Monday, July 2, 2012

US military attaché codes of WWII

The cryptologic systems used by US military attaches prior and during WWII were the Military Intelligence Code and the War Department Confidential Code. Thanks to physical compromise of these codes and their enciphering tables German and Italian codebreakers were able to read the secret US attaché communications.

The greatest success for the German side was reading the messages of the US military attaché in Cairo. These provided Rommel with excellent intelligence and definitely contributed to his military operations.

The good source
One of the most famous episodes of WWII signals intelligence concerns colonel Bonner Fellers, US military attaché in Cairo during 1940-2, whose detailed reports were intercepted and decoded by the codebreakers of OKW/Chi.



Fellers was a graduate of West Point and former assistant of General Douglas MacArthur. He was posted to Cairo in October 1940. His job was to provide Washington with detailed information on all important military operations. The British gave him access to their facilities and shared sensitive information since he was the representative of the country that was basically financing their war effort.
Fellers used the Military Intelligence Code No11

Military Intelligence Code No11 was a 5-letter codebook, printed in 1933. It was enciphered with substitution tables.

His messages had the address ‘MILID WASH’ or ‘AGWAR WASH’.

In his reports he mentioned morale, the transfer of British forces, evaluation of equipment and tactics, the location of specific units and often gave accurate statistical data on the number of British tanks and planes by type and working order. In some cases his messages betrayed upcoming operations. A British commando raid on German airfields was thwarted (with heavy losses for the Brits) because it was mentioned in one of his messages.
The Germans were obviously interested in the US military attaché traffic.
Reports differ on the exact level of success they had prior to receiving material from their allies. Fenner, head of the cryptanalysis department of OKW/Chi says they had none. Flicke head of the Lauf intercept station says in DF-116-Z that they first broke into the system in July 1941 but initially could read only parts. In DF-116-Y he says ‘the first messages in the Intelligence Code and the Confidential code were read somewhere around December 1941’.

In any case what is not up for discussion is the fact that they received help from their allies.
Their Italian and Hungarian allies were able to assist them in breaking these codes.  The Italians had a very effective team that entered embassies and photographed the codes. In 1941 they were able to make copies of the Military Intelligence and War Department Confidential Codes. These code however were enciphered which meant that simply having the codebooks was not enough. Here the Hungarians were able to help. According to Fenner the Hungarians were able to photograph the substitution tables used with the MI code.

These aids allowed the Germans to ‘break’ the codes. Once they succeeded they could solve the new tables cryptanalytically thanks to the standard form of the reports. In the case of Fellers top priority was given in intercepting and decoding this traffic. In 1942 It took only a few hours for the decodes to be solved, translated and forwarded to Rommel! The Fellers reports were greatly valued by Rommel. They certainly gave the Germans a unique look inside the Anglo-American camp. Even Hitler had an interest on these messages. Over lunch with Goering he said ‘Let’s hope that the U.S. legation in Cairo keeps us well posted about Britain’s military planning, thanks to their poorly encoded telegrams’.

The blaming game
The German success could not go on forever. During the fighting in North Africa the Brits started to suspect that the Germans had a high level source. After comparing a decoded German message with a report that came from the American mission they saw that it was practically identical. This convinced them that an American cipher used between Egypt and Washington was being read by the Germans. When the Americans were notified of this affair they did not initially believe that their representative was the source of the leak. This back and forth between Americans and British took a long time but eventually the attaché code was changed.

Obviously the Brits were not pleased by these delays in securing the code!
The legendary US codebreaker Frank Rowlett describes this episode in his 1974 interview by the NSA:

G2' s reaction was somewhat as follows: This could not happen in G2. It could not be Fellers. It must be the British and therefore we should respond that it is not an American leak. You had better go back and look at your own people because the only possible way we could have a leak is through our representative. We're convinced that he is secure and that the people on this end who read his reports are secure and they're not getting in the German hands. So we are not to blame. You are to blame. That was the answer……………………………………..It must be your people and your codes Lord Halifax.



Eventually the Americans admitted the compromise and changed their cryptosystem:
We found these messages in short order. The three messages identified by Kully in his transmission from GCHQ of the text and the British proposal. What did we do about it? Within 24 hours the military observer in the North Africa had received an ABA. A unique set of wheels. The ABA being the ECM.

 
Flicke has a different view of how the Fellers affair was betrayed. In ‘War Secrets in the Ether’ he says:

Then the miracle occurred. No, it was no miracle, it was a tragicomedy. It was so comical, so idiotically funny, that it had the effect of a passage from a dime novel. Or it was like a bad joke.

It was Saturday, 27 June 1942. I had turned on the broadcast of the Deutschlandsender and was listening toward 6 o'clock in the evening to the announcement of a radio drama. "We are offering a drama with scenes from the British or American information bureau", the announcer said. "Well, this is going to be good", I thought, but left the apparatus tuned in while I occupied myself with some work. Suddenly, I pricked up my ears; the drama had as its subject "Events in North Africa" and political and military matters were involved. One of the characters represented the American military attache in Cairo, and now there followed a discussion of his extensive supply of information and the way he sent it on to Washington.
I was speechless. To think that the German broadcast was putting on something that countless people were trying to censor! The drama was genuine. It was only too well played. But how did these people get the information?

In DF-116-Y apart from the Deutschlandsender he mentions the following:
During the war there was stationed at the Vatican a diplomatic representative of the U.S.A. who stood in radio communications with Washington like any other ambassador or minister. In a radiogram sent to Washington in June 1942, enciphered by means of a diplomatic code book, one could read of a conversation which representative of the Vatican had had with an Italian of high position. During this conversation the Italian had mentioned that the Germans could read the most important cryptographic system of the American Military Attaché. The American representative had learned this at the Vatican through a Vatican official and was therefore warning the American War Department against any further use of this cryptographic system.

Weisser (of OKW/Chi) also says that it was the Italians who betrayed the German success.

It seems that both were referring to a telegram sent on July 24 1942 by Leland B. Harrison, US ambassador to Switzerland, to assistant secretary Gardiner Howland Shaw (who was in charge of the State Departments cipher unit) warning him that an Italian official had met with Harold Tittmann (US representative to the Vatican) and had told him that the US diplomatic code used by the embassy in Egypt was compromised. The Germans obviously solved this message and thus attributed the end of the Fellers telegrams to Italian treachery. 



However looking at the dates it’s clear that this was not true. Fellers changed his cryptosystem in June 1942, while this telegram was sent in July. On 29 June 1942 the Fellers leak was finally plugged and the Germans lost their good source.
Depending on the source Fellers was given either the M-138 strip cipher or a SIGABA machine.

Was Fellers to blame for this whole episode? The answer is no. He was not responsible for the security of the MI code. His mission was simply to report back to Washington using the officially designated code. It was not his mistake that he was not provided with a secure system.

Other attaché links
The Germans were also able to read the communications of other attachés. Unfortunately specific information on the attaché links that they exploited is hard to find. According to German sources the communications of the US attaché in Moscow were read.
In TICOM I-201 it is mentioned that messages from Baghdad and Teheran were solved.

Also according to ‘Swedish signals intelligence’ the messages of the US attaché in Stockholm were read by the Germans in 1942.


Primary sources:
Time to take a look at the information from TICOM reports:

2. How did OKW/Chi obtain the code and deciphering tables of the Military intelligence Code?

This has to do with the period shortly before the departure of the U.S diplomats from Bucharest or Budapest. Summer of 1941 (?). OKW/Chi naturally was interested in reading re-enciphered messages of the U.S. Government because it was to had expected that their content would be of moment. Attempts at solution failed. The work suggested a complicated re-encipherment, apparently changing often. For between telegrams even of relatively close date there were no parallel passages (repetitions of group of letters). It was suspected that perhaps there was a daily change as was characteristic for U.S.A. tables. Thereupon work on the traffic ceased.
One day I received courier post from Rome. In it was a U.S. code. The attempt to solve by this code the unsolved traffic was done only by sampling and naturally had no success. In any event the re-encipherment could not be reconstructed. Some months later I received by courier post from Budapest some re-encipherment tables, clearly of American origin. If I remember rightly, each of these tables had a serial number and an indicator group then a horizontal plain alphabet and some substitution alphabets. According to the instructions for use, such a table was valid only for a limited time; I believe, several days. I then had an experiment tried to see whether the tables and the code went together. In about one hour my expert told me that the experiment had been successful; for OKW/Chi had messages fitting into the period of validity. From this time on the messages were read even when there were no tables available. The break-in was accomplished by using stereotyped telegraphic phrases.

I think this system was also used by the U.S. Military Attaché in Cairo. The re-encipherment material was photostated. I was told it had been removed temporarily from the baggage of a U.S. Ambassador departing from Bucharest (?) Budapest (?). (My assumption is as follows: When the U.S. Ambassador was leaving Bucharest before Rumania’s entry into the war, he had a stay of some hours in Hungarian territory. At that time his baggage, which may not have been sealed, was opened and the re-encipherment was photostated. The originals were supposed to have been returned promptly and un-noticed. That is the story which was given me. I do not know whether it corresponds with the truth. If this system and not the strip cipher was used by the U.S. Military Attaché is Cairo down to the battles around Tobruk but was then replaced, that may have been in connection with the introduction of a cipher machine. However the War Department may also have heard something to the effect that this system had been compromised.
Regarding this affair Regierungsrat Helmut SCHULZ probably is better informed.'In June 1945 he was in Weihenkirchen near Bad Aibling.

Fenner was head of the cryptanalysis department of OKW/Chi.


American Cyphers: The most important success of his section was the solution of the W.D. Military Attaché system, which was used by the Military Attaché of Cairo until 1943. ‘In 1942, Chi received from the Italians the Military Intelligence Code and Attaché Code with some recyphering tables, which changed at first every two months and later at shorter intervals. The main traffic was between Cairo and the War Department at Washington. In 2-4 weeks we succeeded in breaking the new tables, so that the Military Attaché reports on the North African campaign could be read currently, until this system was replaced by a cypher machine. The VNs were sent as quickly as possible (by telephone) to Marshal ROMMEL’.
The Military Attaché Code was used from 1919 until 1940 but messages were always unimportant.


6. American Systems.
a) Military Intelligence Code.

In the winter 1941-1942, OKW/Chi got from Japan a copy of the Military Intelligence Code, and at the same time a courier luggage was intercepted in the Balkans which contained the enciphering tables. So work could be started, and the deciphered news gave important information about the North African theatres (The code was used by the Military Attaché in Cairo). After some weeks, new tables came into force, and the decipherment took place as follows:
As far as I can remember, there were 10 tables, 5 of which were reciprocal. It was a one-letter system, each table covering the material for 20 letters, i.e. 4 subsequent code words. For each table, there were five indicators. The first problem was to put the indicators into order. This was solved by a statistics of about the 20 first words of every telegram (at about this spot a new indicator came into force which however, being enciphered, was not recognizable. After the material had thus been put into order, the very work of enciphering could begin. This was rather easy at first, because we had some telegrams from Baghdad with stereotypic beginnings (if I remember right: "From Bullivant to Maxwell"). After the first table had thus been solved, owing to the reciprocal system also the second table was solved. The indicator of the second phase of the telegrams beginning by the first or second table now being deciphered, the material for the following tables was increased. For the next tables stereotypic beginnings were hardly necessary on account of the fact that in many cases the continuation of the text could easily be concluded, especially if the change of an indicator took place in the midst of a spelled word. For instance, if the last word of the first indicator was ir, the first word of the second table had to be an. Thus we needed at the beginning about 100 telegrams for the solution of a system, which meant that about two weeks after the introduction of a new system all tables were solved. Later on we had no more stereotypic beginnings, but trained by practice, we did not need them anymore, so that about 70 telegrams were sufficient to solve a system. At the time of the Rommel offensives, the telegrams thus encyphered (they contained exact data about strength, losses, location) were surely of highest importance to the high Command (although the work was never appreciated) and perhaps it is no chance that the defeat of El Alamein coincided with the fact that the Military Attaché at Cairo stopped using this code. As we were informed later, our activity was compromised by the Italians. The system continued to be used in the Baghdad and Teheran traffic, and we still continued to solve the tables, although the work got harder and harder, because the material decreased considerably so that we were forced to make statistics throughout a telegram which had a special difficulty as you never knew the phases. And yet, on the other hand, by this method it was possible to solve indicators in the middle of telegrams. Thus we succeeded in solving also the last system covering only about 50 telegrams, but the news contained therein was of no importance after El Alamein. Whether afterwards the code was used but with a new kind of system was never found out. It was suggested that the code was replaced by strip cyphers.

b) Military ? Code.
I do not remember the name. The system was of the same kind as the Military Intelligence Code (the one covering European, the other non-European countries). The code and the tables were compromised in the same way as the Military Intelligence Code. The news was not of such Importance as to influence the course of the war.

Sources: TICOM reports DF-116-Y, DF-116-Z, I-199, I-201, DF-187G, D-69,  ‘War Secrets in the Ether’ by Wilhelm Flicke-pages, ‘The codebreakers’, The Crusader Project, ‘Churchill’s war vol2’, ‘Rommel’s Intelligence in the Desert Campaign’, NSA interview of Frank Rowlett - NSA oral history 1974, ‘The history of codes and ciphers in the United States during the period between the world wars part ii. 1930-1939’.


Fellers photograph from warfarehistorynetwork

4 comments:

  1. So I understand the timeline here and in open sources published, Sept'41 approx the Hungarians are able to copy/photograph the substitution tables in the US Army attache code (the one used by Fellers and company); then early Dec'41 the Italians able to copy the enciphered code itself; So first Hungarians and then Italian intelligence success each contributed their "half" to the eventual goal of making the information into "intelligence," by themselves each of the two Axis successes here did not solve the Attache cipher, but it took both pieces being put together. Thus then by using both espionage successes together the Germans late Dec'41 able to "read" the signals themselves, making them available to field commanders (ie Rommel) by January '42 regularly approx? - Mark

    ReplyDelete
    Replies
    1. From Fenner and Flicke’s reports it seems that the codebooks were received in the summer of ’41 but the enciphering tables in end ’41. The German success seems to have lasted from December ’41 to 29 June ’42.
      By having both the codebook (which did not change) together with the enciphering tables (which changed every couple of months) the Germans had complete access to the secret messages. Of course once the tables were changed they had to solve them cryptanalytically which was easy since they had ‘cribs’.
      Since the Seebohm unit was captured after the Fellers code was changed I didn’t include them in my piece.

      Delete
  2. Some sources say around August'41 the Hungarians did their black job on the US Army attache "Black Code," the Italians in early December'41 before Pearl Harbor. And again it was having to put both pieces together to "make it work" was what was required, to be able to successfully read the US "Black Code." And writers have pointed out it was the capture of Capt. Seebohns (sic) signal intel unit's documents in one of the early El Alamein battles in Aug(?)'42 that provided the final confirmation that suspicions were right about Rommel "reading their mail", correct ? - Mark

    ReplyDelete
  3. Wilhelm Flicke's story that the Germans learned that the Italians betrayed the success against the attache system by decrypting a message from the U.S. diplomatic representative at the Vatican is wrong in detail. In a 1972 interview with the noted Jesuit historian Robert Graham the diplomat in question, Harold Tittmann, noted that his mission had neither a radio nor cryptosystems. To communicate with Washington he prepared his dispatches in clear and passed them to the papal secretariat of state for inclusion in the Vatican diplomatic pouch for Berne, Switzerland, where the dispatches were transferred to the U.S. legation for encryption in the legation's ciphers and transmittal to Washington as "from Tittmann." Tittmann had no ciphers at the Vatican because under State Department regulations only formal diplomatic and consular missions could receive cryptosystems. The U.S. delegation at the Vatican was not a formal embassy, legation, or consulate. Tittmann represented something called the "The President's Personal Representative to His Holiness Pope Pius XII," which fell into no established State Department category and, thus, did not qualify for ciphers.

    ReplyDelete