Decoding the IRA (7 page)

An easy and commonly used substitution cipher is called, appropriately enough, ‘simple substitution'. In this system a keyword may be chosen to mix the alphabet by any of a large variety of methods, and each letter of the plain text is substituted with the corresponding letter of the keyed alphabet. For example, with the key
MONARCHY
placed in a prearranged position within the alphabet, we could have a cipher alphabet that looks like this:

Plain:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Cipher:
Q S T U V W X Z M O N A R C H Y B D E F G I J K L P


A message is encrypted by finding each letter of the message on the ‘plain' line and substituting for it the letter below on the ‘cipher' line:

On a monkey's day to die all trees become slippery.
HC Q RHCNVL'E UQL FH UMV QAA FDVVE SVTHRV EAMYYVDL
.

With enough cipher text we can solve a simple substitution rather easily by looking at frequencies (e.g. the very common ‘E', ‘T', ‘A') and pattern words (e.g. ‘trees' with its double ‘E' or ‘become' with ‘E's in the second and sixth positions). Analysing the messages this way got me nowhere. My chief roadblock was the length: most of the messages were too short to allow productive analysis. I set these substitution ciphers aside for several months while continuing to work on the outstanding transposition ciphers.

Having finished most of the columnar transpositions I returned to an intriguing set of substitution cipher messages from an IRA communications logbook, shown in Figure 10.
³²
The reward for solving these pages was clear: it is a list of encrypted keywords used to communicate in cipher with each of the IRA units, from Antrim (‘No code yet') through Wicklow, as well as additional keys for correspondents out of Ireland. In all, the list contains keywords or contact information for fifty-seven recipients. Although most of these are short words or phrases, I hoped to
combine them in a way that would give me some leverage into their solution. I resolved to try each likely common substitution method in turn.

After simple substitution, the next most common substitution cipher is known as Vigenère, named for sixteenth-century cryptographer Blaise de Vigenère.
³³
This method uses a key to choose among a number of different cipher alphabets to encrypt each letter of the cipher in turn. Using multiple alphabets increases the security of the cipher by evening out the frequencies of the letters and by eliminating the patterns of the letters within words. In its most basic form, for each alphabet Vigenère uses the Caesar cipher described earlier, counting down the alphabet one letter for key-letter ‘A', two for key-letter ‘B' and so on, using the key in order and repeating it as needed. As an example using keyword FACE:

Some writers, including Lewis Carroll, called the cipher ‘undecipherable', but cryptographers of the sixteenth century had already broken it on occasion.
³⁴
The Confederate States of America trusted it implicitly, and used it throughout the American Civil War with only three keys. The northern side (the Union) had no trouble reading their message traffic.
³⁵
The cipher may be executed entirely by hand, as shown above, or with a twenty-six by twenty-six table showing each alphabet, or using a cipher disk or slide that can be moved to indicate the correspondence between plain and cipher letters.

Figure 10. Encrypted cipher keywords, communications logbook, no date.

 

The cryptanalyst's leverage in Vigenère-like ciphers comes from the periodic nature of the cipher. All letters encrypted with ‘F' above are from the same alphabet, so that if we look at every fourth letter we will be seeing only letters encrypted with the same key letter. If we have enough material to work with, this alone will be enough to break that
particular alphabet, because the equivalent of ‘E', ‘T', ‘A' and so on will have the highest frequency in the cipher alphabet, and they will be in the same position relative to each other because the cipher alphabet is a simple Caesar shift of the standard A–Z alphabet. For example, the cipher equivalent of ‘E' will appear four letters after the cipher equivalent of ‘A'. This process may be repeated for the other assumed alphabets, finding the best Caesar shift for each.

To test for a Vigenère-style cipher, then, we need enough material encrypted in the same key to find a statistical pattern in the letter distributions. Although most of the words encrypted in Figure 10 are short, I postulated that each could be encrypted with a polyalphabetic cipher such as Vigenère with the key beginning anew with each entry.

I selected the first six letters of all the ciphers in this group with at least six letters and that did not include the nonalphabetic character ‘&' within those six letters. This gave a depth of twenty-two encrypted words all (by assumption) starting at the same place in the key:

SDRDPX VVQDTY WXGKTX SJMCEK LPMOCG MVLLWK HMNMLJ VDBDFX UMDMWO GGCOCS MMNEYJ KHAKCQ LPQXLI HMHQLT IJMPWG DDMCEX HVQDSU OISOCX DXNXEO IJLWPS IJNBOO OIREAK

I presented this to my Shotgun Hillclimbing programme and told it to try it as period six Vigenère and it immediately returned mostly reasonable text with key
GVZKLG
:

mister partis qchair monste funera famble brocad pictur orecli alderm ground embark furnac brigan confla xinstr bartho interr xconti commem coordi insupe

These beginning fragments plainly show that the method used was equivalent to Vigenère, using a keyword of at least five letters: the repeated ‘G' in the key could mean that the key has begun to repeat, or that the keyword used has a repeated letter in that position. Further experimentation with the longer words and passages in this document showed that the latter is true: the full Vigenère keyword is
GVZKLG
, and it repeats as long as necessary to finish the section it encrypts. The ‘&' could now be determined from context: if it is replaced with ‘Z' in the cipher text, it encrypts to the right letter using standard Vigenère decryption.

Why
GVZKLG
? After some experimentation, I found that it is derived from a reversal of the alphabet:

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Z Y X W V U T S R Q P O N M L K J I H G F E D C B A

If each letter in the Vigenère key is replaced with the corresponding letter in the reversed alphabet, we get G=T, V=E, and so on, so that the actual key used in ‘IRA Vigenère' is
TEAPOT
. A reversed encryption alphabet of this sort is called Atbash, and the technique was used in the Bible. David Kahn points out that in Jeremiah 25:26 and 51:41 the word Sheshach appears in place of Babel (Babylon).
³⁶
The repeated Hebrew ‘beth' of Babel becomes the repeated ‘shin' of Sheshach: beth is the second letter of the Hebrew alphabet, and shin is the penultimate. Kahn cites an Aramaic paraphrase of the passage using Babel in place of Sheshach to prove they mean the same thing. Using Atbash for the IRA substitution keys may have been chosen to give a little more security against someone who suspects a Vigenère cipher system and has captured an English key to try.

Some of the keywords in this table include letters at beginning and/or end that are not part of the actual keyword. For example, the encrypted key for Boyne Batt is
WXGKTXB
, which decrypted with keyword TEAPOT becomes
QCHAIRV
. The longer encrypted key for Claremorris Bde is
DDMCEXAXSS&T
, which becomes
XINSTRUCTION
. In the course of later decryptions it became clear that these include nulls: the key for Boyne is actually
CHAIR
, and the key for Claremorris is
INSTRUCTION
. In the substitution examples throughout the corpus we found that nulls were frequently used at the beginning and/or end, especially ‘Q', ‘X', ‘Y' and ‘Z'.

We can now address the message in Figure 9 that began this section:
³⁷

Have you yet got
X&OYC&UIJO&MN?
Did you look up that man
FX&WA HKGKH
/ whom I spoke to you about.

The message is an internal GHQ communication from the chief of staff to the director of intelligence, so the key used is the same as the one used to encrypt all the keys for internal consumption: TEAPOT. The solution is unambiguous:

Have you yet got
report on Keogh
? Did you look up that man z
Campbell x
whom I spoke to you about.

The second encrypted bit includes the nulls ‘Z' and ‘X' in an attempt
to disguise the name further. Repeated uses of the name encrypted the same way with the same key would be a security problem: even if a person intercepting the messages could not solve the cipher, they could tell that the same person was being discussed because the encrypted version would be the same. Adding a letter to the front (
z Campbell x
) is enough to make it different, but unless different numbers of letters are used each time the name is sent in the future,
CAMPBELL
will be encrypted with the same part of the key and will appear the same when encrypted.

The particularly interesting message shown in Figure 11 from Seán Lemass, the republican Minister for Defence to Seán Russell, the quartermaster general, was one of the most cryptic and one of the shortest.
³⁸

Figure 11. Soviet use of IRA officer, 3 October 1925.

 

We knew from other messages that ‘Mr. X' was a Soviet agent. The encrypted part is
ETNMMEE
. Decrypting this with the GHQ substitution keyword TEAPOT gives us the plain text:
YY OCB YY
. As we've seen above, the ‘Y's are nulls used for padding around the three-letter message. OCB (or OC.B) stands for Officer Commanding, Britain.
³⁹

Choosing the correct keyword to decrypt the substitution ciphers in this collection was sometimes challenging. Not all the messages had obvious senders and recipients, so it was not simply a matter of pulling the keyword off the master list for those correspondents. In addition, not all of the keywords were on any list: some had been superseded, and others were assigned after the lists in our possession were compiled.

For the longer ciphers I used my Shotgun Hillclimbing programme to recover the keyword, modifying it to deal directly with the IRA Vigenère style of Atbash-encrypted keywords. For shorter ciphers I prepared a new programme which would try a list of keywords on the cipher, then compare the results on how English-like the decryption looked by assigning a weighted score based on how common words and fragments of words are in English. I used this method to solve the list of keywords in a message from the director of intelligence to the chief of staff, shown in
Figure 12
.
⁴⁰