The Massey twins’ Phaistos Disk decryption claim…

by 22 Comments

I don’t often cover the Phaistos Disk here, simply because it’s almost certainly more of a linguistic mystery than a cipher mystery as such. However, I was particularly taken by some aspects of the analysis offered by Keith & Kevin Massey, so it seemed well worth discussing here.

Incidentally, despite their complementary-yet-competing philological interests, the twins didn’t start their Phaistos Disk adventure together. But, as they put it, “for Kevin to collaborate with his brother Keith was finally inevitable, like dancing with your mad aunt at a wedding reception.

Their Chapters 1-4 summarize a whole load of Phaistos research, while trying to argue for a link between various early European scripts (Cypriotic, Linear B, etc). Their Chapter 5 (pp.48-56) argues for a left-to-right reading of the Phaistos Disk (but not quite as convincingly as they hope, I think). But after all that, their Chapter 6 discards pretty much all their preceding linguistic analysis and instead proposes the hypothesis that Phaistos Disk words with slashes are actually numbers. And that’s essentially where they finish.

Now, for all the twins’ obvious linguistic smarts, I have to say I just don’t buy into this – at least, not in the way it’s currently presented. And here’s my argument why:

(1) The way that the signs are physically imprinted / stamped into the soft unfired surface of the disk is clearly systematic (i.e. it’s a consciously prepared set of shapes, not one that’s being improvised on a shape-by-shape basis), and the choice of those shapes forms part of the same system.

(2) Furthermore, the whole disk had to be fired once and once only. Hence without much doubt the imprints on both sides had to have been made at the same time using the same basic system.

(3) Regardless of whatever direction you believe it was written in, there are substantial word differences between the two sides. Many words repeat on the same side (in fact, there’s even a three-word pattern that repeats on Side A), yet only a single measly three-imprint word repeats between sides.

(4) There is an imbalance between the shapes on the two sides. The most obvious difference is the frequency of the plumed head imprint: 14 instances on Side A but only 5 instances on Side B. Yet there are plenty of others, such as the beehive (once on Side A but five times on Side B). Indeed, the most visually striking difference is the twelve { PLUMED_HEAD + SHIELD } pairs on Side A compared to the single pair on Side B.

These are the basic observations I personally work from, and the problem is that I just don’t see how these square with the number system suggested by the Masseys. Whatever the actual significance of the slashes, it doesn’t seem to me to coincide with any obvious difference in the language as used (because the PLUMED_HEAD + SHIELD pairs occur just about as often in slashed words as in unslashed ones): and (longhand) numbers are almost always a notably differently-structured part of any language.

For me, the big issue is that Side A is significantly more structured and repetitive than Side B. Also, its word lengths have much greater variance (i.e. Side A has both longer and shorter words than are found on Side B), and they use a different mix of shapes. Yet slashed words occur just as often on both sides. I just don’t get it, me.

I suspect that Side A and Side B use different kinds of language (ritual, performative, poetic, pragmatic, whatever) to assist very different functions: and probably courtly functions at that. But seeing it as a homogeneous number container for (say) Cretan tax accounting seems far too mundane. Bean counters never touched this artefact, no they didn’t! 🙂

Some of my pigeon questions answered…

by 19 Comments

A few days ago I posted a list of open questions about the dead cipher pigeon, really as a way of externalizing the annoyance I felt from knowing so few basic facts. To my great delight, Mike Moor from Melbourne and (well-known military history buff) Christos T. stepped forward with a whole wheelbarrowful of answers. And here they are…

“Did any British pigeon handlers ever use “lib.” as an abbreviation?”

Mike Moor points out that the first message sent back on D-Day was by Reuters reporter Montague Taylor, attached to the eg of the war-seasoned (and subsequently Dickin-Medal-receiving!) carrier pigeon Gustav [NPS.42.31066]. At the bottom of the image (clearly on an RAF pigeon message pad), it says “Liberated 0830” (click to see the full message):-

“Why can’t I find a single other message written on the same printed pigeon service pad?”

For this, Mike Moor points to a message sent by Major General Roberts on a page talking about the Canadian armed forces’ involvement in World War Two. [Incidentally, the abortive Canadian raid on Dieppe was known as “Operation Rutter”, I wonder if Stu R knew that?] Even though the quality of the scan is frankly diabolical, it’s very much better than nothing at all, and tells us that this our pigeon message was (without any real doubt) an Army Pigeon Service message pad.

Mike also notes that this was an “Army Book 418B”, the updated version of the Army Book 418 used for pigeon messages in the First World War. It turns out that the National Army Museum near Sloane Square tube in London has an Army Book 418B in its collection described as “Army Book 418B, Pigeon Service Message Book, 1942”, accession number “1975-06-35”: it would be cool to ask the curators there to have a closer look.

“Was the pigeon message we have a hectograph or a carbon copy?”

Mike Moor notes “It is a carbon copy pad with 1 original retained in the book and 2 carbon copies made – which lines up with what you’d expect from the message i.e. 2 copies sent and the blue text of the cipher looks a lot like a carbon copy + black amendments by a second hand presumably prior to sending.” Excellent, thanks! 🙂

“When did Slidex change from having one letter per horizontal key slot to two letters per slot?”

The (plainly utterly indefatigable) Mike Moor points us to some December 1944 Slidex instructions available on Rob van Meel’s site (a copy will cost you two euros plus international postage from the Netherlands), by which time it had changed to two letters per key slot on the horizontal cursor. That narrows the range down dramatically to ‘sometime in 1944’… we’ll just have to keep digging to find out exactly when in 1944. At least this is a question that we can reasonably hope to get a solid answer on!

“When were Slidex Series B code cards introduced?”

In the Series A “RE No. 2” (Army Code No. 14070) Card 35 that I got from the excellent royalsignals.org.uk website, the three columns have had their shape changed to break up the columnar structure somewhat, which I believe may point to a rethink & upgrade of the Slidex code during WW2.

At the same time, another Series A card has two versions, one with an Army code and another with a different W.O. (War Office) code, which I suspect points to a post-WW2 handover from the Army to the War Office. But that’s as good an answer as this question has for now.

“Did Bletchley Park / GCHQ ever catalogue the tons of files brought back by the TICOM teams?”

Christos replies: “There are many TICOM file categories: I, IF, DF, M, D. Captured German documents had to be catalogued and then translated. This must have taken years. The question is whether there is a full list of those files. There is a DF list but I don’t know about any document covering the other files.”

Incidentally, p.38 of TICOM I-109 (a report by Lt Ludwig of Chi Stelle OB.d.L) says:

B. Slidex system.

Bigram substitution system.
In use in the army (front line units) and in air support networks (tentacle networks).
The system was known from the monitoring of exercises in Great Britain before the invastion, e.g. “Spartan”. The cryptanalytic detachments in army and GAF were able to get so much experience on these exercises that decoding worked well right at the start of the invasion.
Recovery was done in the army again at NAA St 5, in the GAF in 14/3 (W control 3).
Decoding was often done with so little delay that the messages could be dealt with like clear text in the evaluation.
The results were of more importance to the army than to the GAF, but theu provided the latter too with valuable indications, e.g. elucisation of the individual corps tentacle networks, reconnaissance operations (e.g. 400 and 414 Squadrons) etc.
The messages decoded daily were exchanged between Army and GAF in the form of written reports.

At last, some genuinely useful Voynich merchandise hits eBay…

by 4 Comments

A fulsome tip of the Cipher Mysteries hat to Luck Thief Luke Fitch for passing on a link to this (actually rather nice-looking, I think) Voynich-themed iPhone4 case shipped all the way from Hong Kong. Luke bought one for his girlfriend for Christmas “and she loves it“, thus proving once and for all that romance and cipher mysteries can indeed co-exist. (Though I’m not entirely sure my wife would 100% agree.)

As I’m sure at least 20% of Cipher Mysteries regulars will know, the image chosen is cropped from page f40v, the end page of the Voynich Manuscript’s Quire 7. The plant depicted is very similar-looking to the (marginally better-known) plant on f33v, which Hugh O’Neill in 1944 thought was a “sunflower”: Robert Brumbaugh also thought this was the case (though much later).

However, because of a number of compelling counter-arguments raised by Jorge Stolfi, the whole sunflower notion now seems to have, errm, had its day in the sun. More recent alternatives include:-
* Dana Scott suggested in 2001 that it might be related to Epiphyllum oxypetalum;
* Edith Sherwood suggests Crocus vernus;
* Berj N. Ensanian suggests that comparisons with giant Pitcher plants present themselves.

What I can say is that it’s a Herbal ‘B’ page written (as usual) in Currier Hand 2, with a ‘title’ (offset text block) on the bottom-most line. There is only a single l-initial word (‘lar’), and a fair smattering of single-leg gallows. I don’t think its roots or leaves are repeated in either of the later pharma sections.

Even though this is quite vividly coloured, I don’t personally believe this is actually a plant… but that’s another story entirely! 🙂

Why so many open pigeony questions?

by 17 Comments

As far as just about any cipher I blog about goes, I have days when a solution seems so comically close I could almost accidentally breathe it in. But I also have days when one seems so tragically far away that it may as well be in a sealed box. On the moon. Guarded by killer robot ninjas. All voiced by James Earl Jones.

What’s at issue isn’t anything like pessimism on my part: rather, it’s the question of why anybody would think these might be solvable without doing a whole load of basic, grindy, grafty research first. Really, I think you almost always have to break the external history of these things before you stand much of a chance of extracting their internal contents.

So, if I list some of the open questions that are bugging me about the dead cipher pigeon story right here right now, perhaps you’ll see why that might be the case:-

* Who owned either of the two pigeons listed on the message?
* Were there any pigeon lofts in Bletchingley itself during WW2?
* Did any British pigeon handlers ever use “lib.” as an abbreviation?
* Why hasn’t a single record from a pigeon loft around Tunbridge Wells or Dorking turned up yet?
* Why can’t I find a single other message written on the same printed pigeon service pad?
* Was the pigeon message we have a hectograph or a carbon copy?
* From its skeleton, how old was the dead pigeon? [What a basic question to have to ask!]
* True or false: “many WW2 pigeon messages were sent encrypted”?
* When were Slidex Series B code cards introduced?
* When did Slidex change from having one letter per horizontal key slot to two letters per slot?
* How many syllabic / bigram ciphers were in use in WW2?
* Where is a copy of the Army syllabic cipher book BX 724 or BX 724/RE?
* Did Bletchley Park / GCHQ ever catalogue the tons of files brought back by the TICOM teams?

Personally, when I look at this fairly long list, I don’t feel hugely confident that we genuinely know even close to enough to enable us to solve this mystery, however engaging and intriguing it may be.

But then again, a single answer to any one of these questions from an unexpected corner might well be enough on its own to turn this miserable tide around. So perhaps we should just try to remain optimistic, for a tiny bit of clarity for any one of these might be enough to get us started. Fingers crossed that we shall see (and very soon!)… 🙂

Cipher talk for kids in Kingston (3rd February 2013)…

by 5 Comments

Roughly once a month on a Sunday morning, I take my son Alex along to a local kids’ group called Surrey Explorers for what is almost always a fascinating and hands-on talk about something a little unusual / challenging / stretchy / geeky / fun. Recent talks included “The Science of Zombies” (given by Surbiton zombie kung fu science fan-girl Anna Tanczos) as well as one on all sorts of weird and wonderful anamorphic art. These are normally held at Kingston University’s Kingston Hill campus, not too far from the A3.

Anyway, given that (a) I think Surrey Explorers is great, and (b) I blog about what is surely the coolest (if occasionally utterly ridiculous) geek thing going, I thought it was time to give something back to the group. Which is why I’ll be giving the best cipher mystery talk for kids ever there, entitled “Codes and Ciphers in History and Mystery – from The Hobbit to Winston Churchill” on 3rd February 2013 at 10.30am till 12.30pm. Hence the answer to the question “What’s on in Kingston for kids in February?”, the answer is now officially meeeeeeee.

As you’d expect, there’ll be no big surprises about the subject matter (errr… the clue’s in the title). I’ll be starting with a bit of interactive Hobbity rune stuff (A.K.A. “Futhark”), moving on to some real-life magical ciphers and recipes, then rapidly whizzing through a millennium or so of concealed writing (particularly those mysterious ones that nobody can yet read, Cipher Mysteries regulars will be utterly unsurprised to hear), before finishing up with the latest on that dead pigeon code that has so enthralled the media over recent months.

To end the day, I’ll answer questions on just about any cipher-related question anyone cares to throw my way, and perhaps give some recommendations about cool kids’ books based on ciphers.

If you have children aged 6-13 who this might be fun for, I hope to see you & them there – I’m a big fan of Surrey Explorers, and wish more people knew about it, so it would be great to have a full house!

PS: if you want links to some cipher articles to get you in the mood, I’d suggest
* The Phaistos Disk
* Voynich Manuscript
* Beale Papers
* Rohonc Codex
* The Dorabella Cipher
* The Unknown Man
* The Zodiac Killer

Pigeon bigram / Slidex update…

by 3 Comments

Having got hold of a WW2 Slidex manual, I’m starting to see what a travesty of a coding system it was – and how a smart German decrypter could (with a bit of practice) decipher it almost in real time.

But Slidex was never intended as a highly secure coding system: it was only supposed to be a convenient way for people to discuss very short-term matters mostly in the clear over the radio or telephone, encoding any individual items or details that should not be overheard by the enemy. In fact because of its obvious lack of security, I don’t believe it was even classified as a “low grade” cipher.

Yet for a whole host of pragmatic reasons, it seems that Slidex was chosen to be used on D-Day for all non-machine cipher traffic. So if the pigeon cipher is in Slidex, can we crack it?

The first big problem we face is that “Slidex as described in the manual” and “Slidex as used in the field” seem to be quite different beasts. For example, though both employ a 12 x 17 (= 204-cell) table, manual-Slidex used a 12 letter horizontal key at the top, whereas field-Slidex (as evidenced by various pictures) seems to have used a pair of characters per key horizontal cursor cell, hence a 24 letter horizontal key. Similarly for the vertical key, manual-Slidex used only 17 characters whereas field-Slidex seems to have used all 26 alphabetic characters. So unless someone kindly comes forward and tells us how Slidex was actually used circa D-Day, we’re kind of stuck in a no-man’s land between manual-Slidex and field-Slidex, uselessly trying to guess what’s inside the Baggins’s nasty little pocket, yessss.

The second big problem is that unless something rather miraculous emerges from GCHQ’s archives, it now seems fairly unlikely we will ever get retrospective access to the daily keys used. Key pairs were tightly controlled and never used for more than 24 hours at a time (keys were normally changed over at midnight each day).

And yet… Slidex is designed to be quick and easy to use, with exactly the same code table and key pair used by both encoder and decoder. And in practice, all the symmetries and shortcuts that yield all that convenience also compromise the security to the point of uselessness.

For example, every 12-column-wide code table is arranged into three groups of four columns: and in each one I’ve seen, each group includes all 26 letters of the alphabet in alphabetic order, as well as a third of the numbers from 00 to 99, and a few SWITCH ON and SWITCH OFF cells. Moreover, in the code half of the cells, all the words are arranged in alphabetic order from top to bottom.

For example, the first four columns of the Royal Engineers Series A code table “No. 1” proceed like this:-

[?] 08  N  T
0/? G   16 24
OFF 09  O  25
00  H   P  U
A   I   17 26
01  1/? 18 ON
B   J   19 V
C   10  2  27
02  11  Q  W
D   K   20 X
03  12  R  28
E   13  S  29
04  L   ON 3
05  14  21 Y
06  M   22 Z
F   ON  T  30
07  15  23 31

(Original picture from Jerry Proc’s Slidex page, second image from bottom. Note there’s also a photo of an Op/Sigs code table there that closely follows the same kind of layout pattern).

Moreover, the German cryptologists interviewed by TICOM after the war noted that before September 1944, most people using Slidex tended to use the leftmost group of columns almost exclusively, which compromised yet further what was already a poor system. And the widespread habit of using Slidex for entire messages made the daily keys easier to get to rather than harder. What a mess!

And so if our mysterious dead pigeon message is in Slidex, all those flaws and poor enciphering practices might give us enough to decrypt it without a daily key, or even without a code table at all! After all, if the Germans could do it (albeit usually with more depth to work with), surely so can we?

Looking again at the bigram, if we precede each bigram with the number of times the first half of the pair occurs, I suspect we can predict fairly reliably which part of the message is in code and which part is in cipher:-

6HV 3PK 3DF 3NF 2JW 2YI 3DD 2CR
4QX
... 1SR 3DJ 6HF 3PG 1OV 3FN 4MI
4AP 1XP 4AB 1UZ 1WY 2YN 3PC
... ... ... ... ... ... ... 4MP
3NW 6HJ 4RZ 6HN 2LX 4KG 4ME 4MK
4KO 3NO 2IB 4AK 1EE 4QU 4AO 4TA
4RB 4QR 6HD 2JO 3FM 4TP 1ZE 6HL
4KX 3GH 4RG 3GH 4TJ 4RZ 2CQ 3FN
4KT 4QK 2LD 4TS 3GQ 2IR

Because so many single instance “1nn” pairs are clustered in the middle section (“1SR … 3PC”), I’m pretty sure that this is in code, and the last part (“4MP … 2IR”) is in cipher. The first part I’m unsure about.

If we now concentrate purely on the final section and look at the frequency counts and patterns there, plenty of other interesting things jump out:-

... ... ... ... ... ... ... 3MP
2NW 4HJ 4RZ 4HN 2LX 4KG 3ME 3MK
4KO 2NO 2IB 2AK 1EE 3QU 2AO 4TA
4RB 3QR 4HD 1JO 2FM 4TP 1ZE 4HL
4KX 3GH 4RG 3GH 4TJ 4RZ 2CQ 2FN
4KT 3QK 2LD 4TS 3GQ 2IR

From the way they cluster, I think that M and Q probably refer to the same column: and from the few single-instance “1nn” bigrams in there, I suspect that “EE” and “ZE” probably both encipher “E” (while “JO” could well encipher “T”).

What’s interesting is that it seems likely that the four columns encipher letters in alphabetic order: so (say) A-F, G-M, N-T, and T-Z in the case of the Royal Engineers code table #1 (there are a couple of extra E and T characters inserted around the table). It may be that this is enough for someone to try to solve this directly without any other information!

The Voynich Manuscript, Voynich theorists, and professional historians…

by 51 Comments

In four words, the Voynich Manuscript is a puzzling old thing (and really, ain’t that the truth?). Filled with unknown plants, unrecognizable astrology & astronomy, and numerous drawings of small naked women, the fact that we also can’t read a single word of its ‘Voynichese’ text doubles or even triples its already top-end mystery. Basically, the Voynich Manuscript is to normal mysteries as a Scooby sandwich is to an M&S prawn mayonnaise sandwich.

People have their theories about it, of course. The last ripe strawberry of a mainstream Voynich theory came back in 2004 from academic Gordon Rugg, who declared that it was a hoax made using late 16th century cryptographic table-based trickery. Sadly 2009 saw an early 15th century radiocarbon dating of its vellum, which would seem to have made a fool of such fruity ingredients. Or if not a fool, then certainly a bit of a mess.

Despite almost-irreconcilable dating problems, numerous Voynich theories continue to find support from eager evangelists, angrily jabbing their fingers at any epistemological cracks they can see. The most notable get-out clause proposed is that some devious so-and-so could theoretically have used centuries-old vellum for <insert fiendishly clever reason here>, rather than some fresh stuff. This is indeed possible. But also, I think, rather ridiculous.

Why? Because it adds yet another layer of possible unlikeliness (for it is surely extraordinarily unlikely that someone back then would have such a modern sensibility about faking or hoaxing that they would knowingly simulate a century or more of codicological activity), without actually helping us to manage or even reduce any of the existing layers of actual unlikeliness.

Ironically, many such theorists prove anxious to invoke Occam’s Razor even as they propose overcomplex theories that sit at odds with the (admittedly somewhat fragmented) array of evidence we have. Incidentally, my own version is what I call “Occam’s Blunt Razor”: “hypotheses that make things more complicated should be tested last, if ever“.

For more than a decade, I’ve been watching such drearily unimpressive Voynich theories ping (usually only briefly, thank goodness) onto the world’s cultural radar. Most come across as little more than work-in-progress airport novella plots, but without the (apparently obligatory) interestingly-damaged-yet-thrustingly-squat-jawed protagonist to counterbalance the boredom of trawling through what passes for historical mystery research these days (i.e. the first half of Wikipedia entries).

And so I think it was something of a surprise when, back in 2006, I grew convinced that the Voynich Manuscript had been put together by the Italian architect Antonio Averlino (better known as Filarete), and even wrote a book about it (“The Curse of the Voynich”). But by taking that step, wasn’t I doing exactly the same thing as all those other Voynich wannabe theorists? Wasn’t I too putting out an overcomplex theory at odds with the evidence that signally failed to explain anything?

Well… no, not at all, I’d say. Averlino was the cherry on the dating cake I’d patiently built up over the years: the cake led me to the cherry, not the other way around. And that dating framework still stands – all the analysis I’ve carried out in the years since has remained strongly consistent with that framework.

Even so, I’m not wedded to Averlino: my guess is that you could probably construct a list of one or two hundred Quattrocento candidates nearly as good a match as him, and it could very well have been one of those. Yet what I am sure about is that when we ultimately find out the Voynich’s secrets, it will prove to be what I said: a mid-15th century European book of secrets; collected from a variety of sources on herbalism, astronomy, astrology, water and even machines; whose travelling author was linked directly to Milan, Florence, and Venice; and whose cipher was largely composed of 15th century scribal shorthand disguised as medieval scribal shapes (though with an annoying twist).

Averlino aside, please feel free to disagree with any of that… but if you do, be aware that you’ve got some important detail just plain wrong. 🙂

Perhaps the most disappointing thing about the Voynich Manuscript is that historians still skirt around it: yet in many ways, it offers the purest of codicological challenges ever devised. For without the contents of the text to help us (and a provenance that starts only in the 17th century, some 150 years or so after it was constructed), all a professional historian can rely on is a whole constellation of secondary clues. Surely this is the best gladiatorial arena ever offered?

I’ll happily help any historian who wants to take the mystery of the Voynich Manuscript on, 21st century style. Yet it would seem that few have the skills (and indeed the research cojones) to do ‘proper’ history any more, having lost them in the dense intertextuality of secondary research. Without close reading to back their judgment up, how many can build a historical case from a single, unreadable primary source?

You know, I still sometimes wonder what might have happened if, in the 1920s, John Matthews Manly and Edith Rickert had chosen not Chaucer as their über-subject matter but the Voynich Manuscript instead. As a team, they surely had more than enough cryptological and historical brains to come devilishly close to the answer. And yet… other times it seems to me that the Voynich offers a brutally nihilistic challenge to any generation of historians: for the techniques you have been taught may well be a hindrance rather than a help.

All in all, perhaps (capital-H) History is a thing you have to unlearn (if only partially) if you want to make sense of the Voynich Manuscript’s deep mystery – and that is a terrifically hazardous starting point for any quest. For that reason, it may well be something that no professional historian could ever afford to take on – for as Locard’s Exchange Principle would have it, every contact between things affects both parties. A historian might change Voynich thinking, but Voynich thinking might change the historian in the process… which might well be a risky exchange. Ho hum… 😐

What lurks in the basement?

by 8 Comments

You don’t have to have the hundred eyes of Argus nor Watchman Ozymandias‘ wall of screens to notice that most stuff on the Internet is, errrm, a bit rubbish.

And yet… every once in a while, something unexpected pops up that (almost) makes it all worthwhile.

So, here’s a page that takes you on an unforgettable historical journey into a basement in Portland, Oregon. No ciphers, but great pictures, great text, great punchline… basically, I love it all. Bless you, Cabel, I hope you have a great 2013. 🙂

Bigrams in the pigeon cipher…

by 9 Comments

I’ve been wondering whether the pigeon cipher might be based around bigrams, i.e. where you split the cipher into pairs. If you disregard what seems to be the ‘AOAKN’ key indicator at the start and end, there are two basic ways to split the message into pairs. What is immediately interesting is that if you start immediately after AOAKN, you get three repeated pairs in the message (rather than just one), and that four of those six repeats occur every other pair along a short stretch towards the end of the message.

AOAKN
HV PK DF NF JW YI DD CR QX SR DJ HF PG OV FN MI AP XP AB UZ WY
YN PC MP NW HJ RZ HN LX KG ME MK KO NO IB AK EE QU AO TA RB QR
HD JO FM TP ZE HL KX GH RG GH TJ RZ CQ FN KT QK LD TS GQ IR U
AOAKN

AOAK
NH VP KD FN FJ WY ID DC RQ XS RD JH FP GO VF NM IA PX PA BU ZW
YY NP CM PN WH JR ZH NL XK GM EM KK ON OI BA KE EQ UA OT AR BQ
RH DJ OF MT PZ EH LK XG HR GG HT JR ZC QF NK TQ KL DT SG QI RU
AOAKN

The WW2 “Slidex” code works by having a table of codes particular to each arm of the armed forces (i.e. Royal Engineers, Operations/Signals, etc) where each bigram pair encodes a particular word often used by that arm. To encipher numbers or words, you bracket them inside a pair of SWITCH ON and SWITCH OFF bigram codes (there are several of each), and pick bigrams that correspond to each letter or digit or digit pair.

Hence I strongly suspect that what we are looking at in “GH RG GH TJ RZ CQ FN” is a sequence of letters enciphered in the Slidex SWITCH mode, i.e. where each letter is enciphered as a bigram.

Unsurprisingly, I would really like to read the 1944 Revised Instructions for using the Slidex R/T Code, and to have copies of the various Slidex code sheets and coordinate offsets used by the Royal Engineers and Infantry Brigade on D/Day, as I suspect these will allow us to read this message (does anyone have copies of these I can see?) Fingers crossed!

The unfortunate life of the Army’s Cysquare cipher…

by 9 Comments

When I was trawling through WW2 pigeon / cipher-related documents at the National Archives, I found a brief mention of a medium grade Army cipher called “Cysquare”. I half-remembered the name and that it was (unsurprisingly) a cy[pher] based around a square, but couldn’t remember the context at all.

However, when I later searched for it on the Internet, it all started to come back to me… because Cysquare had been devised by my cryptological hero, master codebreaker Brigadier John Tiltman (‘The Brig’). Very much as the NSA PDF paean to him would have it, few would disagree that Tiltman was indeed “A Giant Among Cryptanalysts“.

Tiltman himself wrote a short introduction to his Cysquare (recently declassified, though brutally redacted) called “A Cryptologic Fairy Tale“, on the basis (a) that he’d lost the original material and had had to make up some examples, and (b) that it had a happy ending (which I guess was that the Allied Forces won the war). Here’s how The Brig described it (though with a few linefeeds added to make it acceptable to our modern short attention spans):-

Sometime later in 1941 I produced the “Cysquare” which was accepted by the War Office as a low-echelon cipher to replace the “Stencil” cipher and issued to the Eighth Army in North Africa, Figures 8 and 9 [both redacted, *sigh*] give photographs of two pages of the printed instructions.

The grille has 676 (26 x 26) squares. Each column and each line contains 10 white (permitted) squares, with the exception of 3 “plus” lines containing 20 white squares each and 3 “minus” lines which contain no white squares at all. The key for the day consists of 26 letters of the alphabet in random order with the numbers from 1 to 26 written under them also in random order. For each message the operator selects a 4-letter indicator from a random list of such groups provided him for use in turn. The indicator in the case of the example given [but redacted] is GMBX. The numbers corresponding to this indicator are 11 19 20 7, i.e., position 11, line 19, column 20, taking out number 7. The grille could be used with any of its sides at the top. Position II indicates that the grille is used as shown with numbers 8 to 13 at the top.

The numerical key for the day is written from left to right at the top of the grille and from the bottom upwards on the left hand side. The plain text is written into the grille starting at the next white square after the square described by the line coordinate 19 and the column coordinate 20, using the elements of the key to define the corresponding lines and columns. If and when the operator reaches the last white square in the grille he proceeds from the top left-hand corner. He then takes out the columns of letters starting at the top of the grille and in the column designated by the taking out number, i.e., in this case 7.

The message is written out in 4-letter groups preceded by the 4 letter indicator and followed by the number of letters, the indicator repeated, and the time and date. No message of more than 220 letters was permitted. If a message handed in for transmission exceeded this length it had to be divided into parts, none of them exceeding 200 letters in length.

However, somewhat contrary to Tiltman’s story’s name, Cysquare itself didn’t really have a happy ending. For a start, a number of people thought that cryptanalysts such as Tiltman shouldn’t be messing about with making their own cipher systems, and so there was a certain amount of resistance to it from within, right from the beginning.

The second problem was to do with implementation: even though it relied on disposable pads containing pre-printed grilles, somewhere along the line someone had the bright stupid idea that they could economize by getting the Army cipher clerks in North Africa to reuse the pads, by writing messages in pencil and then erasing them with a rubber. However, before very long it became impossible to tell a blank square from a dark square – everything in the grille ended up fifty shades or grey (so to speak). Hence the cipher clerks refused to use the system, and it was quietly abandoned.

However, when Germans captured Cysquare pads and implementation notes, their cryptographers rather liked it. And so in 1944, a new system started to appear in German messages: the Rasterschlüssel (also known as RS44), a system derived directly from Tiltman’s Cysquare cipher. Of course, Tiltman quickly recognized it: and had the Germans not made some mistakes when designing their pads’ grille designs, they might have been extremely hard to decipher.

So… was Cysquare a success, or a disaster? It was certainly quite secure (if somewhat awkward to use): but in the end, it nearly gave Germany a cryptographic edge late in the war.

For fans of the pigeon cipher story, it seems unlikely that its message used Cysquare… and so the search for that goes on.

PS: there’s an 2004 article in Cryptologia by Michael J. Cowan called “Rasterschluessel 44 — The Epitome of Hand Field Ciphers“.