Poem code


The poem code is a simple, and insecure, cryptographic method which was used by SOE to communicate with their agents in Nazi-occupied Europe.
The method works by the sender and receiver pre-arranging a poem to use. The sender chooses a set number of words at random from the poem and gives each letter in the chosen words a number. The numbers are then used as a key for some cipher to conceal the plaintext of the message. The cipher used was often double transposition. To indicate to the receiver which words had been chosen an indicator group is sent at the start of the message.

Description

To encrypt a message, the agent would select words from the poem as the key. Every poem code message commenced with an indicator-group of five letters, which showed which five words of an agent's poem had been used to encrypt the message.
The words would be written sequentially, and their letters numbered to create a transposition key to encrypt a message. For example, if the words are YEO THOMAS IS A PAIN IN THE ARSE, then the transposition key is: 25 5 16, 23 8 17 13 1 20, 10 21, 2, 18 3 11 14, 12 15, 24 9 6, 4 19 22 7. These are the locations of the first appearances of A's, B, etc. in the sentence.
This defines a permutation which is used for encryption. First, the plaintext message is arranged in columns. Then the columns are permuted, and then the rows are permuted.
For example, the text "THE OPERATION TO DEMOLISH THE BUNKER IS TOMORROW AT ELEVEN" would be written on grid paper as:

TPTTMSEKSOWLN
HEIOOHBETRAEA
ERODLTURORTVX
OANEIHNIMOEET

The above transposition key requires longer messages which would have at least 25 columns and 25 rows.
As an additional security measure, the agent would add prearranged errors into the text as security checks. For example, there might be an intentional error in every 18th letter. This was to ensure that, if the agent was captured or the poem was found, the enemy might transmit without the security checks.

Analysis

The code's advantage is to provide relatively strong security while not requiring any codebook.
However, the encryption process is error-prone when done by hand, and for security reasons, messages should be at least 200 words long.
The security check was usually not effective: if a code was used once intercepted and decoded, any security checks were revealed and could often be tortured out from the agent.
There are a number of other weaknesses
When Leo Marks was appointed codes officer of the Special Operations Executive in London during World War II, he very quickly recognized the weakness of the technique, and the consequent damage to agents and to their organizations on the Continent, and began to press for changes. Eventually, the SOE began using original compositions to give added protection. Frequently, the poems were humorous or overtly sexual to make them memorable. Another improvement was to use a new poem for each message, where the poem was written on fabric rather than memorized.
Gradually the SOE replaced the poem code with more secure methods. Worked-out Keys was the first major improvement – an invention of Marks. WOKs are pre-arranged transposition keys given to the agents and which made the poem unnecessary. Each message would be encrypted on one key, which was written on special silk. The key was disposed of, by tearing a piece off the silk, when the message was sent.
A project of Marks, named by him "Operation Gift-Horse", was a deception scheme aimed to disguise the more secure WOK code traffic as poem code traffic, so that German cryptographers would think "Gift-Horsed" messages were easier to break than they actually were. This was done by adding false duplicate indicator groups to WOK-keys, to give the appearance that an agent had repeated the use of certain words of their code poem. The aim of Gift Horse was to waste the enemy's time, and was deployed prior to D-Day, when code traffic increased dramatically.
The poem code was ultimately replaced with the one-time pad, specifically the letter one-time pad. In LOP, the agent was provided with a string of letters and a substitution square. The plaintext was written under the string on the pad. The pairs of letters in each column indicated a unique letter on the square. The pad was never reused while the substitution square could be reused without loss of security. This enabled rapid and secure encoding of messages.