OPERATION TINKER BELL HAS MOVED!
Now available at the main website
CIPHER MACHINES AND CRYPTOLOGY
CIPHER MACHINES AND CRYPTOLOGY
This page is no longer maintained or updated!
Communications Center Instructions
There are two main ways to communicate during Operation Tinker Bell. All messages between Langley and its stations abroad are encrypted off-line and then sent by teletype. Most operational communications between the agency and its operatives and agents in the field is done by encrypted one-way shortwave broadcast. Some agents, operating in hostile environment, use clandestine shortwave tranmitters to sent encrypted messages.
Each message that is sent or received in our
COMCEN will be registered under a unique file number, formatted as
TB-0000. Make sure to decrypt the oldest messages (lowest file number) first!
Some tips: the Start Operation tab directs you to the first message. Scroll through the messages with the Next Message and Previous Message links beneath each message. The Archive provides an overview of all available message and allows you to jump directly to any desired message.
Some tips: the Start Operation tab directs you to the first message. Scroll through the messages with the Next Message and Previous Message links beneath each message. The Archive provides an overview of all available message and allows you to jump directly to any desired message.
The KL-7 Cipher Machine
All operational messages that are sent by teletype through government communications lines or commercial cable are encrypted off-line with the TSEC/KL-7 before transmission, to provide the highest level of secrecy. Your task, among others, is to decrypt and read the KL-7 traffic
The KL-7 has been distributed to our services by the National Security Agency. You can download the KL-7 Simulator. (Windows and Java version available). Make sure you have the latest version (5.0).
Please read the manual, get familiar with the encryption procedures and train your skills on the example messages. On our website you find all technical details and history of the KL-7, a truly fascinating Cold War machine.
Please read the manual, get familiar with the encryption procedures and train your skills on the example messages. On our website you find all technical details and history of the KL-7, a truly fascinating Cold War machine.
Decrypting a Message
The internal key settings of the KL-7 cipher machine are changed daily at midnight, according to the secret key sheet. You must retrieve the proper machine settings for a particular message date from the Crypto Room. Below, the key in its original format (click to enlarge).
The internal key settings of the KL-7 cipher machine are changed daily at midnight, according to the secret key sheet. You must retrieve the proper machine settings for a particular message date from the Crypto Room. Below, the key in its original format (click to enlarge).
To facilitate the reading and setting of keys we use an easier format in the crypto room, which is identical to the KL-7 simulator rotor settings format. These setting are also used in the KL-7 sim training messages, containing actual US Navy messages during the Cuban missile crisis.
---------------------------------------
DTG 180000Z - 182400Z FEB 64
POSITION 1 2 3 4 5 6 7 8
ROTOR CORE E H F L I A G B
ALPHA RING SET 4 28 4 16 9 32 8 11
NOTCH RING 5 10 6 7 1 8 3
NOTCH RING SET C M+ E B E+ Y K
36-45 LETTER CHECK : ASMTH ISXPI
BASIC ROTOR ALIGNMENT: XEG BVEQ
---------------------------------------
Each key setting contains the period in which the key is valid and the eight rotor positions. Below them the selection of the eight rotor cores and their alphabet ring setting. Next, the selection of the notch rings and their setting. Note that the fourth rotor has no notch ring and doesn't move. Underneath the settings are the 36-45 Letter Check (10 letters) to verify the correct key setting and the Basic Rotor Alignment (see KL-7 sim manual).
Make sure to correctly apply the above example key setting example to decipher the following message. Once you finished the settings, always perform the 36-45 Letter Check to verify the key settings (info in sim manual)
The Message Format
Each message has a standard format. Message urgency is denoted by a letter:
R = Routine, P = Priority, O = Immediate and Z = Flash
Standard DTG (date time group) in ZULU time (a.k.a. UTC) is used for all messages.
P 180830Z FEB 64 thus indicates a Priority message from February 18, 1964 at 0830 hours
The following example shows the format of a complet CODRESS message.
P 180830Z FEB 64
TO SPECIAL LIAISON WASHINGTON
GR 15
BT
FOXTROT BRAVO INDIA XRAY NOVEMBER ALFA ECHO
QSZUL FYTYY CPKSF ZDVPR RJDAU TDNOH GBOYV DWOJX STGGI JTGPF
XLVKD KXHNZ BLKIT KKDVG IOKPW
BT
The first line contains the DTG. The next two lines are the sender and receiver (routing indicators are blackened after reception). Next line is the groups count. After the first BT (break) follows the spelled-out Message Indicator and then the five-letter groups of the actual message. Coded messages are by default unclassified. The security level and addressees of coded messages are included in the ciphertext. If the cipher clerk encounters during deciphering a security level above his clearance, he halts decryption and personnel with the proper clearance will continues the decipherment.
Our services use the encryption procedure with random spelled-out message key (the second example at page 7 in the simulator help file). First, make sure you have set the proper internal key settings for that day, as shown in the key sheet example above. Then, for each new message, you must retrieve the secret rotor alignment (steps 1 to 3) and then decrypt the message (step 4). Proceed as follows to decrypt the example message from above:
- Set the KL-7 selector (main switch) in ‘P’ and set the Basic Rotor Alignment (XEG BVEQ) for the key example day.
- Switch to ‘E’ and type in the spelled-out message indicator (FBIXNAE) from the message.
- Switch to ‘P’ and set the output result from step 2 (FSA MQOV) as rotor alignment for the actual message.
- Switch to ‘D’ and type in all five-letter groups to decrypt the message, starting from QSZUL...
Carefully follow the steps. Don't switch multiple times between P and E positions during the decryption process, as this will change the rotor positions and render de message illegible!
You can speed up the process with the Auto Typing function. Follow steps 1 through 4 from above but instead of typing in all five-letter groups by hand, you click on the power cable on the right of the KL-7 keyboard. The Auto Typing window will appear.
Copy all five-letter groups from the message, paste them into the Auto Typing text box and click the ‘Start’ button. You can abort with the ‘ESC’ key. When finished, you can click on the paper ribbon at the bottom of the machine to see all outputted text. More information on keying procedures are found in the KL-7 manual.
Copy all five-letter groups from the message, paste them into the Auto Typing text box and click the ‘Start’ button. You can abort with the ‘ESC’ key. When finished, you can click on the paper ribbon at the bottom of the machine to see all outputted text. More information on keying procedures are found in the KL-7 manual.
Covert Radio Communications
To obtain the highest level of security over radio waves, our clandestine service uses the unbreakable one-time pad system. These so-called numbers messages are sent according to a predetermined and varied time and frequency schedule, unique to each agent. Therefore, the service knows when and on what frequency to expect radio messages from its agents in the field. Likewise, the agents know exactly when to listen for a one-way broadcast or to send their own messages.
The sender converts the plain text into digits with the help of a conversion table and encrypts the digits by subtracting the one-time pad digits (without borrowing) from the message digits. The result is a radio message containing nothing more than the following information:
The sender converts the plain text into digits with the help of a conversion table and encrypts the digits by subtracting the one-time pad digits (without borrowing) from the message digits. The result is a radio message containing nothing more than the following information:
221 221 221
04598 16633 71492 18478 65037
74850 14004 46968 18082 22082
30128 87558 11445
The first line may contain the (optional) agent ID of the addressee (see personnel files). The first five-digit group (here 04598) is the key indicator, which identifies the one-time pad, used to encrypt the message. The following five-digit groups are the actual encrypted message.
The receiver can find the proper one-time pad, required to decrypt that particular message, by checking the key indicator against the first five-digit group of his one-time pads. The operational one-time pads are found in the Crypto Room.
To decrypt the example radio message from above, we use the following example one-time pad.
10971 76289 23007 61500 60504
60093 23542 79355 15363 20459
06628 17065 81290 11161 35668
38841 68860 34485 94774 90642
74814 84649 31408 46490 81382
94731 97027 55341 98510 91799
48757 40672 75953 42371 40114
77961 78020 18769 05716 17947
98342 74811 64779 11242 27692
Write the message groups out on paper, write the one-time pad groups underneath the message and add the digits together, from left to right, and without carry (8 + 4 = 2, not 12!).
Important note: the Key Indicator of both message and one-time pad should be disregarded since these are no part of the actual message.
Finally, the result (stripped from key indicator) is converted back into plain text with the help of the conversion table, shown below. If the digit is 0 through 6, it's a single-digit conversion. If the digit is higher than 6, it's a double-digit conversion. FIG is used before and after digits. Digits are written out three times to exclude errors (e.g. 111777555 is converted back into 175).
The receiver can find the proper one-time pad, required to decrypt that particular message, by checking the key indicator against the first five-digit group of his one-time pads. The operational one-time pads are found in the Crypto Room.
To decrypt the example radio message from above, we use the following example one-time pad.
OUT
04598 63693 00154 09795 8494310971 76289 23007 61500 60504
60093 23542 79355 15363 20459
06628 17065 81290 11161 35668
38841 68860 34485 94774 90642
74814 84649 31408 46490 81382
94731 97027 55341 98510 91799
48757 40672 75953 42371 40114
77961 78020 18769 05716 17947
98342 74811 64779 11242 27692
Write the message groups out on paper, write the one-time pad groups underneath the message and add the digits together, from left to right, and without carry (8 + 4 = 2, not 12!).
Radio Msg: 04598 16633 71492 18478...
OTP: +04598 63693 00154 09795...
--------------------------------------
Decrypted: KEYID 79226 71546 17163...
Important note: the Key Indicator of both message and one-time pad should be disregarded since these are no part of the actual message.
Finally, the result (stripped from key indicator) is converted back into plain text with the help of the conversion table, shown below. If the digit is 0 through 6, it's a single-digit conversion. If the digit is higher than 6, it's a double-digit conversion. FIG is used before and after digits. Digits are written out three times to exclude errors (e.g. 111777555 is converted back into 175).
79 2 2 6 71 5 4 6 1 71 6...
M E E T C O N T A C T...
One-time pad Conversion Table |
Cipher Machines and Cryptology has more info on one-time pads and numbers stations.
Copyright Notice
The content of
Operation Tinker Bell, all ciphertext messages and their plaintext
version are copyrighted. No plaintext messages can be published or
distributed in any digital or printed form.