Saturday, March 31, 2018

The IBM Codatype cipher machine

In the files of the NSA’s Friedman collection there is a report by William F. Friedman, dated September 1937, which deals with a cipher machine called Codatype (1). 




Apparently David Salmon, the State Department’s chief of the Division of Communications and Records wanted Friedman’s opinion on the security afforded by the Codatype machine.

Although the device appeared to be ‘highly reliable, speedy and efficient’ Friedman’s conclusion was that ‘the degree of cryptographic security afforded by the machine is relatively low, and certainly not sufficient for governmental confidential or secret messages’ and ‘It is doubtful whether anything can be done to eliminate the more or less fatal cryptographic weakness of this model and still retain a machine and cryptographic system which will be practical for the purpose for which intended’.

Thus the Codatype remained a prototype and was not acquired by the State Department.

The device was designed by the IBM engineer Austin Robert Noll, US patent 2,116,732 (2):







Notes:


Monday, March 26, 2018

The Carlson-Goldsberry report - Compromise of State Department communications by the Finnish codebreakers in WWII

During WWII the US State Department used several cryptosystems in order to protect its radio communications from the Axis powers. For low level messages the unenciphered Gray and Brown codebooks were used.  For important messages four different codebooks (A1, B1, C1, D1) enciphered with substitution tables were available.

Their most modern and (in theory) secure system was the M-138-A strip cipher. Unfortunately for the Americans this system was compromised and diplomatic messages were read by the Germans, Finns, Japanese, Italians and Hungarians. The strip cipher carried the most important diplomatic traffic of the United States (at least until mid/late 1944) and by reading these messages the Axis powers gained insights into global US policy.

Germans, Finns and Japanese cooperated on the solution of the strip cipher. In 1941 the Japanese gave to the Germans alphabet strips and numerical keys that they had copied from a US consulate in 1939 and these were passed on by the Germans to their Finnish allies in 1942. Then in 1943 the Finns started sharing their results with Japan. 

Finnish solution of State Department cryptosystems

During WWII the Finnish signal intelligence service worked mostly on Soviet military and NKVD cryptosystems however they did have a small diplomatic section located in Mikkeli. This department had about 38 analysts, with the majority working on US codes.
Head of the department was Mary Grashorn. Other important people were Pentti Aalto (effective head of the US section) and the experts on the M-138 strip cipher Karl Erik Henriksson and Kalevi Loimaranta.

Their main wartime success was the solution of the State Department’s M-138-A cipher. The solution of this high level system gave them access to important diplomatic messages from US embassies in Europe and around the world. 


Operation Stella Polaris

In September 1944 Finland signed an armistice with the Soviet Union. The people in charge of the Finnish signal intelligence service anticipated this move and fearing a Soviet takeover of the country had taken measures to relocate the radio service to Sweden. This operation was called Stella Polaris (Polar Star).

In late September roughly 700 people, comprising members of the intelligence services and their families were transported by ship to Sweden. The Finns had come to an agreement with the Swedish intelligence service that their people would be allowed to stay and in return the Swedes would get the Finnish crypto archives and their radio equipment. At the same time colonel Hallamaa, head of the signals intelligence service, gathered funds for the Stella Polaris group by selling the solved codes in the Finnish archives to the Americans, British and Japanese. 

The Stella Polaris operation was dependent on secrecy. However the open market for Soviet codes made the Swedish government uneasy. In the end most of the Finnish personnel chose to return to Finland, since the feared Soviet takeover did not materialize. 

The American reaction and the Carlson-Goldsberry report

According to the NSA study History of Venona (Ft. George G. Meade: Center for Cryptologic History, 1995), it was at that time that the Finns revealed to the US authorities that they had solved their diplomatic codes. On 29 September 1944 colonel Hallamaa met with L. Randolph Higgs of the US embassy in Stockholm and told him about their success.


In response two cryptanalysts were sent from the US to evaluate the compromise of US codes in more detail. They were Paavo Carlson of the Army’s Signal Security Agency and Paul E. Goldsberry of the State Department’s cipher unit. Their report dated 23 November 1944 had details on the solution of US systems.


The Carlson-Goldsberry report

Unfortunately locating this report proved to be quite a problem. Initially I searched for it in the US National Archives (both in the NSA and OSS collections) but without success.

Thankfully the NSA FOIA/MDR office has managed to locate this file and they have finally declassified it.






The 4-page report summarizes the information gathered by US officials from their interviews of Finnish codebreakers in 16, 18 and 21 November 1944.

From the Finnish side Erkki Pale (head of the department working on Soviet ciphers) and Kalevi Loimaranta (member of the department dealing with foreign diplomatic codes) gave a summary of their work on various cryptosystems.

The Finns admitted to solving US diplomatic systems, both codebooks and the strip cipher M-138-A. According to them an unenciphered codebook could be reconstructed in 6 months but an enciphered one was harder to solve.

Regarding the M-138-A cipher it was solved because the alphabet strips were used for long periods of time, the same strips were used by several users and the numerical keys were the same for all users. Stereotypical beginnings and endings were also exploited in assumed plaintext cryptanalytic attacks.

There was cooperation with the German codebreakers on US systems and the Finns received a lot of intercepts from them.

The Finnish codebreakers also used a number of IBM machines for statistical work.

Although the Finns stated that after the introduction of channel elimination in January 1944 they could no longer solve strip cipher traffic a memo included in the report says that their detailed knowledge of channel elimination procedures may indicate continued success with the M-138-A system.


Acknowledgments: I have to thank my friends in the US for requesting this file from the NSA FOIA/MDR office and getting it declassified.

Tuesday, March 6, 2018

Bye bye mr Hayashi

In 2017 I tried to locate a file in the US national archives called ‘Interrogation of mr Hayashi’. 

According to the NSA FOIA office it had been recently transferred to NARA as part of transfer group TR-457-2016-0009. The reference I was given by NARA pointed to 36 boxes that have not been indexed, so the file could not be located by my researcher. 

I tried to find the Hayashi file again this year by asking NARA’s research department if they could locate it but I was told that ‘We have carefully searched our holdings with a particular focus on Record Group 457 - Entry P4…….however, we were not able to locate the file’.

Thus it seems that this is the end of my quest for the Hayashi file.