In the morning on October 5, the factorization was found. Staffan was the first to discover this, and he immediately called the other team members. Everybody dropped what they were doing and rushed to Staffan's place to be present when the plaintext for the final stage was revealed.
Having found the factorization, it was easy to decrypt the shorter message, which had been encrypted with RSA. This gave us a 128-bit number, which we knew would be a triple-DES key. Tense with anticipation, we fed the longer message and the key into a DES decoder, read the output... only to discover that it was a sequence of random characters, nothing remotely resembling a plaintext. What could have gone wrong? We tried another DES decoder, which we had created ourselves while working on Stage 9, but it gave the same results. We knew that the factorization was correct, and the 128-bit key looked like a proper DES key as it had the right parity properties. Overwhelmed by frustration, a number of schemes were tried: Exchanging the two 64-bit blocks which the key was composed of, reading the bits of the key in reverse order, etc. After an hour of failed attempts, Lars suddenly screamed ``Here! It is in P1!'' and we all started jumping around with joy. It turned out that the message was not encoded with triple-DES after all: It was only protected by a single DES key, and we had had the file containing the right plaintext without knowing it: Lars discovered that a temporary file output by our DES decoder contained the plaintext:
For secrets are edged tools and must be kept from children and from fools.
The magic word you need to quote is DRYDEN.
Congratulations, you have solved the tenth and final stage of the challenge.