Monday, July 23, 2012

The Slidex code

In the construction and use of tactical cryptologic systems there are two conflicting requirements. One is security and the other is ease of use. If a system is highly secure but hard and time consuming to use then important messages might be secure from cryptanalysis but they could arrive too late, with disastrous consequences. On the other hand if a system is extremely easy to use but insecure then the messages will get through on time but the enemy will also be able to read them.

In the last years of WWII the British and American militaries used extensively the Slidex code which, unfortunately for them, belonged in the second category. It was easy to use and well liked by troops but its security was illusory!

Slidex consisted of two parts. A card with 12 columns and 17 rows producing 204 rectangles and two coordinates strips, one vertical strip on the left and one horizontal strip on the top. The card and the coordinates strips were placed in a metal frame.


Note that the pic from cryptomuseum lacks the coordinates strips.

The rectangles on the coordinates strips had a random letter, so that each word could be represented by a bigram.
Each rectangle on the Slidex card had a word or phrase on it plus a letter or number. The words or phrases were those most likely to be used by military units, for example DIVISION, ARTILLERY, ATTACK, AT ONCE etc.

What happened if one wanted to send a word that was not on the Slidex rectangles?  In order to allow for that eventuality the same rectangles had numbers or letters printed on them. This allowed the operator to spell words that were not included in the Slidex card, or include numbers.
In order to do so he had to use one of the SWITCH ON rectangles (there were several). After that he could use the letters or numbers in the rectangles and then end this part with one of the SWITCH OFF rectangles.

A reconstructed Slidex card is available from the report E-Bericht 6/44 of FNAST-9 (Feste Nachrichten Aufklärungsstelle -Stationary Intercept Company)


Each card was valid for a specific period of time, from several days to a month. The coordinates strips changed daily. [Sources: EASI vol4, p149 and vol5, p83, The Slidex R/T code]

Slidex was used extensively by the Anglo-American armed forces from operation Overlord till the end of the war. Usually it carried low and mid level traffic (up to division) however it was sometimes used for higher level messages.

Its main advantage was that it was easy to use by fighting troops.
German success with Slidex

Unfortunately for the Allies that ease came at the expense of security. German codebreakers found it easy to reconstruct the Slidex tables. In fact all the post-war interrogation reports agree that it was one of the easiest Allied systems in the period 1944-45 (although they probably refer to all the Allied table substitution type codes).
German success with Slidex started in late ’43 – early ‘44 during the Allied pre-invasion training exercises. The training traffic was successfully solved and this effort allowed the German forward units in France to familiarize themselves with this traffic and successfully solve the operational messages, after the Allied landings.

Since Slidex was used extensively by both British and American ground-troops and their airforces it gave the Germans good intelligence on tactical operations and especially requests for air support. This allowed them to quickly notify the endangered units and minimise losses.
Their efforts were assisted by a blunder on the part of the Allied cryptologic authorities. The code was supposed to be used only on the parts of the message that could be of value to the enemy and not the whole message! This meant that messages were a mixture of encoded and plaintext words. Obviously this made it much easier for the Germans to guess the meaning of the encoded words.

American dissatisfaction with the Slidex’s poor security led on January 6, 1945, the Signal Division to recommend that Slidex be replaced within the U.S. forces. [Source: The Slidex R/T code]
Battle of the Bulge

After D-day, Slidex was used by the American Army. When the Germans found that the American Military Police were using Slidex to report all Army units which passed their control points, the deciphering of Slidex was given high priority. [Source: EASI vol4, p150]
David Kahn mentions the importance of Military Police traffic for German planning of the Battle of the Bulge. From The German Comint Organization in World War II’, p8

One of the most valuable operational results of signal intelligence in the west came during the Battle of the Bulge.
After Hitler had struck in the Ardennes in December 1944, the Americans brought up troops to push the German back. The military police battalion in the U.S. 1st Army zone controlled much of this traffic, which moved according to itineraries fixed by higher authority. The Germans soon discovered that the battalion broadcast these itineraries in cipher to all its control points-the Germans knew of 35 of these and located 22, many at the intersection of two French national highways. The messages gave the name of the unit, its time and place of departure, route, average speed, numbers of vehicles and of march blocks, and destination and time of arrival. The radio reconnaissance unit estimated that it intercepted about 90 percent of these broadcasts and so ascertained almost 100 percent of all units with itineraries. Those without itineraries and those going around this area were not spotted, it said. This gave the German command on the western front an accurate picture of which enemy forces were coming up and where, enabling General Hasso von Manteuffel to shift his 5th Panzer Army and so sidestep the Allied blow.

The military police code is also mentioned in FMS P-038 ‘German Radio Intelligence’, p84-85

 


It seems to me that this MP code must have been the Slidex. This is confirmed from a file in ADM 223/505 ‘Cypher security and W/T (Wireless Telegraphy) deception’.


This event shows that even the compromise of low/mid level codes can sometimes have strategic consequences.

Primary sources:
Time to take a look at some TICOM reports.

From ‘German analysis  of converter M-209 - POW Interrogations’, p1
Included in this training was a system indexed as EC-5 (English Code No. 5) his system was later referred to as the SLIDEX and was assumed to be a rectangle 9x12 upon which code values were written in cells located through diagraphic coordinates applied first at the top and then at the bottom. The "Slidex" was easily and regularly solved. ‘G’ felt that this yielded a considerable amount of valuable intelligence particularly as to bombing and artillery objectives.

From CSDIC/CMF/Y 40 - 'First Detailed Interrogation on Report on Barthel Thomas’, p3
III. The SLIDEX

This was worked on since May 44. It was developed from the early EC 5. It was a far better system especially as it enabled three variants for clear text (DREIFACHE BUCHSTABENBELEGUNG) and ‘double-variants’ for clear SWITCH-ON and SWITCH-OFF. At the same time, the variable cursor system often resulted in settings which allowed the ‘pairing up’ of messages set on the same lines, or on the same columns. Parts of the cursor-settings could often be reconstructed, even before the text was broken.

(a) The EC 30/3
The SLIDEX referred to by the Germans as the EC 30/3 was reconstructed by 9 Fixed Intercept Sta in May 44. Traffic intercepted had been originated by ALOs links (FLIVONETZE) in UK. Control of these links was always at Corps level and reading of traffic gave an insight into Corps O of B, etc. PW states that traffic was British and not American and that as far as he could make out the ALOs were Army and RAF officers. The Germans were very surprised to see that this field-code, without any alteration whatsoever, was used by the ALOs links on D-day and a good few weeks after 6 Jun 44, allowing the enemy to discover at once the Corps 0 of B, with details down to Bdes. This kind of work was handed over to 5 Intercept HQ at ST GERMAIN at end Jun 44, This unit succeeded in reconstructing several more SLIDEX tables, to which were added captured specimens during summer and autumn.

(b) The EC 30/20 ( S and T)
The SLIDEX called DC 30/20 (S & T) was reconstructed by 7 Intercept HQ. Traffic was originated by supply units of 8 Army. Tactical messages had been read till end Sept ‘44, when they stopped - according to PW - and 4-figure traffic was signaled, which was suspected to be reciphered code, and was not broken.

According to TICOM I-109 ‘Translation of a Report by Lt. Ludwig of Chi Stelle OB.d.L, based on questions set for him at ADI(K)’, p21 decoded SLIDEX messages revealed air support requests and  were immediately passed to the unit concerned in order to take measures against aerial bombardment.

In Page 38 he says:
B. Slidex system.

Bigram substitution System.
In use in the army (front line units) and in air support networks (tentacle networks). The system was known from the monitoring of exercises in Great Britain before the invasion, e.g. "Spartan". The cryptanalytic detachments in army and GAF wore able to get so much experience on these exercises that decoding worked well right at the start of the invasion. Recovery was done in the army again at NAA St 5 in the GAF in 14/3 W control 3. Decoding was often done with so little delay that the messages could be dealt with like clear text in the evaluation. The results were of more importance to the army than to the GAF, but they provided the latter too with valuable indications, e. g. elucidation of the individual corps tentacle networks, reconnaissance operations (c.r. 400 and 414 Squadrons) etc. The messages decoded daily were exchanged between Army and GAF in the form of written reports.

From TICOM I-113 ‘Interrogation of Major Dr. Rudolf  Hentze, Head of Gruppe IV (Cryptanalysis) General der Nachrichtenaufklaerung’, p3
Slidex:

This was extensively read, MP nets in particular being a fertile source of intelligence. British and Americans were equally bad in their use of it, particularly in employing Slidex for messages which should have gone in a more secure system. They were able to break currently and in many cases five or six hours after the start of the day. One of the main aids to entry was the fact that operators used the left-hand alphabet almost exclusively. They were able to break in before the invasion and could hold on, with the help of cribs and stereotyped language, in spite of the improvement in operators' habits after September. Asked for specific cases of "insecure units, P/W quoted the ‘2nd Airborne Division’, 'CCA' and 'CCB' (Note: this looks like a confusion. These are terms used in American Armored divisions: 'the 2nd was in the Northern sector of the American front during the campaign). P/W commented that they were much happier with a message wholly in slidex than with a mixed clear and cipher message, which did not give so many frequencies.

2 comments:

  1. Slidex was still in use in the British Army up until about 1980. The letters on the cursors were set each day in the daily Signals Instruction for the unit/sub unit, which also contained details of radio frequencies etc. In addition to the letters, the first five spaces were numbered 1 to 5 in a random order given in the Signal Instruction. This would then give 25 (5x5) variants of the bigram sets. The user had to inscribe the cursors with the numbers and letters as given. He would slide the cursors to a chosen position, eg 2 horizontally and 4 vertically. The message would then consist of the two initial numbers plus bigrams which were the body of the message read from the table. If a message exceeded a certain length (and I can't now remember what) the cursors would have to be reset. The recipient would have to have the same Signal Instruction as the sender and therefore their slidex cursors set up in the same way. To decode, they would set the cursors to the numbers given, and then read the code words / spelling using the bigrams. A certain amount of security was obtained if the radios were of limited range as the enemy would also have to be within that range to detect the message.

    Additional security could be obtained by changing the cursor codes more than daily, eg every four hours or even hourly, but this greatly increased the burden of providing the signals instructions which would be produced in the field by means of a stencil duplicator. The code cards were pre printed for various arms / types of unit (eg Infantry, Artillery, Engineers etc) and although it was theoretically possible to change these daily with the signal instruction, so that different word / letter combinations would appear in different places, in practice this never happened. It was taught that Slidex was of limited time value, and that in the 6 days war, the Egyptian army had used every available combination of letters and codes within one day, so that the Israeli army had complete knowledge of what they were sending. Presumably the Russians had also got complete knowledge of what was being sent!

    A further weakness of the system was that it was used to send preformatted reports and returns at specific times, eg troop strengths, locations etc. Each radio net / frequency would have it's own Slidex key settings. A message sent from a Company to Battalion using the Battalion net settings may subsequently be resent on the Brigade net using the Brigade net settings. The signaller would simply decode the message using the Battalion net Slidex wallet, and then recode it using the Brigade net wallet and send it to Brigade. Anyone listening to both nets, and using a bit of intelligence would then be able to break the code easily.

    ReplyDelete
    Replies
    1. I remember its use in the Bundeswehr in the early 70s, called Tarntafel.

      Delete