Page:W.F. FRIEDMAN LETTER TO DEPT OF STATE - CRYPTOGRAPHIC.pdf/1

 September 18, 1937

MEMORANDUM FOR: Mr. David A. Salmon, Chief of Communications and Records Division, Department of State.

Pursuant to your informal request I have just completed the study of the degree of cryptographic security afforded by the cipher machine known as the Codatype which has been installed in your division by the International Business Machines Corporation for test and determination as to possible usefulness in State Department communications. The following is a summary report of the results of that study and of the conclusions reached therein.

1. It was agreed between us as a preliminary that it is fair to assume that, in actual service, practical considerations would require that a set of plug-board connections remain the same for a whole day's traffic and that only the two-dial setting controlling the initial point of entry of the three commutators and the initial point of entry of the 12-disc program device assembly be changed from message to message within the day's traffic.

2. In this case an enemy cryptoanalytic staff would not know the wiring of the commutators, the positions of the pins on the program device, or the settings of the keying dials. Nevertheless, it can be stated that one day's traffic, if it consisted of say 40 - 50 messages, can be solved, although this solution might require one or two weeks by a well organized cryptoanalytic staff. Its purpose would be not so much to learn the contents of these messages as to reconstruct the cam positions on the discs of program device and wiring of the commutator.

3. When the latter data have been obtained, the analysis of messages of any subsequent day's traffic would be particularly easy and could probably be accomplished within 6 - 8 hours. The purpose of this analysis would be merely to eliminate the effects of the daily change in plug-board connections. (The various dial settings are of no particular consequence in this machine.)

4. When the latter effects have been ascertained, individual messages can be read rapidly, though of course not nearly as rapidly as the machine can decipher them.

5. Based upon the foregoing premises, only 12 messages, all enciphered by the same plug-board arrangement but with different dial