Saturday, May 21, 2016

Update

I added information and pics in New developments in the strip cipher case.

I also made a correction. I had written that the strips 60-1 were used for intercommunication between Bern, London, Lisbon, Algiers and Washington in 1943 but this is not clearly stated in the list. 

Only strips 60-3 and 60-5 were definitely used for intercommunication between the aforementioned embassies. 

Sunday, May 15, 2016

Einzeldarstellungen aus dem Gebiet der Kryptologie - Hüttenhain’s statements on the State Department’s strip cipher

During WWII the US State Department used several cryptosystems in order to protect its radio communications from the Axis powers. The main systems used were the unenciphered Gray and Brown codebooks along with the enciphered codes A1, B1, C1, D1 and the new M-138 strip cipher. 

In the period 1940-1944 German, Japanese and Finnish codebreakers could solve State Department messages (both low and high level) from embassies around the world. The M-138-A strip cipher was the State Department’s high level system and it was used extensively during that period. Although we still don’t know the full story the information available points to a serious compromise both of the circular traffic (Washington to all embassies) and special traffic (Washington to specific embassy). In this area there was cooperation between Germany, Japan and Finland. The German success was made possible thanks to alphabet strips and key lists they received from the Japanese in 1941 and these were passed on by the Germans to their Finnish allies in 1942. The Finnish codebreakers solved several diplomatic links in that year and in 1943 started sharing their findings with the Japanese. German and Finnish codebreakers cooperated in the solution of the strips during the war, with visits of personnel to each country. The Axis codebreakers took advantage of mistakes in the use of the strip cipher by the State Department’s cipher unit.

Erich Hüttenhain, who was the chief cryptanalyst of OKW/Chi (Signal Intelligence Agency of the Supreme Command, Armed Forces), said in his unpublished manuscript ‘Einzeldarstellungen aus dem Gebiet der Kryptologie’, p20-21 about the strip system:

IV. Das amerikanische streifenverfahren

Im  2. Weltkrieg benutzten die USA bis September 1944 in Diplomatie, Heer, Luftwaffe und Marine neben anderen Verfahren ein unter dem Namen “Streifenverfahren" bekanntes Chiffrierverfahren.

Des Diplomaten—Streifenverfahren war das aufwendigste und mit den meisten Variations möglichkeiten versehen. Deshalb soll hier nur auf dieses Verfahren eingegangen werden.
Des Streifenverfahren in der Diplomatie war ein Chiffrierverfahren für den Linienverkehr; es bestand aber die Möglichkeit, von der Zentrale aus cq-Sprüche abzusetzen.
Fast jede US-Vertretung im Ausland hat zum chiffrierten Verkehr mit Washington einen Satz von 50 Stäben, auf denen je ein anderes verwürfeltes Alphabet zweimal hintereinander aufgezeichnet war. Täglich wurden 25 dieser Stäbe ausgewählt und in vorgeschriebener Reihenfolge zum Schlüsseln benutzt: Tagesschlüssel.

Nach einigen Monaten wurde der ganze Satz von 50 Stäben gegen einen anderen  satz von 50 Stäben ausgetauscht. Außerdem hatte jede Vertretung des US-Außenministeriums noch einen Stabsatz zur Entschlüsselung von cq-meldungen aus Washington. Auch dieser cq-Satz wurde von Zeit zu Zeit ausgewechselt.

Vom Standpunkt der Kryptologie war dieses Streifenverfahren ein mehrfach belegter Spaltencäsar.

Bald nach dem Beginn der Untersuchungen dieses Chiffrierverfahrens gelang es, die Periode von 25 zu erkennen. Es gelang auch, einige besonders lange Geheimtexte wenigstens teilweise zu entziffern. Es wäre eine harte und langwierige Arbeit geworden, wenn nicht besondere Umstände hinzugekommen wären. Einer dieser umstände war die Tatsache, daß die USA den bei einer Stelle abgelösten Stabsatz an anderer Stelle wieder einsetzten, anstatt ihn außer Kraft zu setzen.

Ein zweiter für die Entzifferung günstiger Umstand war, daß es wegen der U-Boot-Blockade nicht immer gelang, den auszuwechselnden Stabsatz rechtzeitig an alle Außenstellen zu bringen.  In solchen Fällen wurde z.B. ein cq-Spruch an die Stelle, bei der der neue cq-Stabsatz noch nicht eingetroffen war, mit dem bei der Stelle vorhandenen und seit längerer Zeit in Benutzung befindlichen Spezial-Stabsatz verschlüsselt.

Wenn nun dieses Spezial-Verfahren gelöst war, - und das war in der Regel der Fall — so war der Klartext des cq-Spruches bekannt, und es lag ein Klar-Geheim-Kompromiß im neuen cq-Verfahren vor, aus dem die Stäbe des neuen cq-Verfahrens rekonstruiert wurden.
Auf diese Weise wurden von 1942 bis September 1944 insgesamt 22 verschiedene Linien und alle cq-Sprüche mitgelesen.

Aus dieser erfolgreichen EntzifferungsArbeit muß gefolgert werden:

1. Es ist unzulässig, bereits einmal verwendete Schlüssel an anderen Stellen wieder zu verwenden.

2. Es ist nicht zulässig, Chiffrierverfahren einzusetzen‚ die gegen Klar-Geheim-Kompromisse anfällig sind.


Google translation with corrections by Frode Weierud:

IV. The American strip cipher system

During the Second World War and until September 1944, the United States used, together other cipher procedures, an encryption system in its Diplomatic Service, Army, Air Force and Navy that was known as the "Strip procedure."

The diplomatic strip system was the most elaborate and equipped with the most variation possibilities. That is why we will concentrate only on this procedure.

The strip procedure in the diplomatic service was an encryption system for regular, scheduled services; but it also allowed for sending broadcast messages from headquarters.
Almost every U.S. mission abroad had a set of 50 strips for encrypted traffic with Washington, on each of which a different scrambled alphabet was recorded twice in succession. Daily 25 of these rods were selected and used in a prescribed order for ciphering: the daily key.

After a few months the whole set of 50 strips was replaced by another set of 50 strips. In addition, every mission of the US State Department had yet another set of strips for decrypting broadcast messages from Washington. Also this broadcast set was changed from time to time.

From a cryptologic point of view the strip system was a periodic substitution cipher.

Soon after starting the investigations of this encryption procedure we succeeded in identifying the period of 25. We also succeeded to partially decipher some extra long cipher texts. It would have been a hard and tedious work, if not some special circumstances would have occurred. One of these circumstances was the fact that when the United States changed a set of strips at one site it would reuse the same set at another site, instead of cancelling it.

A second fact that was favorable for deciphering was that, because of the U-boat blockade, it was not always possible to replace the strip sets in timely manner at all the field offices. In such cases, e.g. a broadcast message, for a site where the new broadcast strip set had still not arrived, was encrypted with the existing special strip set at that office and which had been in use for a long time.

If now this special procedure was solved - and this was usually the case - the plain text of the broadcast message was known, and there was a clear-cipher text compromise in the new broadcast, from which the strips of the new broadcast procedure were reconstructed.
In this way, a total of 22 different lines and all broadcast messages were read from 1942 to September 1944.

From this successful decipherment must be concluded:

1. It is prohibited to use a key already used in other places.

2. It is not permitted to employ encryption procedures that are vulnerable to clear text-cipher text compromises.

Monday, May 9, 2016

New developments in the strip cipher case

During WWII the US State Department used several cryptosystems in order to protect its radio communications from the Axis powers. The main systems used were the unenciphered Gray and Brown codebooks along with the enciphered codes A1, B1, C1, D1 and the new M-138 strip cipher. 

In the period 1940-1944 German, Japanese and Finnish codebreakers could solve State Department messages (both low and high level) from embassies around the world. The M-138-A strip cipher was the State Department’s high level system and it was used extensively during that period. Although we still don’t know the full story the information available points to a serious compromise both of the circular traffic (Washington to all embassies) and special traffic (Washington to specific embassy). In this area there was cooperation between Germany, Japan and Finland. The German success was made possible thanks to alphabet strips and key lists they received from the Japanese in 1941 and these were passed on by the Germans to their Finnish allies in 1942. The Finnish codebreakers solved several diplomatic links in that year and in 1943 started sharing their findings with the Japanese. German and Finnish codebreakers cooperated in the solution of the strips during the war, with visits of personnel to each country. The Axis codebreakers took advantage of mistakes in the use of the strip cipher by the State Department’s cipher unit.

After further (costly) research new information has come to light. Originally I thought that each US embassy had two sets of strips, the ‘specials’ for direct communications with Washington and the ‘circulars’ for messages sent to several embassies and for intercommunication between embassies.


However there’s more to this story:

1). The circular strips were the 0 dash series. 0-1 was used from 1940 till August 1942. 0-2 from August 1942 till March 1943. From March 1943 a new set was used for each month, 0-3 for March 1943, 0-5 for May, 0-9 for September etc. The circular strips used in 1944 were numbered 0-13 to 0-24 for January-December 1944.

However there were two problems with this system.

One was that the embassy in Bern, Switzerland did not have access to the new strips so it seems that they continued to use the 0-2 strips for some time.

Another problem was that distributing the new circular strips to embassies around the world was not always possible, so some posts were told to continue using the old strips till the new ones arrived. This was clearly a security problem and Erich Huettenhain, chief cryptanalyst of OKW/Chi, said in his manuscript Einzeldarstellungen aus dem Gebiet der Kryptologie’ that they relied on reencodements in their efforts to solve the strip system

Ein zweiter für die Entzifferung günstiger Umstand war, daß es wegen der U-Boot-Blockade nicht immer gelang, den auszuwechselnden Stabsatz rechtzeitig an alle Außenstellen zu bringen.  In solchen Fällen wurde z.B. ein cq-Spruch an die Stelle, bei der der neue cq-Stabsatz noch nicht eingetroffen war, mit dem bei der Stelle vorhandenen und seit längerer Zeit in Benutzung befindlichen Spezial-Stabsatz verschlüsselt. Wenn nun dieses Spezial-Verfahren gelöst war, - und das war in der Regel der Fall — so war der Klartext des cq-Spruches bekannt, und es lag ein Klar-Geheim-Kompromiß im neuen cq-Verfahren vor, aus dem die Stäbe des neuen cq-Verfahrens rekonstruiert wurden.

2). A set of strips titled 00-1 (and key table C) were introduced in late 1943 for enciphering the confidential traffic of other US government agencies. In January 1944 the set 00-2 and 00-3 were sent to the embassies in Algiers (Free French), Turkey, Egypt, UK, Calcutta, Portugal, Spain, India, Sweden, Iran, Iraq, Beirut.




3). In April 1944 the strip system FRIBP was sent to Lisbon, Madrid, Tangier, Algiers, London, Dakar for Cross messages (US-British supply program).




4). In June 1944 Sweden, Spain, Portugal, Egypt, Turkey, Algiers (Free French) received strips to be used for the communications of the WRB - War Refugee Board.




5). In June/July 1943 the strip set 60-3 was introduced for intercommunication between the embassies in Bern, London, Lisbon, Algiers and Washington. From January 1st 1944 the strips 60-5 were used for this purpose.







Madrid also received the strips 60-5 in June 1944.




6). The embassy in Bern, Switzerland received 6 new code systems in June 1943. In August they received systems 45 and six sixty, with key tables.

7). During the war the State Department received information pointing to the compromise of the strip cipher system from the embassies in Casablanca, Vichy France, Helsinki, Stockholm and Bern.

8). The embassies in Panama, Turkey, India, Spain reported problems with the strip system. Similar problems (warping of the panel, defects in the paper strips) are mentioned in the military report SRH-366 ‘History of Army Strip Cipher devices’.

9). In August 1943  a strip system was forwarded to Harold J. Tittmann (US Charge d'Affaires to the Vatican).

10). Several alphabet strips that are mentioned in decoded Japanese messages were used by embassies around the world. For example:

Strips 22-1 were used in Egypt and Baghdad in 1941, by Vladivostok in 1942-44, by Algiers in 1943.

Strips 38-1 were used by the embassies in Moscow, Ankara, China, Portugal, Australia in 1942-43.

Overall this is very interesting information and sheds some light into the use of the M-138-A strip cipher by the State Department. 

Tuesday, May 3, 2016

Update on Case Wicher


The war diary of Inspectorate 7/VI, in the report of February 1942, says that an investigation of captured Polish files revealed deciphered German radio messages and this material was forwarded to Inspectorate 7/VI to clarify if the compromise was a result of treason or deciphering and if it was the latter to identify the compromised cipher system.