Tuesday, July 31, 2012

Japanese interest in Russian radio-teletype, radio-fax and radio-telephone communications

Another aspect of the ‘Russian Fish’ story is available from a decoded Japanese message.

This message from 1943 shows that the Japanese signal intelligence agency was interested in the use of radio-teletype, radio-fax and radio-telephone by the Soviet Union.

The military attaché in Bucharest was ordered to investigate the interception of these kinds of traffic in Axis countries.



Some of his findings are mentioned in later messages.








Source: HW 40/29 ‘Exploitation of Russian Civil communications by Axis Powers’

Friday, July 27, 2012

Japanese codebreakers of WWII

Imperial Japan entered WWII with three separate codebreaking agencies under the control of the Army, Navy and Foreign Ministry. Due to the hostility that existed between the Army and the Navy these departments did not cooperate but instead often attacked the same problems independently. Both however furnished material to the much smaller department of the Foreign Ministry.

Details of their successes against enemy codes have been hard to find because after Japan’s surrender, in September 1945, they had time to destroy their records and disperse their personnel. Still the few remaining documents in Japan combined with decoded Japanese messages found in the British archives can provide a basis for assessing their operations during the war.


Wednesday, July 25, 2012

Update

Time for some new TICOM reports.

I-18 ‘Interrogations of Oberst Muegge, O.C. of NA 4 and NA 7 of German Army Sigint Service’ - 1945

I-68  ‘Consolidated Report Based on Two Interrogations of Oberst Randewig, of Hoeh. Wehrmachts Nafue z.b.V. 700 carried out at CSDIC on approx. 1 Aug. and 10 Aug. 1945’

I-75 ‘Interrogation Reports  on German Field Sigint Personnel carried out at BUFFER - Ltn. August Schroeder, Ltn. Starke, Obefr. Heudorf, and Hptm. Holetzke’ - 1945

I-111 ‘Further Interrogation of Oberstlt. Mettig of OKW/Chi on 14th September 1945’

I-121 ‘Translation of Homework by Obltn  W. Werther, Company Commander of 7/LN  Rgt  353, written on 12th August 1945 at A.D.I.(K)’ - 1945

All available either through my Google docs folder or my scribd account.

Monday, July 23, 2012

The Slidex code

In the construction and use of tactical cryptologic systems there are two conflicting requirements. One is security and the other is ease of use. If a system is highly secure but hard and time consuming to use then important messages might be secure from cryptanalysis but they could arrive too late, with disastrous consequences. On the other hand if a system is extremely easy to use but insecure then the messages will get through on time but the enemy will also be able to read them.

In the last years of WWII the British and American militaries used extensively the Slidex code which, unfortunately for them, belonged in the second category. It was easy to use and well liked by troops but its security was illusory!

Slidex consisted of two parts. A card with 12 columns and 17 rows producing 204 rectangles and two coordinates strips, one vertical strip on the left and one horizontal strip on the top. The card and the coordinates strips were placed in a metal frame.


Note that the pic from cryptomuseum lacks the coordinates strips.

The rectangles on the coordinates strips had a random letter, so that each word could be represented by a bigram.
Each rectangle on the Slidex card had a word or phrase on it plus a letter or number. The words or phrases were those most likely to be used by military units, for example DIVISION, ARTILLERY, ATTACK, AT ONCE etc.

What happened if one wanted to send a word that was not on the Slidex rectangles?  In order to allow for that eventuality the same rectangles had numbers or letters printed on them. This allowed the operator to spell words that were not included in the Slidex card, or include numbers.
In order to do so he had to use one of the SWITCH ON rectangles (there were several). After that he could use the letters or numbers in the rectangles and then end this part with one of the SWITCH OFF rectangles.

A reconstructed Slidex card is available from the report E-Bericht 6/44 of FNAST-9 (Feste Nachrichten Aufklärungsstelle -Stationary Intercept Company)



It seems that this was the Air Support Signals Unit card No. 1:


Each card was valid for a specific period of time, from several days to a month. The coordinates strips changed daily. [Sources: EASI vol4, p149 and vol5, p83, The Slidex R/T code]

Slidex was used extensively by the Anglo-American armed forces from operation Overlord till the end of the war. Usually it carried low and mid level traffic (up to division) however it was sometimes used for higher level messages.

Its main advantage was that it was easy to use by fighting troops.
German success with Slidex

Unfortunately for the Allies that ease came at the expense of security. German codebreakers found it easy to reconstruct the Slidex tables. In fact all the post-war interrogation reports agree that it was one of the easiest Allied systems in the period 1944-45 (although they probably refer to all the Allied table substitution type codes).
German success with Slidex started in late ’43 – early ‘44 during the Allied pre-invasion training exercises. The training traffic was successfully solved and this effort allowed the German forward units in France to familiarize themselves with this traffic and successfully solve the operational messages, after the Allied landings.

Since Slidex was used extensively by both British and American ground-troops and their airforces it gave the Germans good intelligence on tactical operations and especially requests for air support. This allowed them to quickly notify the endangered units and minimise losses.
Their efforts were assisted by a blunder on the part of the Allied cryptologic authorities. The code was supposed to be used only on the parts of the message that could be of value to the enemy and not the whole message! This meant that messages were a mixture of encoded and plaintext words. Obviously this made it much easier for the Germans to guess the meaning of the encoded words.

American dissatisfaction with the Slidex’s poor security led on January 6, 1945, the Signal Division to recommend that Slidex be replaced within the U.S. forces. [Source: The Slidex R/T code]
Battle of the Bulge

After D-day, Slidex was used by the American Army. When the Germans found that the American Military Police were using Slidex to report all Army units which passed their control points, the deciphering of Slidex was given high priority. [Source: EASI vol4, p150]
David Kahn mentions the importance of Military Police traffic for German planning of the Battle of the Bulge. From The German Comint Organization in World War II’, p8

One of the most valuable operational results of signal intelligence in the west came during the Battle of the Bulge.
After Hitler had struck in the Ardennes in December 1944, the Americans brought up troops to push the German back. The military police battalion in the U.S. 1st Army zone controlled much of this traffic, which moved according to itineraries fixed by higher authority. The Germans soon discovered that the battalion broadcast these itineraries in cipher to all its control points-the Germans knew of 35 of these and located 22, many at the intersection of two French national highways. The messages gave the name of the unit, its time and place of departure, route, average speed, numbers of vehicles and of march blocks, and destination and time of arrival. The radio reconnaissance unit estimated that it intercepted about 90 percent of these broadcasts and so ascertained almost 100 percent of all units with itineraries. Those without itineraries and those going around this area were not spotted, it said. This gave the German command on the western front an accurate picture of which enemy forces were coming up and where, enabling General Hasso von Manteuffel to shift his 5th Panzer Army and so sidestep the Allied blow.

The military police code is also mentioned in FMS P-038 ‘German Radio Intelligence’, p84-85




It seems to me that this MP code must have been the Slidex. This is confirmed from a file in ADM 223/505 ‘Cypher security and W/T (Wireless Telegraphy) deception’.


This event shows that even the compromise of low/mid level codes can sometimes have strategic consequences.

Primary sources:
Time to take a look at some TICOM reports.

From ‘German analysis  of converter M-209 - POW Interrogations’, p1
Included in this training was a system indexed as EC-5 (English Code No. 5) his system was later referred to as the SLIDEX and was assumed to be a rectangle 9x12 upon which code values were written in cells located through diagraphic coordinates applied first at the top and then at the bottom. The "Slidex" was easily and regularly solved. ‘G’ felt that this yielded a considerable amount of valuable intelligence particularly as to bombing and artillery objectives.

From CSDIC/CMF/Y 40 - 'First Detailed Interrogation on Report on Barthel Thomas’, p3
III. The SLIDEX

This was worked on since May 44. It was developed from the early EC 5. It was a far better system especially as it enabled three variants for clear text (DREIFACHE BUCHSTABENBELEGUNG) and ‘double-variants’ for clear SWITCH-ON and SWITCH-OFF. At the same time, the variable cursor system often resulted in settings which allowed the ‘pairing up’ of messages set on the same lines, or on the same columns. Parts of the cursor-settings could often be reconstructed, even before the text was broken.

(a) The EC 30/3
The SLIDEX referred to by the Germans as the EC 30/3 was reconstructed by 9 Fixed Intercept Sta in May 44. Traffic intercepted had been originated by ALOs links (FLIVONETZE) in UK. Control of these links was always at Corps level and reading of traffic gave an insight into Corps O of B, etc. PW states that traffic was British and not American and that as far as he could make out the ALOs were Army and RAF officers. The Germans were very surprised to see that this field-code, without any alteration whatsoever, was used by the ALOs links on D-day and a good few weeks after 6 Jun 44, allowing the enemy to discover at once the Corps 0 of B, with details down to Bdes. This kind of work was handed over to 5 Intercept HQ at ST GERMAIN at end Jun 44, This unit succeeded in reconstructing several more SLIDEX tables, to which were added captured specimens during summer and autumn.

(b) The EC 30/20 ( S and T)
The SLIDEX called DC 30/20 (S & T) was reconstructed by 7 Intercept HQ. Traffic was originated by supply units of 8 Army. Tactical messages had been read till end Sept ‘44, when they stopped - according to PW - and 4-figure traffic was signaled, which was suspected to be reciphered code, and was not broken.

According to TICOM I-109 ‘Translation of a Report by Lt. Ludwig of Chi Stelle OB.d.L, based on questions set for him at ADI(K)’, p21 decoded SLIDEX messages revealed air support requests and  were immediately passed to the unit concerned in order to take measures against aerial bombardment.

In Page 38 he says:
B. Slidex system.

Bigram substitution System.
In use in the army (front line units) and in air support networks (tentacle networks). The system was known from the monitoring of exercises in Great Britain before the invasion, e.g. "Spartan". The cryptanalytic detachments in army and GAF wore able to get so much experience on these exercises that decoding worked well right at the start of the invasion. Recovery was done in the army again at NAA St 5 in the GAF in 14/3 W control 3. Decoding was often done with so little delay that the messages could be dealt with like clear text in the evaluation. The results were of more importance to the army than to the GAF, but they provided the latter too with valuable indications, e. g. elucidation of the individual corps tentacle networks, reconnaissance operations (c.r. 400 and 414 Squadrons) etc. The messages decoded daily were exchanged between Army and GAF in the form of written reports.

From TICOM I-113 ‘Interrogation of Major Dr. Rudolf  Hentze, Head of Gruppe IV (Cryptanalysis) General der Nachrichtenaufklaerung’, p3
Slidex:

This was extensively read, MP nets in particular being a fertile source of intelligence. British and Americans were equally bad in their use of it, particularly in employing Slidex for messages which should have gone in a more secure system. They were able to break currently and in many cases five or six hours after the start of the day. One of the main aids to entry was the fact that operators used the left-hand alphabet almost exclusively. They were able to break in before the invasion and could hold on, with the help of cribs and stereotyped language, in spite of the improvement in operators' habits after September. Asked for specific cases of "insecure units, P/W quoted the ‘2nd Airborne Division’, 'CCA' and 'CCB' (Note: this looks like a confusion. These are terms used in American Armored divisions: 'the 2nd was in the Northern sector of the American front during the campaign). P/W commented that they were much happier with a message wholly in slidex than with a mixed clear and cipher message, which did not give so many frequencies.

Thursday, July 19, 2012

WWII Myths - T-34 Best Tank of the war

The Soviet T-34 tank is well known by anyone who has an interest in WWII history. Books, articles, documentaries present it in triumphant terms.  It was superior to everything the Germans had, it had revolutionary sloped armor, unprecedented mobility and was one of the reasons the Soviet side won in the Eastern front.

How realistic are these statements? Was the T-34 really a war winning weapon? How did it compare to German and Western tanks? How did it perform during the war? If we try to answer these questions by looking at actual data then things start to change. Instead of a mechanical marvel we get a poorly designed and built combat system that suffered horrific losses against ‘inferior’ German tanks.
Let’s start with debunking some of the most common statements.

Sunday, July 15, 2012

Soviet naval codes and the Arctic convoys

Overview

Histories of the war between the Soviet Union and Nazi Germany focus almost exclusively on the land battles and devote a smaller part for the airforces of the two countries. The naval engagements of the war are usually given very little space.

This is understandable since the Soviet Navy was mostly ‘bottled’ up in the Baltic and there were few interesting operations in the Black sea. From their side the Germans only used limited naval forces against the SU (mainly gunboats and mine-layers).

The German side was however interested in the plans and operations of the Soviet navy and especially on the convoys between the UK and the SU. These convoys carried Lend Lease supplies that were vital for the Soviet economy and armed forces.

Through signals intelligence and codebreaking the Germans were able to monitor Soviet operations and especially the route and speed of the Allied convoys. This allowed them to take a heavy toll on commercial shipping and cause a crisis in the arctic convoys.

The systems they exploited were Soviet naval codes and in the case of the convoys the code used by the Soviet naval aviation.

Soviet naval codes

The German naval codebreakers divided the Soviet naval systems geographically (North Sea, Baltic, Black Sea) and according to whether they were main or subsidiary systems.

The main systems were 4 and 5-figure codes (superenciphered or substitution) and they were used by shore stations and large units.

The subsidiary systems were 2 and 3-figure codes enciphered with a simple substitution table. They were used by small ships.

North Sea and Baltic

The 5-figure codes used in these areas were mostly enciphered with OTP. However in summer ’44 the Chabarovo station traffic was revealed to be 4-figure with the 5th figure taken from the subtractor table. This book was partially reconstructed but there were no other compromises after September ’44.

Several 4-figure codes were read during the war. The most important ones were those used by the Northern and White Sea fleets as they were ‘broken’ without much difficulty.

High level codes were read till late ’43. From that time on it seems the Russians used OTP extensively. Low level codes were solved throughout the war.


The German success with Soviet naval codes became known to the Brits through Enigma decrypts. Report HW 40/7 ‘German Naval Intelligence successes against Allied cyphers, prefixed by a general survey of German Sigint’ gives an overview of the intelligence that the Germans got through codebreaking:

Messages from Leningrad gave information on the activities of mine-sweepers and patrol boats in the Baltic. The time lag in 1942 was from 2 days to a few hours.

Also in 1942 medium to high grade ciphers used by the Northern Fleet gave the German navy considerable information on the activities and disposition of Soviet surface vessels and submarines as well as British shipping off North Russia.

Black Sea

Pre-war a 5-figure superenciphered code was used. At the beginning of the war this was replaced by a 4-figure subtractor system. The subtractor was not taken from a pad but was generated using a substitution table from the text of the ‘History of the Communist Party’ ( three different letters= 1 figure).

This was replaced by a 4-figure subtractor system, this time the subtractor taken from a pad. This system was used extensively by the Soviet naval air arm but was only partially solved.

The next system in line was a 5-figure doubly enciphered code that was not solved.

Finally there were several 5-figure systems, including a 4-figure disguised as a 5-figure that were not completely solved.

Low level codes were read till summer ’44.

In general work on Black sea systems was given a lower priority compared to the North Sea and Baltic which were more important for operations.

Soviet naval aviation codes

The code used by the planes of the Soviet naval air arm was a simple substitution table. This was easily solved by the codebreakers of the Luftwaffe’s signal intelligence service.

Since the naval planes had the mission of escorting the Allied convoys they constantly transmitted their position, strength and route. One can only imagine the importance of this traffic for the Germans.

The exploitation of the naval aviation code is mentioned in several postwar reports:

From HW 40/7 ‘German Naval Intelligence successes against Allied cyphers, prefixed by a general survey of German Sigint’, p11

Besides the purely naval traffic broken by OKM, the G.A.F. Sigint Service was exploiting some Russian Fleet Air Arm cypher during the Autumn of 1942, which constituted a dangerous source of intelligence on Allied convoys between the U.K. and North Russia. On 8th September, for example, a G.A.F. Sigint report was seen in Special Intelligence containing decodes of three signals relating to the 95th Air Regiment of the Russian Northern Fleet of which the first, dated 7th September, gave the scheduled movements of convoys PQ 18 and QP 14 for the period 10th to 20th September, and the other two contained instructions for air escort of these two convoys.


PQ18 lost 13 ships for 76,000 tons while QP14 lost 2 escorts and 4 merchant ships for 20,800 tons. [Source: ’Hitler’s U-boat War vol2’, p21]

From TICOM DF-292 ‘The Cryptologic Service in WWII (German Air Force)’, p46

In another case the destruction of a convoy near Murmansk was involved. This time during the course of several days messages were intercepted and decrypted in which a convoy of some 40 vessels was reported which was on its way to Murmansk. In those messages the position of the convoy was given repeatedly. All the messages were enciphered with a simple substitution table and could be deciphered in full, very quickly. The Air Fleet in the North could be alerted in time. A large number of bombers was ready to start. Then when additional decrypted massages announced the approach of the convoy to Murmansk the German bombers were ordered to start. The exact position of the attack was known. Here again the attack came as a surprise and destroyed nearly all the ships. From these two examples one might assume that the enemy did not count on the possibility that the German Intercept Service could decrypt the enciphered messages in time. But why this important massage was enciphered in such primitive fashion is hard to explain.

Report DF-292 was written by Edwin von Lingen, head of the Luftwaffe Chi Stelle’s Soviet cryptanalysis department.

The compromise of the routes of PQ17 and PQ18 from reading Soviet naval aviation codes is confirmed from another source. The Swedish codebreakers were able to decode German messages travelling through their telephone network, even if they were enciphered with the Siemens T-52 cipher teleprinter. Some of these reports mentioned the decoded Soviet messages dealing with the northern convoys. The Swedish codebreaker Sven Wasstrom, who examined these messages, became distraught at this drama.

Cooperation with the Finnish codebreakers

According to TICOM I-16 the German naval codebreakers exchanged material with the Finns but did not cooperate closely. The Finns had excellent interception of Baltic traffic and had solved a doubly enciphered 5-figure code.

Conclusion

The codebreakers of the B-Dienst and the Luftwaffe were able to exploit several Soviet Navy and Naval air arm codes.
The operations of the Red Navy in the Baltic and the North Sea were monitored through codebreaking. The Russians used several insecure systems until late ’43. From then on however it seems that at least their high level codes were secure.

Still the compromise of the Naval Aviation code and the effect it had on German operations against Allied shipping was a serious defeat for the Soviet side.
Sources:

HW 40/7 ‘German Naval Intelligence successes against Allied cyphers, prefixed by a general survey of German Sigint’, TICOM reports DF-292 and I-16 (the last one available through TICOM Archive), Codebreakers: Arne Beurling and the Swedish Crypto Program During World War II 

Wednesday, July 11, 2012

Forschungsamt success with Polish diplomatic link London-Washington

In the course of WWII the German codebreaking agencies were able to get intelligence of great value from the solution of Polish diplomatic, secret service and resistance movement codes.

The Forschungsamt was one of the principal German codebreaking agencies of the period 1933-45. Unfortunately we know little about their successes with enemy codes.

Postwar report ‘European Axis signals intelligence vol 1 - Synopsis’, p21-2 admits that no evidence of their cryptanalytic successes were found and that less than 1% of the FA’s personnel were interrogated:

No documentary evidence bearing on its cryptanalytic successes was found by TICOM’…………..‘Goering's "Research" Bureau had over 2,000 personnel. Less than one per cent of these were apprehended by TICOM for interrogation’.

In ‘European Axis signals intelligence vol 7 - Goering’s Research Bureau’, p83 it is stated that Polish systems were not solved but only sorted according to link.

However a TICOM report shows that the FA was probably more successful that people think.

From TICOM I-159 ‘Report on GAF Intelligence based on Interrogation of Hauptmann Zetzsche’, p3

9. Intelligence concerning foreign diplomatic exchanges was received from the Forschungsamt (subordinated directly to GOERING) through Ic/Luftwesen/Abwehr, and was given a restricted distribution. It consisted of intercepted Allied radio-telegrams (e.g. London-Stockholm), ordinary radio reports (e.g. Atlantic Radio) and intercepted traffic between diplomats and ministers on certain links, e.g. Ankara-Moscow (Turks), Bern-Washington (Americans), London-Washington (Poles).

10. The last-mentioned source was of great value before and during the invasion and after the breaking-off of Turkish-German relations. In general the Forschungsamt reports contained a great deal of significant information concerning economic and political matters.

Zetzsche was head of Group A of the Luftwaffe’s central evaluation center Foreign Airforces West.

What crypto system was used on this link? What kind of intelligence did the FA people get out of it? What was its value prior and during the Normandy invasion?

If I manage to find more details on this matter I will update this piece.

Sunday, July 8, 2012

RAF Fighter Command strength 1939-45

The British RAF was organized in specialized commands. Fighter Command’s role was to protect Britain from the enemy’s bomber force.

Let’s have a look at the Fighter Command strength from AIR 22 - 'Air Ministry: Periodical Returns, Intelligence Summaries and Bulletins':







Op.: Aircraft in operational units.

Est.: Establishment strength in operational units.

Serv.: Serviceable aircraft in operational units.

Crews: Aircraft with crews in operational units.

Some comments:

1).Numerical strength of FC goes up in the period 1939-42, stabilizes in 1943 at a high level and starts going down in 1944-45.

2).Regarding the types of aircraft, initially it is the Hawker Hurricane that is the main fighter but from late ’41 the Supermarine Spitfire takes the lead.

3).Standardization doesn’t seem to be high on FC priorities since many different types are used concurrently. This is understandable in the case of two engine aircraft that are used as night-fighters, such as the Beaufighter and Mosquito.

However when it comes to day-fighters we get in May ’41: Spit, Hurricane, Westland Whirlwind and Boulton Paul Defiant.

Things start to change in the second half of the war. In May ’43 we have the Spit, Hawker Typhoon and Whirlwind.

Only in 1945 does standardization win since there are just two types, the Spit and the P-51 Mustang.

4).In 1941-42 it’s hard to justify the large number of Spitfires kept in the UK since the Germans have a very small airforce in Western Europe. Meanwhile the RAF in N.Africa has to use the outdated Hurricane and the American P-40 Warhawk.

5).Despite all the talk about the Spitfire being the best fighter of the war It is interesting to note that even though FC has numerical superiority it is still beaten in the Channel battles of 1941-42 by the Luftwaffe’s Channel-Geschwader JG2 and JG26. The Germans used the Bf-109F and FW-190 that had superior performance compared to the British types. [Sources: ‘The right of the line: the Royal Air Force in the European War, 1939-1945’, p285 and 561 and ‘Jagdwaffe Volume 4, Section 1: Holding the West 1941-1943’]

6).Throughout the war the main problem for FC is that their ‘star’ aircraft lacks the range to take the fight into Germany.

7).Lend Lease aircraft only appear in large numbers in 1945, when the P-51 Mustang makes up 48% of FC in April ’45. Prior to ’45 only the Boston night-fighter is used in small numbers.

Wednesday, July 4, 2012

American exploitation of Soviet multichannel radio-teletype networks 1946-1956

All countries need modern and efficient communication systems to connect their economy and government departments. The Soviet Union, as long as it lasted, was the largest country in the world and it definitely needed efficient and secure means of communication between its distant geographic areas.

During the 1930’s the Soviets started using multichannel radio-teletype for internal communications. Considering the poor state of the landline system radio communications were a more economic choice and through the radio-teletype long messages could be quickly sent from one area of the SU to the next.

Overview of the German effort 1936-45

As I have mentioned before, the German signal intelligence agencies took an immediate interest in the use of radio-teletype by the SU and in 1936 built a machine that could intercept the multichannel transmissions and print the text automatically.

This work was carried out by the Army Ordnance, Development and Testing Group, Signal Branch Group IV C  -  Wa Pruef 7/IV C at an experimental station in Hillersleben-Staats.

This unit intercepted a very large number of Soviet messages and passed them for decoding and evaluation to OKW/Chi and OKH/GdNA. FMS P-038 ‘German Radio intelligence’ says: ‘At the experimental station the volume of recordings, which were made available to the cryptanalysis and evaluation sections of the Armed Forces Cryptographic Branch and the Evaluation Control Center of OKH, averaged ten million transmissions a day.

Some of these messages could be decoded but many were enciphered with OTP (which was unbreakable) or with a cipher teleprinter which the German called Bandwurm.

The plaintext messages were scanned for economic and military information. On average only 10% had interesting intelligence. However this percentage multiplied by the huge number of intercepts ensured a steady stream of valuable intelligence.

From these messages the Germans got information on the Soviet economy and military mobilization data. The radio-teletype networks were practically the only source of information on what was going on in the Soviet interior. On the basis of this information the Wehrwirtschaftsnachr (WWN) were compiled. These bulletins gave a detailed summary of the Russian economic situation, particularly in the areas of Moscow, Baku, Rostov and included production figures and details of supply and labor situations.


Alexis Dettmann, chief cryptanalyst in Horchleitstelle Ost, mentions economic traffic from the Urals and the Kuznetsk Basin in TICOM report DF-112 ‘Survey of Russian military systems’.

Detailed card indexes of an economic nature were kept, they included names and locations of factories and personalities therein.

Other agencies also intercepted the Soviet networks. It seems that Goering’s Forchungsamt used this traffic to evaluate the Soviet economy.

The army agency OKH/GdNA also had an independent unit that intercepted Soviet teletype transmissions as part of its Group VI - OKH/GdNA Group VI. During 1942-4 this small unit operated in Loetzen, East Prussia under the command of Horchleitstelle Ost (Intercept Control Station East). It was this unit that was captured by an Anglo-American TICOM team in May 1945 in Rosenheim, Germany.

The Germans and their equipment were transported to the UK and put to work so their methods could be evaluated. The Anglo-Americans then either copied directly the German equipment or built similar models and used them to intercept the internal Soviet network.

The Army Security Agency and the Russian Fish - A success story from the beginning

The Anglo-Americans called the German machine ‘Russian Fish’ because it intercepted the Soviet teletype which they called ‘Fish’. This had a precedent in WWII when they gave fish names to the German cipher teleprinters. The Lorenz SZ42 was called ‘Tunny’ and the Siemens T-52 ‘Sturgeon’.

Information on the American exploitation of the Soviet radio-teletype networks is still hard to find. However there are snippets of information from NSA official histories and a few books.

Author James Bamford says in his book ‘Body of secrets’, p20

The relative handful of American codebreakers who stayed on quickly shifted gears. The Soviet Union instantly became their number one target.

One key listening post not shut down was Vint Hill Farms Station. Known as Monitoring Station Number 1, it was located in the rural Virginia town of Warrenton. During the war, Vint Hill played a pivotal role in eavesdropping on enemy communications for thousands of miles in all directions. At war's end, 2,600 people stayed on, many of them intercept operators, to handle the transition from hot war to cold war. They were able to eavesdrop on key Russian diplomatic and military communications sent over the Fish machine. "They intercepted printers at Vint Hill, Russian printers," said Colonel Russell H. Horton, who commanded the station shortly after the end of the war. "They had these ... circuits that had nine channels if I'm not mistaken. They had machines ... all hooked up so that they separated the channels and did all of the interception in Cyrillic characters." Horton added, "As far as I know, there was no effort against the Russians until after the war

.........

Since the discovery of the Russian Fish machine by TICOM at the end of the war, and the ability to read a variety of diplomatic, KGB, and trade messages as a result of the Venona breakthrough on Soviet onetime pads, American codebreakers had been astonishingly lucky. Virtually overnight they were placed in what NSA has called "a situation that compared favorably to the successes of World War II."

The official NSA history ‘American Cryptology during the Cold War:  1945-1989, Book I: The Struggle for Centralization 1945-1960’, in p169 gives a few snippets of info.




More details are given in an interview of Oliver Kirby - NSA-OH-20-93. Kirby says that they learned of the Soviet teleprinter problem through TICOM. Initially they did not have the means to intercept this traffic. Once they did they were swamped by the huge number of plaintext intercepts. He says in page 51 ‘Yes, and we began to really exploit and find that there was a gold mine in the plaintext in terms of intelligence, and I mean highly-desired intelligence

The people involved in the plaintext problem were Olin Adams and Jacob Gurin. It was Gurin who saw that each plaintext message on its own was unimportant but taken together they could provide valuable intelligence on everything taking place in the Soviet Union.

The effort to exploit the Soviet plaintext messages began in 1946. Initially they needed lots of translators and they ‘stole’ these from an OSS unit in Washington. However the sheer numbers of intercepts could only be handled through mechanization. For this reason they built a device that could scan the radio-teletype signal and print the text. This was the CX-CO device.



The unit that sorted the plaintext messages was made up of African-Americans. Due to the importance of the program more people were added to the unit.

In order to access the importance of the plaintext program we need to take a step back and look at the situation facing the Western intelligence agencies after 1945.

In the first years after WWII ended the Anglo-Americans were able to exploit several Soviet codes and ciphers. However the Russians learned through their spy William Weisband that their codes were vulnerable and in 1948 instituted a complete change in systems and procedures. This was called the ‘Black Friday’ by the NSA (presumably because the Russians changed all their systems on a Friday, although some authors dispute that). At the same time Western intelligence agencies had no luck in creating spy networks inside the Soviet Union.

It was at this time that the plaintext program became extremely important as it was basically the only way to find out what was happening in the Soviet interior. The millions of messages provided information on all aspects of Soviet activity. Especially important was the intelligence on the Soviet economy, the armed forces and the nuclear program.

The height of the program came in the early 1950’s and was able to cover the ground lost from the ‘Black Friday’ incident. Still nothing lasts forever. As the Soviets built up their landline and microwave communication networks use of the radio-teletype was stopped.

NSA history ‘The Invisible Cryptologists’ says that in 1956 the all-black unit was dissolved. At that time it seems the ‘Russian Fish’ source had dried up.

Information from NSA histories

More pieces of the puzzle are given from NSA histories.

From ‘The Invisible Cryptologists: African-Americans, WWII to 1956’:

The ASA. effort to exploit Russian plaintext traffic began in 1946 with the part-time assignment of several linguists to the target. At that time, however, the Agency's emphasis was on the translation of encrypted messages, and the employment of scarce Russian linguists on plain text was judged to be unwarranted. Later, in May 1947, the effort was revised at the Pentagon. Individuals without security clearances or with partial clearances would sift through volumes of messages and translate all or parts of those determined to have intelligence value. Placed in charge of this group was Jacob Gurin, an ASA Russian linguist who had immigrated to the U.S. with his parents at the age of three.

……………………………………………………………………………………………………………………………………………

From the Agency's inception under William Friedman, its business was the breaking of codes and ciphers. Once the underlying text was revealed, individual messages were translated, and, after a reporting mission was established, selected ones were published on 3" x 5" cards. While individual decrypted messages could be extremely valuable, plaintext messages were most often preformatted status reports that were insignificant when considered singly. Jack Gurin was convinced that if these messages were assembled and analyzed in the aggregate, they could yield valuable information on Soviet defense capabilities.



By July 1950, over a million messages a month were being forwarded to AFSA for processing and exploitation. The plaintext exploitation unit stood at 170, and it was projected that by April 1952, the volume of messages requiring processing would nearly double, requiring an additional 350 people. During the 1950/1951 time frame, Russian plain text was nearing its zenith in terms of intelligence priorities, collection resources, and personnel; and AFSA-213, the all-black traffic processing branch (later a division) that came to be known as “the snakepit,” “the plantation,” and “the black hole of Calcutta,” was in full operation.’


Recently declassified NSA history ‘On Watch: Profiles from the National Security Agency’s past 40 years’, p15 also presents the radio-teletype plaintext program in triumphant terms:

In addition to manual Morse, the Soviets were using a good deal of [redacted] among others. The Soviet plaintext problem was a SIGINT success story from the beginning, from the design of electro-mechanical processing equipment that could handle each new Soviet development to the painstaking analysis of the intercepted communications. A joint American-British effort against these communications in the nineteen-forties led to high intercept volume and new engineering challenges in the face of proliferating Soviet [redacted] techniques.

At one time the United States and Britain together were processing as many as two million plaintext messages a month, messages containing everything from money orders to birthday greetings. The production task was awesome, with analysts manually leafing through mountains of page copy, meticulously screening millions of messages. [redacted] The investment paid off, leading, to an encyclopedic knowledge of what was going on in the Soviet Union. Over 95 percent of what the United States knew about Soviet weaponry in the nineteen-forties came from analysis of plaintext radioprinter traffic. Almost everything American policy makers learned about the Soviet nuclear energy and nuclear weapons programs came from [redacted] radioprinter traffic, the result of fitting together thousands of tiny, selected pieces of the jig saw puzzle.



Conclusion

The use of radio-teletype by the Soviet Union was a matter of necessity. Due to the huge distances involved radio offered a better investment compared to the resources needed to lay landlines.

The use of radio-teletype however offered the chance of interception for interested parties. In the 1930’s and 40’s the German signal intelligence agencies were successful in building specialized equipment that intercepted the Soviet multichannel transmissions and printed the plaintext.

After 1945 it was the Americans that took over this work, after having been initiated into the secret by the OKH/GdNA Group VI unit.

Through the ‘Russian Fish’ intercepts the Anglo-Americans were able to get millions of messages each month. When analyzed together they provided unprecedented intelligence on Soviet economic and military matters.

Continued NSA secrecy

The ‘Russian Fish’ story continues to be shrouded in mystery even today. Why has the NSA released snippets of information when they could release all the details?

Such an old story has no value from a perspective of security. Perhaps there are other reasons.

The NSA gets its billions of dollars in order to ‘break’ enemy codes. The ‘Russian Fish’ story was undoubtedly a great success but it did not have anything to do with codebreaking. The messages were plaintext. Perhaps they fear that their success with the ‘Fish’ highlights their failure with Soviet codes.

There is also the question of the 1950’s controversies. If the ASA had ‘encyclopedic knowledge of what was going on in the Soviet Union’ how can we explain the bomber gap and missile gap affairs? Shouldn’t they have known that the Soviet Union did not have more bombers or nuclear missiles than the US?

Another reason could be the German connection. Maybe the Anglo-Americans do not want to admit that Hitler’s intelligence agencies had technology and successes that exceeded their own.

Or are the NSA/GCHQ preparing some book, through one of their friendly authors, that will present this story in the way they want it to be told?

At this time we can only make guesses…

Sources: CSDIC 1717 ‘Consolidated report on information obtained from the following: Erdmann, Grubler, Hempel, Karrenberg, Schmitz, Suschowk’, TICOM I-99  ‘Interrogation Report of Hptm. Herbert Roeder (Head of Gruppe VI, Gen.d.NA, OKH, 1944-45)’,  SI-32 Special Intelligence Report : ‘German Signal Intelligence for Intercepting and Evaluating Internal Communications (Baudot and W/T) of Russia , Particularly Communications Concerning Economic and Industrial Management. (Information supplied by Alex Dettman ,chief army cryptologist on Russian systems)’, TICOM I-58 ‘Interrogation of Dr. Otto Buggisch of OKW/Chi’, European Axis Signal Intelligence in World War II vol 4 - ‘The Signal Intelligence Service of the Army High Command’, ‘Body of Secrets’ by James Bamford, NSA history - ‘The invisible cryptologists’, NSA history - ‘On Watch: Profiles from the National Security Agency’s past 40 years’ (found through Matthew M. Aid’s site), NSA-OH-20-93, NSA history - ‘American Cryptology during the Cold War:  1945-1989 ,Book I: The Struggle for Centralization 1945-1960’, FMS P-038 ‘German radio intelligence’, TICOM Archive , wikipedia, DF-112 ‘Survey of Russian military systems’

Monday, July 2, 2012

US military attaché codes of WWII

The cryptologic systems used by US military attaches prior and during WWII were the Military Intelligence Code and the War Department Confidential Code. Thanks to physical compromise of these codes and their enciphering tables German and Italian codebreakers were able to read the secret US attaché communications.

The greatest success for the German side was reading the messages of the US military attaché in Cairo. These provided Rommel with excellent intelligence and definitely contributed to his military operations.