As used by the British Army and as instructed by the War Office on the 5th November 1943.
Apologies for the length of this post, I didn't want to sacrifice any key information by providing an abridged version, so here it is in its entirety. There is a working example of the Double Transposition Cipher at the end of this post.
The reference material used in this post can be found at the National Archives in Kew, WO 193/211 - Policy and Codes for Cipher Communications.
Addressed to the Allied Forces, 21st Army, and the British Armed Forces in general.
In order to ensure smooth and rapid co-operation of formations and units transferred from one theatre to another, or between forces of different theatres which effect a junction during operations, the provisions of a standard Low Grade Cipher for use throught the Army, at any one time, is considered essential. This is borne out by experience during recent operations.
It has, therefore, been decided to adopt the Low Grade Cipher. The neccessary documents are being issued to all commands concerned at the earliest possible date, and the cipher will be taken into use in each theatre as soon after this as practicable, bearing in mind that in all units which require to hold this Cipher at least on officer and four other ranks will require to be conversant with its use.
No other Low Grade Cipher will be used without previous reference to the War Ofiice, but this will not proclude the use of such codes as the Map Reference and Slidex codes etc as may be authorised from time to time for communications other than those which require to be wholly enciphered.
This Low Grade Cipher will be used by the headquarters of all units and formations, not possessing a common higher grade cipher, for tactical messages dealing with operations, movements and administrative plans likely to be effective in the near future. Those messages dealing wth plans or operations scheduled to take effect after more than 48 hours will not be sent by wireless unless a medium or hgh grade cipher is available.
Whilst in actual contact with the enemy, when speed is of more importance than security, messages dealing with the immediate future may be passed by forward units in clear, but in this event formations and units will invariably be referred to by their code signs.
Provisional Instructions for the use of Army Low Grade Cipher
"Double Transposition" uses the actual letters of the message to be enciphered , simple letter-equivalents being substituted for figures and punctuation before enciphering is begun. The order of the letters is then changed in a complex manner, according to a definite plan, by the encipherer and restored in due course, using the same plan, to its original form by the decipherer. It is simple but demands painstaking accuracy as the only sure check that enciphering is correct is the complete decipherment of the cryptogram. If it is used correctly, this cipher provides sufficient security for the type of traffic it is intended to carry.
The method is demonstrated below.
Under a row of numbers in a pre-arranged jumbled order, called a "transposition key", write the clear text, say "Intense enemy artillery bombardment", row by row.
Count the number of letters (32 in this case).
Now take out the letters vertically, column by column taking column header 1 first, then column headed 2, and so on and write the results horizontally, row by row, under a second pre-arranged transposition key.
Count the number of letters. This must agree with the count in (ii) above.
Finally, take out the letters vertically, column by column, as in state (ii) and write the result in groups of five letters, this:-
MINNE MEIRB YESRR EELIY ATONE EMTTD AN
Count the numer of letters. This must agree with the counts made in (ii) and (iv) above.
If the last cipher group contains less than five letters it will on no account be completed to a five-letter group.
Write out the second transposition key and construct beneath it a "cage" that will exactly hold the letters of the cryptogram. This is done by dividing the number of letters in the text by the key length of the transposition key. The "quotiant" is the number of complete rows required and the "remainder" is the number of squares required in the bottom line. The unwanted squares MUST BE BLOCKED OUT. In the example given the key length is 7 and there 32 letters in the cryptogram. A cage of four complete rows and the four left had squares in the fifth row (the remaining three square being blocked out) is therefore required. In this cage write the cryptogram vertically column by column beginning with column headed 1, then column headed 2 etc, in the order given by the transposition key unitl all the letters of the cryptogram have been written in the cage.
Write out the first transposition key and construct beneath it a cage to hold 32 letters. The key length being 9, three complete rows and the first five squares of the fourth row are required, the last four squares being blocked out. In this write out the rows of letters from the cage in (i) vertically column by column beginning with column headed 1, then column headed 2 etc, in the order given by the transposition key until all the letters of the cryptogram have been written in the cage.
The clear text can now be read off horizontally row by row.
Note. Counting the letters at every stage is the only possible check of accuracy and it must never be ommitted.
Both enciphering and deciphering will normally be carried out on squared paper (2" squares) which will be issued in pads for the purpose. As a temporary expedient, however, any thin foolscap paper can be used if it is laid over a "master sheet" made of stout paper ruled int 2" squares with heavy ink lines.
Transposition Key Book
The pair of keys will be varied for each message and will be taken from the Transposition Key Book (BX 790) issued by the War Office. This book will contain 1,000 different keys numbered serially from 000 to 999. Each key will contain between 26 and 25 numbers. The first hundred keys will contain 26 numbers each, the next hundred 27 numbers and so on. The layout of the book is shown in Appendix B.
Transposition Key Indicator List
It is necessary to give each message an indicator to show the decipherer which pair of keys has been used. This indicator is a four-figure number, which will be written in clear, (it must NOT be enciphered), at the beginning of the cipher text and repeated at the end of the cipher text as a check, also in clear. The indicator for each message and the corresponding pair of keys to be used will be taken from one of the two columns of the Transposition Key Indicator List also issued by the War Office, a specimen of which is given in Appendix C. It will be seen that this document consists of columns of four-figure indicators followed by a two-letter combination on one of two columns headed "Army" and "Divisional" respectively. Those two letters, when looked up in the Daily Key Allocation List, give the pair of transposition keys to be used from the "Transposition Key Book".
Divisions, and units and formations under their command, will use indicators having their equivalent letters in the "Divisional" column to encipher messages, other users will take indicators having their equivalent letters in the "Army" column. The Chier Cipher Officer in the theatre may, however, vary this arrangement at his discretion.
Every indicator used, whether for enciphering or deciphering, will be marked and must on no account be used again for enciphering on the same day. Indicators will be chosen at random and NOT used in sequence.
Daily Key Allocation List
The pair of keys to be used for a given indicator will be changed daily by means of a Daily Key Allocation List a specimen of which is given at Appendix D. This will be used to translate the pairs of letters taken from the Transposition Key Indicator List into keys from the Transposition Key Book in the following way. (The appendices have been used to illsutrate the method). Suppose the Indicator 7928 is choden from the "Divisional" column of the Transposition Key Indicator List for a message enciphered on 1st September. The corrsesponding letters are SQ. In the Daily Key Allocation List, in the column headed 1 Sep, find the number corresponding to S and the number corresponding to Q: these are 002 and 996 respectively. Then key number 002 from the Transposition Key Book will be used for the first transposition of the message and key number 996 for the second transposition of the message. For a message enciphered on 6th September with the same indicator the keys used would be number 336 and number 763 respectively.
"Daily Key Allocation Lists" will be produced by (a) all divisional Cipher Officers and, (b) suhc other Cipher Officers as the Chief Cipher Officer of the theatre may order, for the use of their own offices and those formations and units for which they are responsible. Each list will normally contain allocations for the not more than seven days, but in forward areas it should be limited to three days, if possible. At least one spare list containing allocations for seven days will be kept in readiness for immediate issue in case of an emergency. The list which is to be taken into use immediately after the current one may be held at brigade or equivalent headquarters.
Details of an emergency method of using this cipher will be issued in due course. In the interim, cipher officers who issue Daily Allocation Key Lists will also issue to all holders for whom they are responsible an Emergency Key Allocation List which will contain allocations for two days. This list will be issued in a sealed envelope bearing instructions that it will be kept apart from all other lists and will not be opened until orders are recieved that the emergency list is to be taken into use. The method by which emergency lists are to be brught into use will be laid down by the senior cipher officer of the force.
The address "from", date-time of origin, addresses "to" (both "action" and "information"), the originator's number and any reference number quoted which immediately follows it will be enclosed within brackets and will be inserted at a convenient point in the text (not at the beginning or end) and enciphered at that point. THe decipherer wll restore these details to their correct places on the message form. "Action" addresses will be separated from "Info" addresses by "rptd" (repeated).
Stereotyped beginnings and endings
Beginnings such as "situation", "sitrop", "following", "reference" and endings such as "ack" and "all informed" are dangerous. Sterotyped beginnings will be enciphered with the concealed addess between the last item of the concealed address and the closing bracket and restored to their correct place by the decipherer. In the same way sterotyped endings will be placed in brackets, near, but not at, the end of the message before enciphering is begun and restored to their correct places by the decipherer.
No cryptogram of a message (or part of a message sent as a separate cryptogram) will contain less than 40 letters. Messages containing fewer letters will be made up to more than forty by adding vowels (A, E, I, O or U) at the end of the clear text, before the enciphering is begun. The insertion of these vowels after enciphering will render the whole message undecipherable. The vowels must be added in jumbled order and the practice of making up a message to exactly 40 letters will be avoided. The whole message, including the added vowels will then be enciphered in the normal way.
Not more than 300 letters will be enciphered on one pair of keys. If a message requires more than 300 letters it will be divided into convenient parts, each containing less than 300 letters and each part will be enciphered as if it were a separate message with a new indicator and the corresponding keys. The addresses and date-time of origin will be enciphered in the first part only as laid down in para 10. Near, but not at, the end of the first part, "Part two follows" will be inserted within brackets and enciphered with the rest of the message. In succeeding parts the reference number, date-time or origin and "part …" will be inserted, within bracets, near, but not at, the beginning of the part and "part … follows" will be inserted, within brackets, near, but not at, the end of the part. These two items will then be enciphered with the part. The last part will be identified by the addition of the words "and last" after the part number.
At the end of the cryptogram, immediately after the repeated indicator, the number of letters in the message (or message part) will be written followed by the day of the month on which enciphering was begun. The two numbers will be separated by an oblique strike, e.g. 179/12 will indicate that there should be 179 letters in the cryptogram and that enciphering began on the 12th day of the month. Before the deciphering of a message is begun the number of letters stated will be checked by a count of the numbers of letters actually in the cryptogram.
Numbers and punctuation
0 (ZERO) and the numbers from 1 to 10 inclusive when they occur singly will be spelt out. For all other numbers the figures will be replaced by two-letter groups, using the table given below, before enciphering is begun.
0 BG 5 SX
1 JR 6 WF
2 KL 7 DQ
3 TC 8 PV
4 NH 9 ZM
When it is necessary, in order to prevent confusion, to separate two numbers which have been encoded using this table, e.g. pt 76 3582, the word SPACE will be inserted in the appropriate place, thus:- DQWFSPACETCSXPVKL.
Punctuation will be replaced by the groups given below before enciphering is begun.
Full stop SSS Dash or Hyphen NNN
Bracket RRR Oblique Stroke TTT
It will be seen from the above that no figures or punctuation signs will appear in the cipher text.
The following security precautions will be observed.
Each sheet of square paper will be marked "SECRET" as soon as it is taken into use for either enciphering or deciphering.
Indicators from the Transposition Key Indicator List, their two-letter equivalents and key serial numbers from the Transposition Key Book will NOT be written on the squared paper nor on any other pieces of loose paper.
Sheets of squared paper on which enciphering or deciphering has been carried out will be carefully safeguarded until there is no likelihood of a "check and repeat" and then burnt. No sheet will be retained for more than 24 hours. These sheets will on no account be allowed to accumulate.
Daily Key Allocation Lists will be destroyed column by column. As soon as a column is 48 hours out of date it will be cut from the sheet and burnt.
The compromise, or suspected compromise of any documents used for Low Grade Cipher (Double Transposition) will be reported immediately to the issuing authority who will take the necessary steps to restore security.
If a situation develops in which there is a possibility that Low Grade Cipher (Double Transposition) documents will fall into enemy hands, they will be burnt in the following order AND NO OTHER.
- All Daily Allocation Lists
- All used sheets of squared paper
- Sealed envelopes containing Emergency Key Allocation Lists
- All Transposition Key Indicator Lists
- All Transposition Key Books
An illustration of the enciphering of a message follows. The indicator and the equivalent transposition keys used are taken from Appendices B, C, and D, and have already been used as an example in para 5.
Example usage of Double Transposition Cipher
Warning Order(.) 2 KOSB at 12 hrs notice move to conc area WEST of SLEEPY HOLLOW J7163(.) Details route and timings follow(.) Bn rep will report this HQ immediately(.) ACK
7928 TXTOC RLEER GHYOR
OIAEB SSLHD NLLJY IPMES
RJKSR DTINV ERMTD RMRTN
JEWIE TRPTA VLKRR RRNDB
DORDV UGEWT FAAGO DSCER
SHWKO TRHQE OSNFR RESBL
CLEWR LEWBL OISEL OJPRR
JASCS NRRCA TITTW NDHOS
WIGAE IPOAO TOIFT RTCJO
OMSTK GLBSC PRQHR VIRSN
SSLFK WN 7928 202/1