Communications Center Instructions

There are two main ways to communicate during Operation Tinker Bell. All messages between Langley and its stations abroad are encrypted and sent by teletype. Most operational communications between the agency and its covert personnel or operatives in the field is done by encrypted one-way shortwave broadcast. Some agents, operating in hostile environment, use clandestine shortwave tranmitters to sent short encrypted messages to their handler.

Each message that reaches our COMCEN will be registered under a unique file number, formatted as TB-0000. Make sure to decrypt the oldest  messages (lowest file number) first!

Some tips: the Start Operation tab directs you to the first message. Scroll through the messages with the Next Message and Previous Message links beneath each message. The Archive provides an overview of all available message and allows you to jump directly to any desired message.

The KL-7 Cipher Machine

All operational messages that are sent by teletype through government communications lines or commercial cable are encrypted off-line prior to transmission with the TSEC/KL-7 to provide the highest level of secrecy. Your task, among others, is to decrypt and read KL-7 traffic

The KL-7 has been distributed to our services by the National Security Agency. You can download the freeware KL-7 at this location (Java version also available). Make sure you have the latest version (5.0.1).

Please read the manual, get familiar with the encryption procedures and train your skills on the example messages.

Decrypting a Message

Each message has a standard format. Message urgency is denoted by a letter:

R = Routine, P = Priority, O = Immediate and Z = Flash

Standard DTG (date time group) in ZULU time (a.k.a. UTC) is used for all messages.
P 180830Z FEB 64 thus indicates a Priority message from February 18, 1964 at 0830 hours

The following example shows the format of a complet CODRESS message.

P 180830Z FEB 64
GR 15

The first line contains the DTG. The next two lines are the sender and receiver (routing indicators are blackened). Next line is the groups count. After the first break (BT) follows the spelled-out Message Indicator and then the five-letter groups of the actual message. Coded messages are by default unclassified. The security level and addressees of coded messages are incorporated in the ciphertext. If the cipher clerk encounters a security level above his clearance, he halts decryption and personnel with the proper clearance then continues the decipherment.

Each secret key setting for the KL-7 is valid for a period of 24 hours. You will retrieve the proper machine settings for that particular message date from the Crypto Room. Here below the key to decrypt the example message from above:
180000Z - 182400Z FEB 64
E  H  F  L  I  A  G  B  -  5 10  6  7  1  8  3 – XEG BVEQ
4 28  4 16  9 32  8 11  -  C M+  E  B E+  Y  K - ASMTH ISXPI

On top is the period in which the key is valid. Below the date, on the left, are the 7 letters for Rotor Core selection and below them the Alphabet Ring setting. On the right are the Notch Ring Selection numbers and below them the Notch Ring settings. On the far right we have the Basic Rotor Alignment (7 letters) for that particular day, and the 36-45 Letter Check (10 letters) to verify the correct key setting (see simulator manual).

Our services use the encryption procedure with random spelled-out message key (the second example at page 7 in the simulator help file). First, make sure you have set the proper internal key settings for that day, as shown in the key sheet above. Then, for each new message, you must retrieve the secret rotor alignment (steps 1 to 3) and then decrypt the message (step 4). Proceed as follows to decrypt the example message from above:
  1. Set the KL-7 selector (main switch) in ‘P’ and set the Basic Rotor Alignment (XEG BVEQ) for that particular day.
  2. Switch to ‘E’ and type in the spelled out message indicator (FBIXNAE) from the message. 
  3. Switch to ‘P’ and set the output result from step 2 (FSA MQOV) as rotor alignment for the actual message.
  4. Switch to ‘D’ and type in all five-letter groups to decrypt the message, starting from QSZUL...
You can speed up the process with the Auto Typing function. Follow steps 1 through 4 from above but instead of typing in all five-letter groups by hand, you click on the power cable on the right of the KL-7 keyboard. The Auto Typing window will appear. Copy all five-letter groups from the message, paste them into the Auto Typing text box and click the ‘Start’ button. You can abort with the ‘ESC’ key. When finished, you can click on the paper ribbon at the bottom of the machine to see all outputted text. More information on keying procedures are found in the KL-7 manual.

Covert Radio Communications

To obtain the highest level of security over radio waves, our clandestine service uses the unbreakable one-time pad system. These so-called numbers messages are sent according to a predetermined and varied time and frequency schedule, unique to each agent. Therefore, the service knows when and on what frequency to expect radio messages from its agents in the field. Likewise, the agents know exactly when to listen for a one-way broadcast or to send their own messages.

The sender converts the plain text into digits with the help of a conversion table and encrypts the digits by subtracting the one-time pad digits (without borrowing) from the message digits. The result is a radio message containing nothing more than the following information:

221 221 221

04598 16633 71492 18478 65037

74850 14004 46968 18082 22082
30128 87558 11445

The first line may contain the (optional) agent ID of the addressee (see personnel files). The first five-digit group (here 04598) is the key indicator, which identifies the one-time pad, used to encrypt the message. The following five-digit groups are the actual encrypted message.

The receiver can find the proper one-time pad, required to decrypt that particular message, by checking the key indicator against the first five-digit group of his one-time pads. The operational one-time pads are found in the Crypto Room.

To decrypt the example radio message from above, we use the following example one-time pad.

04598 63693 00154 09795 84943
10971 76289 23007 61500 60504
60093 23542 79355 15363 20459
06628 17065 81290 11161 35668
38841 68860 34485 94774 90642
74814 84649 31408 46490 81382
94731 97027 55341 98510 91799
48757 40672 75953 42371 40114
77961 78020 18769 05716 17947
98342 74811 64779 11242 27692

Write the message groups out on paper, write the one-time pad groups underneath the message and add the digits together, from left to right, and without carry (8 + 4 = 2,  not 12!).

Radio Msg:  04598 16633 71492 18478...
OTP:       +04598 63693 00154 09795...
Decrypted:  KEYID 79226 71546 17163...

Important note: the Key Indicator of both message and one-time pad should be disregarded since these are no part of the actual message.

Finally, the result (stripped from key indicator) is converted back into plain text with the help of the conversion table, shown below. If the digit is 0 through 6, it's a single-digit conversion. If the digit is higher than 6, it's a double-digit conversion. FIG is used before and after digits. Digits are written out three times to exclude errors (e.g. 111777555 is converted back into 175).

79 2  2  6  71 5  4  6  1  71 6...
M  E  E  T  C  O  N  T  A  C  T...

One-time pad Conversion Table
More information on one-time pads here. Additional info on numbers messages at this page.

Copyright Notice

The content of Operation Tinker Bell, all ciphertext messages and their plaintext version are copyrighted. No plaintext messages may be published or distributed in any digital or printed form.