The technique of seriation has been mentioned only twice in this group before - in the groups.io numbering, since Yahoo Groups will close soon (2013, Mike Brophy, #15086, below) and 2017 (Geoffrey Caveney, #19358). It is used to add a transposition step to a polygraphic cipher and increase the difficulty. It combines the main two types of cipher - transposition and substitution. Scheidt stated in 2015 that “[he] would consider [K4 encryption] [to be] more than one stage”. Seriation is usually used with Playfair, but it can be applied to other polygraphic ciphers. The ACA guidelines for Playfair and Seriated Playfair can be found at http://www.cryptogram.org/downloads/aca.info/ciphers/Playfair.pdf http://www.cryptogram.org/downloads/aca.info/ciphers/SeriatedPlayfair.pdf These are both based off the description in Gaines (1939) “ELCY” which was expanded in Bowers (1959). As an example, take this 5x5 Polybius square and combine I and J in one cell. You could consider this to be a "matrix" that Sanborn keeps talking about. GMNET DPXHI ZRBYU LCOKA VWFQS   Seriate the K4 ciphertext at width 24. Incidentally, the Berlin Clock has 24 lights and is a 24-hour clock, and works modulo 5, like a 5x5 Polybius square. Although the clock can theoretically represent hours from 00 to 24 (25 hours), the minute after 23:59 is 00:00 on the actual Berlin Clock. So you could say there is one hour that you never "see". Also, 24 is the lowest width value where you don't get any doubled letters in the seriated K4 ciphertext. If you are doing "standard" Playfair, you won't see any doubles in the ciphertext. Or you could change the rules to allow them, e.g. in Kahn's "The Codebreakers" p593 in a story about JFK in WW2 they just put doubles through unenciphered. Here is the seriated ciphertext starting with OBKR … the first 96 letters. We can also get a similar answer starting with ?OBKR. Again, this is a different kind of “matrix”. OBKRUOXOGHULBSOLIFBBWFLR VQQPRNGKSSOTWTQSJQSSEKZZ WATJKLUDIAWINFBNYPVTTMZF PKWGDKZXTJCDIGKUHUAUEKCA Here one digram (BS) occurs twice in row 1/2 (near the right hand side). Now decipher NYPVTT MZFPK using the above square as follows. Use the ACA Playfair rules as in the ACA link above, but flip the two letter output. Otherwise, you won't be able to have K decipher to K. This is probably the simplest change to the Playfair rules that would "work". First column is the CT, second column is deciphered. NU BT YH EH PU RI VA LS TU IS TE NE MK CE ZC LR FA OS WP MC AK OK Now using seriated Playfair (variant) instead of normal Playfair, we can certainly say "NYPVTT MZFPK" corresponds, in order and in the right places, with "BERLIN CLOCK" in the output. With a seriated polygraphic cipher, there's no ambiguity about whether the crib correspondence is "one-to-one" as there might be if it was ordinary polygraphic "many-to-many" encryption. Output FFKMZFNOVQAGFSFVHFFFMODU LYYPYBDCTIBARAKAHWUUQQZZ MOSTHOUPSTRIXNOBERLINCLO CKMDLAYITUCHTVYTHISSEERS Writing it out in one line FFKMZFNOVQAGFSFVHFFFMODULYYPYBDCTIBARAKAHWUUQQZZMOSTHOUPSTRIXNOBERLINCLOCKMDLAYITUCHTVYTHISSEERS You can see "BARAKA", "THISSEERS", "MODUL", etc, but it's not very convincing English text for non-deranged people. And that rule change may be a bit contrived, although the same thing happens in one step of the "Doppelkastenschlussel" (below). Would you really be thinking of this change before the "CLOCK" clue of 2014?! To try to get better English plaintext, you could try some or all of ... • permute the letters in the Polybius square. Or you could manually guide them to be more like KRYPTOS or an English word in some order 
 • combine/omit different letters. Maybe U/V instead of I/J, or combine Q/U based on K1,2 PT misspellings
 • change the seriation width. At some widths, you'll get doubles
 • change the dimensions of the Polybius square - e.g. use a 6x4 (combine I/J _and_ U/V, or drop out J and Z since they're never used in the K1,2,3 PT) or a 9x3 rectangle (add "?")
 • try to guess some more plaintext, and force that in the output
 • use a different polygraphic cipher for the seriation
 • start modifying the ciphertext arbitrarily e.g. drop a letter out somewhere so the length of the new CT is 96, divisible by 24. Gary Warzin used to suggest it. Risky!
 • lose your mind and start seeing patterns where there are none! People do this with K4 and the Zodiac cipher Z340 all the time - believe and achieve!
 It's been pointed out here by three people independently (Tim Kirchner 2003, Ed Hannon 2010, and Geoffrey LaTurner 2016) that seriating the K4 CT at width 21 gives you many repeated digrams e.g. check Ed Hannon's post history since 2010. But then with a seriated digraphic cipher at this width, you'd have the problem that the T in the adjacent repeated ZT digrams has to decipher to both the I and N in BERLIN. How could that happen? This observation about width 21, to my mind, is the most significant one I've seen about K4. Another is the KR, SO, YP down the K4 CT RHS, which would seem to be a hint towards a digraphic cipher. There are also things in the other parts that don't seem to be coincidences (e.g. "OSS BATTALLION" is an anagram of the K1 PT initials, and IDBYROWS/LAYERTWO in K2 PT). For a long time I thought that second one was a hint towards Trifid, but that led nowhere. Something that doesn't seem to have been mentioned in the group yet is that seriating the K4 CT at width 7, you'll have I and J missing in alternate rows. This could be evidence for a system with 5x5 Polybius square(s) with I and J combined. It's also aesthetic - seven pairs of rows of width seven, the same number of letters in the word "KRYPTOS". Some other digraphic ciphers you could try with seriation for K4 are • Hill cipher (but Sanborn has said he’s an “anathemath”)
 • Other Playfair variants, like Wheatstone's original method in his 1854 paper - again, check Kahn p199, though the method is not explained in the book text; he has a 3x9 matrix there too, which might account for the extra "?" making K4 98 characters (Scheidt in Wired 2005 said K4 was 98 _characters_ rather than 97 _letters_)
 • Two-square (left/right and top/bottom variants, pairs in the same row/column go through in plain or transposed, or with Playfair-like rules)
 • Four-square (a couple of people e.g. Bill Briere in 2009 have linked it to the structure of the sculpture itself, an “obvious hint” in “plain view”. Although with four mixed squares it would be probably be impossible)
 • the "Doppelkastenschlussel" cipher Germans used in WW2, mentioned by Mike Brophy here in 2013; with the final CT written out horizontally ("by rows"), as in the Charles David paper (1994). Other versions were described pre-Kryptos in two 1987 papers by Currer-Briggs and Schick, but with the final CT written out by pairs. It has also been called "double Playfair" (probably first publicly by Bertrand in 1972/73, then in SRH-124 in 1981, but Schick wrote that he never heard it called that), double box, double key, double cassette, double casket, double stop, non-indicator cipher, NS 42, Nachrichtenschluessel, and Truppenschluessel. “It was not some minor system — it was the major German field cipher for the whole darn war.” So was BERLIN a hint towards that? 
 Polybius square based systems fit well with the 2011 Scheidt quote relayed by Ed Hannon: "K4 cryptography is similar to what would be provided agents or pilots in case of capture." You could even argue that a system using just one Polybius square would be more likely in that case. The more Polybius squares you use, the fewer variants there are. By the time you get to four-square, I think there's only two sensible variants depending on how you arrange the CT output. Whereas for Playfair, there are many variants (check MilCryp and Gaines). Gaines mentions a variant by W. W. (heh!) Rouse-Ball where letters in the same row go down and letters in the same column go right. With the last cipher here, the DoKa, you can certainly get BERLIN CLOCK at the right place. The David article about it has several parts reminiscent of Kryptos, with the seriation width 21, the repeated KKs in an example, and best of all he states "What is your position?" (from Kryptos Morse, "wie lage" in German) was a great crib! It would be very difficult to solve, though, I think, at this length. And the squares in WW2 were random, not keyword based. But because the unicity distance of the cipher is only around 45 letters, it might fit the "expected to be solved eventually" nature of K4. There might be some trick to solve these ciphers more easily I don't know about. The late Richard Gay on his website kryptos-cia.com (still available through archive.org) suggested K4 could be based on Playfair or double Playfair with a "super-encryption additive" of some kind. The underlying cipher for the seriation doesn't have to be digraphic. It could be trigraphic - both of these systems uses just one Polybius square. • The "trigraph cipher with a short key for hand use" of Kruskal (1985) (an American invention). This can have a geometric ciphering method using RAYs, like Sanborn's 2005 statement that "K4 is geometrically tougher", allows a 5x5 or 3x9 Polybius square, and is related to the Hill cipher - if you think the HILL down the sculpture RHS is significant
 • Trifair (an ACA invention by ZENITH, 1983)
 The Kruskal cipher seems to be very hard at this length. One problem is placing the crib.