Wikipedia articles:
– Caesar Cipher
– Vigenere Cipher

Rumkin.com Cipher Tools
– A pretty extensive collection of online cipher tools

Sharky’s Vigenere Cipher v1
– Substitutes “A==0” (matches Rumkin and Wikipedia)

Sharky’s Vigenere Cipher v2
– Substitutes “A==1” (differs from Rumkin and Wikipedia)
– Results in a post-encryption caesar shift of 1

Welcome Slide (and the full PowerPoint / PDF file):

Coin face/back:

The key is to start above the skull (on the coin face).

What would Brutus do?

The key is to start above the skull (on the coin face):

yep: nguitcqyg

However, the key is encoded with a Keyed Caesar Shift (thus the “What would Brutus do?” hint).  The substitution alphabet used for the Keyed Caesar shift is located around the edge of the coin face:

AUNPDHBQZERIXVFTJSLCWKTGMO

Using the rumkin.com site’s Keyed Caesar Shift with the above alphabet and message with a Caesar Shift of 5 results in the first answer:

key: xswgrocks

Now, you take it from here..

Cipher tool versions matter.

The presentation slides includ an 8-bit ASCII-encoded message both behind the skull face on opening and closing slides (and on event t-shirt), as well as in the presenters notes.  A simple TCL script or Google can be used to convert the binary string to its ASCII equivalent:

QxkkwbdtarhyvapluhdfvvjvvihrhinKthddsaeesrnqhpaljsyxdxpgxtwdodxukzixdogbbxljdjh

 A link in the presentation materials to a YouTube Video Clip from the movie “A Christmas Story” shows the main character Ralphie using a secret decoder ring to reveal an advertisement for Ovaltine (“Drink Your Ovaltine”).  The video posted to Youtube then followed with an excerpt from two Xilinx employees regarding making a Christmas list for a B.B. Gun and almost advertising one, saying at the end of the clip, “everybody knows I love copper projectiles.”

The  coin face resembles the logo for the conference, however, the text below the skull face reads “Lhq Vft Etm” instead of  “Not One Bit” as it does in the presentation materials..   An obvious (but necessary) clue.

The coin also includes a coded message across the top of the skull face:

yep: nguitcqyg

The hint about  Brutus paired with the type of secret decoder ring used in the movie clip suggest a Caesar Cipher, but unfortunately a standard Caesar Cipher does not decode the message.

The outer ring of the coin face includes all 26 letters of the alphabet but in a non-standard order:

AUNPDHBQZERIXVFTJSLCWKTGMO

Putting the rearranged alphabet into a Keyed Caesar Shift and using a shift value of 5 decodes the first message into something that is human readable:

yep: nguitcqyg
key: xswgrocks

Having a key in place, the next obvious place to go was the message below the skull face, assuming that it should decode to read “Not One Bit.” Since the cipher text and the plain text are known, as well as a key and a translated alphabet, one can cycle through various decoding algorithms to find the one that decodes the message.

Sure enough, using a Vigenere Cipher on the message below the skull face with they key from above the face properly decoded “Lhq Vft Etm” into “Not One Bit.”

Completion of this step verifies the key value “xswgrocks” and the decoding algorithm necessary (Vigenere Cipher).

Flipping the coin over reveals another outer ring of encoded messages, once across the top, and one across the bottom:

Yei magve kcw pludqo
Jltowgh dadm sddh e4 ovmwb

The two messages had to be split up and decoded separately.  Using the key “xswgrocks” in a Vigenere Cipher quickly decodes the messages to read:

yei magve kcw pludqo
all first red second

jltowgh dadm sddh e4 ovmwb
lswhere shft vwls b4 dcode

The back of the coin also includes another set of binary data behind the Xilinx company logo (with some digits printed in red).  Following the instructions from the decoded message above from the outer ring (“all first red second”), all binary bits were written out and then appended with the sequence of bits printed in red.  The resulting combined binary data was also an ASCII-encoded message.  Using the same key as before (“xswgrocks”) the Vigenere Cipher decrypts the message to read:

ZxPbjtWzUsrUpdxqi
BeSureToBuyXilinx

Unsure what to do with the decoded advertisement, the remaining decoded message gives the next clue:  “lswhere shft vwls b4 dcode.”  The message “lswhere” from the coin indicates data possibly not on the coin.  The only other data available is the data from the presentation material.  Using the same key (“xswgrocks”) decrypts the ASCII 8-bit message:

QxkkwbdtarhyvapluhdfvvjvvihrhinKthddsaeesrnqhpaljsyxdxpgxtwdodxukzixdogbbxljdjh
SendemaihtoboiaijofmyorgsxotolgSeeskuhhxackforhocajusernameolsewrcbfolvideoclue

The decoded result is an obvious message or some sort, but it is also obviously not the final answer.  However we only used the first part of the last clue.  The second part of the “lswhere” clue from before reads “shft vwls b4 dcode” indicating that the ASCII message needed translating before decoding.  A shift value of 5 was used earlier, but shifting all vowels by 5 places in either direction (“i” becomes either “n” or “d”) did not make the message more readable.  Instead, letting the vowels shift within themselves (a=e, e=i, i=o, o=u, u=y, y=a) does the trick.  You may have noticed at the end of the video that “Good Luck” was written with this vowel shift (another clue).  The resulting vowel-shifted message and decoded result look like this:

QxkkwbdterhaveplyhdfvvjvvohrhonKthddseiisrnqhpeljsaxdxpgxtwdudxykzoxdugbbxljdjh
SendemailtodomainofmyorgsdotorgSeeskullbackforlocalusernameorsearchforvideoclue

The instructions to send an email to the domain of my org’s dot org suggests an email address of __@xilinx.org (because the challenge creator is a Xilinx employee).  The video clue references the movie clip in which Ralphie is told to drink more Ovaltine.  However, sending an email to Ovaltine@Xilinx.org bounces back.  Multiple emails were sent to a number of email addresses attempting variations on the theme (and @xilinx.com instead of @xilinx.org), but they all bounce back.

Returning to the clue, the message intends to be read literally: not “domain of my org’s .org” but rather ___@myorgs.org. The video clue advertising Ovaltine doesn’t mean to use Ovaltine but rather another coded advertisement from the back of the coin, “BeSureToBuyXilinx.” The email address that should be used is:

BeSureToBuyXilinx@myorgs.org

Sending an email to this email address does NOT bounce but rather receives an immediate auto-response:

“For critically sensitive IP you CAN secure your domain.  The key is to partner with Xilinx.

mtde ghs rgon yuyrx cc rbxi vkyfssjn: mcalqnrucixyafwsp

Thanks,
Xilinx Secure Solutions”

Ugh, another coded message! Putting it into the Vigenere decoder with the earlier key, however, does not work. Re-reading the auto-response reveals the necessary clue:

“The key is to partner with Xilinx.”

The key “to partner with Xilinx” decodes the message:

mtde ghs rgon yuyrx cc rbxi vkyfssjn: mcalqnrucixyafwsp
send one more email to this username: succeedwithxilinx

Sending one more email to succeedwithxilinx@myorgs.org also does not bounce but receives another auto-response:

“Congratulations!  You have solved the XSWG 2014 Crypto Challenge.  Please send an email with your contact information to …….”

Ahhh, the sweet feeling of victory…