Over 170,000 people are part of the Sophos community on Facebook. Why not join us on Facebook to find out about the latest security threats.
Hi fellow Twitter user! Follow our team of security experts on Twitter for the latest news about internet security threats.
Already using Google+? Find us on Google+ for the latest security news.
If you were taken prisoner and wanted to send messages home right under your captors' noses, what would you do?
You don't have access to a computer or email, not only because you're a captive, but because they haven't been invented yet.
You know that your captors will only let your letters out if you write convincingly and fluently about largely inconsequential things, and give a positive impression of how they are treating you.
And you know that if your letters too obviously contain a secret subtext, you might be shot, or worse.
Worse than being shot because the enemy might let you carry on writing letters for a while, milking them for intelligence about your countrymen and your fellow captives, and then shoot you and your chums.
? That's what happened to Mary, Queen of Scots, though she was beheaded, not shot, and her co-conspirator Babington was hanged. Elizabeth's spymaster Walsingham was able not only to read their traitorous correspondence but also to forge messages of his own to extract more information from the conspirators.
If you were a British captive in a Nazi prison camp during the Second World War, like Sub Lieutenant John Pryor of the Royal Navy, you might well have used a code devised by No. 9 Intelligence School.
Selected officers were trained before leaving Britain in what we would today call steganography, the art of hiding one message inside another.
As a trained steganographer, you had a code number, such as 45, which told the decoding staff to skip four words ahead, then five, then four, and so forth, when extracting the hidden text from your letters.
This gave a competent coded letter writer just enough "noise words" to create a fluent and believable narrative to surround the secret message.
It's not as easy as it sounds.
Let's try it out with this fiften-word bulletin:
INCREASED RAILWAY MOVEMENTS WITH 24 HOUR ARTILLERY AND AIR COVER, GUARD DOUBLED, BUNGALOWS SEARCHED DAILY
To make things a little less obvious to the German censors, the words from the hidden message were written out of order.
You imagined a rectangle made up of sufficiently many imaginary tiles to hold your message, say 5x3 for a 15-word message.
You mentally filled the rectangle diagonally, moving upwards from the bottom right, with the numbers 1 to 15.
Then you inserted the secret words into your letter in the numeric order given by reading the rectangle naturally from top to bottom.
If your code number was 45, your codewords would be inserted as the fourth word, then five words further on, then four, and so on.
So, your cover letter would need to cushion and contain the secret message as follows:
. . . DAILY . . . . SEARCHED . . . DOUBLED . . . . AIR . . . HOUR . . . . BUNGALOWS . . . GUARD . . . . AND . . . 24 . . . . MOVEMENTS . . . COVER . . . . ARTILLERY . . . WITH . . . . RAILWAY . . . INCREASED
Give it a go! By adding just 52 words of your own, see if you can write a convincingly innocent-sounding paragraph about your most recent week at work.
? If you take on the challenge, why not post your paragraph as a comment below? (You can post anonymously if you like.) But be warned: it's harder than it looks!
What we now call in-band signals were used for four special purposes:
You signalled the size of your word-order rectangle by the lengths of the first two words in your letter, such as opening with Every day to signify a 5x3 rectangle and thus a 15-word secret message.You used the codeword the to switch from codeword mode into "spelling" mode, a special but cumbersome system for spelling out words that could never realistically appear in a letter home.
Did the system work?
Apparently, it did, because academics at the University of Plymouth have just decoded a message sent by the abovementioned Lt. Pryor from his captivity at the Marlag und Milag Nord prison camp in Northern Germany.
What we don't know, of course, is whether the secret messages in a cache of letters now kept as a memoir by John Pryor's son, Stephen, were ever successfully decoded by MI9.
That still really is a secret!
Follow @duckblog
