Wednesday, December 12, 2012

The British War Office Cypher

At the start of WWII and for most of the conflict the standard crypto system used by the British for high level messages was the codebook enciphered with subtractor tables. Both the Foreign Office and the military services relied on these Cyphers for their most important traffic.

The codebook was basically a dictionary that assigned a 4-figure group to each word. For example the word ‘division’ would have the code 5538, ‘attack’ 2090, ‘artillery’ 0231 etc etc. So the cipher clerk would first use the codebook in order to find the code groups corresponding to the words of the message and then he would have to use the subtractor tables in order to encipher them. This means that each codegroup would be subtracted from the key groups (of the subtractor table) without carrying over the numbers.

The War Office Cypher was the Army’s universal high-grade codebook (4-figure) and carried traffic between Whitehall, Commands, Armies, Corps and, later, divisions. There were different sets of enciphering tables for each geographic area (Home Forces, Middle East, etc). The Germans captured two copies of the WOC in 1940. One during the Norway campaign and the other near Dunkirk. The compromise of the code allowed them to focus only on stripping the cipher sequence. This was achieved by taking advantage of ‘depths’ (messages enciphered with the same numeric sequence).

According to TICOM report I-51 ‘Interrogation Report on Ufrz. Herzfeld, Heintz Worfgang and Translation  of a Paper He Wrote on the British War Office Code’, p16-17 (available from site TICOM Archive), in 1941 the German Army’s signal intelligence agency OKH/Inspectorate 7/VI evaluated intercepted British traffic from the Middle East, identified the use of the WOC and from the summer of 1941 was able to solve messages. First back traffic was solved from the Cyrenaica offensive of General Wavell and then messages from Rommel’s offensive in early 1941. In the period September ‘41-January ‘42 current traffic could be read.
This information can be confirmed in part from the War Diary of Inspectorate 7/VI. Unfortunately the reports of Referat 2-England are not available for the period June-September ’41 but from October they show that WOC was read by the department. The report of October ’41 says that WOC traffic in the period November 1940 to March 1941 was enciphered with the same subtractor tables but from April ’41 a new subtractor book was used for each month:

In November-December ’41 the addresses from the solved messages (identifying specific units) were issued in confidential reports:

During 1941 the WOC decodes provided intelligence mainly on the order of battle and movement of British units in the M.E. Theatre. It seems that some of the decoded messages contained strength returns as an Enigma message decoded by Bletchley Park in October ’41 gave a summary of the increase in British ground strength in Egypt and the tank strength estimate was so accurate that the War Office was ‘very concerned’.

The main German success with WOC came during the period November-December ’41, when they could follow the British operation Crusader. The official history ‘British intelligence in the Second World War’ vol2, p298 says:
If under-estimation of the quality of Rommel's equipment was one reason why British confidence was high when the Crusader offensive began, another was the failure to allow for the efficiency of his field intelligence. By August 1941 the Germans were regularly reading the War Office high-grade hand cypher which carried a good deal of Eighth Army's W/T traffic down to division level, and they continued to do so until January 1942. Until then, when their success was progressively reduced by British improvements to the recyphering system, whereas GC and CS's success against the German Army Enigma continued to expand, this cypher provided them with at least as much intelligence about Eighth Army's strengths and order of battle as Eighth Army was obtaining about those of Rommel's forces.

The British knew that the WOC was in enemy hands and could be exploited but they had no alternative than to keep using it. Security was upgraded in late ’41 and from early ’42 the Germans could not solve messages. The traffic continued to be investigated during 1942 and back traffic was solved but not current messages.
This was not the end of the German solution. According to Herzfeld, the WOC used by Home Forces in Britain was solved in 1943. After investigating the intercepted messages in late 1942 it was discovered that the Brits had added code groups in the WOC for the most commonly used phrases.

Based on these findings back traffic of 1942 up to end of January ’43 was read, as can be seen from the War Diary of Inspectorate 7/VI:

This would be their last success with the WOC as in 1943 the subtractor tables were replaced by the new stencil cipher which proved to be unbreakable.

Signals intelligence and codebreaking played an important role in WWII. In the first half of the war the German sigint agencies were able to exploit several high level British cryptologic systems.

One of these was the British Army’s War Office Cypher and the decoded messages from the M.E. Theatre in 1941 gave them valuable intelligence, especially during the Crusader offensive.
Sources: ‘Intelligence and strategy: selected essays’, ‘British intelligence in the Second World War’ vol2,  TICOM reports I-51, I-113, IF-107, CSDIC SIR 1704-‘The organization and history of the Cryptologic service within the German Army’, CSDIC/CMF/Y 40-'First Detailed Interrogation Report on Barthel Thomas’, ‘European Axis Signal Intelligence in World War II’ vol1 and 4, , Cryptologia article: ‘Brigadier John Tiltman: One of Britain’s finest cryptologists’, War Diary Inspectorate 7/VI


  1. Question for you. Besides unqiue tables per geographic region/command, did the WO cipher have different tables/circuits/keys to it for different types of messages? That is, were the Germans reading all important info on all the tables/keys, or were they all combined into one circuit by 1941? Or to put it another way, the traffic they were able to read, was it administrative and intelligence traffic which would give out their own as well as estimates of Axis force tank strength (and indirectly order of battle info), or were they also able to read operational order of battle info directly?

  2. ‘did the WO cipher have different tables/circuits/keys to it for different types of messages?’
    I think that most of the traffic would go through the standard tables (different for each area but used several times) but (if I remember correctly) one time pads were also used for messages of high value. I think that for example strength reports were changed over to otp in order to be secure from cryptanalysis.

    ‘were they also able to read operational order of battle info directly?’
    Unfortunately there is limited information on the German exploitation of the WOC. Obviously the Germans got OOB info and strength returns but I don’t know if operational orders to divisions were generally sent on this system. The British used at division level systems like slidex.