Poem code

To encrypt a message, words are selected from a poem to form the key. Every poem-encoded message commences with an indicator group of five letters, whose positions in the alphabet indicate which five words of the poem were used to encrypt the message. For instance, if the poem is the first stanza of "Jabberwocky":

The five words the, wabe, toves, twas, and mome could be selected, at positions 4, 13, 6, 1, and 21 in the poem, and be described with the corresponding indicator group DMFAU. The five words are written sequentially and their letters numbered to create a transposition key for encrypting the message. The letters are numbered alphabetically and sequentially in order of appearance, and any absent letters are skipped. In the example of the wabe toves twas mome, the two A's are numbered 1 and 2; the B is numbered 3; there are no C's or D's; the four E's are numbered 4, 5, 6, 7; there are no G's; the H is numbered 8; and so on. This results in a transposition key of 15 8 4, 19 1 3 5, 16 11 18 6 13, 17 20 2 14, 9 12 10 7.

This defines a permutation which is used for encryption. First, the plaintext message is written in the rows of a grid that has as many columns as the transposition key is long. Then the columns are read out in the order given by the transposition key. For example, the plaintext "THE OPERATION TO DEMOLISH THE BUNKER IS TOMORROW AT ELEVEN RENDEZVOUS AT SIX AT FARMER JACQUES" would be written in a grid, along with the transposition key numbers, as:

15 8  4  19 1  3  5  16 11 18 6  13 17 20 2  14 9  12 10 7 
T  H  E  O  P  E  R  A  T  I  O  N  T  O  D  E  M  O  L  I
S  H  T  H  E  B  U  N  K  E  R  I  S  T  O  M  O  R  R  O
W  A  T  E  L  E  V  E  N  R  E  N  D  E  Z  V  O  U  S  A
T  S  I  X  A  T  F  A  R  M  E  R  J  A  C  Q  U  E  S  X

The columns are then read out in the order specified by the transposition key numbers:

PELA DOZC EBET ETTI RUVF OREE IOAX HHAS MOOU LRSS TKNR ORUE NINR EMVQ TSWT ANEA TSDJ IERM OHEX OTEA

The indicator group (DMFAU) is then prepended, resulting in the ciphertext:

DMFAU PELAD OZCEB ETETT IRUVF OREEI OAXHH ASMOO ULRSS TKNRO RUENI NREMV QTSWT ANEAT SDJIE RMOHE XOTEA

In most uses of code poems, the process of selecting an indicator group and transposing the text was repeated once (double transposition) to further scramble the letters. As an additional security measure, the agents would add prearranged errors into the text as security checks. For example, there might be an intentional error in every 18th letter to ensure that, if an agent was captured or a poem was found, the enemy might transmit messages without typos, revealing the code's discovery.

The code's advantage was that it provided relatively strong security without requiring any codebook. However, the encryption process was error-prone when done by hand, and for security reasons, messages should be at least 200 words long. The security check was usually not effective: if a code was used after being intercepted and decoded by the enemy, any security checks were revealed. Further, the security check could often be tortured out from the agent.

There were a number of other weaknesses. Because poems were re-used, if one message was broken by any means (including threat, torture, or even cryptanalysis), past and future messages were readable. If the agent used the same poem words to send a number of similar messages, these words could be discovered easily by enemy cryptographers. If the words could be identified as coming from a famous poem or quotation, then all of the future messages submitted with that poem code could be read. The German cryptographic units were successful in decoding many of the poems by searching through collections of poems. Since the poems used had to be memorable for ease of use by an agent, there was a temptation to use well-known poems or poems from well-known poets, further weakening the encryption (e.g., agents often used verses by William Shakespeare, Jean Racine, Alfred Tennyson, Molière, and John Keats).