Compromise of OWI - Office of War Information communications

In 1942 the US government created a new organization called the Office of War Information, headed by Elmer Davis. This organization absorbed the functions of several other government departments such as the Office of Facts and Figures (OWI's direct predecessor), the Office of Government Reports, the Division of Information of the Office for Emergency Management and the Foreign Information Service.

The OWI had representative in countries abroad and participated not only in news gathering activities but also Anti-Axis propaganda and even espionage. Especially in Bern, Switzerland the local station, headed by Gerald M Mayer, cooperated closely with the OSS - Office of Strategic Services station of Allen Dulles.

Svetova Revoluce and the codes of the Czechoslovak resistance

At the end of the First World War the multiethnic Austro-Hungarian Empire collapsed and out of its ruins emerged several new countries. One of these was Czechoslovakia, containing the Czech areas of Bohemia and Moravia together with Slovakia and Carpathian Ruthenia in the east.

In the interwar period Czechoslovakia followed a foreign policy supportive of France and was part of the Little Entente. The country had a stable democracy and its industrial resources were large (based on the Skoda works) for such a small country. However there were two important problems affecting Czech national security. On the one hand the rise of Nazi Germany and its rearmament was a clear security threat. At the same time there were serious problems with the German and Slovak minorities that resented Czech rule.  

Czechoslovakia contained a large number of minorities that were dissatisfied with the ruling Czech establishment. Especially the German minority made up roughly 23% of the population (according to the 1921 census) and a large part of it was concentrated in the border with Germany called Sudetenland. Many of the Sudeten Germans wanted for their areas to be unified with Germany and in the 1930’s Hitler’s Germany supported the demands of the Sudeten German Party. These claims were rejected by the Czech government of Edvard Beneš and as the Czech crisis threatened Europe with a new war a conference took place in Munich between the governments of Germany, Italy, Britain and France.  

Without support from Britain and France the Czech government was forced to cede the Sudeten territories to Germany and also lost other disputed areas to Hungary and Poland. Even though Germany had succeeded in absorbing the Sudeten areas and in weakening Czechoslovakia that did not stop Hitler’s offensive plans and in March 1939 German troops invaded and occupied the rest of the country. From then on the country was ruled by Germany and special attention was given to its heavy industry which produced weapons for the German armed forces.

During the war the Czech Government in Exile, headed by Beneš, was based in London and had regular communications with the Czech resistance. The most daring operation of the resistance was the assassination of Reinhard Heydrich, protector of Bohemia and Moravia and former head of the Reich Main Security Office. However after this episode the Germans took many security measures and were generally able to keep the resistance activities under control. In this area they took advantage of the insecure communications between the resistance and the Czech intelligence service, operating from Britain.

Compromise of Soviet codes in WWII

Signals intelligence and codebreaking played an important role in WWII. British and American codebreakers solved many important Axis crypto systems, such as the German Enigma machine and the Japanese Navy’s code JN25. 

Historians have not only acknowledged these Allied successes but they’ve probably exaggerated their importance in the actual campaigns of the war.

Unfortunately the work of the Axis codebreakers hasn’t received similar attention. As I’ve mentioned in my piece Acknowledging failures of crypto security all the participants suffered setbacks from weak/compromised codes and they all had some successes with enemy systems. 

Britain, the Soviet Union and the United States did not have impenetrable codes. In the course of WWII all three suffered setbacks from their compromised communications.

After having dealt with the United States and Britain it’s time to have a look at the Soviet Union and their worst failures. 

Move along comrade, nothing to see here

Compromises of communications security are usually difficult to acknowledge by the countries that suffer them. For example since the 1970’s countless books have been written about the successes of Bletchley Park, yet detailed information on the German solution of Allied codes only started to become available in the 2000’s when TICOM reports and other relevant documents were released to the public archives by the US and UK authorities.

In Russia the compromise of their codes during WWII has not yet been officially acknowledged and the archives of the codebreaking organizations have remained closed to researchers. This is a continuation of the Soviet policy of secrecy.

The Soviet Union was a secretive society and information was tightly controlled by the ruling elite. This means that history books avoided topics that embarrassed the regime and instead presented the officially sanctioned version of history. Soviet era histories of WWII avoided references to codes and ciphers and instead talked about ‘radio-electronic combat’ which dealt with direction finding, traffic analysis and jamming (1).

After the fall of the Soviet Union several important government archives were opened to researchers and this information has been incorporated in new books and studies of WWII. However similar advances haven’t taken place in the fields of signals intelligence and cryptologic history. Unlike the US and UK that have admitted at least some of their communications security failures the official line in Russia is that high level Soviet codes were unbreakable and only unimportant tactical codes could be read by the Germans. Even new books and studies on cryptology repeat these statements (2).

However various sources such as the TICOM reports, the war diary of the German Army’s signal intelligence agency Inspectorate 7/VI and the monthly reports of the cryptanalytic centre in the East Horchleitstelle Ost clearly show that the Germans could solve even high level Soviet military and NKVD codes.

Update

I have uploaded TICOM report DF-111 ‘Comments on various cryptologic matters’. Acquired through the NSA’s FOIA office. Available from my Google docs and Scribd accounts.

I have rewritten Soviet Diplomatic Code 26 and the elusive Dr Roeder using information from DF-111.

Update

I have uploaded TICOM report DF-105 ‘Determination of the Absolute Setting of the AM-1 (M-209) by Using Two Messages with Different Indicators’. Acquired through the NSA’s FOIA office.

Available from my Google docs and Scribd accounts.

Compromise of Soviet codes in WWII – the good, the bad and the unexpected

After covering the cryptologic failures of the United States and Britain in WWII, i’m currently writing a summary of the compromise of Soviet codes in WWII, however there are some good news and some bad news regarding the available sources.

The good news

The war diary of the German Army’s signal intelligence agency Inspectorate 7/VI and the reports of the cryptanalytic centre in the East Horchleitstelle Ost (later named Leitstelle der Nachrichtenaufklärung) are available for the period 1941-43. Also summaries on the solution of Soviet codes are available for the period October 1944-March 1945.

The bad news

I haven’t been able to find the reports of Horchleitstelle Ost for the second half of 1941 and for the period February- September 1944.

The unexpected

According to a recently declassified TICOM report the Germans were able to read the first version of the Soviet diplomatic one time pad code in the 1930’s and the codes of the Comintern. In the first case their success was due to the fact that the system was not true one time pad in that one additive page was assigned to each message. If the values were not enough to encipher the entire message then they were reused.

In the case of the Comintern it seems that the main system used by Communist Parties around the world was a numerical code used together with a letter to number substitution table. The table was used as a ‘key’ generator for additive sequences used to encipher the coded message. A common book would be used for this purpose and the user would identify through the indicator the page and line that the sequence would start from.  In one such case the Germans solved the ‘encipherment sequence of about five million digits’ and identified the five books used as cipher.

The French War Ministry’s FLD code

In May 1940 Germany shocked the world by defeating the combined forces of France, Britain, Belgium and Holland in a short land campaign. Unlike World War I that had ended in millions of deaths and a stalemate in the West, this time the German forces were able to quickly defeat their opponents. After France’s defeat several theories were promoted, trying to explain this strange outcome. Some focused on the supposed superiority of the Germans in manpower and armaments, while others tried to point to the German Panzer divisions that supposedly had a big advantage over the similar French units.

General Gamelin who commanded the French forces told Churchill that the defeat was due to: ‘Inferiority of numbers, inferiority of equipment, inferiority of method’. In fact both sides had roughly similar strength in troops and aircraft while in tanks it was the Franco-British alliance that had the advantage, both in terms of numbers and of quality.

However the German were able to overcome their tank inferiority by grouping their armored divisions together, supporting them with ample airpower and providing them with dedicated infantry, anti-tank, artillery and communication units. At the same time their radio communications system was much more advanced than the French Army’s and orders could be dispatched quickly and securely to all units.

The German leadership also took a big risk by attacking through the Ardennes area with the purpose of cutting off the northern part of the Allied front.

Another area where the Germans had the advantage was in signals intelligence. Unfortunately historians have focused almost exclusively on the German Enigma cipher machine and its solution by the codebreakers of Bletchley Park thus neglecting the many successes of the German codebreakers.  

The German victories during the period 1939-1942 in France, N.Africa, Atlantic and in the Eastern Front were achieved at least in part thanks to their ability to read their enemies communications.

French military codes and the Battle of France

The French military and civilian authorities used for their secret communications several codebooks, both enciphered and unenciphered. Individually these systems did not have a very high degree of security but it seems that the French strategy was to overwhelm enemy codebreakers through the simultaneous use of a large number of different codebooks (1). Additionally, it is possible that the French Army’s cipher bureau overestimated the security of the encipherment procedures used with the codebooks.

According to the available sources the following cryptosystems were in use in 1939 (2):

For high level networks (Army High Command and Army Corps) the machine cipher B-211 and 5-figure/5-letter dictionaries enciphered with transposition methods.

For mid level networks (Armies and Divisions) the machine cipher C-36 and the 4-figure/4-letter codebooks RA, ATM and 69.

For low level networks (small Army units like battalions and regiments) codebooks enciphered with short additive keys (9-13 digits long) plus 3-letter dictionaries.

From recently released TICOM reports and various books it is clear that the Germans could read French Army tactical codes (3), the Navy’s main cipher system (4) and the Airforce’s ‘Aviation Militaire’ (5). By exploiting these systems the Germans obviously got valuable intelligence. However their main success that directly contributed to their victory in 1940 was achieved against high level enciphered codes used by the French War Ministry.

The code of the French War Ministry

From the early 1930’s the German codebreakers could read the code used between the French War Ministry and the various military districts. This was a 4-figure codebook of 10.000 values enciphered with additive sequences. In September 1939 there was a change in the method of encipherment and columnar transposition was used instead of addition. Unfortunately for the French this method had been used by one of their military districts prior to September 1939, thus allowing the Germans to solve it and figure out how the transposition keys were chosen. Thanks to this compromise the Germans could read messages of the War Ministry and the military districts till June 1940. The information gained concerned the French army’s order of battle, the weak point of the Maginot Line, the mood of the troops and the population in France and in the colonies, the order of battle of the British troops stationed on the mainland and their movements.

Information on the compromise of the FLD code is available from several sources.

Colonel Mettig, head of the German Army’s signal intelligence agency Inspectorate 7/VI in the period 1941-43, said in TICOM report I-128 ‘Deciphering Achievements of  In 7/VI and OKW/Chi’, p2

‘In assessing the value of Signals Intelligence PW considers that the deciphering of messages of strategic importance is more valuable than deciphering those of tactical importance. He therefore rates most highly the solution of the French ciphers in the FLD military network radiating from Paris. The deciphering of this traffic before and during the war gave a clear picture of the order of battle of the French and Belgian armies and also of the British army.’

This success was accomplished by the codebreakers of the German High Command's deciphering department – OKW/Chi. Wilhelm Fenner, who was head of the cryptanalysis department of OKW/Chi, said in TICOM DF-187B, p7

‘Even before the military action with France began, the military systems of French higher staffs were solved. This was a 4 or 5-figure code that was systematically transposed (tableau carve) .In the cryptograms a few parallel passages (repetitions) were discovered .The interval between these passages was constant and must therefore correspond to the width of the transposition box as cryptanalytic studies have shown.If I am not mistaken the keys (Loesungen ?  ? ? )  ? ? the box itself were taken from the same code book. Despite all the cunning of this cryptographic system, the occurrence of short parallel passages proved fatal. By the aid of these deciphered messages tabs could be kept on the French Army far back into the homeland.’

Colonel Randewig, head of the intercept organization in the West during the 1940 campaign wrote in the report FMS P-038 ‘German radio intelligence’:

‘As early as December 1939 the Germans broke a special cryptographic system used by the French command in radio messages to the armies and military district headquarters. It had been used contrary to regulations prior to the opening of hostilities in September 1939. The Germans were able to solve this system because the radio station guilty of the violation was reprimanded and thereupon repeated the same messages in the proper system. Their contents revealed a certain amount of organizational information, for example, the fact that the French 2d and 3d Cavalry Divisions had been reorganized into the 1st and 2d Armored Divisions and were due to move into their assembly area northeast of Paris by 1 January 1940. However, this type of incomplete information could generally be considered only as a supplement to and confirmation of other intelligence concerning the enemy. It was not possible to deduce the enemy's order of battle from radio intelligence alone.

Nevertheless, the Germans could identify the probable concentration areas of the French and British armies from the practice messages sent by the field radio stations, although the boundaries of army groups, armies, corps and divisions could not be established with any certainty. Greater clarity prevailed about the fortified area behind the Maginot Line in the south. Enemy forces stationed near the Frenco-Swiss and Franco-Italian borders were not observed according to any regular plan. Spot-check intercepting failed to pick up the French Tenth Army in the place where it was presumed to be by the German command. However, radio intelligence did indicate the presence of the French Sixth Army.’

The importance of this intelligence is even admitted by the official history ‘British Intelligence in the Second World War volume 1’, p163-4

‘It later became clear that, until the fall of France, Germany enjoyed not only the strategic initiative but also the advantage of good operational intelligence………. During the planning and the carrying out of the attack on France the work of the enemy intelligence department of the General Staff of the German Army was of crucial importance and its value fully justified the prestige which the department had always enjoyed. The work has been described by General Ulrich Liss, head of the department from 1937 to 1943. He emphasizes that partly on the basis of British army documents captured in Norway, which provided all it needed to know about the British order of battle, and partly from the cypher traffic between the French War Ministry and the army groups, armies and home authorities, most of which it read from soon after the outbreak of war until 10 May, the department had a very comprehensive and accurate knowledge of the dispositions and qualities of the Allied forces………… During the campaign its intelligence continued to be good, and Sigint continued to be the best source.’

However the person who can give the most accurate account of the work done on the FLD code was the chief cryptanalyst of OKW/Chi, Erich Hüttenhain. According to Hüttenhain’s manuscript ‘Einzeldarstellungen aus dem Gebiet der Kryptologie‘, p14-16 (6) the code used between the French War Ministry and the military districts was a 4-figure codebook of 10.000 values, enciphered with short additive sequences. Since this method of encipherment offered limited security and the underlying code remained in use for years these messages could be read by the Germans. However a different system was used by the military district in the border with Italy. Here the code was transposed based on codewords. After finding two messages with parallel passages the German codebreakers were able to solve this system in 1938 and they realized that the transposition keys were created by using the codegroups of the codebook. Thus from mid 1939 the traffic of this military district could also be solved. In September 1939 when WWII broke out the French War Ministry instead of changing the cipher procedures, ordered that this system of transposition was to be used by all the military districts. Since the 4-figure codebook remained in use the Germans could read this traffic up to June 1940 and Hüttenhain says that the German leadership was informed of all significant operations within the French armed forces.

Among his conclusions about this case were that a country should not adopt for its main cipher a system that is already known to the enemy and thus possibly compromised and that indicator groups should be independent of the cipher.

’Das französische fld-Netz 

Beim Anfang der dreißiger Jahre benutzte das französische Kriegsministerium im Verkehr mit den französischen Wehrkreisen zur Verschlüsselung der Nachrichten einen 4Z-Code, der mit einer endlichen Additionszahl überschlüsselt wurde. Fast alle 10.000 Gruppen des 4Z-Codes waren belegt. Der Code wurde im Laufe der Jahre nicht geändert oder gar abgelöst. Die Additionszahlen wurden in kürzeren Zeitabschnitten abgelöst. Es waren jeweils gleichzeitig mehrere Additionszahlen im Gebrauch. Die Längen der einzelnen Additionszahlen waren ungerade und schwankten zwischen 7 und 13 Ziffern. Die mit dieser Geheimschrift,also mit dem 4Z-Code verschlüsselten Nachrichten wurden in den letzten Jahren vor dem 2. Weltkrieg vollständig mitgelesen. In dem Verkehr mit dem an Italien angrenzenden französischen Wehrkreis verwendete das französische Kriegsminister rium ein anderes Chi-Verfahren. Im vorangehenden Studium des gesamten Spruchmaterials dieses einen Verkehrskreises wurden 2 Sprüche gefunden, die eine größere Anzahl von fast gleich langen und über die ganzen Spruchlängen fast gleichförmig verteilten Ziffernfolgen enthielten; lediglich die Reihenfolge der diese 2 Anfangszeilen bildenden Ziffernfolgen in den beiden Sprüchen war verschieden. Diese Feststellung führte zur Erkenntnis, daß ein Ersatzverfahren mit einem Würfel überschlüsselt wurde. Mit Hilfe von 2 Anfangsreihen konnte die Würfellosung rekonstruiert und das Ersatzverfahren als 4Z-Code erkannt werden.-Es war also in den beiden Sprüchen, die zum Einbruch in das Verfahren führten, eine längere, sich über mehrere Zeilen des Würfelkastens erstreckende gleiche Textstelle vorhanden.

Der 1. Einbruch gelang im Jahre 1938. Im Laufe der nächsten Monate wurden weitere dieser Parallelstellen-Kompromisse gefunden. Es wurden die in Wortlosungen umgewandelten Würfellosungen als die Klarbedeutungen der Codegruppen des verwendeten 4Z -Codes erkannt. Und es wurde erkannt, da als Kenngruppen für die Würfellosungen 4Z -Gruppen des Codes gewählt wurden, deren Klarbedeutung jeweils die Wortlosung des Würfels war. Auf diese Weise lieferten gedeutete Codegruppen neue Würfellosungen und rekonstruierte Würfellosungen neue Codegruppen. Mitte 1939 wurde der gesamte Verkehr zwischen dem französischen Kriegsministerium und dem an Italien angrenzenden Wehrkreis, der also mit der Geheimschrift 4ZCüW verschlüsselt wurde, mitgelesen.

Als am 3. September der Krieg mit Frankreich ausbrach, verfügte das französische Kriegsministerium, daß die bisher nur im Verkehr mit dem an Italien angrenzenden Wehrkreis benutzte Geheimschrift 4ZCüW unverzüglich auch in allen anderen Wehrkreisen verwendet wurde. Es blieb der Code derselbe, und es wurden die Würfellosungen nach wie vor aus den Klartextbedeutungen der Codegruppen genommen. Es wurden lediglich an den jeweils folgerden Monatsersten geringfügige Änderungen an den Kenngruppen vorgenommen, Änderungen, die in kurzer Zeit erkannt und nach einigen Wechseln sogar vorausgeahnt wurden.

Dieser Zustand blieb bis zum Ende des Frankreichfeldzuges im Juni 1940 unverändert bestehen. Jeder aufgenommene Spruch dieses militärischen Führungsnetztes, das als fld-Netz bekannt war, wurde mitgelesen. Die deutsche militärische Führung war über alle wesentliche Vorgänge innerhalb der französischen Wehrmacht unterrichtet. Neben der Gliederung in der französischen Wehrmacht klärten die mit gelesenen Sprüche die Bewaffnung der einzelnen Einheiten auf, die schwächste Stelle der Maginot-Linie, die Stimmung der Truppe und der Bevölkerung in Frankreich und in den Kolonien, die auf dem Festland stationierten englischen Truppen und deren Bewegungen usw.

Es erscheint angebracht, an Hand dieses für Frankreich und für Deutschland folgenreichen Entzifferungs ergebnisses einige Folgerungen zu ziehen:

1. Es ist falsch, ein Chiffrierverfahren, dessen Sicherheit nicht bewiesen ist, zum Hauptverfahren zu machen, wenn es bereits als Nebenverfahren als beim Gegner bekannt vorausgesetzt werden muß.

2. Ein Chiffrierverfahren, dessen Sicherheit von der Struktur der Klartexte-Anfängen, Schlüssen,  Parallelstellen, Spruchlängen u.a. - abhängig ist darf nicht verwendet werden.

3 Kenngruppen müssen vom Chiffrierverfahren unabhängig sein; sie dürfen keine doppelte Bedeutung haben.

4. Die Erfassung des Spruchmaterials sollte vollständig sein, um auch die kompromittierenden Sprüche finden zu können.

Anm.: Rekonstruierte Seite einer Kopie, deren 12 Anschläge links unlesbar waren. Hier sind also die ersten 12 Anschläge erraten,-allerdings sinngemäß! Ausnahme: Zeile 12, wo die Zahl 13 willkürlich ist,für die allerdings 2 Bedingungen stehen: 1) >7 und Zweistelligkeit (in den 12 Anschlägen).’

Identifying the FLD codes

We can try to identify the cryptosystems used in the FLD radio network by looking at Huettehnain’s statements and various TICOM documents.

According to Army cryptanalyst dr Buggisch (7) the designations F90 and F110 referred to French Army ciphers, read during the period 1939-1940:

‘F90 and F110 were German designations for French Army cipher systems before and during the campaign in FRANCE. Both were based on a four figure code, in one case the recipher consisted of a periodic adder [or subtractor] of length 11; in the other it was ordinary transposition, the transposition key being obtained from a key word which itself was taken from the code and shown by an indicator group. Both systems were being read from the winter of 39/40 to the end of the French campaign. Solution was by methods generally known in cryptanalytic circles. One of the codes turned, up again for a short period in De Gaullist traffic.’

Note that Buggisch’s description of the systems is similar to Huettenhain’s from ‘Einzeldarstellungen aus dem Gebiet der Kryptologie‘.

In the TICOM collection of the German Foreign Ministry’s Political Archive there are documents that have more information on the ciphers F90 and F110:

1). The TICOM documents T3611 and T3612 (8) have information on cipher F90, however document T3611 is not available due to deterioration.

According to document T3612 the cipher F90 was a 4-figure code enciphered with short additive sequences of 5, 7 or 11 digit length. It seems that the codebook consisted of 20 pages, each with 100 entries, totaling 2.000 code groups.

This system was used by the network FLD (Paris) in communications with stations fla, flb, flc, flf, flg, fak, fam, flq and others and it was solved thanks to a major cipher clerk error committed in September 1937.

It seems that the same message was sent twice, first without encipherment (so only the code groups were transmitted) and then with additive encipherment. Clearly this gave the German codebreakers an opportunity to identify the basic code groups and then solve the additive sequence used for encipherment. This success allowed them to correct their own relative code findings (from previous decipherments) into the actual French code values.

The information in TICOM document T3612 matches Huettenhain’s statements about a high level code enciphered with short additive sequences being solved completely in the years prior to WWII.

2). The TICOM document T3684 (9) describes system F110 (F4ZCW110 - French 4-figure code with simple transposition) and it says than from February 1938 the radio network of the French 14^th Army, with stations in Lyon, Grenoble, Modane, Briancon, Chambery, Jausiers and Beurg-Saint-Maurice, started using this transposed code. The indicator was 55555 and the transposition key was created from the plain meaning of one of the codegroups. The example given in the report was:

p   e  r   m  i   s   s   i   o   n  o   n   n  a  i   r   e 

13 2 14  7  4 16 17  5 11  8 12  9 10  1  6 15  3

The details in the report match Huettenhain’s statements about a French military district adjacent to Italy using a transposed code, with the transposition keys being created from the codegroups of the codebook and the first breakthrough coming in 1938.

The successors to systems F90 and F110

From the available TICOM documents it seems that in September 1939 both systems were changed. Cipher F90 was replaced by a new 3-figure code plus additive, while cipher F110’s successor used the same underlying code but with a new encipherment procedure.

1). TICOM document T3661 (10) contains a report by the cryptanalyst dr Ludwig Föppl, dated 18 December 1939. In the report Föppl says that the code F90, which was used in the military command radio network FLD (Paris), was changed in September and replaced by a new system.

The new system was a 3-figure code enciphered by additive sequences. It seems the encipherment consisted of a 20-digit number that was composed of two 10-digits parts. A peculiarity of the encipherment was that each 10-digit number was composed of all the ten digits from 0 to 9 used only once (11). This system was solved and it seems that the German designation for it was F135.

2). In the notes of dr Huettenhain there is a report from November 1939 that describes the solution of the successor to system F110 (12):

'Report on the attachment to Army Group C evaluation section

On 2 September 1939 the French Army Code F110 was replaced by a new code so that traffic could no longer be broken currently.

On 3 September 1939 I was seconded to FRANKFURT-ON-MAIN in order to take part in the task of breaking this new code. The task was accomplished at the beginning of October so that all the September material could be read retrospectively.

This success was made possible in such a short time by the fact that

1) the necessary data (Code etc) was obtained by months of work in peace time, chiefly by Herrn TRAPPE (Chi OKW) and SCHMIDT (Chi OKW)

2) a close co-operation between the above named gentlemen and me could be established.

It was therefore, still possible in October to work on the October material with success. In addition to the above named gentlemen Herr Professor Dr. FOPPL was of great assistance in the solution of this system.

As the system was not changed on 1 November 1939 this code could be read currently again from the date when the October key was broken. On 3 November 1939 at the finish of my attachment in FRANKFURT-0N-MAIN I was sent to BERLIN.’

From Huettenhain’s report it seems that the underlying code remained the same (as in system F110) but the encipherment procedure was changed. By having the code the German codebreakers only needed to attack the encipherment and this was quickly achieved according to Huettenhain.

Conclusion

The German victory in the Battle of France shook the world in 1940 and countless theories were formed in order to explain this unusual event. Up to 1940 the French Army was thought to be the most powerful and best equipped force in Europe. Supported by the small British Expeditionary Force, the powerful British Fleet and with military supplies coming in from the United States the Franco-British alliance had every reason to expect a victory over Germany thanks to its superior economic resources. 

The German leadership took a huge gamble by concentrating all their armored divisions and using them to encircle and destroy the northern flank of the Allies but this gamble paid off. In a victory of such magnitude it is not possible to attribute success to only one factor. Obviously the German advantages in training, doctrine, leadership, communications etc were decisive. However the German victory also owed a lot to signals intelligence and codebreaking. 

Especially the solution, during the late 1930’s and in 1940, of the French military command’s ciphers gave the Germans valuable information on the location of the Allied units and was obviously used during the planning stage for the attack.

Notes:

(1). TICOM report DF-187B, p6 and SRH-349 ‘The Achievements of the Signal Security Agency (SSA) in World War II’, p31.

(2).  ‘Bulletin de l’ARCSI’ article: Bulletin N°3 1975: Essai d'historique du Chiffre (Add. N°3).

(3). EASI vol1 – ‘results of European Axis cryptanalysis’

(4). ‘Delusions of intelligence: Enigma, Ultra and the end of secure ciphers’, p44

(5). TICOM report I-112, p6

(6). Bayerische Staatsbibliothek: ‘Einzeldarstellungen aus dem Gebiet der Kryptologie’ - BSB Cgm 9304 a

(7). TICOM report I-176, p2

(8). German Foreign Ministry’s Political Archive - TICOM collection - file 3612 ‘Frankreich 1938 Arbeiten u.Notizen zu Code F90’

(9). German Foreign Ministry’s Political Archive - TICOM collection - file 3684 ‘Frankreich 1938 ''F4ZCUW110'', Notizen zu Chiffre f. Verteidigungsbereich, m. Beispielen’

(10). German Foreign Ministry’s Political Archive - TICOM collection - file 3661 ‘Frankreich 1939 Bericht betr. Entschlüsselung F90 Arb.-Blätter zu F135’

(11). TICOM document T3661 - Föppl report, p5

(12). TICOM report D-60, p4

Acknowledgments: I have to thank Jean-François Bouchaudy for referencing the ‘Bulletin de l’ARCSI’ articles and Frode Weierud for his analysis of the TICOM reports T3612, T3684 and T3661.

Additional information:

The US report SRH-361 ‘History of the Signal Security Agency volume two - The general cryptanalytic problems’, p136 mentions a French cryptosystem solved in 1944 that was similar to that solved by the Germans in the 1930’s. This was a transposed code, with the transposition keys created from the codegroups of the codebook.

Link to chapter VI – ‘The French systems’ of SRH-361

Case ‘Wicher’ – Information from the war diary of Inspectorate 7/VI

In the Second World War the Allies and the Axis fought battles not only with tanks, aircraft and infantry but also in the fields of signals intelligence and cryptology. Both sides tried to protect their communications from outsiders by using complicated cipher procedures and their codebreakers made every effort to solve enemy codes and thus gain valuable intelligence.

The Anglo-Americans were able to gain information of great value from reading their enemies secret communications. In Britain the codebreakers of Bletchley Park solved several enemy systems with the most important ones being the German Enigma and Tunny cipher machines and the Italian C-38m. Codebreaking played a role in the Battle of the Atlantic, the North Africa Campaign and the Normandy invasion. In the USA the Army and Navy codebreakers solved many Japanese cryptosystems and used this advantage in battle. The great victory at Midway would probably not have been possible if the Americans had not solved the Japanese Navy’s code.

However the Axis codebreakers also had their successes and they were also able to compromise various Allied crypto system both low and high level.

One interesting question that often comes up in history books is whether the Germans ever suspected that their Enigma cipher machine was being read by the Allies and how the war could have taken a different turn had they managed to discover that it was not secure.

The truth is that the Germans never considered the Enigma to be unbreakable and in fact they had discovered in 1939 that the Poles had solved messages. During the war they continued to investigate the Polish solution of the Enigma, which they called case ‘Wicher’. (1)

Professor Wolfgang Franz and OKW/Chi’s mathematical research department

Nazi Germany had several codebreaking agencies both military and civilian. The armed forces had separate agencies for the Army, Navy and Airforce plus there were codebreaking departments in the Foreign Ministry, in Goering’s Forschungsamt and in the Supreme Command of the Armed Forces. This last department operated on civilian lines even though it was subordinated to the military.

The OKW/Chi agency

OKW/Chi - Oberkommando der Wehrmacht/Chiffrier Abteilung was the Signal Intelligence Agency of the Supreme Command of the Armed Forces. It had been established as a separate agency in 1920 and in the interwar period it was able to solve the codes of many foreign countries. Initially the focus was on philological research but the introduction of more complex codes and ciphers led the Germans to invest in mathematical research in the field of cryptanalysis.

The person who orchestrated this change in priorities was Wilhelm Fenner. Fenner started working for the department in 1921 together with his friend Fedor Novopaschenny, a former Tsarist codebreaker and in 1922 became an official employee. In the beginning he didn’t know much about solving codes but he learned mathematical techniques from his Russian friend and came to realize that the agency would need to make organizational changes in order to solve the more difficult foreign cryptosystems.

Since Fenner quickly became head of the cryptanalysis department he was able to carry out his plan to reorganize the agency. First he introduced a more rigorous training program for analysts and concentrated on the scientific analysis of cryptologic history and systems.

The next step in the 1930’s was to hire mathematicians.

Professor Huettenhain and OKW/Chi’s mathematical research department

The first mathematician hired by Fenner was Erich Huettenhain. In the mid 1930’s Huettenhain worked at the observatory of the University of Münster and came to Fenner’s attention when he contacted Chi with some of his proposals for cryptographic systems. Although his systems were ‘unusable without exception’ he was offered a job at Chi and he accepted.

Huettenhain became responsible for mathematical analysis of more difficult cipher systems and in the early years of WWII new personnel were hired to form a separate mathematical research department.

These were Wolfgang Franz, Werner Weber, Ernst Witt, Georg Aumann, Alexander Aigner, Oswald Teichmueller and Johann Friedrich Schultze.

 

During the war they solved several difficult foreign cipher systems. Weber was successful with a Japanese diplomatic code transposed on a stencil, Witt solved the stencil subtractor frame used by the Polish diplomatic and intelligence service and Franz was responsible for the exploitation of the State Department’s strip cipher.

Apart from the aforementioned individuals, two more mathematicians, Karl Stein and Gisbert Hasenjaeger were hired to work in the cipher security department.

Professors Franz and the State Department’s strip cipher

According to the recently declassified TICOM report DF-176 ‘Answers written by professor doctor Wolfgang Franz to questions of ASA Europe’ Wolfgang Franz primarily studied mathematics in the period 1924-1929, during 1930-1934 worked as an assistant at the mathematical seminar at the University of Marburg and in 1937 moved to the University of Giessen as an assistant. When at the beginning of WWII the University of Giessen was closed down he spent a semester as a substitute at the University of Gottingen.

Franz’s area of expertise was topology.

Thanks to a friend of his who knew Huettenhain he was able to get assigned to the OKW Cipher department in Berlin in 1940. The initial training program consisted of solving simple codes and ciphers and as Franz was easily able to cope with these he moved on to real traffic.

The first systems he worked on were a Mexican and a Greek code and he was able to solve them. The most important system solved by Franz was the US diplomatic M-138-A strip cipher, called Am10 by the Germans:

‘Especially laborious and difficult work was connected with an American system which, judging by all indications was of great importance. This was the strip cipher system of the American diplomatic service which was subsequently solved in part.’

According to DF-176, p6 Franz had started his own investigations into this system and was able to make some limited progress when he received the ‘circular’ strips 0-1 and three ‘special’ strips used between Washington and Helsinki, Tallinn and Reval. Using these strips messages could be solved and his investigations could move forward.

 

Thanks to the success of the department is solving the strip cipher dr Huettenhain was able to hire more mathematicians and expand the research section.

Regarding the strip cipher 70 ‘different traffics’ (links?) were identified and 28 solved plus 6 numerical keys.

 

It is interesting to note that a special cryptanalytic device called the ‘Tower-Clock’ was used to solve the strip system. Franz says in pages 9-10:

‘In addition, there was built at my suggestion at the Bureau an electric machine which permits determining a number of repetitions of letters in a polyalphabetic substitution on a width of 30 with a depth of 20 to 80 lines, taking one line at a time, which naturally is fundamental for problem (f) above.’

According to EASI vol2 ‘Notes on German High level Cryptography and Cryptanalysis’   , p56-57               

c. Statistical "depth-increaser." - The "Turmuhr," or "Tower-Clock  was a device for testing a sequence of thirty consecutive cipher letters statistically against a given "depth" of similar sequences, to determine whether the former belonged to the given depth. It was used "primarily for work on the U.S. strip cipher, when cribbing which was generally employed was impossible. It cost approximately $1,000.00.

The apparatus consisted of a single teleprinter tape reading head (speed 1 1/2 symbols per second); a storage means, by which any one of five different scores could be assigned, on a basis of frequency, to each of the letters in the 30 separate monoalphabets that resulted from the 30 columns of depth; a distributor that rotated in synchronism with the tape stepping, and selected which set of 30 scores was to be used as basis for evaluating the successive cipher letters; and a pen recording device.

The German codebreakers were only able to exploit the strip cipher to such a degree thanks to serious mistakes in the use of the system by the State Department. Franz acknowledged this in page 6 of the DF-176 report:

‘This strip cipher system, when rightly employed, doubtlessly has great advantages .It appears to me, however, that it was not used with sufficient caution. Only through carelessness, in part through lack of care in setting up, was it possible to break into the system as far as we did. Only after the Americans had obviously noticed that many of their messages were being read was the application so modified that although the basic idea was the same the possibilities of breaking in were materially reduced.’  

Postwar career

In the postwar period professor Franz returned to teaching at Frankfurt University where he eventually became dean of the newly established Department of Mathematics. Also in 1967 he became president of the German Mathematical Society.

In the end It might give some comfort to the Americans to know that their strip cipher was solved by a real gentleman, as report DF-176 says: ‘Personal contact with Dr Franz indicated that he was a gentleman of unusual scholarship and integrity, an impression confirmed by the report’.

Sources: TICOM reports DF-187 A-G and DF-176, ‘European Axis Signal Intelligence in World War II’ vol2