Sunday, November 1, 2015

Compromise of the State Department’s M-138-A strip cipher and the traffic of other US agencies

During WWII the US State Department used several cryptosystems in order to protect its radio communications from the Axis powers. The main systems used were the unenciphered Gray and Brown codebooks along with the enciphered codes A1, B1, C1, D1 and the new M-138 strip cipher. 

In the period 1940-1944 German, Japanese and Finnish codebreakers could solve State Department messages (both low and high level) from embassies around the world. The M-138-A strip cipher was the State Department’s high level system and it was used extensively during that period. Although we still don’t know the full story the information available points to a serious compromise both of the circular traffic (Washington to all embassies) and special traffic (Washington to specific embassy). In this area there was cooperation between Germany, Japan and Finland. The German success was made possible thanks to alphabet strips and key lists they received from the Japanese in 1941 and these were passed on by the Germans to their Finnish allies in 1942. The Finnish codebreakers solved several diplomatic links in that year and in 1943 started sharing their findings with the Japanese. German and Finnish codebreakers cooperated in the solution of the strips during the war, with visits of personnel to each country. The Axis codebreakers took advantage of mistakes in the use of the strip cipher by the State Department’s cipher unit.

Traffic of other US government agencies

Apart from purely diplomatic traffic the Axis powers were also able to read some of the messages of other organizations that were occasionally enciphered with State Department systems. I’ve covered the compromise of the communications of the Office of Strategic Services, the Office of War Information and the Military Intelligence Service but these were not the only agencies affected.

According to US reports from 1943 and 1944 (1), separate M-138-A alphabet strips were used by the State Department for messages of the Foreign Economic Administration, War Shipping Administration, Office of Lend-Lease Administration and the War Refugee Board.



The State Department files on the Strip Cipher (2) show that a set of strips titled 00-1 (and key table C) was introduced in late 1943 for enciphering the confidential traffic of other US government agencies. In January 1944 the sets 00-2 and 00-3 were sent to the embassies in Algiers (Free French), Turkey, Egypt, UK, Calcutta, Portugal, Spain, India, Sweden, Iran, Iraq, Beirut.



The 00-4 strips replaced set 00-3 in October 1944.



Was the traffic of these organizations also compromised? It seems so, as some German decodes of State Department traffic contain information on economic matters and Lend Lease shipments (3) and the book ‘Hitler, the Allies, and the Jews’ mentions several War Refugee Board telegrams that were decoded by the Germans (4).

Unfortunately we will have to wait for the release of more classified reports, from the NSA and the State Department, in order to assess the full extent of this compromise.

Notes:

(1). NSA Friedman collection: ‘Statement of cryptographic systems now in use by Department of State’ (dated November 1943) and NARA - RG 457- Entry 9032- box 1.384, file 'JCS Ad hoc committee report on cryptographic security of government communications' (report of June 1944)

(2). New developments in the strip cipher case


(4). ‘Hitler, the Allies, and the Jews’, p200-201 - p265-267 - 287-288 

No comments:

Post a Comment