This Blog




AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.


AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Data Encryption: Bottled Civil War Message Used Vigenere Cipher (Updated)

Today, a little detour from modern disk encryption stories to take a look at a centuries-old message.  If you're into cryptography, the American Civil War, or both, you might have heard that a US Civil War message was recently cracked.  The message was coded using a Vigenere cipher which has been around since at least the 1400's.

The best write-up of the story is with Steve Szkotak for the Associated Press, and you can find it either here or here.

Update (30 DEC 2010): Looks like the readers over at happend upon this post when searching for more info on the story.  Being the crypto-buffs that they are, they have lots useful links, including this one at Left Coast Rebel where it's shown how the message is deciphered using the secret keyword (not revealed on this page, since it would be a spoiler to anyone trying to figure it out).  They also pointed out that my transcription of the coded message below was full of errors, which I readily admit to; that's why included a link to a big scan of the original message.  You can find the correct transcription by clicking the link and looking in the comments section.

The Bottle and the Bullet

The encrypted message, which we'll cover shortly, was inside a corked glass vial along with a bullet.

The bullet, it's theorized, served as a weight to sink the message to the bottom of the Mississippi River in case the messenger got intercepted.  Makes sense: cork floats.  It's also an effective sealant (think wine bottles) so the glass vial would float due to the trapped air as well.

The weight of a lead bullet could easily override the sealed vial's buoyancy, ensuring the message is lost forever: while the Mississippi might be a big river, there is a limit to how far one can throw.  Thus, it wouldn't be too hard to visually follow and eventually retrieve a 2-inch floating vial, assuming the waters were calm.

If I may digress, despite the fact that the message was protected with encryption -- a weak one by today's standards, but still pretty tough to break by hand -- the Civil War general still took pains to ensure the message is destroyed should anything untoward happen to the messenger.  The need to do so is as true today as back then.  That's why computer data security manuals recommend the destruction of a decommissioned computer's hard drive that stored sensitive data, even if it is protected with encryption software.

The Civil War-era bottle, and its message, lay with the Museum of the Confederacy since 1896 but no one thought of looking at the message until this year.  In fact, it was left alone for so long that collections manager Catherine M. Wright used the services of an art conservator to open the bottle and extract its message, and another to unfurl it from its folded position.

That's when she found that the message was encrypted.  Wright's attempt to figure out the contents came up empty-handed, and she contacted a retired CIA code breaker David Gaddy to work on it.

The Message

I've managed to find a big image of the original message at the  It seems to read (the original was in capital letters):

stan witviivz dtg cnp lbnxok oz bjqb feqt feqt xzbw jjoa
tk fhr tpzwk pbw rvsq vowpzxqq oedh ek waskipw plvo
jkz hmn nvaeuo xve dwaj boypa sk mlv fyyroelvpl
mfysiu xy fqeo npk m obpc fvxjfhoht as etov b ocajosvqu
m ztzv tpjy daw fqti wttj j dqgoaia flwhtxti qmtr
sta lvlflxfo

To be honest, I'm not sure if the above is correct (I transcribed it incorrectly; see the update above) because the letters are slightly hard to figure out in the scan of the original.  The writer of the coded message sometimes dots his is and sometimes doesn't, and his Es and Fs look remarkably similar, especially where the ink blurred.  His Us and Vs are also hard to discern apart.

Regardless, Gaddy managed to break the code.  It took several weeks to break by hand and it reads:

"Gen'l Pemberton:
You can expect no help from this side of the river. Let Gen'l Johnston know, if possible, when you can attack the same point on the enemy's lines. Inform me also and I will endeavor to make a diversion. I have sent some caps (explosive devices). I subjoin a despatch from General Johnston."

You'll notice that the name Johnston shows up twice in the message.  If you look at the original, you won't find a repeating string of letters matching the length of the name.  This indicates that we don't have a simple substitution (where the alphabet is shifted a set number of places, so that A is D, B is E, C is F, and so on.)

So what was used?  The South made use of the Vigenere Cipher during the Civil War, according to the article by Szkotak.

Vigenere Cipher

The Vigenere Cipher (Wikipedia explanation and the CryptoMuseum explanation) is a fortified Caesar Cipher, the latter being the simple substitution I described earlier.  Vigenere is complicated enough that it was at one point known as the "indecipherable cipher."  In fact, it's one of the first instances where a secret key is used to encrypt and decipher a message, a concept that is still used in encryption today (now known as the encryption key).

How does the Vigenere Cipher work?  Basically, a total of 26 Caesar Ciphers can be used:

A   A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
B   B C D E F G H I J K L M N O P Q R S T U V W X Y Z A
C   C D E F G H I J K L M N O P Q R S T U V W X Y Z A B
Z    Z A B C D E F G H I J K L M N O P Q R S T U V W X Y

The first cipher has no shift (i.e., it's a normal alphabet; technically, it's not a cipher).  The second is shifted one place (so B is now A), the third is shifted two places (so C is now A), and so on until Z.  These are all Caesar Ciphers.

When encrypting a message under Vigenere, say, "this is a secret message" you choose a secret key, a.k.a, a secret word.  If the secret key is "cab" then using row C, the first t of "this is..." becomes a v (the 20th letter for row C).

The next letter of "this is..." is h, the 8th letter in the alphabet, and now we use row A (A is the second letter in cab).  Since it's a normal alphabet, h remains an h.  Using the same, the i in "this" becomes j because of its position in row B.  So,

"This  is  a  secret message" becomes
"Vhjk si  c   sferfv   mfusbie"

The beauty of this method is that the same letter in the original message can come up as multiple letters when encrypted (the s shows up as a j, i, and s in the encrypted version), so you can't work your way backwards to figure out the message.

How to Crack the Cipher

There are ways of cracking the cipher; the Vigenere is not as unbreakable as it first appears.  The second half of this page goes into the theory and process (I first encountered the method in Simon Singh's highly-readable The Code Book).

One thing to note: if the message is short and the secret key is long, chances are it would be impossible to crack the message.  About the only way to crack it in that case would be to stumble upon the key by accident.

Although how Gaddy broke the encryption hasn't been revealed, I'm assuming his efforts must have been considerably aided by the fact that the message in the bottle, while encrypted, showed how long each word was.

The English language has only two variations of one-letter words -- I and A -- and also limited sets of two-letter words -- if, on, in, to, us, we, as, no, by, be, etc.  So, I would assume Gaddy would have started the attack here.

Had specialized analytical software been used, the process would have been finished in hours, perhaps minutes, as a computer churns out the possibilities.  Hook up the results so each word is scanned against a dictionary, and when, say, 80% of the cracked words in the message are found in the dictionary, you alert the person (80%, to account for misspellings, words not found in dictionaries, etc.)

As mentioned previously, it took Gaddy several weeks to break it manually.  Based on what we know of the message's contents, imagine the level of security that the encryption provided: by the time the message had been intercepted and decoded by Union forces, it would have been useless!

The Aftermath

Pemberton surrendered.  His raising of the white flag is generally considered as the beginning of the end for the Confederates.  In fact, that might explain why the bottle still had the message inside of it:

The Confederate messenger probably arrived to the river's edge and saw a U.S. flag flying over the city [of Vicksburg, which Pemberton was defending].

"He figured out what was going on and said, 'Well, this is pointless,' and turned back," Wright said. []

Related Articles and Sites:

<Previous Next>

Data Encryption Software: UK Calderdale and Huddersfield Foundation Trust Announces Breach (Updated)

USB Drive Encryption: Korean Military Loses USB With Military Exercise Plans


No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.