Monday, September 9, 2013

The State Department’s strip cipher – no clear cut answers

The compromise of the State Department’s strip cipher by Axis codebreakers in WWII was one of the worst failures of Allied crypto security. However this case has not received the attention it deserves because there is limited information available.

This is a shame since by reading the US diplomatic traffic the Germans were able to monitor US foreign policy, counter efforts of minor Axis nations to exit the war and even keep an eye on the activities of the OSS station in Berne. It also seems that the Japanese got intelligence of great value by reading the messages of the US Chunking embassy.
The problem is twofold. On the one hand there is limited information available from postwar interrogations of Axis personnel and on the other hand it is very difficult to find out how this system was used by the State Department during the war.

Let’s take a look at these problems.

The efforts of Axis codebreakers
The State Department adopted the strip cipher as its high level system in the 1930’s and used it till late 1944. During that period several countries were able to exploit this system. Japan, Germany, Finland, Hungary and probably Italy were able to solve messages.

Unfortunately the information we have is limited and not always reliable. The fact that many different countries and organizations were involved in the solution of the strip means that the relevant information is fragmented.
In my opinion the following version of events is the most accurate. In late 1937 the Japanese were able to enter the US consulate in Kobe and copy the ‘intercommunication’ strip set 0-1. Using these they obviously read some of the traffic during the period 1937-41 but we do not know how much, with what time lag and whether they also managed to solve ‘special’ strips used by embassies for direct communications with Washington.

In 1941 the Japanese shared the 0-1 set with the Germans. There were three German agencies that worked on the diplomatic strip cipher, OKW/Chi, Pers Z and the Forschungsamt. It seems that they started their investigations of this system in 1941 or even earlier but were probably unable to solve actual traffic at that time. Both Erich Huettenhain (chief cryptanalyst of OKW/Chi) and Hans Rohrbach (Pers Z cryptanalyst) refered to the years 1942-44 when they described the work on the strip and a report of Huettenhain, dated November 1941, says that Pers Z was unable to read messages on a US diplomatic system despite working with a  large staff for two years.


It is not clear if the Italians were also able to read the strips in 1941. Fenner, head of the OKW/Chi cryptanalysis department said in DF-187G that he received strip information from them but no mention of this affair is available in other TICOM reports.

In 1942 things must have changed regarding the 0-1 set (used till August ’42) and the Germans were also able to solve some of the ‘special’ sets. We definitely know that they solved the Berne strips but we don’t have details on much else. It seems that there was an agreement between the German agencies whereby OKW/Chi would attack the ‘special’ strips and Pers Z the ‘circular’ set.
In the same year the Germans gave the 0-1 set plus the ‘special’ strips for Riga and Helsinki to the Finns. The Finnish codebreakers were very professional and they were able to break into several ‘special’ strips during the year (Helsinki, Moscow, Madrid, Berne, Ankara, Stockholm, Beirut, Casablanca and probably others). Although in 1944 the Finns claimed that they hardly cooperated with the Germans that was definitely not true regarding the strips. They obviously exchanged results and in 1943-44 there were visits of Finnish personnel to Berlin and of German codebreakers to Finland to clarify the solution of the strips.

In 1943 the Finns revealed their success to the Japanese and gave them several ‘special’ sets. This became known to the Anglo-Americans through signals intelligence. The decoded Japanese messages betrayed the Finnish success.


The American reaction was first to claim that the cryptosystem was not the strip cipher and later to attribute enemy success to physical compromise.



It is not clear what security measures were implemented to secure the strip system other than changing the compromised strips with a new set. It seems the Americans did not want to believe that the Axis countries could read their high level system…

The Germans were able to solve the Berne ‘special’ strip in 1943 and thus read not only diplomatic messages but also communications of the OSS. In late 1943 (or early according to another report) Pers Z solved the 0-2 ‘circular’ set used from August ’42 to March ’43. All messages were decoded with the help of a decoding machine called the ‘Automaton’.
Other ‘special’ and ‘circular’ sets must have been solved during the year but again we don’t have those details. The codebreakers of OKW/Chi built a special cryptanalytic device called the ‘Tower clock’ (called statistical depth increaser in a US report) for work against the strip.

During 1943 there seems to have been a change in policy by OKW/Chi regarding the assignment of work on the strips. It seems that the previous arrangement whereby the ‘circular’ (0 sets) strips would be worked on by Pers Z was cancelled. Instead OKW/Chi worked with the Finns, giving them strips 0-2, 0-3, 0-4 and 0-5. The Hungarians were also involved in strip work and communicated with the Germans and the Finns but again details are lacking.
In 1944 it seems that the US authorities finally took measures that made the work of the Germans harder. Their efforts were hindered but not defeated. According to Huettenhain ‘about 1.5 years ago (Jan 1944) the strip system was made more difficult so that only certain lines could be read, for instance Berne to London, near the end nothing could be read’. In an unpublished manuscript written in 1970 he said: ‘In this way, were read by 1942 to September 1944, a total of 22 different links and all cq (call to quarters) messages’. It seems to me that the US measures had something to do with the special strips, either changing them more often (each month?) or giving them a different ‘key’ for each day (the standard system had only 40 different arrangements for the strips).

In the summer of ’44 the Germans started to give the Japanese representatives some of the strips they had solved. It seems this was a decision taken at the top and was probably connected with the worsening situation at the front.

 
How successful was the German effort? Unfortunately the statements made by Huettenhain and Wolfgang Franz (OKW/Chi cryptanalyst) are full of generalities. It is obvious that they were withholding the full extent of their success. Huettenhain said to the Anglo-Americans that ‘we can no longer state how many different sets of strips were reconstructed; probably 10 to 20’ but postwar he wrote that 22 ‘specials’ and all ‘circulars’ were read. Franz who was in charge of the strip solution said in 1949 that his agency intercepted 70 different ‘traffics’ and solved 28 ‘circuits’.

The Finns also warned the Americans about the strip cipher in September ’44. US official Randolph Higgs after meeting colonel Hallamaa (head of Finnish sigint) wrote:

They [the Finns] had been greatly aided in their work on breaking our strips by carelessness on our part in the preparation of messages; (for example) we were constantly putting information in ciphers they had already broken regarding messages in new ciphers, after which they could 'crack' the new ones.

His general confidence in their ability to decode any of our messages anytime they wanted to, suggests very strongly that they do just that.

From these statements it is obvious that the Axis codebreakers were much more successful with the strip system than has been acknowledged so far. More research is needed to reveal the full extent of their success. In the case of Italy and Hungary we know practically nothing regarding their work on the strip.

State Department cipher policy

The second problem in researching the strip cipher is the lack of a US report detailing the way the strip was used at different time periods. We know that each embassy had 50 ‘special’ alphabet strips and 50 ‘circulars’. Out of these 30 were chosen each day.
How long was the period of validity and how were the daily keys selected? From German reports and Japanese messages it seems that after mid ’42 the ‘circulars’ were valid for roughly 6 months while the ‘specials’ were used without a specific system. Some were valid for 2 months others for 10.  Important embassies probably changed the ‘specials’ after 2-4 months.

The question of ‘keys’ is interesting. The State Department did not have a different arrangement of the 30 strips for each day. Instead there were only 40 ‘keys’ used during the period of validity. Perhaps this changed in 1944 but it’s not clear.
Another interesting fact is that the embassies were not given different keys but had all the same system. According to David Kahn in 'Finland's Codebreaking in World War II':

Each post had its own set of strips; the key changed daily but was the same for all posts. This cryptographic weakness was probably permitted for logistical reasons.’
This was a serious mistake. It was not the only one made by the State's cipher department. They also reused some of the ‘special’ strip sets.

 

These and other mistakes facilitated the Axis solution of the strips. At this time there are many unanswered questions but I’m optimistic about the future. With a bit of luck more details will come out and I will be able to write a detailed account of the strip case.
Sources: various TICOM reports, ‘The Codebreakers’, ‘In the Name of Intelligence: Essays in Honor of Walter Pforzheimer’, ‘History of Venona’, ‘Japanese Intelligence in World War II’, British archives HW 40/132, Cryptologia article: 'Report on the decipherment of the American strip cipher 0-2 by the German Foreign Office', SRH-366 ‘History of Army strip cipher devices’, ‘Swedish signals intelligence’, ‘From Information to Intrigue’

Acknowledgements: I have to thank Frode Weierud, Michael van der Muelen and Ralph Erskine for sharing some of the information presented in this essay.

No comments:

Post a Comment