Every great cipher crack ran on the same five levers. The famous survivors deny all five, and one 1949 idea explains why some of them can never be cracked at all.
In December 2020, a coded message that had defeated the FBI, the NSA, and fifty-one years of obsessed amateurs finally gave up its contents. The Zodiac Killer's 340-character cipher, "Z340," taunted into existence in 1969, was cracked not by an intelligence agency but by three hobbyists: an American software developer named David Oranchak, a Belgian warehouse operations manager, and an Australian mathematician, working across three continents with purpose-built software. The breakthrough wasn't a bigger computer. It was the realization that the cipher hid its message in an unusual transposition scheme layered on top of the letter-substitution everyone had been attacking head-on. Once they guessed the shape of the trick, the software found the rest.
That story contains, in miniature, almost everything history has to teach about cracking the uncrackable, including the uncomfortable lesson about which of today's famous unsolved ciphers will never be cracked, no matter how clever the next hobbyist is. Because some of them aren't hard at all. They're impossible, in a precise and provable sense. But to see why, you first have to see what every great crack actually had in common.
Run down the canonical breakthroughs and a pattern emerges that has nothing to do with raw brilliance and everything to do with leverage. Five levers, recurring across three thousand years.
An anchor: a crib or a bilingual. The Rosetta Stone gave Jean-François Champollion the same text in Greek and in Egyptian scripts; in 1822 he used the Greek as a known-plaintext crib, zeroed in on the royal names ringed in cartouches, Ptolemy, Cleopatra, and cracked hieroglyphs open. At Bletchley Park, the attack on Enigma ran on cribs: stretches of guessed plaintext, like the predictable weather reports German operators sent every morning. An anchor is a foothold of certainty in a wall of noise, and almost nothing falls without one.
Length, which becomes statistics. The Vigenère cipher was called le chiffre indéchiffrable (the undecipherable cipher) and wore that reputation for roughly three centuries. Then in 1863 a retired Prussian officer named Friedrich Kasiski published the observation that repeated sequences in the ciphertext betray the length of the key (Charles Babbage had worked it out privately a decade earlier and never published). Once you know the key length, the cipher collapses into simple frequency analysis. But the method needs material: enough text for the repeats and the frequencies to surface. The Copiale Cipher, an 18th-century German secret society's 75,000-character manuscript, fell in 2011 partly because it was enormous: that much text could be attacked with machine-translation methods by a team led by computer scientist Kevin Knight.
The reframe, and it usually comes from an outsider. This is the most human lever and the most surprising. Linear B, the Bronze Age script from Crete, was decoded in 1952 by Michael Ventris, an architect, not a professional linguist, building on the painstaking grids of the classicist Alice Kober. The leap that did it was a reframe: the heretical guess that the language behind the script was Greek, which almost every expert had ruled out. Champollion's edge was knowing Coptic and reframing the glyphs as partly phonetic rather than purely symbolic. Knight's team reframed the Copiale's Roman letters as meaningless nulls. Over and over, the breakthrough is rarely a harder push in the established direction. It's a sideways step the insiders were too expert to take.
Operator error: the use leaks more than the design. Enigma's cryptographic strength was real, but its operators were predictable, and one mechanical quirk was fatal: the machine could never encipher a letter as itself. That single constraint, plus sloppy procedures like repeating the message key, gave the codebreakers the wedge. And here is the credit the popular Turing story usually omits: Enigma was first broken in 1932 by the Polish Cipher Bureau, Marian Rejewski, Jerzy Różycki, and Henryk Zygalski, seven years before Bletchley, using permutation theory and a machine they called the bomba. The system was sound; the way humans used it was not.
Mechanized search. The bomba and the British Bombe; AZdecrypt against the Zodiac; computational linguistics against the Copiale. Once the hypothesis is narrow enough, you industrialize the hunt and let machines grind through what no human could. But note the order: the tool comes after the reframe. AZdecrypt didn't guess that Z340 was a transposition; the humans did, and then the tool confirmed it. Computation is an amplifier, not an oracle: it multiplies a good hypothesis and does nothing for a bad one.
Now flip the framework over, because it predicts its own failures. If those five levers are what break ciphers, then the ciphers that can't be broken should be precisely the ones that deny all five. And they are.
The Voynich Manuscript, carbon-dated to the early 1400s, is written in a script no one else ever used. There's no bilingual, nothing to anchor against, no comparison corpus, and, most damningly, a live and serious debate over whether it encodes a real language at all, or is a constructed language, glossolalia, or an elaborate hoax. The Phaistos Disc from Bronze Age Crete has 241 stamped tokens across about 45 distinct signs, on a single object: no second text anywhere in the world to compare it to, an unknown language, and disputed authenticity. Edward Elgar's Dorabella cipher is 87 characters of squiggles sent to a friend in 1897, quite possibly a private joke rather than a systematic cipher. The Tamam Shud code from the 1948 Somerton Man case is a few dozen letters that read like the initials of a mnemonic, maybe not a cipher in any normal sense, and here's a clean lesson in not conflating mysteries: the man was finally identified in 2022 through DNA as Carl Webb, while his code remains exactly as dark as it was. Solving the person is not solving the cipher.
What unites the survivors is not cryptographic sophistication. It's that they are short, singular, anchorless, and possibly meaningless: the exact opposite of every condition that produced a breakthrough. And that points at something deeper than "we haven't gotten lucky yet."
In 1949, Claude Shannon, the founder of information theory, defined a quantity he called the unicity distance: roughly, the amount of ciphertext you need before only one plaintext-and-key combination fits, given the redundancy of the language and the size of the key space. Above the unicity distance, the right answer is unique, and finding it is "merely" hard. Below the unicity distance, multiple different plaintexts fit the ciphertext equally well, and no amount of genius can pick out the intended one, because the information required to distinguish them is not present in the message. The ambiguity isn't a gap in your cleverness. It's a property of the text.
This is the idea that reorganizes the whole field of unsolved ciphers, and it is the one the catalog-style "ten greatest mysteries" lists never reach. Dorabella at 87 characters, Tamam Shud at a few dozen, the Phaistos Disc at 241 tokens: these are plausibly below their unicity distance. Which means a "solution" to them can be ambiguous by construction. You could find an English sentence that fits Dorabella tomorrow, and someone else could find a different, equally valid English sentence, and there would be no way, even in principle, to prove which one Elgar meant, because the cryptogram simply doesn't carry enough information to single one out. That is the difference between hard and impossible, and it is a mathematical difference, not a motivational one.
It also explains the most maddening feature of the famous unsolved ciphers: the endless parade of confident, mutually contradictory "solutions" to the Voynich Manuscript and the Phaistos Disc, each announced to fanfare, none ever accepted. When many plaintexts fit, everyone can find one that works, and none can be proven. The flood of solutions isn't a sign we're closing in. It's the signature of a text below its unicity distance, where "it fits" stops meaning "it's right." (For the same reason, Kryptos K4, 97 characters with a known final twist, sits in genuinely dangerous territory; but that's a story for its own essay.)
Here is the line I'd carve over the whole subject. The great cracks fell because they had enough rope: length, an anchor, or a reframe. The survivors may resist forever, not for lack of a genius but because there isn't enough information inside them to be sure you're right. From the outside, you cannot tell a perfectly-designed-but-too-short cipher from a hoax from random noise: they all look identical, which is to say, they all look unsolvable. The deepest unsolved problem in cryptanalysis is not what does it say. It's the prior question: is there a unique message in here to find at all?
You will likely never attack a 15th-century manuscript. But you face "uncrackable" problems constantly, a legacy system nobody understands, a black-box model, a flaky bug with no obvious cause, a research question that won't yield, and the anatomy of cipher breakthroughs is a startlingly good field guide.
When something resists, run the five levers as a checklist. Find an anchor: a known input-output pair, a working example, a leaked spec, one foothold of certainty changes everything. Get more data: if you're below the threshold where structure becomes visible, no technique will save you; the answer is a bigger sample, not a cleverer method. Question the framing, and import an outsider: the breakthrough is usually "everyone assumed X; it's actually Y," and it tends to come from someone unburdened by the field's settled assumptions, the architect who didn't know Linear B "couldn't" be Greek. Attack the use, not the design: systems leak at an operator error, a reused key, a procedural shortcut, almost never at their strongest point. And industrialize only after you've narrowed: computation multiplies a good hypothesis and does nothing for a bad one, so spend your thinking on the hypothesis first.
But the most valuable lesson is the unicity-distance one, and it's a lesson in knowing when to stop. Before you pour years into an intractable problem, ask whether it's hard or underdetermined: whether there is enough information present to have a unique answer at all. Some problems resist not because they're strong but because the signal isn't there: too little data, too much noise, or no real message under the surface. A team that can't tell "I haven't found the answer yet" from "there is no unique answer to find" will search forever, and mistake every fresh plausible-but-unprovable guess for progress. Shannon's gift was making that distinction precise: there is a measurable floor below which certainty is impossible, and recognizing when you're beneath it is not giving up. It's the difference between persistence and superstition.
History's unbreakable codes fell to outsiders with an anchor, a reframe, and enough rope. The ones that remain are teaching a subtler and more useful lesson than "try harder." They're teaching us to ask, of every black box we meet, the question that comes before how: is the answer even in here? Sometimes the bravest and most rigorous thing an investigator can conclude is that the most famous mystery in the room is short on one resource no amount of brilliance can manufacture, information, and that the right move is not another decade of guessing but the honest, mathematical humility to say so.
Every black box needs an anchor.
The great cipher cracks all started the same way: a foothold of certainty, a known input mapped to a known output, against which the unknown could finally be checked. An AI agent is a black box too, and the equivalent anchor is a record of what actually produced each step. Chain of Consciousness gives an agent that anchor: a signed, append-only trace you can verify against, so debugging a decision stops being cryptanalysis on a message that may carry no answer and becomes reading one that does.
pip install chain-of-consciousness · npm install chain-of-consciousness
Hosted CoC → · vibeagentmaking.com · See it in action