In the peculiar annals of interwar intelligence, few episodes better illustrate the intersection of human frailty and state security than the evolution of Soviet encryption between the world wars. The story involves poetry, vodka, and one of cryptography’s most colorful characters – Ernst Fetterlein, the former Czarist chief cryptanalyst who walked across the Finnish border during the Revolution to join British intelligence.
The Soviets’ cryptographic journey from 1920-1928 showcases a remarkable evolution. They began with surprisingly basic columnar transposition[1] of Russian plaintext, moved to dinomic substitution[2] before transposition[3] in late 1920, then progressed through increasingly complex systems. One of these systems fell to British cryptanalysts from a simple literary connection. When Fetterlein couldn’t figure out the keys using Russian letters, Tiltman discovered they were actually from an obscure out-of-print pocket edition of poems by George Wither, a prolific 17th-century English poet. Tiltman noted:
I do not remember the method of indicating keys, but I know it was simple and that, after finding the source book, we were in a position to decrypt DELEGAT messages as soon as the intercepts reached us.
By 1928, the Soviets finally adopted one-time pads (OTP), using two specific formats where messages over 1100 figures had to be split into parts. The pads were used “boustrophedon” style (from ancient Greek, meaning like an ox turning while plowing), and critically, operators were officially permitted to use each pad twice but no more. This policy had been built into their procedures from the beginning in 1928, not as a wartime compromise as long believed:
275-figure pad (11 lines × 5 groups of 5 figures) for messages up to 550 figures: 12345 12345 12345 12345 12345 → 54321 54321 54321 54321 54321 ← 12345 12345 12345 12345 12345 → 54321 54321 54321 54321 54321 ← 12345 12345 12345 12345 12345 → 54321 54321 54321 54321 54321 ← 12345 12345 12345 12345 12345 → 54321 54321 54321 54321 54321 ← 12345 12345 12345 12345 12345 → 54321 54321 54321 54321 54321 ← 12345 12345 12345 12345 12345 → 550-figure pad (11 lines × 10 groups of 5 figures) for longer messages: 12345 12345 12345 12345 12345 12345 12345 12345 12345 12345 → 54321 54321 54321 54321 54321 54321 54321 54321 54321 54321 ← 12345 12345 12345 12345 12345 12345 12345 12345 12345 12345 → 54321 54321 54321 54321 54321 54321 54321 54321 54321 54321 ← 12345 12345 12345 12345 12345 12345 12345 12345 12345 12345 → 54321 54321 54321 54321 54321 54321 54321 54321 54321 54321 ← 12345 12345 12345 12345 12345 12345 12345 12345 12345 12345 → 54321 54321 54321 54321 54321 54321 54321 54321 54321 54321 ← 12345 12345 12345 12345 12345 12345 12345 12345 12345 12345 → 54321 54321 54321 54321 54321 54321 54321 54321 54321 54321 ← 12345 12345 12345 12345 12345 12345 12345 12345 12345 12345 →
This brings us to the rather spectacular case of cipher clerks Kotlov and Serafimowich in 1926 Kabul. Serafimowich’s frequent hangovers led to so many encryption errors that Moscow mandated all messages be signed by the encrypting clerk. This well-intentioned administrative solution spectacularly backfired – the signatures provided British analysts with precisely the known-plaintext material they needed. When Serafimowich himself later decrypted orders for his own recall to Moscow over questionable papers, he fled to the British Embassy but was turned away. As Brigadier Tiltman notes in his recently declassified papers, he was “never heard of again.”
Yet even with these procedural vulnerabilities, Tiltman’s documents reveal something surprising – British cryptanalysts “were hardly able to read anything at all except in the case of one or two very stereotyped proforma messages.” The theoretical strength of the one-time pad still made decryption extremely difficult, even when used twice.
The ramifications would echo through cryptographic history. Operation Venona’s later success in breaking these reused pads became one of cryptanalysis’s first major computer applications, ultimately exposing Soviet agents like Blunt and Cairncross.
Over 100 Security Service (MI5) files are being released today [14 January 2025] covering a wide range of subjects and individuals. Most notably, the files offer fresh perspectives on notorious members of the Cambridge Five spy ring, namely Anthony Blunt, Kim Philby and John Cairncross.
The “two-time pad” problem may have helped shape modern information theory itself. Claude Shannon’s groundbreaking post-war papers establishing the mathematical foundations of cryptography likely drew inspiration from the practical challenge of quantifying exactly why a one-time pad was secure but a two-time pad catastrophically weak.
The serious implications for modern national security systems remain stark: mathematical perfection means little without robust operational security. The Soviets’ experience shows how administrative decisions and human reliability issues can compromise even theoretically unbreakable systems. Their requirement for cipher clerks to sign their work, like artists initialing a canvas, transformed a personnel management solution into a critical cryptographic vulnerability.
As we consider contemporary challenges in vetting national security roles, this history serves as a pointed reminder: institutional failures to properly handle personnel reliability issues can cascade into catastrophic failures. Though the specific technologies have changed, the fundamental challenge remains: a security system is only as strong as its human operators and the procedures governing them.
The Soviet Union’s cryptographic evolution through the 1920s demonstrates a typical progression from basic to multi-layered:
[1] Columnar Transposition
A message is written in rows of fixed length to form columns, which are then rearranged using a numeric key. For example, with key “3142” the message “SEND SUPPLIES” becomes:
3 1 4 2 S E N D S U P P L I E S
Reading columns by key order (1,2,3,4) produces: “EUI DPS SSL NPE”
[2] Dinomic Substitution
Plaintext letters are first paired (e.g., SE ND SU PP LI ES) and each pair is then substituted as a unit using a conversion table. This approach conceals single-letter frequency patterns that plague simple substitution. For instance:
- SE → KR - ND → MY - etc.
[3] Combined Method
This advanced technique applies both methods sequentially:
- Applying dinomic substitution
- Performing columnar transposition
The combination strengthens the encryption in two ways:
- Substitution masks letter frequencies
- Transposition scrambles positional patterns
This progression through increasingly sophisticated encryption methods reveals how deeply British signals intelligence had penetrated Soviet-Afghan diplomatic communications. The radio intercept stations at Cherat (above Peshawar) and Pishin in Baluchistan were particularly focused on monitoring traffic between Moscow-Kabul and Moscow-Tashkent, providing significant advantages in managing regional power dynamics and potentially influencing events covertly (e.g. King Amanullah Khan’s overthrow).
In the fall of 1925 the Government of India sent a column (known as the WANA column) to the northwest frontier to occupy Waziristan to deal with unrest among the northwest tribes, a more stormy situation than usual. Stark, the Russian Ambassador in Afghanistan, sent a cipher telegram to Moscow in which he inquired what joint action was proposed between the Russian and Afghan Governments “in view of the occupation of Waziristan (W Widu Okkupacii Waziristana).” Our interpreter, who was quadriligual in Russian, English, French and German, but not outstandingly literate in any one of them, translated this—”with a view to the occupation of Waziristan.” The intelligence branch of Army Headquarters was in Delhi, and we were in Simla, and there was a day of near crisis in Delhi before someone, realizing that it would take something like six months for Russians and Afghans to join forces over the Hindu Kush, queried the translation back to us.
The WANA column incident perfectly illustrates how signals intelligence capabilities needed to be balanced with practical regional knowledge. While the British intercept stations could successfully capture and decrypt Soviet diplomatic traffic, the true value of this intelligence depended on accurate translation and interpretation by cooler heads. In this case, a simple preposition mistranslation nearly triggered a crisis until those familiar with the Hindu Kush’s geography could provide crucial context about the practical impossibility of rapid Soviet-Afghan military coordination.