Saturday, April 2, 2011 - 12:55

Ricky McCormick's code

A couple of days ago the FBI released some code fragments that apparently might play a role in a 12yo unsolved murder case. Ricky McCormick was found dead in a field near St. Louis. Allegedly murdered. The police found these two pieces of code in his pants. Apparently they are not getting ahead with cracking the code so they give a shot at a broader audience.My first thought was why they believe the code has anything to do with the homicide. It was found with McCormicks body. I'd assume that even an idiot of a murderer would search the victims pants? Which ultimately lead to thought #2. April's fool? Probably not. There's apparently an actual story behind it and abusing dead Ricky McCormick for an April's fool joke would be rather inept.

From the very few information the FBI actual spills about this it's rather obvious that this is a cryptographic dead end. I won't decode it. The FBI tried and they don't have the worst analysts in the world. The ACA gave it a shot. Don't know how thoroughly though. There's probably not much one can do that hasn't been done already. But since they opted in to not share that information and rather decided to turn it into a riddle I did a couple of tests. With a couple of swing-offs that's most likely English text.

In a marginal note the FBI states that McCormick apparently was using various forms of "coding" since he was a child. He was 41 at the time of his death. They also state he was somewhat street-smart - whatever that means by FBI standards - and that he was a high school dropout. That's pretty much all.

The quite obvious idea is some sort of substitution or transposition cipher. Specifically since this was most likely a brain to paper thing. There're a couple of possible corrections in the code that somewhat would suggest this idea. The fact that these ciphers, with the exception of OTPs, are not overly secure and the FBI spent 12 years on the case invalidates this option. There's no point trying to find a substitution, transposition or even a mix or rotation in this code. It's been tested for. Any lousy cryptanalyst with proper equipment would manage to break it in a fraction of that time.

So what is it? A one time pad? Could be. But if that's a Vernam cipher there needs to be a key somewhere. A guy who's street-smart - by any definition - doesn't store a key of that size in his brain. Maybe lost or just not found? Maybe the guy who murdered him wasn't that stupid and just took what he needed? Maybe. Maybe not. The last is unlikely and really. That guy was not James Bond. Where the hell would he hide it if not @home? Safe to assume that was searched properly.

What bugged me is that this code looked breakable. Not a brain thing. More a stomach thing. It had to do with the fact that I hallucinated to actually read something in that code. It's not that you really read it. But your language processor locks into a certain pattern and then returns an error.

Which brought me to another idea. Sophisticated ( or lame ) encryption is one way to hide information to various degrees of acceptable. The point in not revealing information however is not to use something fancy. It's that the other guy doesn't get it.

In WW2 U.S. forces in the Pacific used a ridiculously lame way to encode their crap. Lame but rather effective. They used native americans as translators. Navajo-code was not just plain translation. A couple of words where substituted, often used words where double encoded. But basically someone with knowledge in that language would have broken most of the code and the rest would have been rather trivial to figure out. What made it a very hard nut is the alien character of the language and it's complexity. Chinese is a major pain in the ass at times. But Navajo is Chinese squared and then some. A single word can be half a sentence long and it morphs. It's dependent on various factors.

So Navajo-like stuff? That would not match up with the statistical analysis. This might not be English. It's not a 100% sure hit. Specially not with the code length. But if it's not it should be a rather close relative and not completely alien from the arse end of nowhere.

Stenography? Not short enough. Would be the worst effective version ever created. But wait a second. There's not just steno. Emoticons make no sense typed or spelled. It's a semiotic expression and then there's stuff like cu, l8ter and n8, which doesn't make sense in written form but matches perfectly spelled out correctly. What about l337 5p34k, Ty, n8 & tty or kittaah haz a c00kiehs. Our pattern matcher works with this. We just need to snap into the pattern.

What if this is no code but some sort of rather wicked pseudo English? A mash-up of various ways to rape the English language? If he knows the style it's rather easy to use and to remember. If you don't it's a major pain in the ass borderline impossible. And longer gibberish doesn't need to make it any better. The more you twist it the more it becomes Navajo for the rest of the world. And you can kick a language pretty hard. Specifically your own before it becomes unreadable for you. We can easily read complete crap text as long as certain things remain correct and in place. If you twist THAT with a scheme you can make your "own language" pretty much unreadable for the rest of the world. Yet there will be some patterns that are matched. Even though on closer inspection it looks like junk.

Simple example for just plain English?

I cnduo't bvleiee taht I culod aulaclty uesdtannrd waht I was rdnaieg. Unisg the icndeblire pweor of the hmuan mnid, aocdcrnig to rseecrah at Cmabrigde Uinervtisy, it dseno't mttaer in waht oderr the lterets in a wrod are, the olny irpoamtnt tihng is taht the frsit and lsat ltteer be in the rhgit pclae. The rset can be a taotl mses and you can sitll raed it whoutit a pboerlm. Tihs is bucseae the huamn mnid deos not raed ervey ltteer by istlef, but the wrod as a wlohe. Aaznmig, huh? Yaeh and I awlyas tghhuot slelinpg was ipmorantt! See if yuor fdreins can raed tihs too.

The brain doesn't read words. We match patterns. As long as a pattern is close enough it works. What a close enough pattern is depends on the individual and what he would expect. The average black-box of a native English speaker should be able to handle that text above quite easily. If you tune your black-box and with a bit of training you can kick that quite a bit further.

I don't think this is a job for a cryptanalyst. Which is maybe the reason why there's no progress in 12 years. I wonder if the FBI tried a language bender and a profiler on that guy and his code.

Oh. Make an educated guess where I got this particularly nice riddle ;-)

Titstyp. Bad bad Google.