Decoding the IRA (8 page)

Figure 12. Keywords encrypted with Vigenère-style substitution cipher, 6 February 1925.

 

None of the recovered keywords solved these encrypted words, so I used this programme to try everything in a list of 14,611 common words of eight or fewer letters, and then sorted them according to the ‘English-like' criterion. The best few results for the longest cipher,
FGKQ&GCYD
, were:

360 beadle
hllullede
360 potash
vversosnx
360 reptile
xlakishqi
360 volcano
bvwtaurus
360 wardrobe
chcurveda
360 wattage
chekanhve
360 where
copiedkdv
450 maxwell
shinesole
450 upstair
awdkaputt
490 bedlam
hlocatedh
490 flange
lsleglike


Of these choices, ‘bedlam' looked most promising, with the word ‘located' embedded between nulls. I tried ‘bedlam' on the other two encrypted words with complete success, getting
‘z label x'
for LIVERPOOL and ‘y scot x' for Scotland – the latter a rather uninspired choice of keyword.

Communication security practices

Any organisation with important secrets must pay serious and continual attention to its methods of protecting those secrets. The IRA from 1925 to 1928 monitored and modified their procedures in an attempt to maintain and improve their communication security. They maintained separate networks with distinct cipher keys, and used several different methods of secret communication, including at least two main types of ciphers, a code system for cables, and invisible ink. They gradually changed their cipher systems and key distribution methods over this period, apparently expecting that the newer system offered more security. Leaders transmitted messages in several different ways: by courier, by post, by cable, and even by writing them on silk and dropping them in a predetermined spot on the prison grounds.

In principle, this diversity of methods and networks and their attention to communication security should have provided strong protection against the compromise of part of the network, resulting in unravelling the whole system. However, in practice their ciphers provided much less security than some other ciphers of the day – armies in the First World War used much stronger versions of both of the IRA's basic cipher types, and their enemies broke them readily at the time. If the British had access to the IRA's cipher communications, they probably read them. Our attacks on these messages capitalised on weaknesses in the cipher systems themselves.

In addition, in many cases the IRA correspondents used poor practices, including sending the same message in more than one system; sending messages in clear asking about another specific message that they could not read; mixing encrypted messages with clear text giving hints about the subject matter; sending messages that were too long or too short for the
security of the system being used; sending many messages in the same key that could be ‘stacked' to simplify the solution; sending cipher keys in clear; and using a weak cipher and key to encrypt pages of keys for the (assumed) stronger system. Each of these ‘cipher clerk weaknesses' occurs regularly in military organisations, especially where those in charge of communications have other responsibilities. However, each of these errors offers a crack in the cipher system's armour that a cryptanalyst can enter and expand, and I took advantage of all of them in cracking these IRA ciphers.

Working with Tom on this cipher set turned out to be a massive and exciting project for me. I was able to draw on experience from having solved the Zendian Problem,
⁴¹
a large training exercise developed in the 1950s by Lambros D. Callimahos for the National Security Agency, the American code-breaking service. Both the IRA ciphers and the Zendian ciphers allowed the cryptanalyst to develop an understanding of the communication network and hierarchy while breaking the individual ciphers. I modified several of my existing programmes and wrote dozens more to deal with the eccentricities of these ciphers, and to crunch the data I used to attack the ciphers and their keys.

I
N THE END WE
were very successful. We broke nearly all of the transposition and substitution ciphers, and were able to read more of them than the original correspondents had been able to manage because of mistakes in key selection or encryption. A few messages remain undeciphered, including a transatlantic cable using a code system that cannot be solved without much more material and a munitions' list using a substitution system for the digits that we have been unable to break from the context. However, we can now read the vast majority of the encrypted material, and it has given us a rare look into the inner workings of the IRA.

Definitions

Cryptogram or cipher:
An encrypted message.

Plain text:
The letters of an original clear message that are to be encrypted for transmission.

Cipher text:
The encrypted letters comprising the concealed parts of a cipher.

Clear or clear text:
A message or part of a message sent without using encryption.

Encrypt:
To convert plain text into cipher text using processes and keys agreed on by the sender and recipient.

Cipher system:
A method for concealing plain text using individual letters of the clear message.

Key:
A piece of information shared between sender and recipient and used as part of the encryption process.

Decipher:
To convert cipher text to plain text with full knowledge of the cipher system and key.

Cryptanalysis:
The process of converting cipher text to plain text without knowing the key in advance.

Substitution:
A cipher system that replaces each letter with another.

Transposition:
A cipher system that shuffles letters without changing their values.

Hat:
A key used in a transposition cipher to shuffle the order of columns.

Caesar cipher:
A substitution cipher system that replaces each letter with the one three positions further along the alphabet, wrapping at the end so that W goes to Z, X goes to A, Y goes to B and so on. By extension, a cipher system that replaces each letter with one any fixed number of letters further along in the alphabet.

Vigenère cipher:
A substitution cipher system that uses a keyword or key phrase to encrypt each letter of plain text in turn using a Caesar cipher whose distance along the alphabet depends on the corresponding letter of the key. The key restarts repeatedly until all the plain text has been encrypted.

Atbash:
Substitution that reverses the alphabet: A for Z, B for Y and so on. Used in IRA keyword substitution for Vigenère-style cipher.

Null:
An extra letter added to the plain text in an attempt to improve the security.

Dud:
In the IRA columnar transposition cipher system, a column of nulls used to improve the security.

Code:
A cryptographic system for concealing plain text using complete words, phrases or sentences of the clear message.

CHAPTER 2

The IRA's system of communications

Send gelignite and detonators at once to … Mrs Coady, 5 Glegg Street, off Great Howard Street, Liverpool. Messenger will say stuff is for Mr Kucas.

IRA chief of staff to the IRA in Scotland

Mr Cowan, Catholic Young Men's Society, 9 and 10 Harrington Street, Dublin.

Covering address for the delivery of IRA despatches

The IRA had a sophisticated communications system enabling it to safely send messages and orders, not only throughout Ireland, but also to Britain, the continent and America. In addition, it was able to keep in contact with IRA volunteers in prison. In each circumstance, the mode of communication depended on an appropriate balance between security, and speed and ease of communication. The most highly confidential despatches were encrypted.

There were three key components to the communications network: the message itself, the method or courier used to transmit the information, and the recipient or the address designated to accept the information. The director of communications at GHQ had overall responsibility for the system.

IRA despatches

The organisation took great care to guard its communications and adhered to Earl Long's famous dictum: don't write anything you can talk, don't talk anything you can whisper, and don't whisper anything you can wink.
¹
The result is that the decryption of these documents is of significance – they are one of the few sources of contemporaneous uncensored and secret IRA communications.

The most secure way to send a message was verbally. And in the majority of situations Moss Twomey and his officers would have passed on
their orders in this way. As the IRA's director of intelligence reminded the intelligence officer in Waterford: ‘Highly confidential reports must be sent verbally, not even in cipher.'
²
Connie Neenan in New York wrote to Moss Twomey in cipher saying he would send him a report by way of Art O'Connor, the leader of Sinn Féin, who was on his way back to Ireland:
‘[I] have such a large report to make on [our] position [that I] will give all to Art O'Connor verbally for transmittance [to you]. He will be able to describe more explicitly.'
³
The drawback in using O'Connor was that he wasn't a member of the IRA and couldn't have been trusted with the most confidential information.

Right from its inception the IRA created a vast amount of documentation – covering topics ranging from meeting minutes to reports on attacks, along with myriad administrative issues. During the Anglo-Irish War and the Civil War there were several large seizures of papers, resulting in numerous arrests of IRA men named in the documents. Indeed in the Anglo-Irish War the British forces' two best sources of information on the IRA were captured documents and the interrogation of prisoners.
⁴

Over time, the IRA became more cautious. They stopped using their members' real names in despatches, referring to them only by rank or by using initials or a pseudonym, while sensitive matters were discussed in an indirect or cryptic manner. On occasion this could be so successful that even the intended recipient didn't know what the message meant. In 1927 the IRA's commander in Britain, George, wrote to Moss Twomey: ‘K. clothes has arrived safely in Dublin' and Twomey replied ‘re. K. clothes: I do not understand the note'.
⁵
Later George sent another cryptic note to Twomey, this time also in cipher:
‘[the] printer [is] not available at present. [His] assistant printed and gave me 1,000 copies today'
.
⁶
Luckily for us (or we would never have come to know what it meant), Twomey sought clarifcation:
‘[I] presume “copies” stand for pounds and “printer” is James'. To which George replied: ‘sorry for not making [the] message clearer in my last letter. Cash is correct'
.
⁷
By corroborating and referencing with other documents, I was able to deduct that ‘James' was a Soviet intelligence officer in Britain. And therefore George was giving Twomey news that the Soviets had just handed him £1,000 for the IRA.

Of the thousands of IRA papers that I've looked at, only a small percentage
were in secret cipher or code. And these are predominately from 1926 and 1927, with a small number from 1925 and 1928. In the papers dated 1925 the IRA used a less sophisticated form of cipher and tended to only encrypt a few critical words in the document, whereas by 1926 they regularly wrote all the text in cipher. Why are the documents mainly from these years?

Figure 13. The IRA's commander in Britain, ‘HS', wrote to Moss Twomey informing him that a Soviet officer in London had given him £1,000 for the IRA. This is an example of a highly cryptic communication.

[The] printer [is] not available at present. [His] assistant printed and gave me 1,000 copies today. Will you call, or send for these? Write and let me know, when you are calling and I will see you at your hotel.

The printer was the Soviet agent ‘James', while copies stood for pounds.

 

There are a number of possible explanations. Firstly, in July 1925 the gardaí in Dublin captured the IRA's director of intelligence, Michael Carolan, along with a large haul of intelligence files.
⁸
This debacle may have spurred his successor Frank Kerlin to improve security procedures and to place greater reliance on cipher. Secondly, also in the summer of 1925, the IRA reached an agreement with the Soviet Union to carry out espionage in Britain and America in return for payment. This work was one of the most highly classified of all IRA operations and necessitated the use of cipher. Furthermore, Soviet intelligence officers may have trained IRA officers
in cryptography, as the Soviets had more to lose than the IRA from public exposure of the connection. It's likely that the alliance with the Soviets was terminated or downgraded after a few years and this would in turn have decreased the IRA's need to rely on cipher. Thirdly, the IRA elected a new leadership in November 1925 and, being anxious to revive the organisation, they may have seen a greater need for secrecy. Finally, there is evidence that there are other IRA documents in cipher in private hands, but that the papers James Gillogly and I worked on just happen to be those that made it into a collection open to researchers.