Cicada 3301 Designed Puzzles Immune to Brute Force, Tracked Leaks 🇺🇸

Original source: Eze Martínez

This video from Eze Martínez covered a lot of ground. Streamed.News selected 8 key moments and summarises them here. Everything below links directly to the timestamp in the original video.

In a challenge where anyone could post a fake clue, how do you know what's real? Cicada 3301 solved this using the same technology that verifies email and software authenticity: digital signatures.

Cicada 3301 Used PGP Cryptographic Signatures for Message Authenticity

Cicada 3301 digitally signed all official messages with PGP (Pretty Good Privacy) to prevent imposters from creating fake puzzles. This cryptographic signature allowed anyone to verify the message originated from 3301's private key holder and remained unaltered, ensuring communication integrity.

Authentication was so crucial, 3301 even launched a webpage where contestants could instantly paste and validate message signatures. This showed high sophistication and rigorous operational security.

"Using PGP, we combine the message with its public key, verifying its authenticity."

▶ Watch this segment — 3:28

Modular Arithmetic Unlocks RSA Encryption

RSA encryption uses mathematical operations. Though complex with large numbers, a simple example explains it. To encrypt, raise a number to a key's power, then apply the "modulo" operation to find the division remainder. A private key generates the encrypted message. The receiver uses a public key to reverse the process, retrieving the original number. This system, based on modular arithmetic—often likened to a clock—underpins asymmetric digital security.

"This may seem like magic, but it's math. To decrypt 3301's message, we must understand how RSA encryption works."

▶ Watch this segment — 7:05

Prime Numbers Form RSA Algorithm's Core

RSA encryption starts by selecting two very large prime numbers, P and Q. Their product yields N, a key component of the public key. Next, calculate Euler's totient function for N (φ(n)), which equals (P-1) * (Q-1) and is crucial for deriving the private key. The system's security relies on computational asymmetry: multiplying P and Q to get N is simple, but the reverse—factor N to find P and Q—is extremely difficult for large numbers. This principle is modern public-key cryptography's cornerstone.

"The phi function result for any semiprime number n is (p-1) * (q-1). Simple. This always holds true."

▶ Watch this segment — 8:51

Cicada 3301 Puzzle: Solving RSA Meant Factoring Massive Number

To solve the first major puzzle, participants converted the Base64 message to a decimal number. The crucial step was breaking RSA encryption: factoring the public number N to find its prime components, P and Q. Tools like Ftime C* helped with this computationally intensive task. With the factors, participants calculated decryption key D and used a Perl script to decrypt the message. The challenge proved Cicada 3301 chose a number large enough to pose a challenge, but not impossible to solve.

"Finding P and Q is the key to solving the riddle."

▶ Watch this segment — 12:57

Decrypted File's 'MTHD' Signature Revealed Next Clue: A MIDI File

After decrypting a PGP-encrypted text block, participants found a binary file. It began with the characters “MTHD.” These letters were not a message, but a file signature, known in computing as a “magic number.” This specific signature unequivocally identified the file as MIDI (Musical Instrument Digital Interface). This discovery shifted the challenge from purely cryptographic to one demanding knowledge of file formats and musical data analysis to find the next hidden message.

"A MIDI file always starts with 4D 54 68 64, which in letters is MTHD—exactly what we decrypted."

▶ Watch this segment — 25:56

UTF-16 Encoding Error in Windows Hid Next Cicada 3301 MIDI Message

A Windows error prevented playback of the deciphered MIDI file. Null bytes caused the issue, not deliberate obfuscation from 3301. Windows interpreted the 8-bit file using UTF-16, which added filler bytes. Recoding the file to a strict 8-bit system, like DOS encoding, removed the excess bytes. This step showed solving the puzzle required specific technical knowledge of how operating systems handle binary data.

"It wasn't its fault, it was ours or Windows' fault. It's all Windows' fault."

▶ Watch this segment — 29:00

William Blake Poem Key to Unlocking Hidden Musical Alphabet in MIDI File

The MIDI file's music wasn't a coherent melody, but a new clue. Its analysis revealed two musical tracks, evoking William Blake’s poem “The Marriage of Heaven and Hell,” which 3301 had previously referenced. Participants solved it by associating notes from the second track with letters from a poem fragment. This process created a correspondence table—a musical alphabet where each note and its duration equaled a letter. This interdisciplinary leap, from cryptography to literature and music, showed the broad knowledge Cicada 3301 demanded.

"This poem states that opposites aren't always bad; on the contrary, they are good, they need to come together."

▶ Watch this segment — 33:13

Musical Notes Conceal Message, Instruct Cicada 3301 Finalists to Use GPG Keys

Applying the deciphered musical alphabet to the MIDI file's first track, participants uncovered a text message. They adjusted notes an octave up to match the cipher. The resulting English text congratulated the contestant and gave next steps. Guidelines required creating a new GPG key, publishing it on MIT key servers, and sending an encrypted word list to an email address. This step tested technical skills and the ability to follow a complex secure communication protocol.

"Create a new GPG key for your email address and upload it to the MIT key servers."

▶ Watch this segment — 36:02

Also mentioned in this video

• El presentador recuerda la foto publicada por un usuario anónimo en un foro en… (0:07)
• El acertijo de 3301, que llevaba a la Dark Web, requería dejar un correo para… (0:30)
• Se revela que los participantes debían recibir una cadena de números para usar… (1:09)
• 3301 eligió un número de 16 dígitos para su link, haciendo imposible el acceso… (1:38)
• Los participantes que filtraron los acertijos fueron expulsados del juego por… (3:01)
• Los mensajes de 3301 mantienen un formato específico con doble espacio, y se… (4:55)
• El acertijo requiere conocimientos avanzados en criptografía y seguridad… (6:05)
• El número desencriptado se añade al link de la Dark Web, lo que inicialmente… (15:32)
• 3301 elevó el nivel de dificultad y ofreció una "segunda oportunidad" a través… (16:21)
• El dominio .tk corresponde a Tokelau, un archipiélago de Oceanía, y era… (18:01)
• La imagen del coyote en el dominio .tk era una pista falsa, ya que su firma PGP… (19:46)
• Se descubre un mensaje binario oculto en espacios y tabulaciones, que revela… (21:16)
• La suma de los números lleva a un nuevo número que, al agregársele ".tk",… (22:20)
• La imagen de "La dama de Shalott" contiene otro mensaje oculto que, una vez… (23:54)
• Después de resolver el acertijo RSA, 3301 envía un correo con nuevas… (25:00)
• Se explica qué es un archivo MIDI, una representación de partituras que… (27:42)
• Se recapitula el progreso hasta el momento y se presenta el correo de respuesta… (37:50)
• La historia se vuelve oscura, sin más filtraciones de los participantes, y tras… (41:07)

Summarised from Eze Martínez · 44:00. All credit belongs to the original creators. Streamed.News summarises publicly available video content.