by DAVID KAHN
Cryptology plays a role in this because it is the only technology that, if good enough, can block access to files in storage or in transit. Passwords can be encrypted so that they cannot be read even if the file in which they are stored is accessed. Files can be encrypted so that their contents can remain secret. The need to protect the ever-growing number of files as communications expands at its present lightning rate in e-mail, the World Wide Web and other functions of the Internet, internal business networks, and cellular telephones explains why more than a thousand firms now offer cryptologic systems for data, voice, and fax, why manufacturers are now building them into the software packages they sell. And this growth of cryptographic systems explains the justified anxiety of law-enforcement agencies about such systems getting into the hands of drug dealers, terrorists, kidnappers, and other criminals. These agencies have proposed cryptographic systems that would let trusted organizations hold the keys, to be delivered to the lawenforcement agencies upon a court order; they could then read messages encrypted with these keys. But the plan, called key escrow, faces practical difficulties and philosophical opposition, and has not yet been put into practice.
The anxiety of these agencies, and of N.S.A., is justified because cryptosystems today can be made unbreakable. This means that it is computationally infeasible to reconstruct the system and the key in use to read the message it is protecting. In many systems, this infeasibility holds true even if the cryptanalyst himself chooses the plaintext to try to trace back to it from the ciphertext. People ask, Can’t computers break these systems? The answer is no. While computers helped make them, the systems are so complex that they defeat attempts at reconstruction. A rule of thumb in cryptology holds that every time the cryptographer doubles the number of combinations in a system, the cryptanalyst must square the number of trials he must make: one goes from 5 to 10, the other from 5 to 25. This means that, although errors will occur that will occasionally enable the cryptanalyst to solve systems analytically, when systems are good enough and are properly used, they cannot be broken. The war of cryptographer against cryptanalyst has been won by the cryptographers. The only way properly encrypted messages can be read nowadays is by theft or betrayal—that is, noncryptologic means. It had already begun with the German naval Enigma.
Does this mean that the story of secret writing has ended? In the long term, yes. Of course, cipher clerks will always make mistakes, apparently good cryptosystems will have unsuspected weaknesses, and people will invent and use foolish cryptosystems, so cryptanalysis will always have its niche. But massive solutions, as of Enigma, are becoming a thing of the past.
Near the end of his ever-fascinating book The American Black Chamber, published in 1931, Herbert O. Yardley, speaking about the Vernam one-time tape system, the oldest practically and theoretically unbreakable system, wrote, “Sooner or later all governments, all wireless companies, will adopt some such system. And when they do, cryptography [meaning cryptology], as a profession, will die.”
His prediction is coming true.
BIBLIOGRAPHY
This is not a full listing of all works used in the writing of this book. Most of the sources are not required beyond the period covered by a single chapter, and full references are given in the notes to each chapter, or sometimes in those for the preceding chapter or two. If references are widely separated they are repeated in full. The notes therefore comprise a kind of classified bibliography of the subject, and to repeat the works in a general listing would serve no useful purpose.
Rather this is a listing of some of the more important sources that are used throughout the book, together with the abbreviations by which they are cited. The cryptological books mostly serve to give information on cryptanalysis for cipher systems mentioned herein, and they may be consulted with confidence because they are good solid works. Except for Gaines and Sacco (in French), they are all out of print, but they may often be found in large libraries.
ABBREVIATION REFERENCE
Add. Ms. British Museum, Additional Manuscript. Followed by number of the manuscript in the Add. Ms. series.
AMS American Men of Science, 10th editio
DAB Dictionary of American Biography.
DGFP United States, Department of State. Documents on German Foreign Policy, Series D (1937-1945). Washington, D.C.: U.S. Government Printing Office, 1949-. Followed by volume number.
DNB Dictionary of National Biography.
DSDF National Archives, Record Group 59, Department of State Decimal File. Followed by number of item.
NA, RG National Archives, Record Group. Followed by number of record group.
PHA United States, Congress, Joint Committee on the Investigation of the Pearl Harbor Attack. Pearl Harbor Attack. Hearings. 79th Congress: 1st and 2nd Sessions. Washington, D.C.: U.S. Government Printing Office, 1946. Followed by part number and pages: “ 12:154-157, 281” means part 12, pages 154 to 157 and page 281.
Articles United States, War Department, Office of the Chief Signal Officer. Articles on Cryptography and Cryptanalysis Reprinted from The Signal Corps Bulletin. Washington, D.C.: U.S. Government Printing Office, 1942. Followed in parentheses by date article first appeared in The Signal Corps Bulletin.
Bazeries Bazeries, Étienne. Les chiffres secrets dévoilés. Paris: Librairie Charpentier et Fasquelle, 1901.
ABBREVIATION REFERENCE
Eyraud Eyraud, Charles. Précis de cryptographie moderne. Paris: Éditions Raoul Tari, 1953.
Friedman Friedman, William F. Military Cryptanalysis. War Department, Office of the Chief Signal Officer. Washington, D.C.: U.S. Government Printing Office. I: Monoalphabetic Substitution Systems (1942, 3rd edition). II: Simpler Varieties of Polyalphabetic Substitution Systems (1943, 3rd edition). III: Simpler Varieties of Aperiodic Substitution Systems (1939). IV: Transposition and Fractionating Systems (1941). Dates given are those of volumes, herein cited to section instead of page to facilitate reference in other printings.
Gaines Gaines, Helen F. Elementary Cryptanalysis. Boston: American Photographic Publishing Co., 1939. Reprinted as Cryptanalysis, New York: Dover Publications, Inc., 1956.
Galland Galland, Joseph S. An Historical and Analytical Bibliography of the Literature of Cryptology. (Northwestern University Studies in the Humanities, No. 10.) Evanston, Ill.: Northwestern University, 1945.
Givierge Givierge, M[arcel]. Cours de cryptographie. Paris: Berger-Levrault, 1925.
Gyldén Gyldén, Yves. The Contribution of the Cryptographie Bureaus in the World War. A translation by the Military Intelligence Division of the War Department General Staff of Chifferbyråernas insatser i världskriget till lands [Stockholm: Militärlitteratur-föreningens förlag, 1931]. Washington, D.C.: U.S. Government Printing Office, 1935. References are to this volume and not to original publication of the translation in The Signal Corps Bulletin, No. 75 (November-December, 1933) to No. 81 (November-December, 1934).
Harris Thompson, George Raynor, and Harris, Dixie R. The Signal Corps: The Outcome (Mid-1943 through 1945). (United States Army in World War II: The Technical Services.) Department of the Army, Office of the Chief of Military History Washington, D.C.: U.S. Government Printing Office, 1966.
Kerckhoffs Kerckhoffs, Auguste. La Cryptographie militaire. Paris: Librairie militaire de L. Baudoin & Cie., 1883.
Sacco Sacco, Luigi. Manuale di crittografia. 3rd edition. Rome: Istituto Poligraflco dello Stato, 1947. Translated by J. Brès as Manuel de cryptographie, Paris: Payot, 1951. Cited to section instead of page to facilitate reference in both languages.
Terrett Terrett, Dulany. The Signal Corps: The Emergency (To December 1941). (United States Army in World War II: The Technical Services.) Department of the Army, Office of the Chief of Military History. Washington, D.C.: U.S. Government Printing Office, 1956.
Thompson Thompson, George Raynor, Harris, Dixie R., Oakes, Pauline M., and Terrett, Dulany. The Signal Corps: The Test (December 1941 to July 1943). (United States Army in World War II: The Technical Services.) D
epartment of the Army, Office of the Chief of Military History. Washington, D.C.: U.S. Government Printing Office, 1957.
ABBREVIATION REFERENCE
Wolfe Wolfe, J[ack]. M. A First Course in Cryptanalysis. Revised. In 3 volumes. Brooklyn: Brooklyn College Press, 1943.
Yardley Yardley, Herbert O. The American Black Chamber. Indianapolis, Ind.: The Bobbs-Merrill Company, 1931.
Citations of these authors by name only always refers to these books. Their other works are cited with full or short title following their names.
In citations to Congressional committee hearings and reports, I have eliminated the “United States, Congress” that should precede. They thus begin with “Senate” or “House of Representatives.” I have abbreviated the “Washington, D.C.: U.S. Government Printing Office” to “GPO” in these cases. The full citation “74th Congress, 1st Session” becomes “74:1.” The term “Hearings” after the title distinguishes the published transcript of the hearings from the committee’s report, which often bears the same title. “Senate, Subcommittee on Internal Security” refers to Senate, Committee on the Judiciary, Subcommittee to Investigate the Administration of the Internal Security Act.
“Hardie” means Bradford Hardie, M.D. In manuscript and old book references, “f.” means “folio,” “r” means “recto,” and “v” means “verso.” I have copied quotations errors and all without using that supercilious “[sic].”
NOTES TO TEXT
A FEW WORDS
The best definitions of cryptologic terms in English today are to be found in Webster’s Third New International Dictionary of the English Language Unabridged (Springfield, Massachusetts: G. & C. Merriam Co., 1961). The definer was Martin Joos, Ph.D., professor of German and linguistics at the University of Wisconsin, a World War II cryptologist and an experienced lexicographer. The definitions are based on actual usage. For a discussion and a list of the cryptologic terms in the dictionary, see my Plaintext in the New Unabridged: An Examination of the Definitions on Cryptology In Webster’s Third New International Dictionary (New York: Crypto Press, 1963).
I have in general followed these definitions, in their technical senses. In a few places I have tried to fix meanings more specifically, and here and there I have invented a word where one seemed needed or given an old word a new meaning. Among the new words are “cryptoeidography,” meaning the encoding of pictures or images, and “semagram,” meaning a steganographic message transmitted by anything other than letters or numbers, as by the order of cards in a deck. The chief old word that has been given a new meaning is “steganography” (ultimately from the Greek steganos “covered” + graphein “to write”). This was the original term for cryptography (a word which comes ultimately from the Greek kryptos “covered” + graphein); it had fallen into desuetude. Following the suggestion of George E. McCracken in “Athanasius Kircher’s Universal Polygraphy,” Isis, XXXIX (November, 1948), 215-228, at footnote 7, I revived it and assigned it as the term so badly needed for methods that conceal the very presence of a secret message.
Naturally all books on cryptology will give explicit or implicit definitions of terms; the best of these is Friedman; more compact and more accessible is his article “Cryptology” in the Encyclopaedia Britannica. Most complete of the technical glossaries is the United States Army Security Agency’s; more recent is David Shulman’s Glossary of Cryptography (New York: Crypto Press, 1961). The official definitions of a number of cryptologic terms are given in United States, Department of Defense, Joint Chiefs of Staff, Dictionary of United States Military Terms for Joint Usage (Washington, D.C.: U.S. Government Printing Office, 1964), and United States, Department of the Army, Dictionary of United States Army Terms (Army Regulations 320-5. Washington: 1958). (These official definitions persist in making physical and personnel security part of signal security. But while physical and personnel security are undoubtedly essential to signal security, they are not essential to it alone. They extend throughout the military sphere. It thus is wrong to definesignal security in terms of them. They are accompanying characteristics, not defining ones. The official definitions fail to see this distinction. Interestingly, however, they do not make the complementary activities of theft and betrayal part of signal intelligence.) For other places where cryptologic definitions may be found, see Appendix IT of Plaintext in the New Unabridged.
Chapter 1 ONE DAY OF MAGIC
Since the question of responsibility for the Pearl Harbor disaster is steeped in such bitter controversy, I feel that I should make known my views. I believe that the theory is false that Roosevelt and his cabal teased the Japanese into attacking to trick a reluctant United States into the war, and that they assured the Japanese success at Pearl Harbor by withholding vital information from the Hawaiian commanders. These are the views expressed by John T. Flynn, Rear Admiral Robert A. Theobald, George Morgenstern, and Charles A. Beard, among others, in their books and pamphlets. I hold that Pearl Harbor resulted from Japanese duplicity, audacity, and security; from the difficulty of predicting what others will do; from a concatenation of dozens of minor mistakes, omissions, false assumptions, and failures, none intentional; from a poor administrative setup (most evident in the defense of Hawaii and in the evaluation of intelligence); and from the unwillingness of the American public to believe war likely and to pay for military preparedness. The causes of Pearl Harbor were not one but many, not simple but complex—as are the causes of most great events.
This is essentially the view of the majority of the Congressional committee. Samuel E. Morison gives a short but devastating rebuttal of Theobald and the other revisionists in his Two-Ocean War (Boston: Little, Brown & Co., 1963), 69-76. He observes that a Japanese defeat at Pearl Harbor would have better served a warmongering policy by preserving the forces of war. The most thorough analysis of the problem is Roberta Wohlstetter’s Pearl Harbor: Warning and Decision (Stanford, Calif.: Stanford University Press, 1962), which shows the difficulties of detecting the true signals of future events amid the roar of the false. After the fact, of course, the true portents stand out in high relief, whereas the others, unneeded and therefore forgotten, recede into the background. The revisionists, looking back with the 20-20 vision of hindsight, select the true indications and disregard all others, thus making it appear as if even a deaf and blind idiot could have seen Pearl Harbor coming. But it was not like that for those who were there.
A problem that occupied much of the committee’s time was that of the winds code execute. Safford maintained that it had been received on December 4 and suggested that all records of it had been destroyed by Marshall and King to cover up their failure to warn Pearl Harbor (PHA, 8:3579, 3652, 3655-6, 3686-7). The revisionists, accepting this at face value, argue that had notification of the winds execute been sent to the Hawaiian commanders, it would have alerted them sufficiently to prevent the debacle. Though Safford very manfully stuck to his guns under harrowing cross-examinations, I cannot believe his story. Too many other witnesses who would have seen such an execute had it been received testified that they never did. Consequently I have eliminated from my account all references to this nonexistent “true” execute. Furthermore, I believe, as the committee majority did, that, even if it had been received, it would not have added any important information to what was already known. For a detailed discussion of the matter, see Appendix E of the committee’s report.
I have relied almost exclusively upon PHA. Its 39 parts, or volumes, include the hearings, exhibits, and reports of the seven previous Pearl Harbor investigations. The joint Congressional investigating committee’s own Report is entitled Investigation of the Pearl Harbor Attack, Senate Document No. 244, 79:2 (GPO, 1946), which includes the minority report. Citations in the form 33:765 always refer to PHA.
I regret that space prohibits my identifying the witnesses to whose testimony the numbered citations refer. The multiple references result sometimes from the scattering through the record of the separate items that go to make up a complete st
atement, sometimes from my supporting the detailed statement of a less-than-authoritative witness with a (briefer) statement by the best witness. In general, I have documented only the individual cryptologic data, and not the details of the Pearl Harbor strike mission, which come mostly from Walter Lord, Day of Infamy (New York: Henry Holt & Co., 1957); Mitsuo Fuchida, “I Led the Air Attack on Pearl Harbor,” United States Naval Institute Proceedings, LXXVII (September, 1952), 939-952; and Samuel E. Morison, The Rising Sun in the Pacific, 1931-April, 1942, History of United States Naval Operations in World War II, vol. III (Boston: Little, Brown & Co., 1950).
In the notes, “Report” means the committee’s report. IMTFE refers to the proceedings of the International Military Tribunal for the Far East; a set of the mimeographed documents of these “Tokyo Nuremberg Trials” is available at the National Archives. “Navy biography” or “Army biography” means the official biographies issued by the respective public information offices.
Japanese names are given in the American style, with family name last, and not in the Japanese form, with family name first, in which they are found in many of the sources. Times are always local date and time, and I have tried to indicate this in the text.
I want to thank Mrs. Wohlstetter for reading the draft of this chapter and offering some corrections.
PAGE
1 1:28, 1:37: IMTFE, Exhibit 2964, affidavit of Kazuji Kameyama, Foreign Office cable chief, gives 28 minutes past the hour as the time of transmission. PHA, 14:1416, from American intercept records, gives 18 minutes past for the start of transmission and 37 past for the end. In view of the brevity of the message and the fact that the equally short 14th part took only five minutes to transmit (14:1415), I think that 9 minutes is a more likely time for transmission than 19. Accordingly, I have used the Japanese figure. These two references serve for all times of transmission and interception in this chapter.
