The Cicada 3301 Mystery (Puzzle 1 Solve)

On January 5th, 2012 an image was uploaded to 4chan. This was a boring image and normally shouldn't have attracted any attention. However, it attracted a good deal of attention.

This image had extra information hidden at the end if examined in a text editor.

TIBERIVS CLAVDIVS CAESAR says "lxxt> 33m2mqkyv2gsq3q = w] O2ntk"

This word Caesar just hints at the Caesar cipher which is nothing more than a ROT technique for rotating text. So you can just apply rotations until the string looks normal. So take the above string and ROT4 it into the below string. It isn't quite normal, but it is enough to produce a URL.

http:{//i.imgur.com/m{9{sY{K.jpg

We now had an image, but our first dead end.

This duck however drew attention to the words "guess" and "out". This was leading to the program "outguess" which was a stenography tool for images. Specializing in hiding text among an image for extraction later.

So now if we ran "outguess" over the original image. We get:

Here is a book code.  To find the book, and more information, go to http://www.reddit.com/r/a2e7j6ic78h0j/

1:20, 2:3, 3:5, 4:20, 5:5, 6:53, 7:1, 8:8, 9:2, 10:4, 11:8, 12:4, 13:13, 14:4, 15:8, 16:4, 17:5, 18:14, 19:7, 20:31, 21:12, 22:36, 23:2, 24:3, 25:5, 26:65, 27:5, 28:1, 29:2, 30:18, 31:32, 32:10, 33:3, 34:25, 35:10, 36:7, 37:20, 38:10, 39:32, 40:4, 41:40, 42:11, 43:9, 44:13, 45:6, 46:3, 47:5, 48:43, 49:17, 50:13, 51:4, 52:2, 53:18, 54:4, 55:6, 56:4, 57:24, 58:64, 59:5, 60:37, 61:60, 62:12, 63:6, 64:8, 65:5, 66:18, 67:45, 68:10, 69:2, 70:17, 71:9, 72:20, 73:2, 74:34, 75:13, 76:21

Good luck.

3301

The subreddit (as of 9/29/2019) is still alive and in read only mode and helps show a mess of random characters and two images.

Of course continuing our pattern. We should run "outguess" over these two images.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- From here on out, we will cryptographically sign all messages with this key.

It is available on the mit keyservers.  Key ID 7A35090F, as posted in a2e7j6ic78h0j.

Patience is a virtue.

Good luck.

3301
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJPBRz7AAoJEBgfAeV6NQkP1UIQALFcO8DyZkecTK5pAIcGez7k
ewjGBoCfjfO2NlRROuQm5CteXiH3Te5G+5ebsdRmGWVcah8QzN4UjxpKcTQRPB9e
/ehVI5BiBJq8GlOnaSRZpzsYobwKH6Jy6haAr3kPFK1lOXXyHSiNnQbydGw9BFRI
fSr//DY86BUILE8sGJR6FA8Vzjiifcv6mmXkk3ICrT8z0qY7m/wFOYjgiSohvYpg
x5biG6TBwxfmXQOaITdO5rO8+4mtLnP//qN7E9zjTYj4Z4gBhdf6hPSuOqjh1s+6
/C6IehRChpx8gwpdhIlNf1coz/ZiggPiqdj75Tyqg88lEr66fVVB2d7PGObSyYSp
HJl8llrt8Gnk1UaZUS6/eCjnBniV/BLfZPVD2VFKH2Vvvty8sL+S8hCxsuLCjydh
skpshcjMVV9xPIEYzwSEaqBq0ZMdNFEPxJzC0XISlWSfxROm85r3NYvbrx9lwVbP
mUpLKFn8ZcMbf7UX18frgOtujmqqUvDQ2dQhmCUywPdtsKHFLc1xIqdrnRWUS3CD
eejUzGYDB5lSflujTjLPgGvtlCBW5ap00cfIHUZPOzmJWoEzgFgdNc9iIkcUUlke
e2WbYwCCuwSlLsdQRMA//PJN+a1h2ZMSzzMbZsr/YXQDUWvEaYI8MckmXEkZmDoA
RL0xkbHEFVGBmoMPVzeC
=fRcg
-----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The key has always been right in front of your eyes.

This isn't the quest for the Holy Grail.  Stop making 
it more difficult than it is. 

Good luck.

3301
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJPCBl3AAoJEBgfAeV6NQkPo6EQAKghp7ZKYxmsYM96iNQu5GZV
fbjUHsEL164ZLctGkgZx2H1HyYFEc6FGvcfzqs43vV/IzN4mK0SMy2qFPfjuG2JJ
tv3x2QfHMM3M2+dwX30bUD12UorMZNrLo8HjTpanYD9hL8WglbSIBJhnLE5CPlUS
BZRSx0yh1U+wbnlTQBxQI0xLkPIz+xCMBwSKl5BaCb006z43/HJt7NwynqWXJmVV
KScmkpFC3ISEBcYKhHHWv1IPQnFqMdW4dExXdRqWuwCshXpGXwDoOXfKVp5NW7Ix
9kCyfC7XC4iWXymGgd+/h4ccFFVm+WWOczOq/zeME+0vJhJqvj+fN2MZtvckpZbc
CMfLjn1z4w4d7mkbEpVjgVIU8/+KClNFPSf4asqjBKdrcCEMAl80vZorElG6OVIH
aLV4XwqiSu0LEF1ESCqbxkEmqp7U7CHl2VW6qv0h0Gxy+/UT0W1NoLJTzLBFiOzy
QIqqpgVg0dAFs74SlIf3oUTxt6IUpQX5+uo8kszMHTJQRP7K22/A3cc/VS/2Ydg4
o6OfN54Wcq+8IMZxEx+vxtmRJCUROVpHTTQ5unmyG9zQATxn8byD9Us070FAg6/v
jGjo1VVUxn6HX9HKxdx4wYGMP5grmD8k4jQdF1Z7GtbcqzDsxP65XCaOYmray1Jy
FG5OlgFyOflmjBXHsNad
=SqLP
-----END PGP SIGNATURE-----

This was the first time the outguess text segments included a signature, thus allowing all future 3301 messages to be verified. You would simply pass the entire message into GPG and verify it. With fakes in the air, this gave peace of mind to all that the real 3301 was here.

This puzzle itself stumped people for a bit. We had random strings, but no matter how they were shifted nothing would make sense. Until people started looking at the subreddit header.

The subreddit name seemed random at first, but a trained eye noticed the symbols resembled that of the Mayan numbering.

So if the 2nd number in the image is "2" and the 2nd character in the subreddit name is also 2 (a2e7j6ic78h0j) we've found our pattern. This means the A in the subreddit name must correspond to "10".

A longer version of the subreddit name was also found in the sidebar, which looked like:

a2e7j6ic78h0j7eiejd0120

So now we could decode this into a string of numbers.

10, 2, 14, 7, 19, 6, 18, 12, 7, 8, 17, 0, 19, 7, 14, 18, 14, 19, 13, 0, 1, 2, 0

With this string of numbers (perhaps a Vigenère cipher key), what do we do? These puzzles had been revolving around rotation and shifting of text. So perhaps the numbers were just hints at rotations. So below we have one of the lines of text from the subreddit and the solved iteration of it.

Ukbn Txltbz nal hh Uoxelmgox wdvg Akw; hvu ogl rsm ar sbv ix jwz
King Arthur was at Caerlleon upon Usk; and one day he sat in his

So I skipped a lot of steps there, but we basically took the letter "U" from first string and subtracted 10 characters in alphabet and got "K". However, this is where it gets confusing. So instead of then subtracting 10 from next character, you move to the next number on key (2). So "k" - 2 = "i".

In an easier to parse format:

• U - 10 = K
• k - 2 = i
• b - 14 = n
• n - 7 = g

We are starting to decode this now. So write a script, input all the lines from the subreddit and you actually end up with a snippet of a book.

King Arthur was at Caerlleon upon Usk; and one day he sat in his
chamber; and with him were Owain the son of Urien, and Kynon the son
of Clydno, and Kai the son of Kyner; and Gwenhwyvar and her
handmaidens at needlework by the window.  And if it should be said
that there was a porter at Arthur's palace, there was none.  Glewlwyd
Gavaelvawr was there, acting as porter, to welcome guests and
strangers, and to receive them with honour, and to inform them of the
manners and customs of the Court; and to direct those who came to the...

Our first message a long time ago was a book code! So we start using that code to find the 20th character on the 1st line, then 3rd character on 2nd line. Slowly we decrypt a solution.

Call us at us telephone numBer two one four three nine oh nine six oh eight

This phone number no longer works, but if you are interested here is the audio:

If you don't want to watch the video (audio), then the voice said the following:

Very good. You have done well. There are three prime numbers associated with the original final.jpg image. 3301 is one of them. You will have to find the other two. Multiply all three of these numbers together and add a .com to find the next step. Good luck. Goodbye.

Once again a bit of an investigation needed to take place, but it turns out it was quite obvious.

➜  cicada exiftool 3301orig2012cesarincluded.jpg | grep 'Image'
Image Width                     : 509
Image Height                    : 503
Image Size                      : 509x503

We can dump the metadata of the image and we get the height and width which is also another set of primes. So now we can multiply 509 x 503 x 3301 = 845145127. So now we need to add a ".com" and another step has been solved.

Going to the website gave another image, when decoded gave:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
You have done well to come this far.
 
Patience is a virtue.
 
Check back at 17:00 on Monday, 9 January 2012 UTC.
 
3301
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
 
iQIcBAEBAgAGBQJPCKDUAAoJEBgfAeV6NQkPf9kP/19tbTFEy+ol/vaSJ97A549+
E713DyFAuxJMh2AY2y5ksiqDRJdACBdvVNJqlaKHKTfihiYW75VHb+RuAbMhM2nN
C78eh+xd6c4UCwpQ9vSU4i1Jzn6+T74pMKkhyssaHhQWfPs8K7eKQxOJzSjpDFCS
FG7oHx6doPEk/xgLaJRCt/IJjNCZ9l2kYinmOm7c0QdRqJ+VbV7Px41tP1dITQIH
/+JnETExUzWbE9fMf/eJl/zACF+gYii7d9ZdU8RHGi14jA2pRjc7SQArwqJOIyKQ
IFrW7zuicCYYT/GDmVSyILM03VXkNyAMBhG90edm17sxliyS0pA06MeOCjhDGUIw
QzBwsSZQJUsMJcXEUOpHPWrduP/zN5qHp/uUNNGj3vxLrnB+wcjhF8ZOiDF6zk7+
ZVkdjk8dAYQr62EsEpfxMT2dv5bJ0YBaQGZHyjTEYnkiukZiDfExQZM2/uqhYOj3
yK0J+kJNt7QvZQM2enMV7jbaLTfU3VZGqJ6TSPqsfeiuGyxtlGLgJvd6kmiZkBB8
Jj0Rgx/h9Tc4m9xnVQanaPqbGQN4vZF3kOp/jAN5YjsRfCDb7iGvuEcFh4oRgpaB
3D2/+Qo9i3+CdAq1LMeM4WgCcYj2K5mtL0QhpNoeJ/s0KzwnXA+mxBKoZ0S8dUX/
ZXCkbOLoMWCUfqBn8QkQ
=zn1y
-----END PGP SIGNATURE-----

When that date rolled around, the website updated with coordinates along with the image itself updating to decode to a new message:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

52.216802, 21.018334
48.85057059876962, 2.406892329454422
48.85030144151387,2.407538741827011
47.664196,  -122.313301
47.637520, -122.346277
47.622993, -122.312576
37.5196666666667, 126.995
33.966808, -117.650488
29.909098706850486 -89.99312818050384
25.684702, -80.441289
21.584069, -158.104211
- -33.90281, 151.18421
3301
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJPChn7AAoJEBgfAeV6NQkPZxMP/05D9TkSpwRaBXPqYthuyqxx
uo+ZDyr/yVIlAdurTBiWb3aGxKJjtWg/vlcHcatK0TGL2qaHwB/FFZQAaqOyU7Zf
DXdpWr8PWoWhpWNYUK8IrOaYu1SmWlJnkTdUSzGrX0lbwjwMmJJoPNS7CJuO6MaA
2GIwpv2G7lYqnH3xeX3kzGlPMsVb/wucKRjobsbdbreh1SNuQuRnhfe4s+oHTTqs
XjtGL/VhBI0DUAdfLqW7z4C+Gvbx6okC8x5Sj2N2UTJOiyMYXz5+QyHoA6fo9g5V
6zodNpx/RvxuZP2Ssc9TqERgTo5FjRBpON1vjDalHgg0H2Fus2LK3gh+NZfj1i5b
Oqa4Cqd9epI2pe+glXn86j9crS+2BEAr1cguqAFepvI9sdFEornDja4VXwDtUdM8
9hMVkU5NiTUYfvxZbL6W7rHIF7wxjGUwpe1ViuixG+cKNfv0enrt60PrtDByBOWI
9LLIUE0cB5HDT1xrczZ/55CtuM3Zf07/l0nLFdmgR0oa8KUA9gWcPs6S1EpBa185
VcyOTqbpIPiT8neiJEkXarbJeFk15m1P73Fr8XZxdj7EHK0aOwGYcc8e4PmW/dSh
gcrSNXiePCbcRVRD2n9L47C0LkNyRpoBkmjvtpcRyp5ISe+0xcx/QI+gc1lkSijC
89qV+ymCHae1RiSDxVbd
=ZJ37
-----END PGP SIGNATURE-----

These coordinates once visited in the real world, like the below video resulted in a QR code attached to a piece of paper.

These QR codes all pointed to unique images on the Cicada domain. Some examples are:

• http://845145127.com/876873892385.jpg - Arkansas
• http://845145127.com/316744223127.jpg - Warsaw
• http://845145127.com/162667212858.jpg - Sydney

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
In twenty-nine volumes, knowledge was once contained.
How many lines of the code remained when the Mabinogion paused?
Go that far in from the beginning and find my first name.
 
1:29
6:46
the product of the first two primes
2:37
14:41
17:3
27:40
the first prime
2:33
1:1
7:45
17:29
21:31
12:17
the product of the first two primes
22:42
15:18
24:33
27:46
12:29
25:66
7:47
 
You've shared too much to this point.  We want the best,  
not the followers.  Thus, the first few there will receive
the prize.
 
Good luck.
 
3301
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
 
iQIcBAEBAgAGBQJPB1luAAoJEBgfAeV6NQkP9oAP+gLu+FsRDf3aRcJtBkCOU2MX
r/dagOTvCKWtuV+fedy0enWUZ+CbUjXOr98m9eq2z4iEGqKd3/MBXa+DM9f6YGUE
jPum4wHtQDSJlZMazuYqJOVZGw5XmF25+9mRM6fe3H9RCiNDZpuXl3MzwdivYhcG
B5hW14PcdHHteQf3eAUz+p+s06RDs+q1sNGa/rMQIx9QRe71EJwLMMkMfs81kfJC
tCt21+8ud0Xup4tjUBwul7QCcH9bqKG7cnR1XWsDgdFP6a4x9Jl2/IUvp1cfeT7B
YLS9W3lCM8thMemJr+ztQPZrpDlaLIitAT2L0B3f/k4co89v5X2I/toY8Z3Cdvoi
hk0AdWzMy/XLDgkPnpEef/aFmnls53mqqe9xKAUQPMrI73hiJ+5UZWuJdzCpvt+F
BjfQk15EJoUUW16K2+mBA1cSd+HJlnkslUTsjkq0E36XKChP+Cvbu/p6DLUMM2Xl
+n3iospCkkHR9QDcHzE4Rxg9A435yHqqJ/sL2MXG/CY8X4ec6U0/+UCIF9spuv8Y
7w66D05pI2u9M/081L7Br0i0Mpdf9fDblO/6GksskccaPkMQ3MRtsL+p9o6Dnbir
6Z2wH2Kw1Bf0Gfx4VcpHBikoWJ5blCc6tfvT+qXjVOZjWAL7DvReavSEmW1/fubN
C3RWcjeI4QET2oKmV2NK
=LWeJ
-----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
A poem of fading death, named for a king
Meant to be read only once and vanish
Alas, it could not remain unseen.
 
1:5
152:24
the product of the first two primes
14:13
7:36
12:10
7:16
24:3
271:22
10:7
13:28
12:7
86:17
93:14
the product of the first two primes
16:7
96:4
19:13
47:2
71:22
75:9
77:4
 
You've shared too much to this point.  We want the best,  
not the followers.  Thus, the first few there will receive
the prize.
 
Good luck.
 
3301
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
 
iQIcBAEBAgAGBQJPB/nmAAoJEBgfAeV6NQkPEnEQAKl5qtb3ZE5vs+c08KuzAi4a
tQEE71fvb65KQcX+PP5nHKGoLd0sQrZJw1c4VpMEgg9V27LSFQQ+3jSSyan7aIIg
SDqhmuAcliKwf5ELvHM3TQdyNb/OnL3R6UvavhfqdQwBXCDC9F0lwrPBu52MJqkA
ns93Q3zxec7kTrwKE6Gs3TDzjlu39YklwqzYcUSEusVzD07OVzhIEimsOVY+mW/C
X87vgXSlkQ69uN1XAZYp2ps8zl4LxoaBl5aVtIOA+T8ap439tTBToov19nOerusB
6VHS192m5NotfQLnuVT4EITfloTWYD6X7RfqspGt1ftb1q6Ub8Wt6qCIo6eqb9xm
q2uVzbRWu05b0izAXkHuqkHWV3vwuSfK7cZQryYA7pUnakhlpCHo3sjIkh1FPfDc
xRjWfnou7TevkmDqkfSxwHwP5IKo3r5KB87c7i0/tOPuQTqWRwCwcWOWMNOS7ivY
KQkoEYNmqD2Yz3Esymjt46M3rAuazxk/gGYUmgHImgcu1zzK7Aq/IozXI7EFdNdu
3EoRJ/UL9Y0l0/PJOG5urdeeTyE0b8bwgfC2Nk/c8ebaTkFbOnzXdAvKHB03KEeU
PtM6d6DngL/LnUPFhmSW7K0REMKv62h9KyP/sw5QHTNh7Pz+C63OO3BsFw+ZBdXL
hGqP6XptyZBsKvz2TLoX
=aXFt
-----END PGP SIGNATURE-----

These messages were another book code, this time only vaguely hinting at the books required for the code. One message was a poem ("Agrippa" by William Gibson) and quickly discovered, the code was applied and this resulted in an onion location (sq6wmgv2zcsrix6t.onion)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Congratulations!

Please create a new email address with a public, free, web-based service.  
Once you've never used before, and enter it below.  We recommend you do 
this while still using Tor, for anonymity. 

We will email you a number in the next few days (in the order in which 
you've arrived to this page).  Once you've received it, come back to this 
site and append a slash and then the number you received to this url.  
(For example, if you received "3894894230934209", then you would go to 
"http://sq6wmgv2zcsrix6t.onion/3894894230934209")

3301
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJPCikYAAoJEBgfAeV6NQkPtCkQAIEa2HC20SduG8zWtH/0LSJ9
dnQLfjTI/MAPsnp0KXpzcQJ4p2UbNdRb5qtqp3HZQ5qwKK3b/MT+2eB5X+h5q5v/
bVOsPKXN7W+krTi8a2v5KA1fRj8mKcFTXkx9hdq6z6qeePVpeOGXeitU0jgO4uXu
1N9hor4AQFQoXvuELnlqS4YX+/nNgK+Y1Vu1ekvyn9LusidMpSxS/ciiZLD5d3Tl
TJeUOQzdw9TlUmmdeigfBRoqZDnm5UESnS8qS1vd7zg9Ulpw2GfCV8QQl0zWp0lS
KCrArG0Qg4K4shZRQ2BopGM95oFVw2pOnzYr9pp8kpipBWQ6URRF7IEcuG1k5fBt
sfiz7Eb7WWr4Cwk/1Ri625FMyo0Z2KDc1Wo8nkFXZ0/Xle6tyyhhJUZGRbZuHLau
LR5+oQEKKYTRrJFNhqswcXYsCQBBYM2XS+v3nbmTDVKyGNmMpp3/yC/RR91hQ7fr
FqMd5qHKSD0pc5tU5G29J+Ez3CDVN7E60Xy3I1I5ugGE8GP5DmqHn4k/x272lroX
BtiIRTh4f+ghcC6DLdPBclPRAfLtRbpVR3GVTSCJ/EwBZrH4QJTEGcuXfPQryHbF
0BO795yyXxM6lQ9QnU4dkAAQepKLHgcvDlrEJYJzMWo+BOCu7MChoOyo1Zq4eeuI
cPx04KJd4sGtMVWolA3/
=zGQW
-----END PGP SIGNATURE-----

These onion URLs must be visited over TOR and this is where the puzzle gets unverified.

The other puzzle in the pair turned out to be the Encyclopaedia Britannica, 11th Edition in Volume 6, Slice 3 - "Chitral to Cincinnati". Using the coordinates (treating the first line in the text as 0) you would decode the following URL.

1:29     e
6:46     q
6        6
2:37     e
14:41    m
17:3     g
27:40    v
2        2
2:33     e
1:1      H
7:45     s
17:29    r
21:31    i
12:17    x
6        6
22:42    t
15:18    .
24:33    o
27:46    n
12:29    i
25:66    o
7:47     n

It is guessed that initial visitors were required to create an email and a private/public key pair. The public key was to be sent to Cicada so future communications could be encrypted.

This rumors for this was to trim down the list of those to strictly those who were capable of solves and not just those that were benefiting from other's work. The trail went cold because the information was no longer being put in the public space.

Puzzle 1 officially ended with an image uploaded to the subreddit by Cicada themselves.

I will be discussing this puzzle in person, at Tampa Bay Bar Camp 2019.

• Puzzle 1 (2012) - You are here.
• Puzzle 1 - 2nd Chance (2012)
• Puzzle 2 (2013)
• Puzzle 3 (2014, Part 1)
• Puzzle 3 (2014, Part 2)