Sunday, August 2, 2015

Allied agents codes and Referat 12

In the course of WWII both the Allies and the Axis powers were able to gain information of great value from reading their enemies secret communications. In Britain the codebreakers of Bletchley Park solved several enemy systems with the most important ones being the German Enigma and Tunny cipher machines and the Italian C-38m. Codebreaking played a role in the Battle of the Atlantic, the North Africa Campaign and the Normandy invasion. 

In the United States the Army and Navy codebreakers solved many Japanese cryptosystems and used this advantage in battle. The great victory at Midway would probably not have been possible if the Americans had not solved the Japanese Navy’s JN25 code.
On the other side of the hill the codebreakers of Germany, JapanItaly and Finland also solved many important enemy cryptosystems both military and diplomatic. The German codebreakers could eavesdrop on the radio-telephone conversations of Franklin Roosevelt and Winston Churchill, they could decode the messages of the British and US Navies during their convoy operations in the Atlantic and together with the Japanese and Finns they could solve State Department messages (both low and high level)  from embassies around the world.

Radio intelligence and codebreaking played an important role not only in the military and diplomatic fields but also in the shadow war between the Allied intelligence agencies, the European Resistance movements and the German security services. In the period 1939-41 German troops conquered most of continental Europe and the occupied countries were forced to contribute to the Axis effort by sending raw materials, agricultural products and forced labor to Germany. Thanks to the blockade of German occupied Europe by the Royal Navy and the harsh demands of the German authorities life in the occupied areas was bleak. Discontent over German occupation led many people to join resistance movements and oppose the authorities, either by printing and distributing anti-Axis leaflets and books, by sabotaging war production or by directly attacking the German troops and their collaborators in the government and the civil service.

The British intelligence services SIS - Secret Intelligence Service and SOE - Special Operations Executive helped organize and fund the resistance movements and they even supplied them with weapons through airdrops. Besides sending their own intelligence teams into occupied Europe and working together with the home grown resistance movements they also collaborated with the intelligence services of the European Governments in Exile, most of whom where based in London during the war.

The British agencies SIS and SOE were not the only Allied organizations sending spies into Europe and supporting the growing resistance movements. The American OSS - Office of Strategic Services also conducted its own operations in occupied countries and so did the intelligence department of the Polish General Staff.
The German security services and the Radio Defense Corps

The German agencies tasked with securing the occupied territories and opposing the Allied intelligence agencies and resistance movements were the military intelligence service Abwehr, the political security service Sicherheitsdienst, the regular police Ordnungspolizei, the secret military police Geheime Feldpolizei and the Radio Defense departments of the Armed Forces and the Police.
The OKW Funkabwehr

The High Command of the Armed Forces – OKW (Oberkommando der Wehrmacht) had a radio defense department tasked with signals security and the interception of illicit radio transmissions. The department was part of the OKW signals directorate and its designation was OKW/WFSt/WNV/FU III. WNV/FU III was a militarized organization and cooperated closely with the Army’s signal service. Apart from fixed intercept and direction finding stations they also had five mobile units, the 612, 615, 616 Intercept Companies and the 1st and 2nd (GAF) Special Intercept Companies (1).

The OKW Funkabwehr was responsible for the monitoring of illicit radio transmissions in Northern France, Belgium, Southern Holland, Italy, the Balkans and parts of the Eastern Front. Regional branch offices (Aussenstellen) were established at Paris, Lyon, Brussels, Oslo, Vienna, Warsaw, Rome, Prague, Athens, Belgrade, Bratislava, Klagenfurt and Varna.

An undercover Funkabwehr station operated in Madrid, Spain and cooperated with the Spanish intelligence services.
The Order Police Funkabwehr

The civilian police force Ordnungspolizei (Order Police) set up its own radio defense department in the late 1920’s and according to postwar reports there were fixed intercept stations (Beobachtungsstellen) at Berlin-Spandau, Cologne, Constance, Vienna, Nuremberg and Oldenburg plus mobile units called Polizei Funkaufklärungskompanien. During the war the organization was expanded in order to counter the rising numbers of Allied agents and Orpo Funkabwehr units were responsible for the monitoring of illicit radio transmissions in Southern France, Holland, Norway, Germany and parts of the Eastern Front (2).
Both the OKW and the Ordnungspolizei Funkabwehr departments cooperated with the security services (3) and although there were rivalries and duplication of effort it seems that there was regular exchange of information, at the top level, on agents’ details and cipher systems (4). On the other hand cooperation between WNV/FU III and Orpo field stations depended on the local conditions (5).

Breaking Allied agents codes
The Radio Defense departments of the OKW and Ordnungspolizei monitored the airwaves for unidentified radio traffic and used direction finding equipment in order to locate the sites of agents transmissions. The technology of that era could not pinpoint the exact location so the fixed intercept stations were used to identify the general area and then mobile units were dispatched to find the exact building housing the agent. In some cases it was necessary to use even more advanced means such as the gürtel snifter, which was worn by German personnel over a coat (6).

Allied agents kept in contact with their controlling stations abroad through the use of undercover radio stations. The information they gathered as well as their orders from HQ were transmitted over the airwaves. Messages were enciphered with a variety of systems in order to protect the contents from the Germans. According to information available from British and German reports the main system used by Allied agents in Western Europe was the double transposition, using a poem as a ‘key’ generator (7).
The German security services tried to arrest enemy radio operators and capture their cipher material. Then it was possible to decipher past and current traffic and even attempt a ‘radiogame’. By having access to the agents radio procedures and cipher systems it was possible, at times, to continue their transmissions and thus learn of the plans and operations of the enemy intelligence services. The ‘radiogame’ could be conducted either by the captured agent (provided he/she was willing to cooperate with the Germans) or by experienced German radio operators who could mimic the agent’s radio ‘fingerprint’ (8).

Apart from physical compromise agents systems could also be solved cryptanalytically, however analysis of agents ciphers was in some ways more difficult than with Allied military and diplomatic systems. Large organizations used specific cipher systems and followed certain rules. This made the work of enemy codebreakers easier in the sense that they already knew what they were up against (an enciphered codebook, or a transposition cipher or a strip cipher etc). Large organizations also generated lots of traffic that could be used to find errors, repetitions and ‘depths’. When it came to agents codes however these rules did not apply. There were few messages to analyze, the cipher systems were not fixed but underwent changes and each Allied agent used his cipher systems with slight modifications that made solution very difficult.
Despite these conditions it was still possible for the Germans to solve a substantial amount of Allied agents traffic through cryptanalysis. Originally the OKW Funkabwehr relied on OKW/Chi - (Oberkommando der Wehrmacht/Chiffrier Abteilung) Signal Intelligence Agency of the Supreme Command of the Armed Forces for the analysis of agents ciphers but it seems that since OKW/Chi was primarily engaged with the solution of diplomatic and military attaché ciphers the agents messages received only scant attention (9).

The Ordnungspolizei Funkabwehr cooperated with Goering’s Forschungsamt on Russian agents codes but this also seems to have been a limited effort on behalf of the FA (10).
Things changed in early 1942 when the analysis and solution of agents traffic was taken over by a new department of the German Army’s codebreaking agency Inspectorate 7/VI. Department 12 (Referat 12) was created to work on agents systems and pass the results to the security services and the radio defense departments.

Inspectorate 7/VI - Referat 12 (Agents Section)
During WWII the German Army made extensive use of signals intelligence and codebreaking in its operations against the Allied powers. German commanders relied on signals intelligence in order to ascertain the Allied order of battle and track the movements of enemy units.

The German Army’s signal intelligence agency operated a number of fixed intercept stations and also had mobile units assigned to Army Groups. These units were called KONA (Kommandeur der Nachrichtenaufklärung) - Signals Intelligence Regiment and each had an evaluation centre, a stationary intercept company, two long range signal intelligence companies and two close range signal intelligence companies (11).
The Army’s KONA units were primarily engaged with the interception and analysis of Allied military traffic but in some areas they also covered agents/partisans traffic.

The KONA units did not have the ability to solve complicated Allied cryptosystems. Instead they focused on exploiting low/mid level ciphers and even in this capacity they were assisted by material sent to them by the central cryptanalytic department. This was the German Army High Command’s Inspectorate 7/VI.

Inspectorate 7/VI had separate departments for the main Allied countries, for cipher security, cipher research and for mechanical cryptanalysis (using punch card machines and more specialized equipment).
The War Diary of Inspectorate 7/VI shows that in the first half of 1942 the solution of agents traffic was officially taken up by the department, with a summary of work on Agents systems filed under the progress report of Referat 1 (12). In August the new Department 12 was created to deal exclusively with agents systems.

Head of the department was 1st Lieutenant Dr Wilhelm Vauck, a mathematician of Dresden University (13). According to postwar TICOM reports dr Vauck was a talented cryptanalyst who got along well with his subordinates (14).  The strength of the unit rose from 26 people in August 1942 to 40 in December 1943. From late 1942 the unit also started sending two-man teams to regional Aussenstellen in Paris, Marseilles, Lyons, Prague, Oslo, Vienna, Brussels so that captured material could be exploited without delay. In November 1943 the entire department was moved close to the OKW Funkabwehr HQ at Dorf Zinna, Jüterbog and became subordinate to OKW/Chi as Referat X (15).

Available sources on the work of Referat 12
Information on the work of Referat 12 is available from its monthly reports, included in the War Diary of Inspectorate 7/VI and from postwar interrogations of German personnel that either worked at Referat 12 or were acquainted with their operations.

The reports of the period April 1942-February 1944 are available from the War Diary of Inspectorate 7/VI but unfortunately the rest are missing (or are included in the files of OKW/Chi). Obviously the most reliable sources are the reports from the War Diary, however these are not always easy to interpret since they use codenames for the intercepted agents radio links. 
Regarding the postwar interrogations of German personnel, the most useful are:

1). TICOM report I-115 by Major Mettig (head of the army’s signal intelligence service in the period 1941-43).
2). CSDIC (UK) SIR 1106 by Miersemann (a member of Referat 12).

3). CSDIC/CMF/SD 80 by Lentz and Kurfess (members of Referat 12 detached to Aussenstelle Paris).
4). TICOM report I-180 by Keller (a member of Referat 12).

5). Chapter ‘Radio Counterintelligence’ of Foreign Military Studies P-038 'German Radio Intelligence', written by Lieutenant Colonel de Bary, head of the OKW Funkabwehr in the period 1942-45.
6). Part 3 of ‘War Secrets in the Ether’ by Wilhelm Flicke (member of the OKW/Chi intercept department).

Unfortunately the postwar interrogations of dr Vauck have not been released by either GCHQ or the NSA.
Overview of important cases

Using the monthly reports of Referat 12 it is possible to give an overview of its successes:
Eastern networks

Red Orchestra – Rote Kapelle
From the 1920’s the Soviet Union financed and organized the creation of spy networks throughout Europe. These penetrated military, economic, political and diplomatic circles. Many of the agents were devoted communists who thought they were working for the creation of a better world. Germany was a major target of the Soviet spies, especially after power was seized by the NSDAP party. The Germans called these networks the ‘Red Orchestra’.

Inside Germany there were three main spy networks in Berlin. The ‘SENIOR’ network under Luftwaffe officer Harro Schulze-Boysen, the ‘CORSICAN’ network under economist Arvid Harnack and the ‘OLD MAN’ network under writer Adam Kuckhoff. These groups were well placed to provide important intelligence to Moscow. Harnack had a high ranking position in the economics ministry and Schulze-Boysen was assigned to the liaison staff of the Luftwaffe Chiefs of Staff.
From Harnack came information on the German economy such as investments abroad, foreign debt, secret trade agreements with other countries, currency deals etc. His network also controlled an Abwehr officer assigned at OKW headquarters and a lieutenant in German naval intelligence. Boysen’s position gave him access to classified reports prepared for the Luftwaffe high command.

After the German attack on the Soviet Union, in summer 1941, the closure of the Soviet embassies meant that the intelligence networks could not communicate with Moscow through the embassy personnel but instead had to use their undercover radio facilities. Their overreliance on radio communications means that too many messages were sent from the same stations and thus they attracted the attention of the Radio Defense Corps.
One such radio center was raided on 12 December 1941 in Brussels. With the aid of captured cipher material messages were decoded and names were identified. This was the beginning of the end for the Soviet spy networks in Western Europe. In June and July 1942 more cipher documents were retrieved by the Germans and the names of members of the Berlin Rote Kapelle decoded. Overall in 1942 130 members of the Berlin Rote Kapelle networks were arrested and 49 of them executed. The leaders of the organization Leopold Trepper and Anatoly Gurevich were arrested in December 1942 and November 1942 respectively. Henri Robinson, head of the French and UK networks, was also arrested in 1942.

The reports of Referat 12 for May - September ‘42 show the investigation of messages of the ‘Kapelle Etterbeck’/’Kominternsender Brussels’ (Brussels radio station), their solution, the identification of individual agents and cooperation with Sicherheitsdienst officials on a ‘radiogame’.
May 1942

July 1942

September 1942

The solution of these messages showed that the Rote Kapelle even had two agents inside Referat 12!

Operations Eiffel and Mars
After dismantling the Rote Kapelle networks the Germans initiated a ‘radiogame’ whereby their own personnel would prepare reports and send them using the Russian cipher systems. Anatoly Gurevich, who was second in command of the Rote Kapelle network, cooperated with the Germans and thus messages and orders were exchanged between the Germans and Moscow.

These operations were called ‘Eiffel’ (for the radio station in Paris) and ‘Mars’ (for the radio station in Marseilles) (16).

Report of March 1943

Red Three – Rote Drei

In the period 1941-42 not all Rote Kapelle networks were dismantled by the Germans. In neutral Switzerland a spy group headed by Alexander Rado was able to gather intelligence on political, economic and military developments and transmit reports to Moscow via three radio stations. Two of the transmitters were in Geneva and one in Lausanne. The Germans called this network the Red Three (Rote Drei) and made attempts to penetrate the organization with their agents, since they couldn’t attack them directly due to Swiss neutrality.

In the second half of 1943 the Germans were finally able to convince the Swiss authorities to take action against these unauthorized transmitters and the Swiss radio security service located two of them and captured members of Rado’s organization. Then they initiated a ‘radiogame’ using the captured radio stations and cipher material (17). 
The Red Three group had access to valuable information and it is possible that they had sources inside the German High Command. It seems that from 1941 till late 1943-early 1944 around 4.000 -5.000 messages were sent to Moscow (18). The Germans investigated this traffic but solution came relatively late in April 1943.

The reports of Referat 12 and the files of Erich Hüttenhain, chief cryptanalyst of OKW/Chi, show that in February 1943 both departments started investigating this traffic (Swiss WNA net with transmitters 3112, 3106 and 3116) and both were able to solve messages in April ’43 (19).

Referat 12- February 1943

Referat 12- April 1943

Messages continued to be solved in the following months with the report of February 1944 saying:
65 messages of the Rote Drei were decrypted, so that now 382 broken messages are available. The order for a cipher change — transition to fixed mixed Caesars — was detected in mid-December. The change of the cipher key book happened already at the beginning of August 42. The key for the Sissy-messages resulted in the solution of a message from December 42.

According to the Center for the Study of Intelligence article: ‘The Rote Drei: Getting Behind the 'Lucy' Myth’, there are 437 decrypted messages available from German sources.

Czech mbm network
The Czech resistance movement and the Czech intelligence service caused serious problems for the German authorities with their most audacious operation being the assassination of Reinhard Heydrich, protector of Bohemia and Moravia and former head of the Reich Main Security Office. However after this episode the Germans took many security measures and were generally able to keep the resistance activities under control. Keeping the Czech areas pacified was particularly important since Czechoslovakia had a developed heavy industry sector which produced weapons for the German armed forces.

In their counterintelligence operations the Germans benefitted from having the ability to read a substantial amount of the traffic exchanged between the Czech IS in Britain and the Czech resistance in the occupied territories. This case has been covered in detail in Svetova Revoluce and the codes of the Czechoslovak resistance.

Polish PS networks
In WWII Poland fought on the side of the Allies and suffered for it since it was the first country occupied by Nazi Germany. In the period 1940-45 the Polish Government in Exile and its military forces contributed to the Allied cause by taking part in multiple campaigns of war. Polish pilots fought for the RAF during the Battle of Britain, Polish troops fought in N.Africa, Italy and Western Europe and the Polish intelligence service operated in occupied Europe and even had agents inside the German High Command. 

Although it is not widely known the Polish intelligence service had spy networks operating throughout Europe and the Middle East. The Poles established their own spy networks and also cooperated with foreign agencies such as Britain’s Secret Intelligence Service and Special Operations Executive, the American Office of Strategic Services and even the Japanese intelligence service. During the war the Poles supplied roughly 80.000 reports to the British intelligence services (20), including information on the German V-weapons (V-1 cruise missile and V-2 rocket) and reports from the German High Command (though the agent ‘Knopf) (21).
The communications of the Polish IS became a major target for the German codebreakers and messages of their military attaché service, intelligence department and resistance movement were read throughout WWII. The reports of Referat 12 show that the Polish networks were called PS nets by the Germans and  after investigation of their cipher procedures in July and August 1942 the first messages of line 22 (polnischer Agentenfunk) were solved in September ’42.

In November ’42 the solved cipher material was sent to the Vienna ABP office (Ausland Brief Prüfstelle – Postal censor office) so that that spy case ‘olczyk’ could be solved and members of Referat 12 visited the Warsaw Abwehr office in order to teach their personnel how to decode messages of the line 22. According to the next report the Abwehr was only supposed to decode messages using the material provided by Referat 12, they did not have permission to do cryptanalysis on their own. In December changes in the additive procedure made solution difficult and there was cooperation with OKW/Chi. In 1943 the traffic continued to be solved despite changes in the cipher procedure. Messages of the line 22 network ‘Martha’ operating from Lyon, France were solved in February and in June the line 21 was also solved. In the second half of 1943 the reports show the solution of messages from the lines 6521, 6508 (Bucharest-Istanbul), 6003, 6008, 6509. In November the team processing the Polish material remained in Berlin and came under the control of OKW/Chi.

According to Major Mettig, the solution of Polish systems (especially on the link London-Warsaw) was the outstanding achievement of Referat 12 (22).

The Western LCA networks
The efforts of Referat 12 were split between Eastern and Western spy networks. In the Western areas of Europe the traffic of the LCA networks (radio links from the UK to France, Belgium, Holland, Denmark, Norway) was intercepted, processed and decoded. These groups were controlled by the British intelligence services SIS and SOE or by the intelligence services of the European governments in Exile.

The main cipher system used by Allied agents was the double transposition, using a poem or a book as a ‘key’ generator. This system offered adequate security, provided it was used properly but was vulnerable to mistakes in encipherment and transmission errors. According to Leo Marks, head of the SOE’s cipher department, in July 1942 a quarter of all incoming messages were indecipherable due to ‘careless coding or acute Morse mutilation’ (23). The German codebreakers also faced the same problems against these messages with the report of May 1942 mentioning transmission and encryption errors:
Im westnetz wurden Agentensprache des Lca - netzes in französischer, englischer und holländischer sprüche entschlüsselt und übersetzt. Die schlüsselunterlagen lagen vollständig oder doch teilweise vor. Erschwert wurden die arbeiten einmal durch hörfehler, dann aber auch haufig durch  verschlüsselungsfehler seitens der Agenten, die sich bei dem Doppelwürfelverfahren besonders unangenehm aussichten. Im Monat Mai wurden 51 entzifferte sprüche von 7 verschiedenen sendern an WNV/FU abgeliefert.

In the period July-August ’42 work continued on the call-sign system of the LCA nets and the output of messages increased substantially, with 158 messages solved in June, 146 in July and 136 in August. In September important documents of the Belgian intelligence service were captured and decoded.
In November ’42 the unit examined cipher material captured during operation ‘Donar’ (Funkabwehr radio finding operation in Vichy France, that took place in September 1942) and messages from the cases ‘Oppidana’ and ‘Mark-Luc-Baumann’. The December ’42 report mentions spy cases ' Voltaire entrepreneur' and ‘Le Chene’, with the latter concerning an English officer.

In early ’43 cipher material from operation Donar was processed with 262 messages solved in January and 350 in February. According to the February report the Funkabwehr operation ‘Donar’ uncovered 12 agents lines in Southern France. The same report mentions spy cases ‘Matrose’, ‘Marseille 2’, ‘Spitaels’ and the organization ‘Pilgerchor’.

In April and May ’43 messages from Western agents were solved, including from Lyon and Toulouse and there is mention of an Italian radio game. The spy cases mentioned are ‘Jura’, ‘Mirakel’, ‘Bonamour’, ‘Baron-Styr’, ‘Grossfürst’, ‘Miranda’. It’s clear that the Funkabwehr was engaged in several radio games using captured agents and cipher material.

In June the ciphers of the spy networks in Paris and Corsica were clarified and information was uncovered on the codebooks used by the Belgians IS. In July the large number of arrests of Resistance members in France required the participation of members of Referat 12 in the interrogations and the examination of the captured cipher material. These operations led to the solution of agents systems and the decryption of a large number of messages. The spy cases mentioned are ‘Vichy - Welle’, ‘Nilo’, ‘Copa’, ‘Johannes’, ‘Baron-Stir’.
In August ’43 the continued expansion of the LCA networks led to an increase in the number of Referat 12 personnel detached to work in Southern France. The output of the Berlin office regarding the LCA-nets was 152 messages and the spy cases mentioned are ‘Nilo’, ‘Orleans’, ‘Hermes’, ‘Vichy-welle’.

From September ’43 the reports do not have as much information on ongoing operations but instead give a short summary of the characteristics of the spy cases and lines of the LCA nets. Output of solved messages increased, with 166 decoded in September, 538 in October, 352 in November, 277 in December.
The spy cases mentioned in the period September-December ’43 are ‘Alliance’, ‘Vichy welle’, ‘Sorbonne’, ‘Achse’, ‘Ortrud’, ‘Defense de la France’, ‘Diana’, ‘Walzer’, ‘Hades’, ‘Piccolo’, ‘Zeus’, ‘Bacchus’.

There is no report for January ’44 but the one from February says:
In the O.U. Zinna were processed the traffic of the LCA network with the agent callsigns QYZ, WOS, RCJ, SFY, PYM, ROY, SIA, OIN, REF, furthermore the lines 9171 (SAM), 9811 (VY, RQ), 175 (SPE), 9853 (RGE ) and 9815 (without Ag.Z.). Among the latter, cipher documents were received from the colleagues detached to the branch control centre in Paris (Aussenleitstelle Paris). Further, in the case "Normandy" address material that turned up was deciphered and the courier cipher (Playfair) was reconstructed. 8 courier letters of the Belgian ND (Nachrichtendienst — intelligence service) and further address material were deciphered (ez.mäßig — entziffungsmäßig gelöst).

The department itself deciphered 372 messages from the LCA network. In the ongoing 8 Gv plays (Gv — Gegenverkehr, counter traffic, radiogame) in the region of Paris 101 messages were deciphered and enciphered.
Unfortunately the use of codewords for the spy cases makes it impossible to know which Allied country’s networks and agents were compromised by Referat 12. Still some information is available from the interrogations of German intelligence officers who served in occupied France. The Abwehr officer Hugo Bleicher mentions the cases ‘Grossfürst’ and ‘Oppidana’ in his postwar interrogation (24). Regarding ‘Grossfürst’, in 1943 Bleicher was able to penetrate the French DONKEYMAN network, headed by Henri Frager and controlled by SOE. Since this case appears in the May ’43 report of Referat 12 it is possible that through his agents he was able to get access to the group’s cipher material.

Case ‘Oppidana’ concerned the Belgian resistance movement. According to Bleicher the Germans learned that in November ’42 the leader of a resistance group would travel by train from Brussels to Liege to meet the local district commander. Both were arrested, the leader’s wireless radio set found and about 10 arrests were made in Brussels.

In the period 1940-44 Belgium was occupied by German troops and ruled by a Military Administration. According to the reports of Referat 12 important documents of the Belgian intelligence service were captured in September 1942 and after solution of the cipher they revealed the addresses, activities, camouflage and means of communication of an organization (Ardennen Kapelle) operating throughout the country.

In June 1943 more information was uncovered on the codebooks ‘Marius No. 4’, ‘Agua’, ‘Mort’, ‘Go’ of the Belgian IS.

In July the Belgian IS codes ‘Jendel’ and ‘Vinci were solved analytically and in September and October more Belgian messages were decoded, revealing addresses. The report of February 1944 says: ‘8 courier letters of the Belgian ND and further address material were deciphered’.

Danish agents traffic is mentioned in the reports of September and October 1942 which mention the transmitter gud:

September ’42 says ‘Der dänische Agentensender g u d , der die Arbeit des vergrämten Senders o n b weiterführte, war ausgehoben worden; die von ihm vorliegenden Sprüche konnten beschleunigt entziffert werden’.
The report of March ’43 mentions the clarification of the traffic of the Danish Communist Part: ‘Ein nach berlin gesandter, durch Schlüsselmängel entstellter Rest von Sprüchen des Senders der dänischen kommunistischen Partei wurde geklärt erledigt’.

The solution of Norwegian agents traffic is mentioned in the reports of November-December 1942 and February 1943. In November the cipher of the transmitter nzyn was solved and due to difficulties with the Norwegian language assistance was received from a member of Referat 2 (UK ciphers) who was fluent in Norwegian.

In December processing of the nzyn material was continued and in February 1943 the report says that the messages of the spy lines xq, zbr and gob were turned into plaintext.

Balkan networks
British liaison officers in the Balkans

The British authorities kept in contact with the Resistance groups in the Balkans (Tito, Mihailovic, ELAS movements) through liaison officers sent by the intelligence services SIS and SOE. These small teams transmitted traffic by radio to their controlling stations in Cairo, Egypt and Bari, Italy. The cryptosystems used were double transposition and the War Office Cypher, enciphered with one time pads.
Some of the encoded radio traffic of British officers in the Balkans was exploited by the Germans. They were able to read messages both through captured material and by cryptanalysis.

The reports of Referat 12 for June and July ’43 mention the solution of British Balkan traffic to Cairo with indicator GESH.
June 1943

The solution of British liaison officers traffic seems to have been taken over by Referat 6 (Balkan department) since their reports of the period June ’43 – November ’44 mention the decoded British messages from Yugoslavia and Greece.

Greece was occupied by the Axis powers in April 1941 and in the period 1941-44 many resistance and spy groups were formed to oppose the German, Italian and Bulgarian authorities. In April 1943 messages of the Greek spy lines 5303, 5324, 5329 were solved.

In May 168 messages were solved and in June-July the lines 5300, 5364, 5337 were processed with 61 messages decrypted. The report of August 1943 says that 8 Greek messages were solved.
It seems that some of the compromised traffic belonged to the SOE’s Prometheus network. According to British and German sources in 1943 the communications of captain Koutsogiannopoulos net (agent Prometheus II) were compromised and the Germans were able to set a trap for members of his group (25).

This event is mentioned by Colonel de Bary in FMS P-038 'German Radio Intelligence', p206
Here is an example of the procedures which had to be used in radio counterintelligence: A Greek officer landed surreptitiously from a submarine in the vicinity of Athens in order to obtain military information. He attempted but failed to establish radio contact with the British central control station in Cairo. German radio counterintelligence intercepted his calls, sent a fake reply pretending to originate from the British central control station, and instructed the officer to switch to an emergency frequency. The officer was assigned a new mission with the promise that a submarine would pick him up at a specific place. The officer and four companions unsuspectingly climbed aboard a motor boat of the German Navy which was disguised as a submarine!

During WWII Bulgaria tried to remain neutral but the German conquest of the Balkans led to a shift towards a pro Axis policy. Still Bulgarian troops did not take part in the invasion of the Soviet Union and when in December 1941, under German pressure, the Bulgarian government declared war on the United Kingdom and the United States this was mostly a diplomatic gesture.

Since Bulgaria and the Soviet Union were not at war there was a large Soviet embassy in Sofia that served as the centre for Soviet intelligence activities in the country. The German radio defense agencies monitored the traffic of Soviet agents and of the Soviet consulate in Varna.
The reports of Referat 12 show that Bulgarian illicit radio traffic was investigated since October 1942 (including the traffic of the Soviet consulate in Varna) and messages of the spy lines 3136, 3135, 3111 were solved in April 1943.

More messages were solved in the following months, with 27 decoded in May, 21 in June and 5 in August 1943.
According to Wilhelm Flicke the Soviet intelligence service had several spy groups operating in the country, gathering intelligence from Bulgarian military and government sources. In 1943 the illicit Bulgarian traffic was decoded and through direction finding operations the station was tracked to the outskirts of Varna. Then with the cooperation of the Bulgarian police it was possible to arrest the spy group, whose leaders were the Bulgarian citizens Stoinoff and his wife Milka (26).

In the course of WWII the German authorities had to combat countless resistance groups in occupied Europe. If that wasn’t enough the intelligence services of Britain, Soviet Union, USA, Poland and of the European Governments in Exile were also sending spy teams and supporting the resistance groups in every way possible. In this shadow war the German security services came to rely more and more on signals intelligence and codebreaking. In the period 1939-45 the radio defense departments of the Armed Forces and the Order Police were expanded and a new agents section was created in the Army’s codebreaking department Inspectorate 7/VI. Referat 12 was a small unit and had to use unorthodox methods in order to solve Allied agents codes and ciphers but from the available reports it’s clear that they were able to process a lot of material each month and thus played a big role in the German counterintelligence efforts. In May-December 1942 their monthly output averaged 159 messages and in 1943 this went up to 630. The only available report for 1944 says ‘Total output of the unit in the month of February 819 messages’.

The department never had more than 30-40 people and some of them were always detached to the regional offices. Yet they were able to solve the ciphers of the Soviet networks Rote Kapelle and Rote Drei, they helped neutralize the Czech resistance by solving the messages of the mbm net, they read messages of the Polish resistance movement and intelligence service and in the West they decoded lots of traffic from several Allied groups in France, Belgium, Holland, Denmark and Norway.
These achievements are impressive, considering the small size of the department. In 1944 it is possible that they continued to solve a large volume of agents traffic since the OKW/Chi activity report for the period January-25 June 1944 says that 6.000 agents messages had been handed over to WNV/FU III (27).

On the other hand our knowledge of OKW/Chi activities versus agents ciphers is limited and it is possible that these numbers refer to their own separate effort (28).

More research is necessary in order to identify the cryptosystems used by Allied agents, the work of the German agencies OKW/Chi, Inspectorate 7/VI and Forschungsamt versus agents codes and the effect they had on German counterintelligence operations.

(1). British national archives HW 34/2 'The Funkabwehr’, Seabourne Report IF-176 ‘Operations and Techniques of the Radio Defense Corps, German Wehrmacht’

(3). British national archives HW 34/2 'The Funkabwehr’ , p8 says: ‘The normal channels of contact for intelligence and executive operations were, in the case of WNV/FU III, Abwehr III and the GFP, and, in the case of the Orpo units, the SD and the Gestapo. This liaison appears to have worked sufficiently well for normal operational purposes.’

(4). British national archives HW 34/2 'The Funkabwehr’, p7 says: During the year 1943 the Orpo established complete independence of the control of the OKW and this resulted in a fairly strict division of responsibility between the intercept services of the police and those of the OKW…….A distinct central discrimination and control centre was at the same time set up by the Orpo in Berlin-Spandau, the chief of which was responsible to the C.S.O., Orpo, and from then on the theoretical independence of the two organizations was complete. Coordination was maintained by a Joint Signals Board in Berlin, under the chairmanship of the chef WNV, which dealt with matters of general organization. It would appear that in practice, however, reasonably close liaison was maintained between the two headquarters; it was at least sufficiently close for a common block of numbers to be retained in referring to commitments, for, although such numbers were nominally issued by the Joint Signals Board, in practice they must have emanated from WNW FU III.’
In pages 10-11: ‘The main reorganization of the Orpo Intercept service took place during 1943. The post office work of the Radio Control Centre at Berlin was expanded into an independent discrimination and control centre known as Funkmessleitstelle Berlin. This nevertheless continued to cooperate closely with the WNV/FU III and, through the latter, with the cryptographers of Referat Vauck.’

(5). British national archives HW 34/2 'The Funkabwehr’, p6 says: ‘At the outbreak of war the police monitoring units, while separately administered, were controlled operationally by the central discrimination department of the WNV/FU III. This unity at the centre, the result of a specific order of the Fuehrer, was not, however, accompanied by cooperation at the outstations
In page 10: ‘The part played by the Aussenstellen of WNV/FU III in the work of the Orpo companies varied considerably from place to place. In Norway the Oslo Aussenstelle played an active role; it received all reports of the Orpo company and arranged cooperation for it from the fighting services….On both the western and the eastern fronts however, the Orpo units operated quite independently of the Aussenstellen

(6). British national archives HW 34/2 'The Funkabwehr’, article: ‘Some aspects of the German military “Abwehr” wireless service, during the course of World War Two’, FMS P-038 'German Radio Intelligence', p203,
(7). SOE codes and Referat Vauck, War Diary In 7/VI - April 1942 mentions the double transposition cipher: ‘Agentenverfahren. Beim Westnetz waren die verfügbaren Kräfte auch weiterhin vorwiegend mit der Bearbeitung von verfahren beschäftigt, deren Schlüsselunterlagen bekannt sind (individuelle Doppelwürfel)…………… Die analyse der kenngruppen führte bereits zu Erkenntnis über die unterteilung der Verkehre sowie über die Art der schlüsselunterlagen (Erstellung der würfellosung aus einem Buch oder einem gedicht).

(8). Radio ‘fingerprint’ means the distinct way that each person taps the Morse code. For an example see ‘The German Penetration of SOE: France, 1941-44’, p51
(9). British national archives HW 34/2 'The Funkabwehr’, p7 (it is possible that this is not the whole truth)

(11). ‘European Axis signals intelligence’ vol4, Overview of KONA units

(12). War Diary In 7/VI – months of April-July 1942
(13). Ph.D. Technische Universität Dresden 1924

(14). For example CSDIC/CMF/SD 80, p37 , CSDIC (UK) SIR 1106, Supplement - Appendix 1  and TICOM I-115, p5
(15). TICOM I-115, British national archives HW 34/2 'The Funkabwehr’, ‘European Axis signals intelligence’ vol3

(16). CI preliminary interrogation report (CI-PIR) No120 – Richter, Rolf Werner, War Diary of Inspectorate 7/VI, CSDIC/CMF/SD 80, p18
(17). British national archives KV 3/349 ‘The case of the Rote Kapelle

(18). Center for the Study of Intelligence article: ‘The Rote Drei: Getting Behind the 'Lucy' Myth
(19). TICOM D-60 ‘Miscellaneous Papers from a file of RR Dr. Huettenhain of OKW/Chi’, War Diary In 7/VI – months of February - April 1943

(20). Journal of U.S. Intelligence Studies article: ‘England's Poles in the Game: WWII Intelligence Cooperation’
(21). War in History article: ‘Penetrating Hitler's High Command: Anglo-Polish HUMINT, 1939-1945’

(23). ‘Between Silk and Cyanide: A Codemaker's War, 1941-1945’, p192

(25). British national archives HW 40/76 ‘Enemy exploitation of SIS and SOE codes and cyphers: miscellaneous reports and correspondence’, FMS P-038 'German Radio Intelligence'

(26). ‘War Secrets in the Ether’ part 3, p215-229
(27).  TICOM report DF-9 ‘Captured Wehrmacht Sigint Document: Translation of Activity Report of OKW/Chi for the Period 1st January, 1944 to 25th June, 1944

(28). Helmuth Mueller, head of the French department of OKW/Chi said in TICOM report I-174 ‘Preliminary Interrogation Report on O.R.R. MUELLER of OKW/CHI’ that he worked on the traffic of underground movements in Europe. Also ‘European Axis signals intelligence’ vol3, p69 says about the OKW/Chi activity report: ‘It is not clear whether the 6.000 agents' messages, which, deciphered and translated, formed a portion of the production claimed for OKW/Chi in the Kettler report of June, 1944, were actually turned out by OKW/Chi or by Vauck. It is much more likely, however, that Vauck had nothing to do with these messages and that they were actually part of the work of Kettler's own organization’.

Sources: Journal of U.S. Intelligence Studies article: ‘England's Poles in the Game: WWII Intelligence Cooperation’, ‘War Secrets in the Ether’ vo2, CSDIC SIR 1719 - 'Notes on Leitstelle III West Fur Frontaufklarung', HW 34/2 'The Funkabwehr’, Seabourne Report IF-176 ‘Operations and Techniques of the Radio Defense Corps, German Wehrmacht’, HW 40/76 ‘Enemy exploitation of SIS and SOE codes and cyphers: miscellaneous reports and correspondence’, TICOM I-91 'POW Interrogation Report - General Major Robert K.H. SCHLAKE, Chief of Communications in the Main Office of the Ordnungspolizei, Ministry of the Interior', CSDIC/CMF/SD 80 'First Detailed Interrogation Report on LENTZ, Waldemar, and KURFESS, Hans', CSDIC (UK) SIR 1106 'Report on information obtained from PW CS/495 Uffz MIERSEMANN', TICOM  I-115  'Further Interrogation of Oberstlt METTIG of OKW/Chi on the German Wireless Security Service (Funkuberwachung), TICOM I-174 - Preliminary Interrogation Report on O.R.R. MUELLER of OKW/CHI, TICOM I-180 ‘Homework by Uffz. Keller of In 7/VI and WNV/Chi’, TICOM DF-187B ‘The cryptanalytic successes of OKW/Chi after 1938’, War diary of OKH/Inspectorate 7/VI, ‘European Axis Signal Intelligence in World War II’ vol 8, FMS P-038 'German Radio Intelligence', article: ‘Some aspects of the German military “Abwehr” wireless service, during the course of World War Two’,, ‘The German Penetration of SOE: France, 1941-44’,  ‘European Axis signals intelligence’ vol3, ‘European Axis signals intelligence’ vol4, Center for the Study of Intelligence article: ‘The Rote Drei: Getting Behind the 'Lucy' Myth’, KV 3/349 ‘The case of the Rote Kapelle’, TICOM D-60 ‘Miscellaneous Papers from a file of RR Dr. Huettenhain of OKW/Chi’, War in History article: ‘Penetrating Hitler's High Command: Anglo-Polish HUMINT, 1939-1945’, TICOM report DF-9 ‘Captured Wehrmacht Sigint Document: Translation of Activity Report of OKW/Chi for the Period 1st January, 1944 to 25th June, 1944’

No comments:

Post a Comment