According to today’s Mail on Sunday, Canadian expert Gord Young has cracked most of the dead WW2’s pigeon’s cipher message using a WWI Royal Artillery codebook. It’s not a big old message, so let’s line up the decrypt for ourselves, shall we?

What is immediately clear is that
* The decrypt is done down columns of groups, not along rows of letters (…which isn’t how it was usually done at all)
* Each five-letter cipher group is presumed to be a completely independent initial-based sentence (…which isn’t etc)
* Each independent sentence’s decryption is guessed at somewhat hopefully (…which isn’t etc)
* “J” mostly codes for “J[erry]”
* “Q” pretty much always codes for “[Head]q[uarters]”
* “P” mostly codes for “P[anzers]” (a word which was only coined in about 1940, awkwardly for the WW1 codebook idea)
* Eight of the five-letter cipher groups are skipped because they don’t fit this (already very loose) pattern. (What?)


(1) AOAKN – Artillery observer at ‘K’ Sector, Normandy.
(2) RQXSR – Requested headquarters supplement report.
(3) PABUZ – Panzer attack – blitz.
(4) UAOTA – West Artillery Observer Tracking Attack.
(5) LKXGH – Lt Knows extra guns are here.
(6) KLDTS – Know where local dispatch station is.
(7) DJHFP – Determined where Jerry’s headquarters front posts.
(8) RBQRH – Right battery headquarters right here.
(9) GQIR[U/W] – Found headquarters infantry right here.
(10) FNFJ[W/U] – Final note, confirming, found Jerry’s whereabouts.
(11) GOVFN – Go over field notes.
(12) CMPNW – Counter measures against Panzers not working.
(13) JRZCQ – Jerry’s right battery central headquarters here.
(14) AOAKN – Artillery observer at ‘K’ sector Normandy.
(15) MIAPX – Mortar, infantry attack panzers.
(16) HJRZH – Hit Jerry’s Right or Reserve Battery Here.
(17) A[K/R/H]EEQ – Already know electrical engineers headquarters.
(18) TPZEH – Troops, panzers, batteries, engineers, here.
(19) FNKTQ – Final note known to headquarters.

Sorry, Mail editors, but you’ve landed yourself a bit of a dud story here. If there is something good about this theory (and I for one haven’t found it yet), it’s hidden beneath a tangled mess of obviously wrong & over-interpretative nonsense, the kind of foolishly hopeful non-decrypticity David Kahn termed “enigmatology”. Ohhhhh dearrrrry me. :-(

32 Thoughts on “Dead WW2 pigeon cipher cracked with WW1 codebook (says the Mail)… errr, really?

  1. avatar Diane O'Donovan on December 16, 2012 at 6:41 pm said:

    You are (like it or not) a ‘grand old man’ in this field, and a more encouraging tone becomes the aged, wouldn’t you say?

  2. Diane: sorry, but I can’t help getting a tad annoyed when people just make stuff up. If only it were that easy! :-)

  3. avatar Anne-Lise Pasch on December 16, 2012 at 9:22 pm said:

    And the BBC picks it up…

  4. Anne-Lise: thanks… *sigh* :-(

  5. Nick: You’ve been a lot kinder than I have. I started getting garbled messages on a train where the reception was poor and had to wait until I got home to see what was going on, at which point I got quite cross.

    FWIW the story seems to have originated not with the Mail but with the Dorset Echo, which has – it seems – had some, er, interesting things to say about this.

  6. avatar Diane O'Donovan on December 17, 2012 at 5:15 am said:

    ‘Inference’ is fiction, and ‘reasonable inference’ is still fiction, but one has to make do, sometimes.

  7. avatar Andy Fischer on December 17, 2012 at 11:18 am said:

    The message is so clearly encrypted with a one-time-pad, and will never be decrypted. I understand why people get excited about this, but someone should explain to journalists (and many others) what makes the one-time-pad secure, and why the message will always remain encrypted.

    The security of the one-time-pad can, in theory, be broken if the pad is constructed carelessly. But since nothing (to my knowledge) is known about the construction of the pads during WW2 it is unlikely to happen.

    The Canadian attempt is just plain stupid.

  8. Andy: I’m not yet convinced that what we’re looking at here is a one-time pad. Having recently looked (at the National Archives) at what the various armed forces used in WW2, a wide set of enciphering technologies were in play, from low grade to medium grade to high grade. Most low-level communication used low grade ciphers, not OTPs. So my question to you is: would a lowly Army Serjeant have been carrying a set of OTPs around in the field?

  9. avatar Andy Fischer on December 17, 2012 at 11:52 am said:

    Good point, but little is known about the creation of the message and the circumstances. Might not have been encrypted in the field, or by the Serjeant himself. I have not looked closer on the two different hand writings.

    If it was possible to obtain other known OTP encrypted messages from the period, I wonder if a mathematical analysis of the letter distribution could be used to verify the possibility of OTP or not.

    If OTPs were made using the same method every time, some meaning could come from such an analysis, but the sample is very small. Could be fun to try.

  10. It’s a real shame that all the national news sites have entitled this story as “cracked”, the only cracking done is a primary school attempt at reading the obvious from the cipher text. “It’s not complex,” he says. – I’m sorry but if it were as simple as that then it may as well have been written in plain text!

  11. Andy: a properly random OTP should yield something resembling pure alphabetic white noise (i.e. prob(A) = ~(1/26th), etc). Hence I suspect the statistical test you would need to perform is whether the frequency distribution is sufficiently far away from pure white noise for there to be something else non-random going on, i.e. if it had the same frequency curve as English, it would almost certainly not be an OTP. Bear in mnd that many cipher systems include mechanisms for partially flattening the stats, so near-randomness in itself isn’t anywhere near proof that this was enciphered using an OTP. Basically, you can’t prove it used an OTP, you can only potentially disprove it used an OTP. All the same, the absence of a disproof would probably be quite helpful for your hypothesis! :-)

  12. Glad to see someone else reacting to this nonsense. Apparently anyone can be an expert these days, especially in areas where journalists are clueless.

    I found your blog when trying to find someone who had a believable solution to the pigeon code, rather than the Mail’s hoax. Very interesting blog and a great read, thank you. Marcus/Sweden

  13. Stuart: I’m sad to say it, but I suspect it goes to show that modern media outlets simply don’t do the fact checking they ought to. Shocking rubbish. :-(

  14. Marcus: I’ve seen a lot of non-solutions to cipher mysteries presented to me over the years, and I can say that these are almost never hoaxes. However, most claimed decryptions tend to be unable to vault even the lowest of evidential hurdles: they’re just hopeful nonsense, heartened by some superficial or accidental feature of the ciphertext that the (non-)decrypter noticed early on and took as a point of faith. There seems no obvious reason so far to think that this particular claim is any different. :-(

  15. Pingback: Pigeon Code Almost Certainly Not Broken - Enigmatic Ape

  16. Andy/Nick: w/r/t OTP statistical tests, I have computed an index of coincidence – which indicates the distance from normal English distribution – for the CT of .036. This is essentially indistinguishable from random noise. However, as Nick points out, this doesn’t in and of itself mean that it is 100% certain to be an OTP, merely that you can’t tell it isn’t one by counting.

    The ciphertext is very very short, and such statistical methods generally require a larger depth of CT in any case.

    Interestingly, the cipher discussed by Stuart Rutter on his blog would likely produce a CT which had this very characteristic. At least I think so, tests needed, etc.

    All:There is a comment on a post at the Royal Pigeon Racing Association blog where the Gord Young mentioned in the media coverage appears to have published the letter he sent to the editors of various newspapers, it is clear from the comment that he has never actually claimed to have cracked the message and that the claim it had been decoded was subsequently added by a third party, so it appears that the story is less one of ‘code claimed cracked’ and more ‘media fails at basic fact checking’.

    Same old, same old.

  17. avatar Andy Fischer on December 17, 2012 at 8:16 pm said:

    Nick, Steve: randomness is the key to OTPs, but since real randomness is difficult to obtain, all OTPs created by the same method will share this lack of randomness.

    This will be reflected in the encrypted messages, but to a much lesser extent, and maybe to small to be detected. So I am not looking to compare with the English language, but with the resulting characteristics of the methods used to create the OTPs.

    But this will most likely require much more data than available, and still not allow a definite answer.

  18. This message has all the looks of a M-209 message. The indicator group at the beginning and end. “27” is the number of groups, “1525/6” looks like a time of origin 15h25m and message #6 with that time stamp. The M-209 can successfully be broken but it normally requires quite an amount of labour and preferably a longer text… Beker and Piper: “Cipher systems, the protection of communications” has a worked example of this.

  19. Micke: that’s a bit odd – I didn’t think that the M-209’s six key wheels meshed well with the five-letter indicator key we see here. As always, I guess the real proof of the pudding would be in examining some actual ciphertexts, something which I wasn’t able to find in the National Archives at all.

  20. Andy: I think you might be missing my point, which is that the presence of a pure flat distribution (aka “real randomness”) doesn’t prove that a OTP was used. What we have here (in the pigeon cipher) is something which is better described not as “flat” but as “flattish”… but how statistically significant is the non-flatness component we apparently see in it? If we picked (discounting the first and last five-letter group AOAKN) 25 x 5 = 125 letters at random a million times, how often would the distribution be less flat than what we see in this cipher?

  21. avatar Thomas Upton on December 18, 2012 at 4:49 am said:

    I have found four plaintext words in Playfair using Code Word “France”, more particularly “Fra..e” starting with two letter groups beginning with seventh letter in the sequence. So the first five letters which begin and end the crypt, skip number 6, take seventh letter to begin pairs of letters.

    The words are PILB LE CAVE (that is, Pillbox Shelter) and HAWK SLAB (that is, Chawk Slab “shelter”).. Possible Frenchman with English as Second Language. Later an Injury to his Foot is mentioned and he is up and walking. Oh, what we want to see when we want it to appear!

    Plaintext is scant, and the rest is gibberish. Very small pickings. Tom Upton

  22. avatar Thomas Upton on December 18, 2012 at 5:06 am said:

    /6 is date, namely June 5. Compare with John F Kennedy message reporting PT 109 destruction, using code word “ROYAL NEW ZEALAND NAVY”, ending with time/date.

    Also another plaintext might be contained in the ‘FRA..E” Playfair, namely HQ YV (Headquarters YVpres) Far Fetched I think. Anyway, I am proceding with the filling of the two holes in the Code Word, FRA,,E to see whether more plaintext is forthcoming/ Tom Upton

  23. avatar Thomas Upton on December 18, 2012 at 5:11 am said:

    /6 means June 6 mistype June 5. Tom Upton

  24. Nick: The indicator group of the M-209 is a message key, randomly selected by the operator for each message. It is a five letter group, used for “priming” the converter before entering the text. The 6 wheel’s and/or pin settings are the basic setting which may be valid for a day or so. On youtube there is a multi part video showing how all this is done.

    I have no idea if the M-209 was used by the British though. Some historians must know what cipher equipment was used. The M-209 is so small it was supposed to fit in a pocket (ehrm, a rather large pocket, but still a pocket:).

  25. Hi Nick,
    Pleasant end of world. A nice Christmas days.

  26. Thanks Nick! I’ve been getting so many queries about this pigeon cipher, that I finally added a brief mention on my own “Unsolved Codes” page this week. I’m now also getting a number of “Did you hear it’s been solved” emails (sigh). I’ve basically been debunking it the same way you have, but your explanation is better, so I’ll be linking it in my messages from now on, thanks! :)

    Are you planning to go to the Crypto History Symposium in 2013? We really need someone to give a talk about “the pigeon”, if you’d like to tackle it?

  27. Elonka: good to hear from you! A talk on pigeons and ciphers would be good at the CHS 2013, as it has thrown up how little is written about the practice of cryptography in wartime. I usually say that cryptography is where things can only go wrong and cryptology is where things can only go right: but it’s just as true to say that cryptology is cryptography’s glamorous cousin. And the pigeon story seems to be about cryptography!

  28. I served at Supreme Headquarters Allied Powers in Europe (SHAPE), Paris, France with a cosmic top secret clearance from 1954 to 1956 as the lead cryptographer. Our crypto room included every crypto system from France, England and the United States.

    I have looked carefully at this message and as best as I can determine, the message fits the “Enigma” rotor class cipher of five unrelated letters, space, etc., etc. Another very important point here is the date 1944, by then, rotor class cipher machines were no larger than an attache case. Also, rule out any exotic poem type cypher as this message was from Bomber Command in the field to headquarters at Bletchley Park.

    Another point here is that it was a normal type of transmission (see the form itself) and the type that you could encrypt quickly and send it on its way. As a cryptographer, the first thing I wanted to know when I received a message was “what system?” Therefore, I believe that you start with the types of machines that were in the field in 1944 first by using AOAKN rotors for this message. Then after those rotors are in place, the operator uses HVPKD to set the rotors. Therefore, it’s possible that AOAKN is the group of rotors (system) to be used and HVPKD is the setting once the rotors are in place. The larger question is what machine?

    The reason AOAKN is repeated at the end, confirms to me that this is a particular set of rotors and the length of the message is (27) groups otherwise, why repeat it. I’m not sure what 1525/6 means but I do not believe it has anything to do with the encryption itself. Looks to me that its the time the operator finished encryption.

    Perhaps the archives at Bletchley Park will turn up something and the first place I would look is to gather all the machines w/rotors that were in use at the time (1944) and then hopefully you can find the rotors (AOAKN) that had been hand wired.

  29. avatar PETE G on March 7, 2013 at 12:48 pm said:

    May be people should be looking at the lonely Sergeant W Stot after all hes the one that wrote the message.
    Find it very interesting though.

  30. avatar Allan Chamberlain on October 6, 2013 at 9:04 pm said:

    I was trained in Cypher by the Royal Signals in the late 50s, and continued in that field at the Commonwealth Relations Office in Downing Street, London in the 60s.
    When I saw this story in the Mail last year, I told my wife that it was most likely coded with an OTLP book, and without the appropriate book, it can never, ever be deciphered or its code broken.
    I have not changed my mind..

  31. avatar Rick A. Roberts on December 7, 2015 at 5:44 am said:

    I have been working on this Pigeon Cipher. I started working on it before I found this site. I guess that the code was ciphered on a five wheel machine. From what I understand, the cipher should start and end with the same five letters (AOAKN). I have come up with the following; ” AOAKN ” = CUPPA, ” HVPKD ” = VROUW “, ” FNFJU ” = BATTY, ” YIDDC ” = ?, ” RQXSR ” = TRYST, ” DJHFP ” = WIGHT, ” GOVFN ” = OCTAV, ” MIAPX ” = PYOID, ” PABUZ ” = BIONT, ” WYYNP ” = TRAIT, ” CMPNW ” = ?, ” HJRZH ” = THIGH, ” NLXKG ” = BAYOU, ” MEMKK ” = ?, ” ONIOB ” = COACT, ” AKEEQ ” = QUEEN, ” UAOTA ” = ?, ” RBQRH ” = TRUTH, ” DJOFM ” = ?, ” TREZH ” = RELIC, ” LKXGH ” = COYPU or UNCOY, ” RGGHT = COLOR, ” JRZCQ ” = QUBIT, ” FNKTQ ” = QUART, ” KLOTS ” = SCRUB, ” GQTRU ” = DOUBT, ” AOAKN ” = CUPPA. I have not figured out what four of the remaining five letter ciphers are. I do not know what the translation of these words into something coherent is.

  32. avatar Rick A. Roberts on December 7, 2015 at 6:45 am said:

    Here is what I have come up with for the five cipher terms. ” UAOTA ” = ” BPCRP ” = HIUTI ( HAWAII AIRPORT to AIRPORT KOUVOLA, FINLAND ), ” DJOFM ” = WGT DC ( WAIT or WEIGHT WASHINGTON, D.C. ), ” YIDDC ” = TOWWU, or WWOUT, ” CMPNW ” = UDIAR, or URAID ( YOU RAID ), and ” MEMKK ” = DEDUU, DEDU’S, DEDUCE.

Leave a Reply

Your email address will not be published. Required fields are marked *

Post Navigation