It's encrypted so we can't read it, sorreee
They would say that, wouldn't they.
Brit spook central GCHQ can't decipher a coded message found on a pigeon that died trying to deliver the missive during WWII, and may have to turn to the public for help. The remains of the bird, found by David Martin in his chimney in Surrey, had a secret message attached - 27 handwritten blocks of code. The pigeon is …
"'were designed only to be able to be read by the senders and the recipients''"
Yes, I heard that too, as well as the journo wailing something like "with all this technology and supercomputers you'd think ....."
If it's a one-time pad AND no context it's all but impossible
(Might be - remember wartime -rationing- "Put this bird in an oven gas mark 5")
"A WW2 message is totally secure - yet lost memory sticks and laptops are not.... makes you think doesnt it."
Not really. No one is stopping you using a one time pad system on your files. Unfortunately they're not very practical for long data unless you want to risk repeating the key and if you lose the key you're screwed and potential wide open.
The British army, backward as they were, had discovered radio by World War Two. It's unlikely to be from them.
More likely, a message from a spy who didn't have access to, or didn't dare to use, radio. Although whether the pigeon was sent by a British spy in occupied Europe, or by a German spy in Britain, is of course open to speculation.
possible waste of time. I know for a fact that in WW2 there were several bomb runs done by the US that dropped pigeons all over the place with fake encrypted messages in order to make the enemy waste resources trying to decode the message. This very well could have been one of them. I surely hope they've taken that into account.
Perfect Encryption – old style!
We can all fire up a copy of Truecrypt to keep our files safe, and we think nothing of using SSL to protect a data exchange with a webserver, but that all needs computers to be useful. If you need to securely send information to a friend without the help of computers, you can get all old-school. Modern computers were invented to break codes, but you can send 100% uncrackable messages relatively quickly and easily by hand – and it is so satisfying to your geeky side, too.
‘But why would we bother? Isn’t this all just history now?’ The exact scheme I present is still believed to be very much in use by spies the world over, via ‘number stations’ (search youtube for some great, spooky examples) which at fixed times of the day will read a list of digits in disembodied voices over the airwaves to whoever is listening. And somewhere, somebody is listening, copying them down, and decoding these messages by hand. Emails leave trails, and indeed we know GMail ‘reads’ every word of your emails, but even though the world can hear the secure conversation, without knowing the encoding system, it is meaningless.
So, to encrypt and decrypt a message securely, we need to share a secret method with whoever we are messaging. Firstly we convert our alphanumeric message into numbers, then we use a separate list of numbers known only to whoever is sending and receiving the message to encode and decode it. To be mathematically unbreakable, each number list must only be used once, we call it a ‘one time pad’, literally a pad of digits in random order with only 2 identical copies, used one time only – burn after use!
Turning letters into numbers is the first stage. Of course you can use A=01, B=02, Z=26 etc., but it is not optimal. There is a clever system the ‘straddling checkerboard’ which can be much more efficient, by using the single digits for the most common 8 letters of a language (and of course each language is different!). In English, the common letters ‘AEINORST’ are assigned to single digits, but ‘AEINORST’ is not very memorable… ‘ESTONIA-R’ or my preferred ‘AT ONE SIR’ are much more memorable. I will use ‘AT ONE SIR’ below, and you will see how economical the ‘straddling checkerboard’ can be!
0 1 2 3 4 5 6 7 8 9
A T - O N E - S I R
2 B C D F G H J K L M
6 P Q U V W X Y Z . #
As you can see, AT ONE SIR makes up the top line, but we use the spaces (for 2 and 6) as shift characters for the less common letters (we then just fill in the leftovers alphabetically). The word ‘hacker’ becomes 25 0 21 27 5 9, ‘computer’ is 21 3 29 60 62 1 5 9. You don’t need the spaces except for readability of course, so ‘computer hacker’ encodes to ‘21329 60621 59250 21275 9’. This isn’t secure yet, but is already probably enough to get you past the casual observer. It is a fancy cipher, but a straight substitution cipher nonetheless. To decrypt it, you just make a checkerboard using ‘AT ONE SIR’ as the topline (so nice and easy to remember and recreate wherever you are) and wherever you see a 2 or 6, you know to shift the next digit to the appropriate line to decipher.
There is a ‘.’ Character (68) which you can use as a general purpose essential punctuation character, or use as a further shift character to a line of punctuation if you so desire. Frankly, if you’re doing this by hand on security grounds, you are not going to care about punctuation too much – the message is what is important! There is also a ‘#’ escape character for numbers. To make sure they are unambiguous, numeric digits are repeated three times over, so ‘2600’ enciphers as ‘69222 66600 00006 9’. As mentioned before, this is a cipher, not encrypted yet – that’s the bit where it gets uncrackable!
Now you need a one-time-pad to encrypt with (make sure your friend has the same pad!). All this is is a key – a list of random digits (for convenience usually grouped into five at a time). Do not trust your computer to give you truly random digits, computers use pseudorandom lists (which are entirely predictable if you know the ‘seed’) – if you want random, get a set of five 10-sided die from a games shop in different colours, throw them, and always write them down in the same colour order to prevent human bias! It will look something like…
…and be very boring to make! Make lots of these sheets into a pad with removable/disposable sheets so you never use the same one twice. This is important, as re-use dramatically reduces the security of the message – using a new sheet each time is mathematically 100% secure and unbreakable. You need a copy to encrypt with, and one to decrypt with, so only give copies of your pad to those who need it.
Now for the encryption stage – and we use (nice and simple) arithmetic to encrypt one digit at a time from our message. But it is important to know that we do not ‘carry’, so 7+7 becomes 4 (ie 7+7 = 14 – we just want the ‘4’), and 2-8 becomes 4 (as you can’t subtract 8 from 2, we use ‘12’ instead, so 12-8 = 4), or 3-7 becomes 5 (13-7). Practice this bit, it is important to get right!
Let’s encode ‘computer hacker’ using the key 51187-69890-33159-87236-25955 (first page of the pad above)
From above, ‘computer hacker’ is ‘21329 60621 59250 21275 90000’ (padded with zeroes), so we encrypt
Plain Text 21329 60621 59250 21275 90000
Key 51187-69890-33159-87236-25955 minus
Encrypted 70242 01831 26101 44049 75155
So this is the message we send to our friend – we can send it any which way, email, telephone, pigeon, or very publicly as with the number stations.
Your friend then adds the correct key back to the encrypted text, the exact opposite procedure
Encrypted 70242 01831 26101 44049 75155
Key 51187-69890-33159-87236-25955 plus
Plain Text 21329 60621 59250 21275 90000
And using ‘AT ONE SIR’ –
C /O/M /P /U /T/E/R/H /A/C /K /E/R
The encrypted text can be shouted from the treetops (or played on shortwave radio all around the world, of course!) – without the *right* key, it is not just meaningless, but instead contains *every* message. If an interceptor thinks the key is 90715-81423-97109-85037-30025, for instance -
Encrypted 70242 01831 26101 44049 75155
Key 90715-81423-97109-85037-30025 plus
Plain Text 60957 82254 13200 29076 05170
And using ‘AT ONE SIR’ –
P /R/E/S/I/D /E/N/T/O/B /A/M /A/S/P /E/T/S
Without a copy of your one time pad, it is absolutely unbreakable. Not just ‘difficult to break’ but actually unbreakable. Of course for ad-hoc secure communication you have to share the initial keys, and this is what SSL/HTTPS does – uses asymmetric encryption (difficult to break) to swap a one time key. This is why SSL is not actually secure, just very hard to break, and so as computers get more powerful, it becomes less secure. For absolute security, create and distribute pads manually and securely, and this is exactly how messages are securely sent to field operatives the world over!
Just for completeness, a number station will also read out the ID of the target operative so they will know to get ready to copy down a message meant for them, and may also read the first 5 digits of the page in the code pad to be used, so above they would start the message as ‘51187’, then use ‘69890’ onwards to encrypt the message. If you’re using this system a lot, you may choose to do likewise. Number stations will read out each group of 5 digits twice as shortwave radio drops out a lot – try searching youtube for ‘JK7e02o7xy4’ and you will hear an example where mid-stream someone tries to jam the signal. Or ‘ymhqL1MQwfE’ is a Chinese number station (again with allied jamming to try to spoil the message!). This may be ‘old school’, but is still very much alive and relevant to our world today!
If you can’t be bothered to get the dice and hand-make a pair of pads, http://www.fourmilab.ch/onetime/otpjs.html can make them for you – not as secure as making your own, but waaaaaaaaay better than reusing a key twice, and about as good as a computer can make it!
So imagine I had got this below key to you securely somehow…
Here’s a chance to try your brand new old-school decryption skills…
23455 08372 67345 24327 81135 97170 96728 57346 08995 60992 53970 41580 76525 24673
I'm a little surprised too. You invested time into making a post that was not only interesting to read but informative. Bravo! (Maybe some just took exception to the 2600 reference. Is alt.2600 still around, or is it all in the browser these days?)
"I thought it was better written and more useful than most comments on the Reg"
I would not disagree.
No mention has been made of other parts of the message.
Why does it include a "Time of origin 1522" yet the Originator's Date is left blank? Could they be certain the pigeon would arrive home the same day ... unlikely. Could the date be taken from other messages ... unlikely, why would those message be certain to arrive. Could the date be in the encrypted text ... possibly, but why not encrypt the time. Why was the time important, but not the date?
What does the "1525/6" mean? Is it just coincidence that 1522 (time of origin) is close to 1525. Is it a time and date ... 15:25 on the 6th. Is it a reference number of the encryption scheme ... pad number and page.
What is the bit that looks like "lile 1625"?
Why is it written with two different colours?
Why is it written by two different people? The "time of origin 1522" and "1525/6" are different from the "lile 1625".
The message is on a pre-printed form. Presumably the message follows a standard format. These other parts of the message should have a standard meaning ... what are they?
Two people *plus* one of them using two pens at different times = confusion:
There are indeed two people involved but that's not indicated by the light/bold writing.
A little bit of this speculation but I reckon it'll hold up pretty well to examination:
The "To=X02", "Number of copies sent=2" boxes and the signature were written by the Sgt at the same time he would have filled in an accompanying form containing the *cleartext*.
The florid version of the number "2" appears nowhere else but the impression on the paper of the signature appears to match them - and the slant on the "T" crossbar is certainly different from the cyphertext.
All the rest was written by the same person (the coder/pigeon-fancier) since the form of the letters and numbers is identical *but* with two different pens (light/bold), at different times. Why?
It helps to understand that NURP = Non-Unit Related Personnel - one term used for the birds themselves!
Designations included (see below for full list of Dicken Medals awarded to pigeons), eg NURP.36.JH.190" - exactly matching the format on the form.
It's therefore obvious, IMHO, that after being handed the cleartext he filled out the "Time of origin" and coded the message - appending the time he carried out the coding at the end indicating that it had been dealt with immediately. Why 25/26? Maybe a stickler for being precise - it was 15:25 plus 20 seconds?
He then wandered over to his pigeon coop an hour later, not bothering to carry his pen with him, selected a couple of birds (two copies) and added both their IDs with a different pen.
Plus the time he LIBERATED them - "lib. 1625".
The times are Origin -> Coding -> Sending. Simple. The only other two numbers on the form - 27 - may be a one time code reference.
Another couple of points:
1) It seems a bit peculiar that there's no originator/date - possibly indicating that such info (if the bird fell into the wrong hands) would itself be of tactical interest and so also encoded. Or maybe the ID numbers of the birds were enough to keep the identity of the originator secret?
2) Two birds were sent, a sensible precaution. If the other one got through and these messages were filed and kept then a search for other messages sent by the same Sgt with a similar timestamp may turn up the decoded version.
A complete list of pigeons awarded "THE DICKEN MEDAL"
NEHU.40.NS.1 - Blue Cheq. Hen "Winkie"
MEPS.43.1263 - Red Cheq. Cock "George"
SURP.41.L.3089 - White Hen "White Vision"
NPS.41.NS.4230 - "Beachbomber"
NPS.42.31066 - Grizzle Cock "Gustav"
NPS.43.94451 - Dark Cheq. Cock "Paddy"
NURP.36.JH.190 - Dark Cheq. Hen "Kenley Lass"
NURP.38.EGU.242 - Red Cheq. Cock "Commando"
NPS.42.NS.44802 - Dark Cheq. Cock "Flying Dutchman"
NURP.40.GVIS.453- Blue Cock "Royal Blue"
NURP.41.A.2164 - "Dutch Coast"
NPS.41.NS.2862 - Blue Cock "Navy Blue"
NPS.42.NS.15125 - Mealy Cock "William of Orange"
NPS.43.29018 - Dark Cheq. Cock "Ruhr Express"
NPS.42.21610 - B.C. Hen "Scotch Lass"
NU.41.HQ.4373 - Blue Cock "Billy"
NURP.39.NRS.144 - Red Cock "Cologne"
NPS.42.36392 - "Maquis"
41.BA.2793 - "Broad Arrow"
NURP.39.SDS.39 - "All Alone"
NURP.37.CEN.335 - "Mercury"
NURP.41.SBC.219 - Cock "Duke of Normandy"
NURP.43.CC.2418 - B.C. Hen
NURP.40.WLE.249 - "Mary"
NURP.41.DHZ.56 - "Tommy"
42.WD.593 - "Princess"
USA.43.SC.6390 - "G.I. Joe"
(From previous El. Reg article:) http://www.theregister.co.uk/2012/11/05/carrier_pigeon_found/
"When I showed him the bird and code the blood drained from his face and he advised us to back off. He said nothing would ever be published," Martin claimed.
So Secret Agent Commander Wilfred "Biffy" Dunderdale could read it. Unless it's somehow he'd memorised the sequence...but so many years later???
Noticed also the first and last 5-letter sequence are the same, and surely each group must constitute a word. Plus, in a short message, no-one wastes time on definite and indefinite articles. (a, the)
But, yeah, if compiled from a one-time pad, not a chance....
This originated on the German side and there is a description of The 43RD Wessex Division and of a number of weapons captured by the Division. That's all I am willing to reveal,it is sad that I decoded most of this in my head and the brainiacs at MI6 can't crack it. Clue: It's originator was German. And notice the multiple appearence of "R", these are names .
First, there has to be enough information for the cipher clerk to identify the cipher used. Which means that the pigeon loft only supplied pigeons for one unit, so everything goes to the right place when it arrives. And they can be expected to recognise Sjt W Stot.
Second. this unit doesn't want to rely on radio.
Third, they can send a useful short message, but it's something more complicated than, for instance, the seizure of Pegasus Bridge (and the time is wrong for that instance too).
It might be from one of the Jedburgh teams, uniformed soldiers dropped to help the French Resistance, but did they use pigeons? They did routinely use one-time pads. Another possibility is the GHQ Liason Regiment, which reported the positions of Allied forces. That could be a short message, but again did they use pigeons?
It's been suggested they didn't have time to set up the radio transmitter, but they obviously did have the time to do the ciphering. I'm inclined towards a Jedburgh team, because they would have had to be careful about making transmissions. They're in occupied territory, and they could be tracked down.
The same signal might have been sent by radio, and received, maybe a day or two later. That gets deciphered, and the one-time pad is marked as used, and destroyed. It would be a bad move to send differently ciphered versions of the same message. Maybe a pigeon did get through. Why both pigeon numbers on this message? One less thing to go wrong when you're preparing the pigeons.
And maybe all I am doing is constructing a plausible fiction. We might not even have a real name, it could be a 1944 version of a "handle", the "Rubber Duck" of the time.
I hate to be a spoil sport, but what if the code doesn't simply substitute 5 character blocks for plain text characters or words? What if some of the blocks substitute letters, others numbers, all at the same time? Or locations and units? If I was designing a one use code, thats the sort of thing I'd use, fairly simple, not too clunky for the persons using the book, but an absolute b**** if you have no context and want to translate. In which case you'd have a limited pool of items and about 11.8 million combinations available to assign each piece of information to. Even with an infinite amount of processing power, but without knowing content, there would be an infinite number of viable solutions, all but one would be wrong.
Basically what I'm saying is that you need the codebook to break it. Although a copy of the second in plaintext would do just as nicely.
Biting the hand that feeds IT © 1998–2019