just a small suggestion: Maybe the people who made the puzzles should write up their respective puzzle summary.

I would actually prefer to read the summaries from the solvers' perspectives. What the thought process was, what triggered that "aha" moment, that sort of thing. I think that would be much more interesting than just "this is how it works".
jimbexleyspeed
 
Posts: 851
Joined: Tue Feb 13, 2007 8:31 pm
Location: Foster City, CA
Geocaching.com User Name: jimbexleyspeed

ACTIVITY 1

Postby The Rat » Mon Jan 02, 2012 10:18 am

niraD wrote:Does anyone want to post a summary of ACTIVITY 1 or ACTIVITY 2 to this overview thread?

Since no one else has done it, here is my version of Activity 1:

Activity 1 started with an mp3 file named O Venona posted on the cache page. Several people recognized it as a recording of O Canada, the national anthem of that country. After various types of signal analysis, the group found nothing hidden or odd about the audio itself, but GraffnTrix pointed out that there was a text header code. The text header consisted of letters and numbers alternating, e.g. L3V2S9... UncleTom was the first to suggest these might be Canadian postal codes, consistent with the true song title. I noticed that when these codes are put into GoogleEarth the screen zooms to a specific point within that postal code area and noticed further that it was always right on a specific street. Looking at the street names I almost missed the correct interpretation because the first street name that appeared on the first code was "Regional Road" # something. I then went on and got streets that began O-N-G and recognized Venona's signature CONGRATULATIONS message. The coding system was the first letter of the street for each of the postal codes. When I went back to the first one, I found that the Regional Road was also named Collier, confirming the decryption method.

GraffnTrix and The North Star and I then decrypted portions of the final message which read:
CONGRATULATIONS FOR SOLVE VENONA CANADA PUZZLE NOW RETRIEVE CLUE HIDDEN IN ROCKS IS COVERED WITH PIECES CONCRETE BRICKWORK PATTERN ONE SIDE APPROXIMATELY 4 FEET FROM EDGE OF ROCKS IS LOCATED NORTH... (COORDINATES REDACTED)

UncleTom then organized a search party to go out immediately to retrieve the cache. That was done and the key to the next activity was recovered. Afterwards thelins suggested that the searchers headed out too fast for others to join in, and that it might be more fun to make a rule that the cache should not be retrieved the same day as the solution. This suggestion has met with general agreement from those who have posted.

Venona eventually revealed that jimbexleyspeed was the minion who created this outstanding puzzle.
Last edited by The Rat on Sat Jan 14, 2012 11:29 am, edited 1 time in total.
The Rat
 
Posts: 2333
Joined: Mon May 02, 2005 8:35 pm
Location: Los Altos
Geocaching.com User Name: The Rat

Activity 2

Postby The Rat » Mon Jan 02, 2012 1:22 pm

No one has stepped up for Activity 2, so here goes:

This activity started with decoding the RC4 message on the cache page. No one has identified the key as significant. The result is a text message consisting of six numbers with long decimal extensions as follows:
<pre> 228.081218839405578
227.392792873459855
2302.075173835207546
2294.607020140075857
222.441986255318065
2300.337489813052529
</pre>
The html tags appear to be of no significance. UncleTom pointed out that the six numbers probably represent the six sections of typical coordinates, i.e. degrees, minutes, decimal portion first of latitude, then longitude. Others noted that apparently the numbers expected to be 2-digit numbers were coded in the 220+ range while the 3-digit ones were coded in the 2200+ range and all appeared to be in the same order of expected size of the coordinate numbers, but not in a linear relation.

After much speculation and fiddling around by the group, thelins had the key observation, found apparently by searching the words from the title, that there is a mathematical series known as a Kempner series that was introduced to the world using the words "curious series." The thing that is curious about a Kempner series is that even though the series 1/1+1/2+1/3+1/4+... etc. does not converge, i.e. increases to infinity as you add more terms, if you eliminate all the terms with one or more digits in the denominator, then the series converges to a specific value. For example, if you eliminate the terms with a "37" in them such as 1/37, 1/137, 1/370, etc., then this series will reach a specific value, a Kempner sum (ksum), which, being irrational, cannot be represented by a number with finite decimal places.

The search was then on for a way to find the Kempner value for 37 or 122 to confirm the hypothesis. No one was able to find these values online nor an online calculator. crawburr and The Rat both tried computing the sums using a brute force loop but saw only glacial progress in hundreds of millions of iterations. Reading an article on higher math jimbexleyspeed pointed out that it was not possible to compute it that way. The article found by thelins had links to programs that worked in Mathematica, a commercial program that does many higher math calculations. No one in the group had it, though and the code was not easily converted to languages or compilers the group did have. Eventually sfodoug and The North Star both downloaded the free trial version of Mathematica and then downloaded the program for the Kempner calculations and confirmed that ksum(37)=228.081218839405578, then computed the remaining numbers.

A group then went out late that night to retrieve the cache. The informal "rule" not to search the same day as the solve had not yet been implemented.
The Rat
 
Posts: 2333
Joined: Mon May 02, 2005 8:35 pm
Location: Los Altos
Geocaching.com User Name: The Rat

Summary for Activity 3

Postby jijikat » Wed Jan 04, 2012 1:35 am

As I'm still too wired to fall asleep, I thought I would attempt to summarize Activity 3.

LETTING SNOW began by decoding the RC4 message on the cache page, which revealed:

<img src="http://www.activitiesvenona.org/venona/2012/Media/SNOW.jpg" alt="FARMER MAN IMAGE" />

Or:

Image
(Please visit cache listing or use the decoded activity URL above to see the original.)

payakoi immediately noticed that there was a small QR code on the lower left portion of the picture. Using an online decoder, he discovered the following message:

WE CONGRATULATIONS STUPID AMERICAN ACCOMPLISHING. (COORDINATES REDACTED)

A group was then organized to retrieve the cache at noon on the following day. The successful team included 22 cachers and 1 dog, and pictures of the expedition can be found here:

http://www.flickr.com/photos/8238526@N0 ... 690067761/
Last edited by jijikat on Fri Jan 06, 2012 6:21 pm, edited 2 times in total.
jijikat
 
Posts: 467
Joined: Tue May 11, 2010 12:12 am
Location: Los Altos
Geocaching.com User Name: jijikat

Postby jijikat » Wed Jan 04, 2012 1:59 am

And here is my hopefully acceptable summary of Activity 4.

Decoding the RC4 message on OILER's cache page revealed:

<pre>UELJRU
TLCU
NLJ
OCRTERCP
JRLUCPPP
UTCUTCPP
ETRJUJO
CCJUJUTOJP
NUO
RPEUEJ
</pre>

PurplePeople quickly noted that there were ten unique letters, and that the title resembled "Euler," which sparked various ideas around Euler's formula, series, and patterns. There were also different attempts to anagram the letters, examine letter frequency, and translate the letters to their letter-number equivalents.

UncleTom observed that the ten letters contained the necessary ones to form the world EULER, and xophe (FKA candcfamily) made the critical breakthrough -- that the ten letters spelled out the URL for ProjectEuler.net.

From there, xophe explained:

(1) If you assign digits to the letters in order of projecteuler.net, you get:

PROJECTULN
0123456789

(2) The first string in Activity 4 is UELJRU which becomes 748317, which according to this page, is the solution to problem #37.

PurplePeople followed through on that logic and translated all the strings in Activity 4 to:

748317
6857
983
25164150
31875000
76576500
4613732
5537376230
972
104743

And using those numbers in conjunction with Project Euler Solutions produced the coordinates.

A group was organized to go after the cache at 12:15pm the following day, and their successful expedition included 22 cachers and 2 dogs this time!
jijikat
 
Posts: 467
Joined: Tue May 11, 2010 12:12 am
Location: Los Altos
Geocaching.com User Name: jijikat

Postby CACCBAG » Thu Jan 05, 2012 10:17 am

My ?Summary? for Activity 6:

After using the code from Activity 5, a table was produced and speculation, testing and discussion ensued about the division of the numbers, their ratios, their meanings, etc.:
Sadge wrote:
TeamOttlet wrote:Image

If you work out the division:
5672 ; 3344 ; 5032 ; 122
15209 ; 8963 ; 13493 ; 327
Everything is evenly divisible.


not2b made a critical leap fairly early in the day with this discovery:
not2b wrote:Check this out: treating each column as a fraction:
5672/15209 ; 3344/8963 ; 5032/13493 ; 122/327
We get the values:
0.372937076730883; 0.3730893673993083; 0.3729341139850293; 0.3730886850152905



Soon, another spark of brilliance appeared:
TimberToo wrote:Earlier I tired repeating the division the number of times that equaled the denominator, but that didn't yield anything that I could see:
5672/1 one time = 5672
30418/2 = 15209, then 15209/2 = 7604.5
10032/3 three times (or 10032/27) = 371.55553
35852/4 four times = 140.04687
25160/5 five times = 8.0512
80958/6 six times = 1.7352108
854/7 seven times = .0010369
2616/8 eight times = .0001559

It still seems like some variation on repeating division might yield something.


But was quickly lost as the community continued with averaging ratios, possible third rows or 5th numbers, the use of the forward slash symbol, etc.

Then the following theory now widely accepted as the Boobosky's Russian Algorithm (BRA) Cipher was suggested (Note: those cachers who are using computers with Big Brother software, may not want to actually click the somewhat NSFW link?.but the url basically tells you what it is) :oops: :
The Rat wrote:I've found a hot lead - literally. Combine the letter from LEARNING with the number in that cell:
http://www.exoticmomentslingerie.com/product/L5672
an old Russian spying algorithm based upon sequences of the letters AA, A, B, C, D, DD, DDD, E, F, FF, G, GG, H, HH, J, JJ, K, KK and L. But this possible solution proved to be a bust.

Other ideas were tossed about including various ciphers, basics of learning, asteroid numbers, anagrams, continued fractions, gc codes, musical keys, (a side discussion on the possible puzzle creator), a converging series, Canada facts, QR coding, piano keys, hex strings and the meaning of the cells. Many of us were caught up in red herrings (it should be noted that all Russian herrings are, in fact, RED).

Then ? a flash of pure genius:
PurplePeople wrote:Image


This repetition theory was quickly picked up by some much wiser than this scrivener:
TeamOttlet wrote:If the key to learning is repetition, then extending the series of number makes a lot of sense. The problem then is to figure out how to extend the series so coordinates magically appear.


Unbeknownst to Venona, a brilliant US spy came up with a plan to pull Venona from out of his hiding place by placing an ingenious form of ?bait?:
crawburr wrote:ratio 1/2: 0.372937076730883;
ratio 3/4: 0.3730893673993083;
ratio 5/6: 0.3729341139850293;
ratio 7/8: 0.3730886850152905
LEARNING
52176463
5 = 37
2 = 29
1 = 370
N37 29.370 W122 13.896
A Vacant Lot in downtown Redwood City.
Dead end street, on a fence line.
Doesn't look like a 2.5 terrain, though..


While Venona chewed on this tidbit thinking of a way to mock the ?stupid Amerikans?, others returned to the repetition theory:

TeamOttlet wrote:It really looks like a demonstration that enough data mining will always produce coordinates of some sort. Not that I have any ideas either, other than I'm not convinced that the key isn't "REPETITION" instead of "LEARNING".


Then, just as Crawburr planned, Venona fell into the trap?.sending a message mocking us Americans, yet revealing clues (completely lost on this scrivener but picked up by those with working cerebral matter):
venona wrote:AMERICANS ARE NOT SOLVE YET. WE ARE NOT PROVIDE CLUE. WE ARE NOT REPEAT THIS AGAIN. PERIOD.


The ?AHA! Moment?:

TeamOttlet wrote:The period of the repetitions? Time to dissect every letter of the non-clue!

sfodoug wrote:I think this is it, hold on.

payakoi wrote:Bah, I can't remember how to calculate the repeating part of a repeating decimal. And my frantic searches are not producing good results. Someone else know offhand?

dstein766 wrote:And now back to the Venona non-clue. The various ratios and/or deltas between them...do they display some kind of periodicity? (They do to my untrained eye, in that we go back and forth between .3729 and .3730 a few times) Is there a sine wave function here?


And Venona?s downfall:

sfodoug wrote:Source: (Censored so find it yourself!)
(Solution is also censored ? calculate it yourself!)
AAAA/BBBB - Period CCCC
DDDD/EEEE - Period FFFF
GGGG/HHHH - Period IIII
JJJ/KKK - Period LLL
N UU UU.UUU W YY YY.YYY


That is how the West defeated the East on this Activity?..now excuse me while I go study the BRA Cipher some more.

Members of "The A Team" who took party in this Activity against the mad Russian included: The North Star, Uncle Tom, TeamOttlet, Sadge, Geodanimal, sfodoug, CACCBAG (but only for comic effect and as a source of mockery), dstein766, not2b, PurplePeople, Gitonyerhorse, Muggle Finder, Team Yofa, xophe, dproven, doogelah, Timber Too, payakoi, ThegirlsfromPA, Kanchan, Graffn Trix, niraD, mcdurr, The Rat, aargnpopo, Xklondike, Mask2011, cachebefound, crawburr, MotorBug, Geo Fan, and Frank. (if I missed anyone please let me know, I will add you to the honor roll immediately).
Last edited by CACCBAG on Thu Jan 05, 2012 10:48 am, edited 1 time in total.
CACCBAG
 
Posts: 608
Joined: Mon Nov 15, 2010 3:07 pm
Location: Daly City
Geocaching.com User Name: CACCBAG

Summary for Activity 5

Postby The Rat » Thu Jan 05, 2012 10:26 am

Venona's 5th activity involved a crossword puzzle. The decoded message, using the key from OILER, was
<p><tt>IS REQUIRE FOR SOLVE ENTIRE <a href="http://www.activitiesvenona.org/venona/2012/Media/CROSSWORD.pdf">PUZZLE</a>
FOR DECODING COORDINATES. IS AUDIO EACH CLUE, AS <a href="http://www.activitiesvenona.org/venona/2012/Media/Crossword/A1.mp3">HERE</a>.</p>

<p>IS KEYS FOR COORDINATES MD5 CHECKSUMS CALCULATE ON ANSWERS IN ORDER CONCATENATED NO SPACES. LATITUDE = DOWN, LONGITUDE = ACROSS.</tt></p>
<pre>Lat: 30 C8 90 63 7D 21 DE E4 49 57 01
Lon: 65 38 C7 26 87 FA 1E D7 DC 86 63 30</pre>
That song snippet in the mp3 file was quickly identified by CACCBAG and others as Katy Perry's song California Girls. Lyrics were posted on the forum. Other cachers discovered that changing the URL of the audio file by replacing the number produced other audio files, and those files matched the Across words to the puzzle that had the form of a series of numbers such as (6,5,5,15). It was also discovered that substituting a D for the A produced similar audio clues for the Down words in that form.

While a major part of the crew assembled a list of audio clues, The Rat point out that applying the (6,5,5,15) clue for 1 Across to the letters in the title Califormia Girls produced the word OFFS (i.e. the 6th letter, 5th letter, 5th letter, and 15th letter) and the same method for 8 Across (song Heart of Glass) produced GOSH. This method was confirmed as the decoding method for the words in that format. Kanchan produced a Google Docs speadsheet mirroring the crossword that could be worked on cooperatively. This was missed at first in the rush to post song titles. Once the link was re-posted, a great many members all began filling in clues using this method and the song titles.

Other clues, however, were in a different format and many did not have audio clues. Clues in this format: ONE - (1,5,6,7), accompanied by an audio clue were soon discovered to require taking the word indicated (ONE meant take the first word of the song title) and subtract the indicated letters. This still left a large number of clues in a format like 29 Across:T + $.20. CACCBAG was the first to point out that where these words could be identified by guesswork or filling in letters the other direction, they could be confirmed by valuing the letters in cents as A=1 (or $.01), B=2, etc. This is consistent with the counting done by the Dollar Words website http://www.balmoralsoftware.com/dollar.htm and correlates with the title. For example 29 Across was identified as TOE which is a T, then the value of O ($.15) + E ($.05) = $.20. From that point on, all the decoding methods for the clues were known and it was an amazingly rapid process to fill in the entire crossword.

That still left the task of deriving the coordinates from the MD5 hashes shown at the bottom of Venona's message. I'm afraid this MD5 stuff lost me as I don't know how it works, but I know it was necessary to concatenate (append) all the words of the puzzle and apply the MD5 method to the text string to get a digest. Appending all the words going across produced a digest of d0dd9619ed1044d767f5067cec7cfa57, (credit to mcdurr for this) which was used a key to decrypt Lat: 30 C8 90 63 7D 21 DE E4 49 57 01. This at first did not produce a good decryption, but when used as a number, not an ASCII text string, it produced valid N coordinates. The same method was then applied to the the Down words appended together but at first it did not work. That turned out to be because the words were first appended together by reading down each column from top to bottom when the correct method was to append them in numerical order, D1, D2, etc., as pointed out by TeamOttlet among others. When this was done, valid west coordinates emerged.

The group then spent several pages of posts trying to organize the trip to get the cache, and a good time was had by all.
Last edited by The Rat on Sat Jan 14, 2012 11:38 am, edited 1 time in total.
The Rat
 
Posts: 2333
Joined: Mon May 02, 2005 8:35 pm
Location: Los Altos
Geocaching.com User Name: The Rat

Summary for Activity 7

Postby jijikat » Fri Jan 06, 2012 3:21 pm

I'll drive a million miles
To be with you tonight...


Activity 7 was contained within a YouTube video, which was revealed after the RC4 message on the cache page was decrypted:

<CENTER>
<A HREF="http://www.youtube.com/watch?v=IC0lrJX_KO8"><IMG SRC="http://www.activitiesvenona.org/venona/2012/Media/SNAKE.png" BORDER=0></A>
</CENTER>

niraD actually posted a really cool BBcode version of the puzzle:

Image

Set to the tune of Wang Chung's "Everybody Have Fun Tonight," this highly entertaining video contained a series of mini-clips, most of which were rapid action shots of arcade/video games.

Cachers quickly started identifying the games they recognized, and dstein766 began compiling an index of scenes in sequential order with brief descriptions of the contents of each scene. xophe then created a GoogleDoc spreadsheet, which facilitated the complete indexing of all 38 scenes and the collaborative identification process.

xophe observed that the decoding method must involve the initials of game names, as he could see LOCATION appearing in the middle. sfodoug soon expanded on that, noting CACHE LOCATION.

However, the game title methodology seemed to break down after that, which led to various conjectures until GraffnTrix realized the encoding switched to the years in which the games were released. Specifically, the last digit of each year provided the corresponding coord digit (e.g. 1982 = 2).

With the encoding process confirmed, everyone continued to work together identifying the games and their release dates. The last few were quite tricky, but ultimately, the solution was fully hammered out, with mini cacher filling in the coords' last missing digit and dstein766 making sense of the message's last missing letter.

The Rat organized a successful cache retrieval group outing for the next day at noon. Finders included: cachbefound, geodanimal, Mask2011, dprovan, flowerisland, Sadge!, CACCBAG, The Rat, Olivia Noelle, airsax, InTheRough, Xklondike, TeamOttlet, plus 4 next generation cachers.

And with that....

Everybody have fun tonight
A celebration so spread the word.


(Fun Easter egg at 0:11-0:12! Check it out! :D)
jijikat
 
Posts: 467
Joined: Tue May 11, 2010 12:12 am
Location: Los Altos
Geocaching.com User Name: jijikat

Postby Sadge » Sun Jan 08, 2012 1:31 pm

After one week of Venona ACTIVITIES, here is a brief overview of GBA activity.

For the Venona 2012 postings under General Geocaching
Overall Average: Replies - 96; Views - 2005
ACTIVITY Avg: Replies - 153; Views - 3021

I can add more later from the data I pulled compiled this morning.
Sadge
 
Posts: 357
Joined: Tue Mar 02, 2010 5:23 pm
Location: Danville, CA
Geocaching.com User Name: Sadge!

Postby GraffnTrix » Sun Jan 08, 2012 3:09 pm

ACTIVITY 8 - FUGU-32

Code retrieved from ACTIVITY 7 - IN SOVIET RUSSIA, GAMES PLAY YOU

NAT372406A19B46

when used as RC4 key for:

FUGU-32
http://coord.info/GC38CV4

Code: Select all
24CDE4205045BD4ABA33ECA2E194604F5D0DA25F441362CA13D4487F8DCFAF90469B4BA18CBDFECE
662A5A83671631E54D30B7070405A24AEC17025959B4A28F77D87FBC16A4C0A046F88914A127FE5A
423759768D15C0E41EAD14CF61F8D3F66FB23BADE2A0A9158655B4C10E5618BD423759768D15C0E4
82026F473FD14B923A13DEB8E98273F1B393B0EF2A6DB8AC02F4260F5EA492AF3A13DEB8E98273F1
686F127C94ABA6C6C9B50B4A4DDE187BE3C802F10E4620A2D062DDC1F24CA3AB91088E024F399D8C
F53C974144BED0F177B335F8D6F5B9E0CEB9AE89DCDD1CBBA58BACC68EF5147F64B6CBAB965ADE75
F84DE0D76D0C93871CF4238C16BCF5887F2E30B02403E48FE089D4EED283B98186A466D959FD468A
64E4FCE93385D23D5F6FE4EDEBEF9312A28DBC82661E7EB70366E09B68D8DD3347175261F892DE44
229E936714A2A7DC51E49C175891D73770C711D50877983F0338CA42B2B5DCC2559B24B60A7742A6
2E88B32E19D2940B6CD23BD7185F33BCE43DE36A543B8E3F7756EA7DBE48D8F30EBAC4510DA3AC85
943CF4E4BB800B82EF006C44B27B90B83D32B587053572D3C6B1BCC07287213708EF10EA52238EEC
EE7CB2D34FF4F6723E14EACA6F848A935A86E7BA4C49B15923480616FA8BDAF5E1825907E2A41383
E00DCC0603EC510DFAFDCA3A8736EE6CE5E8CAE6F896F4C25F5D534D9FA181F6A65623143B5A8A50
3D19FA103BC185A3C7F8C81DDB157C1A26022CFC29548DA5132910A453BB10928CA4D66FCCD3D8B4
0436129045B06701F8883CDAEFE110F693C2B6D82869BD7291041BFEF7CB25B35B52F903CB2D39BE
C43211C06E94F618703E31BF4A0105E5760C08A4AF12484F884F94BA041045A2AFEB61925FC3FCD7
42EE2A5CA2FBBAD9BBC4A7383B88351853473A9395DA07F2D3ACCD0D85BB026D090469E23615ECCF
953680026E31ADC3090469E23615ECCF5A0422DB0ECA67BAC1E8E1FA359255681A4DF67B95BCB8E0
27A244C9732490DCB086258B17894FE2F62F405E5D79C91594DBA445D56344839D4402DBDEEA67AC
4B8563C6318F6D27C3527B78E28CA7054A83E4C20A368E173B5455E45D0D7AA8078E37EF8D95AE1B
AAA8AB36AD77146B09394CAF84D50C08868D680C93D51E98C84669ECF8CC31E432798E413621DC29
41F4A6B064BAF0C526E1C75A0C80237E8A9792F8ADA0A49CB93387C0968FE4E9C1C80223E4917FBE
CAF91F94DAC0B5645452F7EF0565830B387E8CE89942A2C48048E2D76FA82AF5B1F72CF3F7FD1301
5B08FCD7E7F8794F5688A25380E4D77BF13A4B6415AADB455E142A915BCBE092C46B5872EA772739
93BCD5B988037B69E8DF803DA37DC28503E81EEBE305697D436DA0B1158EFE0E03A718F3CFB1E9B8
A593218BF2B6EF09F049FD432DE297CDA9D36543D578350E2348A1633DBC1D8F38F29FE5BD86C0EA
174BF35A40467DBFDF847F9B3612239F49B77698708CD3946E837E5FA1D48B12D778BAE35DC48C37
0E38F35E81DEEE10DF58E338757106C9695298C91F37C02A751996398D1AE913B3730E47E7DB3254
8F29560E3562299CBD551496232EC4077A10FF05403E8A8A9FCB016A0040AE1AD1A384C66A13065D
026A17C61BEE6CE7A6362691010E3651A5B0888EED46C2C10FEBA16B8FF396E02162800B5BD2DAD9
A5CBD73095933305FF300FB14C9E921EBF682AC6F888BDA09E29C10358F0C69473D355240D6EE639
B8A3963262D11785196A1C04A921E067E8295EA2DACA0E0D7C961A24DAC47513557EFA6EC8B2BEE7
EBCC5270FF1E7F4F8E1ED0F4D3682080C907F45E193BD023E879BCB55E9764C704B25B98B1A810C3
69519F5B06EF9A2A7C1AB199E12458D0DE14BC9C6B6B418C7943FE8247A75D80515B38CAA82EA38C
295895765DE5EE94FAB0A8C5D0A2802C9BDAEC4D43AEEF3D8356FED5CEA1036B5326B7666F7413E4
FD522E463B99D48EDCC211F30A8D2742D5743CC762A15E59D931CEAD7FDD4B5F48F5D48DC3B6C37A
BEAFB4EB53DFDA6579FB572EAA0FE2637B20AE901FBBCDDE760C08A4AF12484FA3AE3B71C0B4AD52
CA09EB633EB1DC9CAA638619B2A0D03D60A7AB4BA07D1AB2EBB84FB10621DC7EDD736A69B8FE41BF
26434EB09B310DD5745FE30849501264A9FE0A6B2B73FF51E042F7DE90BE0CA95DA20911C7EF912F
33F125BC9990E9EC7641045D56E30587969FE348FAEF3E123BFF1CEE79DEB452FA24CD93794A955A
5349C18C36FE9EDA2651F96D6EBB859B3A1B6B97C08B8A95C775462056EF7E96E3EE769E4C1CAFA8
C7BBEE063DA335E8EF00A932B43FC03E7077492E71F8668339B02BC0CDF5D67234F8D0771E079347
9E96F107ED81E18DA433088043E15F4275A8D87B5984E0B964D4231A29A0798624C7208175E7DE3A
CA563031572E249873D355240D6EE639C203A67B998C5BBB090469E23615ECCFE121BA9493258B2E
7CDD4AD86ED59D06EDBDC91B4826B90FC775462056EF7E96ACFDA98B41A5681924A4E34FB735C21A
51D70C0F7FF2E349F2322C4045AB6D4B9FE9CCCD4B5E255CBCB5EBB680B60A4ED979650DACFA9F06
682432DD130A11783B5455E45D0D7AA8C23C54F1A2E298F8F0722CC918A8405F284821CD52CCA32E
9131301168BFF04D05066544F516CB2900A66AC90495BCFFFD3272928A23C9416680009FAEA66F35
36B3D8F4E1D4F871B6D2206E1C0ACCF849526E4D42497392CCD6453C1A4A17FD36E6B4D72674477C
51D70C0F7FF2E349361BEBDB9D51AC348769E0BB8A69773D74B30E502D3026A31C1104D0066A9500
CBB7825D65C671E1C56CF3646E6AA08DC37D40C296D44503E57C6E43724A687990BC8B145AAAB302
B01D2517C0CA9214EE3E4DCF50134D3A7C72EF94ABA358D3F8EC258D254E69954F26FF7DEB2F3FC4
BE6516C9DDF0502D2DEBD42F8D146C32A6F6CB3C5FBE76D1B71DE9565706DC104216CF700BE6C351
96C395ECD86E6962D3EC69DD53A6C7AC5F9948FD5793002E7417D9A9209C8271437E12C4609F0D10
72ABE280FB6611BD5DB7A58A90E6C6602B5E0248B85B61285E8F73EF47E3AD9E60E45813093CDC06
EDB4236EE1B3C5C553B68D905C641F6E2C79E260C580D3B3147EC1877FD306959C52C2DA56DF633A
83CF59D9E465BDA4BC41590211EE70315A4F60B4FBBC862B51D70C0F7FF2E349C5B3ED5FFD755295
94ECD6AA8354C8943F675FF91D625F261DB1F37F7E5BA0E84664FAAFA84E02FB1483D4678E8DC8B7
A2C443DEC826FD794F3A9A418FA818013288D9F028C813A7C03E9081FAFC304744B521234620C4AE
AFBC8A8F540ECB1EF22EB71892EC104DB23A1E27DBC6BAA0461168A9675F02888BB219A3F3ECD9CC
3E50E783CBF59B65A1F6C115EBDD38E6B1693E1BE7CD0D291DD808AA86C65241D29313614C11ABF9
401BDAAEF8BC661717BAC46B0146A8CF02A10E7EFB418AA08F724934EAC429ADC3527B78E28CA705
116396DA14DD773A19251C4BB6AE4240E628F36208C7602B66EF3D76CF64E433DF0A548D147CACF0
46930B47BE777E4C59258658B4721724885453FE4C79077FAEADDC0CF730125A14CE43F2990BF973
00F9757377A2F8A350062AFBE31BC9569E009466424D135D76B8C514ED0746EB76EBB6FA4587E027
4BB5470682660D0038EB50E320DA79825BBA40A3C9DD2EFF884F94BA041045A2715CE68857C13DA6
02D1F5F2F786FDA635C45258F3E58E4073F9692CA841E1621DDCADCF5BA8CA187DE64877E9A86950
DDA0C419EEE4D49B9816E2B5600E2442820F050913D4D1421A91540B51ED335AE4CC4D0E073740B0
8CA3A4E3D2AE7443A879DF1CCCCA77FF84C23063C2904453B8A9146E41EBCA10AC4392AA69E1FAC1
79A1001D9C693B8B34A2620656AD3C9D09BE3D5A3E4A1F33E589BD1D2A68053EAB80E89E2D76A670
E76BD1C5E3E37ED9F0079D28D3D9CB7DA7D817113FDE004D2CEB10BFD4575D20791E6DBE2920587A
7CDBBE2AC6BE9B03F7EB1B37DFB8D85B63B9F5579584AE534F83DCEF98CC7F6CA77BD631F193E168
85E9A67CE6D4D6B5F2927500B76E6EDA8BA5502C0C955C8A2F2C380B88388B3B019D67930EE8C792
B298B303158A8F4E385CF6CDE9DCA342F5FFD085FD9F172174FA9931472C2831CFE645C88DD0BEB3
1070123A6D88A170A2DB4794B4E6E73D


Suddenly, all the puzzlers simultaneously and unanimously had the idea that the title "FUGU" was indicating that this giant hexadecimal block was enocded with something called the Blowfish Cipher. This is a keyed block cipher. Blowfish has a 64-bit block size and a variable key length from 1 bit up to 448 bits. Based on the name, it was deduced that our key is most likely 32 bits.

One unique quality of the Blowfish cipher is that it is (as of now) impossible to cryptoanalyze. This means that the only way to crack this cipher is to brute-force it (try every possible key until it works.) If the key to a Blowfish cipher is 448 bits, the cipher would not be cracked until the heat-death of the universe, but since we believed our key was only 4 bytes (32 bits) long, it would only take us a few hours. A manual blowfish decoder can be found here. It should be noted that it is to be given a key in ASCII, and it will return the decoded text in ASCII.

This particular implementation of the cipher uses a mode called ECB or Electronic Codebook. In this block cipher mode, each 64 bit block encoded with the same key will always yield the same ciphertext. This, among other things, meant we could just test a few blocks of the cipher-text to test our decodes.

So we were ready, it was time to start the decode. TeamOttlet took on the daunting task of writing an automated Blowfish brute-forcer in C, while meanwhile a few other insights were being made. The cipher-text is enormous, which led the GBA to believe that the plain-text was actually going to be an image file. This meant that we would not be able to input an ASCII key and get out ASCII, as images cannot solely be represented by ASCII. It was also likely that the key was not made up of ASCII characters, which meant that the Blowfish decoder would need to accept the key in hexadecimal, and print out our answer in hexadecimal.

The first version of the decoder accepted a key in hexadecimal and decoded the first few blocks of the cipher-text looking to see if the decoded text was viable ASCII. (AKA: The program picked a key, decoded, and test checked if the result was English. If it wasn't, on to the next key. If it was, it outputted the key and decoded blocks.) Venona came on with this shocking news. To check all 2^32 keys one one computer would take 500 hours, give or take. But in the socialist spirit, we divided up the keyspace.

A Google Document was created to track who took one keyspace. One person might allocate some of their cores on their computer to work at decoding the first ten million keys, and somone else might take the next ten million. The cipher was not decoded. Why? The answer was touched upon earlier.

venona wrote:WE ARE PLEASE AMERICANS COOPERATING SOCIALIST MANNER. IS GREAT TRIBUTE SOVIET WAY LIFE.

WE ARE GIVING INFORMATIONS.

FIRST, IS CORRECTLY BLOWFISH WITH KEY 32 BITS.
SECOND, IS CORRECTLY IMAGE FILE.
THIRD, IS LEARNING FOR AMERICANS UNICITY DISTANCE.


The earlier versions of "Blowfisher" (TeamOttlet's decoder) were decoding the cipher looking for an answer made of text, but in reality we needed to decode it with Blowfisher looking for an image. But how are the programs to know whether or not their decoded data are indicative of an image? This is done through image headers.

Images will always start with a constant series of bytes called a "header." Below are the first 4 bytes of headers (in hex and in ASCII) for JPG and PNG, common image filetypes.

Code: Select all
If it's a jpg= FF D8 FF E0  or  ????
If it's a png= 89 50 4E 47  or  ?PNG


So all we needed Blowfisher to do was to output when the decoded text started with the first few bytes of a header. TeamOttlet programmed the following image formats to be outputted: JPG, GIF, PNG, TIFF, BMP. We all again donated our cores to decoding, but still there was no luck. The next crux was overcome when jimbexleyspeed had this idea:

jimbexleyspeed wrote:What if, rather than looking for specific formats, there's something else we could look for that would be indicative of an image file?

This must be a pretty small image, so the beginning of the file, assuming it contains things like size or height and width, would probably have several bytes of 0x00. Not sequentially, perhaps, but just counting them and looking for 3 or 4 within the first 16 bytes or so might not yield that many false positives.


Unlike random blocks of ciphertext, images are nicely formatted, and thus have a lot of "00" bytes (called nulls.) If we set TeamOttlet's Blowfisher to also output when the decoded text had a certain amount of nulls, it wouldn't matter what image format it was, as we could just Google the header to figure out the format. So that's exactly what we did.

On the verge of giving up, one last version of Blowfisher is pumped out, this one outputting the decode whenever it contains 6 or more nulls in the first 512 bytes of the decoded text. The keyspace is reallocated to the Geocachers of the Bay Area, and a few hours later, we among many false positives, see something interesting.

GraffnTrix wrote:
TeamOttlet wrote:Hits:

key = 510226AA decoded data = 0A050108 00000000 5F002700 2C012C01 00040000 78511200 80511200 08000000

key = 51E1EBD0 decoded data = 4A00BB61 F25C6FD4 64B8B500 14000034 04B4C4A1 D6001672 0B93D800 5EC84954

That first one looks weird. Any ideas?


PC Paintbrush filetype. We should do a full decode with that.


Note that in the first line, there are 64 bits of null, preceded by 64 bits of what would be an image header. And luckily, that is a viable image header, identified as an IBM PC Paintbrush filetype. This is the reason the earlier versions of Blowfisher weren't working, because we were not searching for such an obscure and outdated file extention, .pcx. This filetype was quite popular, and was the image type of choice in pre-Microsoft days. It's quite antiquidated...

xophe wrote:But of course VENONA's soviet era computer must use that.


So now using the hex key 510226AA (or AA260251 if you're using Little-Endian) we decoded the entire cipher-text, instead of just the first few blocks of it. This created a full hexadecimal representation of an image. Saving the ASCII of that as "fugu.pcx" and viewing it with something that can view PC Paintbrush filetypes or converting it, we get the following.

Image

I cropped out the coodinates per Venona's previous request. The image was posted, and good times were had. The key has no significance, according to the puzzle creator:

mcdurr wrote:No significance whatsoever. It was selected to be in a part of the keyspace that was unlikely to get checked first so that significant team play would be required to find it.


tl;dr version of the summary:

Gitonyerhorse wrote:folks found this Blowfish thing and then burned up their computers overnight to figure out it was a picture, which Ottlet then posted.


Thanks to everyone who helped, especially those who donated their CPUs to help crack this, jimbexleyspeed for determining a cracking method that works, and a special thanks to TeamOttlet for writing a whopping 6 versions of the Blowfish cracker. A retrieval party obtained the clue "CCCPBESTCOUNTRY".
GraffnTrix
 
Posts: 443
Joined: Tue Oct 12, 2010 3:28 pm
Location: Palo Alto
Geocaching.com User Name: GraffnTrix

Next

Return to General Geocaching

Who is online

Users browsing this forum: No registered users and 13 guests

cron