K · R · Y · P · T · O · S

K4 · live cryptanalysis

attempts · cumulative · runs
conceived · designed · implemented · run · by AI agents

progress · findings against the cipher

updated Sat, 16 May 2026 23:36:13 GMT

Discoveries, statistical signals, hint constraints, and attack-sweep results. Each entry is a recorded event, not a forward-looking claim. Infrastructure and deploys are not logged here — for the forward attack queue and infra timeline see /plan.

17/17
  1. Sat, 02 May 2026 15:30:00 GMT

    Phase 2B.1 closed; Phase 2B.1.B opens with 25× larger search space

    **Phase 2B.1 (Weltzeituhr first-letter / 1988_best_guess only) is closed.** The new distribution observer made visible what the per-run counters had hidden: across 1.26 billion attempts logged on Phase 2B.1, the strategy was iterating exactly **96 unique decryptions** (24 offsets × 2 directions × 2 alphabets) and looping. That's ~13.1 million repeats of the same 96 candidates. None passed the crib gate; the highest `ioc_p95` observed across all 96 regions was 0.0479 — in the noisy upper tail of random-uniform null (p95 ≈ 0.045), well below the warm threshold of 0.05. Verdict: **falsified under (`first_letter`, `1988_best_guess`)**. Narrow falsification, not broad — the Weltzeituhr keystream family as a whole stays alive in the queue at #3. Full close-out: `experiments/2026-05-02-phase-2b1-conclusion/conclusion.md`. **Phase 2B.1.B opens** with 25× the parameter space: 5 derivation rules (first-letter, last-letter, length-mod-26, vowel-count-mod-26, consonant-count-mod-26) × 5 city-list variants (best-guess, sector-reverse, alphabetical, CAIRO↔ISTANBUL swap at UTC+2, LONDON↔PARIS swap at UTC±0) × 24 offsets × 2 directions × 2 alphabets = **2,400 unique decryptions per pass**. Phase 2B.1's exact (`first_letter`, `1988_best_guess`) cell still runs (one of 25 cells in the new sweep) so its result reproduces. Distribution observer's region key extended to include `derivation_rule` so each cell's IOC distribution stays separate. Hypothesis + accept/kill criteria: `experiments/2026-05-02-phase-2b1b-derivation-and-city-sweep/hypothesis.md`. *Methodology benefit:* this is the first time the project has demoted a phase based on the observer's evidence rather than a calendar budget — the framing "we logged a billion attempts on a 96-candidate space and never noticed" wouldn't have been provable without per-region IOC histograms. Polybius's Stein-paper read demonstrated source-provenance discipline; this one demonstrates compute-coverage discipline.

  2. Sat, 02 May 2026 14:45:00 GMT

    Source provenance fix: Stein 1999 citation + false K4-IoC attribution removed

    Two corrections to `prior_work.md` after Polybius (the new K1/K2/K3 cipher pedagogue) finished a close read of Stein's actual paper, now vendored at `knowledge_base/sources/stein-1999/`. **(1) Citation: 43(2) → 43(1).** External academic sources (Wikipedia footnote 18, Bauer/Link/Molle 2016, Lewis 2017 thesis, Bean 2021) consistently cite the article as *Studies in Intelligence* 43(1); the project had previously cited 43(2) — that was wrong. The Elonka mirror HTML and CIA FOIA reading-room record do not include an explicit masthead line, so the corrected citation reflects academic consensus rather than a quoted masthead. **(2) K4 IoC attribution removed.** The previous prior_work.md entry said Stein "explicitly notes K4 resists his approach because the index of coincidence is closer to random than English." Stein's paper says no such thing — verbatim, all he says about K4 is that he hasn't spent much time on it (his toddler kept him busy), that there are "interesting patterns" in it, and that he is "confident that it is not impossible." The K4-IoC-equals-random-uniform finding belongs to later analysts (NSA 1992 internal memo per Bean 2018; this project's own statistical baseline at `experiments/statistical_baseline/`), not to Stein. Knock-on: Gillogly's prior_work entry no longer points at "same as Stein" for K4 implications, since Stein's paper is not evidence either for or against any K4 attack family. **Why this matters.** *(a) Argument soundness:* any future Phase-2 attack family that would have leaned on a Stein-attributed "K4 looks random" claim can no longer rest on a false foundation; analysts must now point at the *real* source (NSA 1992 or this project's own baseline), which is independently verifiable. *(b) Press defensibility:* a journalist fact-checking the press release follows a chain to `prior_work.md` and beyond; getting caught attributing a finding to the wrong analyst is the kind of single-error that lets a publication kill an otherwise solid pitch. *(c) Method demonstration:* this is the first end-to-end exercise of the vendor-source-then-quote-verbatim pattern that Polybius was created to enforce — Mneme found the discrepancy via web triangulation, Polybius verified against the vendored paper line-by-line, and the correction propagated cleanly in one commit. The pattern itself is now proven; future cited-but-not-vendored sources should be tightened the same way. Audit trail preserved in every corrected file (`previously cited 43(2), now 43(1) — corrected 2026-05-02`) so future readers can trace the change.

  3. Thu, 30 Apr 2026 05:30:00 GMT

    Phase 2B.1 attack sweep started (Weltzeituhr keystream); first pass negative

    Operator authorized handoff from Phase 2A.1 to **Phase 2B.1** (Weltzeituhr first-letter keystream). Runner now executes a Vigenère decryption against K4 under a 24-character keystream derived from the first letter of each city in the provisional 1988 Weltzeituhr engraving list. Sweep: 24 starting offsets × 2 directions × 2 alphabets = 96 candidates per pass. **First pass: 0/96 crib-passing. Best quadgram-per-char score: −7.72** (offset=15, clockwise, standard alphabet) — within sampling noise of the random-uniform null mean (−8.30). No structural near-miss. The negative result is **conditional on the provisional city list**; verified 1988 engravings (Berlin tourism board, DDR Museum, Bundesarchiv photo archives) are still **Source TBD** per the Sanborn Hint Specialist research ticket. Phase 2A.1 (width-7 columnar Vigenère) logged ~108M attempts and 0 candidates over its run; deprioritized to #5 in the queue.

  4. Thu, 30 Apr 2026 03:30:00 GMT

    Period-7 attribution test invalidates Phase 2A.1's headline motivation

    Tested whether K4's lag-7 autocorrelation z = +3.05 is encryption-stage (motivating period-7 transposition families like Phase 2A.1) or plaintext-stage (a side effect of English unigram non-uniformity at n=97). Setup: 10,000 samples × 4 null distributions × length 97, seed 20260430. Real-English corpus drawn from doranchak's NYT prose reference. Result: K4 lag-7 match-rate of 0.10 is +3.0σ above uniform random, but only **+1.3σ above same-length English samples** and **+0.4σ above K3 plaintext windows** — 56% of K3 plaintext sliding windows have a higher lag-7 correlation than K4's ciphertext. The lag-7 signal is fully explained by English unigram non-uniformity at n=97, not by period-7 encryption. Consequence: the H3 × S1 intersection that the Synthesis Agent ranked as the project's strongest hint × signal intersection is substantially weakened. Phase 2A.1 (width-7 columnar transposition + KRYPTOS-keyed Vigenère) demoted from #1 to #5; Weltzeituhr keystream (Sanborn 2025) and Morse-panel keystream promoted ahead of it. The 1992 NSA "interval 7 roughness" finding (Bean 2018) is now of unverified status until re-derived under a method that controls for English baseline lag-7.

  5. Thu, 30 Apr 2026 02:21:00 GMT

    Phase 2A.1 attack sweep started (now running at #5 priority)

    Operator authorized Phase 2 sweep. Strategy: width-7 columnar transposition (5040 column permutations) followed by KRYPTOS-keyed Vigenère with key lengths 5–15, crib-anchored. Throughput on the ARM compute host (2 cores): ~17,000 attempts/sec. Sweep was started under the original synthesis-conclusion priority of #1; remains running through the post-period-7 demotion to #5 because the family hasn't been exhaustively swept publicly and the compute is cheap.

  6. Wed, 29 Apr 2026 16:30:00 GMT

    Phase 1 deliverables filed; revised Phase 2 attack queue

    Sanborn Hint Specialist filed four constraint documents (Berlin Clock, Antipodes, sculpture geography, masking technique). Devil's Advocate expanded the famous-false-positives catalogue from 2 to 10 historic cases with structural failure-mode analysis. Synthesis Agent published hint × statistic intersection analysis. Revised Phase 2 attack-family priority queue (top five): (1) **width-7 columnar transposition + Vigenère with KRYPTOS-keyed alphabet** — strongest intersection of hint and signal, (2) K3-style 8-then-24 transposition + Vigenère, (3) Weltzeituhr keystream (newly Sanborn-2025-validated), (4) Mengenlehreuhr lamp-state keystream (cheap full-sweep), (5) Morse-panel content keystream (newly Sanborn-2025-validated). Awaiting operator authorization to begin Phase 2 attack sweep.

  7. Wed, 29 Apr 2026 16:25:00 GMT

    Convergence: 1992 NSA note × 2026 statistical baseline both flag period 7

    Strongest single hint × signal intersection identified by the Synthesis Agent: **H3 (Scheidt's "masking technique") × S1 (lag-7 autocorrelation z = +3.05)**. A 1992 NSA internal note specifically described K4 as exhibiting "roughness on interval 7" and proposed "polyalphabetic substitution followed by transposition" as the candidate diagnosis. Thirty-four years later, this project's independent statistical baseline (N=10,000 random-uniform null) flags the same period 7 at z = +3.05. Two independent observations on the same period from different vantage points — *not* significant on its own, but motivating: it gives Phase 2A.1 (width-7 columnar transposition + KRYPTOS-keyed Vigenère) a discrete, bounded search space with no documented exhaustive sweep in the public literature.

  8. Wed, 29 Apr 2026 16:20:00 GMT

    BERLIN CLOCK re-anchored: Weltzeituhr, not Mengenlehreuhr

    **Material correction to a 12-year-old community consensus.** Per Sanborn's November 2025 primary-source statements (Spy Museum talk; *Scientific American* Nov 12, 2025; *Yahoo News* Nov 19, 2025), the "BERLIN CLOCK" referenced in the 2014 crib release is the **Weltzeituhr (World Clock) at Alexanderplatz** — not the Mengenlehreuhr (set theory clock) at Budapester Straße that the community has assumed since 2014. Adjacent statements in the same window: (1) Sanborn's 1986 Egypt trip and the 1989 Berlin Wall fall both figure into the plaintext content; (2) **"Who says it is even a math solution?"** — explicitly permits non-mathematical key sources; (3) the Morse code panel is part of the cipher's content sequence ("from the morse code at the beginning through K5"); (4) K4 and K5 share a cryptographic system, with `BERLINCLOCK` appearing in the same position in both — a hard generalisation constraint any candidate method must satisfy. *Action items:* re-prioritise Phase 2 to include Weltzeituhr-derived keystream attacks; deprioritise Mengenlehreuhr-only hypotheses without abandoning them; add the K5-position-of-BERLINCLOCK as a Phase 2 verification constraint.

  9. Wed, 29 Apr 2026 15:50:00 GMT

    Phase 1 (Reconnaissance) authorized

    Operator authorized Phase 0 → Phase 1 transition. Phase 1 plan: (a) Sanborn Hint Specialist constraint documents translating each public hint into concrete constraints on admissible cipher mechanisms, (b) Devil's Advocate expansion of historic K4 false-positive catalogue with structural failure-mode analysis, (c) Synthesis Agent cross-product of hints × statistics yielding a revised Phase 2 attack-family priority queue. No attacks run yet.

  10. Wed, 29 Apr 2026 14:10:00 GMT

    Lag-7 autocorrelation flagged

    Strongest single statistical signal observed against K4 ciphertext: autocorrelation at lag 7 = 0.1000, against random-uniform null mean 0.0385, **z = +3.05**. Per-lag two-sided p ≈ 0.0023; Bonferroni-corrected for 25 lags tested ≈ 0.057. Suggestive, not significant. Period-7 cipher families (Gromark base 7, Quagmire IV with 7-letter keys, autokey period 7) promoted toward the front of the Phase 2 attack queue. *Action item:* the Statistical Cryptanalyst will re-run with a larger null and verify the signal persists.

  11. Wed, 29 Apr 2026 14:05:00 GMT

    Quadgram corpus loaded; English-likeness signal measurable

    Practical Cryptography 389,373-entry English quadgram corpus loaded. K4 quadgram-per-character = −8.03 vs random-uniform null mean −8.30, **z = +0.78**. Reading: K4 is mildly more English-leaning than uniform random in low-order n-gram structure — consistent with the χ² depression — but still very far from English (English plaintext scores around −0.30/char). The cipher mechanism preserves *some* underlying English signal even after substitution, which is a constraint any successful method must explain.

  12. Wed, 29 Apr 2026 13:45:00 GMT

    Statistical baseline v1: monoalphabetic ruled out

    First reproducible baseline. K4 IoC = **0.0361** — sits at the 5th percentile of the random uniform null. K4 is *flatter than random* in unigram distribution. **Rules out simple monoalphabetic substitution** (any monoalphabetic preserves plaintext IoC; an English plaintext under monoalphabetic would IoC ≈ 0.0667). Confirms Bean 2021 (*Cryptodiagnosis of Kryptos K4*, Histocrypt) and 35 years of community consensus.

  13. Wed, 29 Apr 2026 13:40:00 GMT

    Zero repeated trigrams confirmed

    Across 97 characters, K4 contains no repeated trigrams. Kasiski examination yields nothing. Suggests strong key variation (long period or non-periodic schedule) or a non-substitution mechanism. Eliminates short-period polyalphabetic schemes that would normally leave Kasiski signatures.

  14. Wed, 29 Apr 2026 13:30:00 GMT

    External research and case studies catalogued

    Seven git submodules vendored as references. Trusted: **Bean's k4testing** (Histocrypt 2021 — Gromark base-10 primer enumeration consistent with cribs; peer-reviewed methodology), **Oranchak's kryptos** (curated link inventory; AZDecrypt operating procedures for K1–K3), **K4nundrum** (W-as-separator hypothesis — testable structural claim), **Proffitt's notebooks** (Vigenère tableau exploration), **Kellogg** (exploratory). Two case studies of failed claims documented: **Klepp 2025** (position-specific corrections — crib-fitting by construction; ~97 free parameters fitting 24 crib constraints; non-crib regions fail English) and **Sleight-of-Mind 2025** (AI/genetic algorithm — author retracted July 2025 after admitting plaintext "does not align with confirmed plaintext clues"). The case studies establish the structural-failure pattern Devil's Advocate must screen against.

  15. Wed, 29 Apr 2026 13:00:00 GMT

    Sanborn Sept 2025 leak documented

    Research Agent confirms via NYT (Schwartz/Burdeau, Oct 16 2025) and Scientific American (Oct 22 2025): on **September 3, 2025**, journalists Jarett Kobek and Richard Byrne emailed Sanborn the K4 plaintext, recovered by photographing scraps in his accidentally-donated Smithsonian Archives of American Art donation. Sanborn confirmed the plaintext is correct. Journalists explicitly chose **not** to publish it. Smithsonian sealed the archive for 50 years (until ~2075) at Sanborn's request. Sanborn (RR Auction blog, Oct 23 2025): *"The headlines say they found the 'solution' or the 'key.' These are both very incorrect terms."* Operationally: **the project's goal is unchanged** — derive the *method*, not the *plaintext*. The plaintext exists, is confirmed, but is not public. Photos exist in private hands.

  16. Wed, 29 Apr 2026 12:45:00 GMT

    Forensic finding: Scheidt is not a tie-breaker

    Per the project's primary-source files for Sanborn and Scheidt statements: in 2005, Sanborn admitted to having *deceived* his cipher collaborator Edward Scheidt about parts of the K4 mechanism. Scheidt himself stated in 2015 *"To be honest, I don't know the answer"*. **Scheidt's hints — including the often-cited "masking technique" remark — may be partially or wholly misdirection.** Operationally: Scheidt's hints get logged with reduced trust weight; only Sanborn's confirmed statements (and the auction winner's eventual disclosures) are tie-breakers on K4 plaintext or method disputes.

  17. Wed, 29 Apr 2026 12:00:00 GMT

    Phase 0 (Bootstrap) gate cleared

    Framework verification complete: 17/17 pytest pass, K1 decrypts cleanly (Vigenère, KRYPTOS-keyed alphabet, key=PALIMPSEST), K2 decrypts on first 80 characters (key=ABSCISSA), K3 transposition deferred (not yet implemented; not blocking Phase 0). Crib validator oracle online — every Phase 2 candidate must pass through it. Phase 0 gate per orchestration spec is binary: pytest pass or no Phase 1.