The biannual Symposium on Cryptologic History organized by the NSA is the most important crypto history event in the world. Here’s my report on the 2017 edition.

Every second year crypto history experts from all over the world gather at the Kossiakoff Center in Laurel, Maryland for the NSA Symposium on Cryptologic History. I took part in this symposium for the first time in 2009. The 2017 edition, which have been attending yesterday and today (19 and 20 October), is my fifth.


350 crypto history enthusiasts

The 2017 symposium started yesterday. To my surprise, over 350 people came to attend this event, compared to 250 in 2015. Notable attendants were Whitfield Diffie (public key cryptography pioneer), Sir Dermot Turing (nephew of Alan Turing), and Elonka Dunin (Kryptos expert, known as Nola Kaye to readers of Dan Brown’s novel The Lost Symbol). Many of my blog readers attended, too, including George Lasry, Richard SantaColoma, and Nils Kopal. The following picture shows two absolutely outstanding cryptologists – George Lasry and Whitfield Diffie:


Several dozens of talks were given (check here for the symposium agenda), including two held by me. This morning at 8 I spoke about West German cryptology in the early Cold War. As a highlight, I presented the following Lego model of a Violine, a random number generator from the 1950s (some readers might remember that already my 2015 symposium talk had featured Lego models):


For comparison, here’s the original:


My second presentation took place at 1 pm. It was about steganography in World War I. Some complained that no Lego model was involved this time.


In addition to my talks, I had the chance to present a few of my books on a book table. Though these books are mostly in German, they received some interest (sorry for cutting out the background of the following picture; I was not allowed to take pictures of any persons without permission).


A new home for the NSA crypto museum

As many readers will know, the NSA operates the largest crypto museum in the world. It is located next to the NSA headquarters outside Washington and only a few miles away from the symposium venue. The current museum building is a former motel and quite small. There are plans to build a completely new and much larger museum at the same place over the next few years. At the symposium, for the first time details about this project were presented. Here is how the largest crypto museum will look like once its new home is finished:


Two interesting cryptograms

Like always at the crypto history symposium, I kept out looking for interesting cryptograms. I think the following one, which I found at the NSA gift booth, is a quite good finding. Can a reader solve it?


George Lasry, who gave two very interesting presentations at the symposium, provided me an even more interesting cryptogram. He found it at the National Archive in Washington. This cryptogram is attached to a letter some C. A. Castle wrote to a US crypto unit in 1934.


The author of this letter reports on an encryption algorithm he has invented but is not willing to reveal. Instead, he provides an encrypted text filling two pages:



Here’s some background information:


It’s probably quite difficult to decipher this text without knowing the encryption method used. Can a reader break it anyway?

Further reading: HistoCrypt 2018 in Uppsala, Sweden: Save the date, hand in a paper!


Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Kommentare (12)

  1. #1 Dan Durham
    Cipher on Shirt
    21. Oktober 2017

    The cipher on the shirt reads “National Security Agency.”

  2. #2 Jerry McCarthy
    England, Europa
    21. Oktober 2017

    Hallo Klaus,

    do you know if any the lectures were recorded/filmed? I would be interested to watch some of them if so….

    MfG aus England.

  3. #3 Thomas
    21. Oktober 2017

    As to the Castle cryptograms: Maybe the American Cryptogram Association (ACA) can help. I suppose that the letter’s recipient (‘friendly group’) was the ACA. Castle was a member of the ACA (see Gaines, Cryptanalysis, p. 140, and publisher of the ‘Master Puzzler’, ‘Sunyam’ was the nom-de-plume of M.E. Ohaver, the founder. According to Gaines p. 143 Castle occupied himself with running key Vigenere, this might be an indicator of the cipher.

  4. #4 Klaus Schmeh
    21. Oktober 2017

    @Jerry: I took my two own presentations on video. I will provide them on YouTube. There will be no videos provided by the organizers.

  5. #5 Jerry McCarthy
    England, Europa.
    21. Oktober 2017

    #4 > There will be no videos provided by the organizers.

    Aus Sicherheitsgründen, natürlich!

  6. #6 Joe
    21. Oktober 2017

    Bei den letzten beiden Bildern ist ersichtlich das die Fünfergruppen nicht aufgefüllt wurden.

  7. #7 Klaus Schmeh
    22. Oktober 2017
  8. #8 Norbert
    22. Oktober 2017

    As to the Castle cryptograms: I’m not sure if “the messages are all enciphered in the same manner” means that not only the encryption system but also the specific key is the same for each message.

    However, it is conspicuous that all messages have an even letter count which suggests that some sort of digraphic substitution (like, for example, playfair or two-square) is involved.

    The use of a 27-letter cipher alphabet (including ampersand), on the other hand, implies the use of a 3×9 rectangle, or rather a 3x3x3 system like trifid. This – a modified trifid, applied to pairs of letters – would be my first try (if I had enough time): The alphabet, including “&”, is laid out into three squares of 3×3 letters. Thus, each plaintext letter can be defined by three coordinates (table, row, column). The encryption might take place by a pair-wise exchange of the coordinates. For example, the bigram XY with its coordinates x1/x2/x3 and y1/y2/y3 might encrypt to x1/x3/y2 and x2/y1/y3 and the corresponding letters.

  9. #9 Thomas
    22. Oktober 2017

    Since the cipher was meant as a task for the ACA, I wonder whether the ACA’s archive (are there ACA members who read this blog?) can provide documents related to this cipher, or if there was an article in the ‘Cryptogram’ or another publication. I had a quick glance at the Ohaver documents on the ACA’s website, but as there is no search function, I don’t know how to get ahead.

    Can polyalphabetic ciphers (the 27th character enciphering the period) be ruled out because of the distribution values?

  10. #10 David Oranchak
    United States
    30. Oktober 2017

    I attended both of Klaus’ presentations. Extremely well done and full of fascinating stories. Klaus is a masterful storyteller!

    I gave a talk at the symposium as well which I’ve recently posted: It’s about the unsolved Zodiac 340 cipher.

  11. #11 David Winters
    19 Jan 2018
    17. Januar 2018

    You can find an abbreviated preview of my presentation OTAR, A ROGUE SECURITY REVOLUTION here:

    It was not recorded during the NSA event due to non-attribution requirements.

  12. #12 Klaus Schmeh
    18. Januar 2018

    @David Winters:
    Thanks for the link. I missed your presentation at the symposium. It’s great to have it (or a similar one) on video.

    For those who don’t know: David Winters played an important role in the development of Over the Air Rekeying (OTAR), as is mentioned on Wikipedia: