A Wish to End Hunger from Wartime Experience in a Crypto Unit of the Author of Anpanman

Anpanman is the hero of a popular Japanese picture book series for kids. Its creator, Takashi Yanase (1919-2013), served in a crypto unit in the Japanese Army during WWII. I uploaded a short article in Japanese about his wartime career.
I found this by googling because I recently learned in a TV serial inspired by the lives of Yanase and his wife that what seems to be a childish episode (like giving out anpan, a sweet bun filled with red bean paste) is actually rooted in his deep desire to end hunger in the world.
Yanase's crypto unit did not go through intense combat during the war but suffered greatly by starvation. Yanase once said he wanted to convey the message that "you can end hunger by sharing and you can live together even with people you don't like".

(Photo taken by my son in 2023.)

Correspondence between Emperor Ferdinand III and Governor of the Spanish Netherlands (1634, 1635, 1640)

I updated "Unsolved Historical Ciphers" with information I mentioned in the last few posts and further added entries about Emperor Ferdinand III.

An Undeciphered Transposition Cipher of William Perwich, an English Agent in Paris (1670)

An undeciphered ciphertext in a letter from William Perwich to Lord Arlington, Paris, 9 April 1670 NS (TNA SP78/129, f.180) is presented in a blog post of The National Archives (TNA). (I thank Norbert Biermann for drawing my attention to this last month.) It appears to be a transposition cipher, given the letter frequencies as well as the occurrence of abbreviations such as ye(=the) or yt(=that).

My transcription of the ciphertext is here, which is slightly different from the version given on the TNA blog. I grouped some letters (e.g., "QR" on the first line and the second last line) but I'm not so sure of this. Actually, without such grouping, there are exactly 500 elements (excluding the last "likelyhood"), which is plausible in a transposition cipher, suggesting a transposition matrix of 25x20, 20x25, 10x50, etc.
Assuming columnar transposition (a Dutch example from 1675), I (manually) tried various matrix sizes (not limited to the factors of 500) and looked for matrix dimensions that might allow transposition of columns (or rows) to align Qs and Us, but it was not successful. (I assumed transcription of Q and U was correct.)

The TNA blog points out a possibility that this employs Samnuel Morland's scheme (see my article quoted therein) used by some English diplomats at the time. Indeed, Sir William Temple wrote in 1669 "Mr. Perwick wrote from France for a Tryal between us" about "Sir Samuel Mroland's Cypher".
Actually, the transposition scheme proposed by Samuel Morland is not limited to rectangular matrices, but can employ a triangle, a pentagon, a hexagon, or even more irregular patterns. But considering that "ruled papers" were supplied, I think use of non-rectangular matrices is not likely.
We may consider various patterns for inserting nulls by studying known examples.

The letter is calendared on p.82 of M. Beryl Curran (ed.) (1903), The Despatches of William Perwich, English Agent in Paris, 1669-1677 (Wikimedia Commons), which silently omits the paragraph in cipher. (The first paragraph of the letter belongs to another letter in the calendar from the same date addressed to Sir Joseph Williamson, with some difference in wording. Probably, the calendar omits such repetition to different recipients.)

Variable-length Numerical Code in Austrian Archives

Given a ciphertext in digits continuously written without a break, its deciphering requires breaking the stream of digits into individual code groups. Although various schemes to allow it have been known for Italian ciphers, I noticed more elaborate schemes are documented in the Austrian archives, which are described in my new article, "Variable-Length Numerical Code in Austrian Archives". Some undeciphered ciphertexts (probably of a more basic type) are also presented.

A French TV Documentary on the Codebreaking of Mary Stuart's Letters Premiered in Paris

The 2023 discovery of more than fifty ciphered letters by Mary Stuart (which I reported here) received worldwide media coverage. The story of Mary Stuart, with a particular focus on our codebreaking, has now been made into a French TV documentary, Marie Stuart, l'énigme des lettres codées. The program not only portrays the tragic queen's later life through high-quality reenactments and interviews with historians, but also highlights how her coded letters were deciphered, featuring interviews with the three of us, the authors of the original paper. (Yes, I appear in it!)

The program is scheduled to air on ARTE in France on 27 September (program guide). Ahead of the broadcast, the world premiere took place on 16 September at the BnF -- the French National Library where Mary's coded letters had been preserved for centuries without being recognized as such).

The trailer is available on YouTube.

Cipher of Imperial Ambassador Juan Perez (1527)

The cipher used in a letter from Juan Perez to Emperor Charles V turned out to be the same as the one used by his predecessor, Juan Manuel, of which I uploaded my reconstruction yesterday. Although I listed the letter in "Unsolved Historical Ciphers", it seems to be calendared in CSP Spain. (I will update relevant articles when my PC comes back from repair.) 

 

Correspondence of Imperial Ambassador Juan Manuel (1522)

I updated the article uploaded the other day to cover a cipher between Juan Manuel and Charles V under a new title "Correspondence in Cipher of Imperial Ambassadors Alonso Sanchez and Juan Manuel (1522)".
Although the 28 letters from Juan Manuel to the Emperor are labelled "Non-decrypted" in DECODE, I noticed the first page of decipherment is visible in all but two of these records. Decryption may be found in the archives for the remaining two (R9501 and R9515, of which at least the former is calendared in CSP).

Correspondence of Imperial Ambassador Alonzo Sanchez (1522)

I reconstructed a cipher used between Alonso Sanchez and Emperor Charles V and uploaded it in a new article "Correspondence in Cipher of Imperial Ambassador Alonso Sanchez (1522)". It is similar to known ciphers for other ambassadors at the time, in the tradition of the Spanish ciphers from the time of Ferdinand and Isabella.
This will allow reading many undeciphered letters, including the two in the DECODE database that I reported in May in "Unsolved Historical Ciphers". (For some of the letters marked "Non-decrypted" in DECODE, plaintext is avaiable. So it is advised to check before working.) For example, the beginning of one of the two I reported in May, R9509 (which is recorded more fully in R9596) can be read as:
- - - - - A [xix] de es-t-e escrevi a vuestra magestad a-z-i-en-do-l-e s-a-b-e-r lo que lo-s de esta r-e-publica me r-e-s-p-o-n-di-e-r-o-n a c-a-b-o z-e [s/t...?].

Can a Vigenere Cipher be Broken without Key Repetition?

I've been interested in whether a Vigenere cipher without key repetition can be solved. If the key is random, it is a one-time pad and is theoretically unbreakable. On the other hand, if the key is a natural language text, I heard such a cipher (called a running key cipher) can be solved. But how?
I uploaded a new article about this: "Solving Running Key Ciphers (Manually/Digitally)".

A Florentine Polyalphabetic Cipher from the 1480s

I learned in a paper by Marco Vito that the instruction for a Florentine cipher from the 1480s prescribes its use as a polyalphabetic cipher. This is the only actual example of a polyalphabetic cipher before 1560 known to me (not counting the treatises by Alberti and Trithemius as actual examples).
This induced me to collect specimens of polyalphabetic ciphers known to me as a new article, "Polyalphabetic Ciphers before 1600".

Japanese Cipher Disks during the Meiji Period

I uploaded a new article in Japanese about cipher disks used in Japan during the Meiij Period. At the time, Japan was just starting to use Western-style ciphers and the cipher disks were not used for a polyalphabetic cipher, but only for switching the monoalphabetic substitution table.
While some of these have already been mentioned in some of my articles, I sorted those with new materials I came across recently, including (1) telegrams in relation to the assassination attempt on the Tsarevich (1891) (Wikipedia) and (2) photos of actual cipher disks used in post offices.

Related website: "Cipher Wheel of The Meiji Era's Cryptographic Wheel" (Modern Japan in archives) (2006-2010)

Real Messages Encrypted by Japanese RED Machine

Two authentic messages encrypted by using RED (1937) are recorded in a document declassified by NSA (REF ID: A71152), which I recently learned from Jean-François Bouchaudy.
The messages are:
(1) Ambassador in Berlin ("Mushakoji" [Wikipedia]) to Foreign Minister in Tokyo (Arita [Wikipedia]), 4 January 1937 (ciphertext, raw decryption, English translation).
(2) From Tokyo to ambassador in Berlin, 8 January 1937 (ciphertext, raw decryption) with decryption in romaji and English translation (somehow dated "9 January 1937").

Bouchaudy learned of this document from George Lasry in June 2025, who quickly found the key to the two messages. Then, Bouchaudy succeeded in reproducing the decryption by the RED simulator he developed.
He reports the results on his website, in which I contributed in parsing the raw decryption of the first message into words in Japanese.

For people interested in ciphertext encrypted by RED, Bouchaudy "created" 9 problems in the form of historical correspondence among US codebreakers. He tells us they (not authentic RED messages) are based on the wiring of the examples given in Alan G. Konheim (2007), Computer Security and Cryptography (which deals with RED and PURPLE in Chapter 7).

Deavours and Kruth (1985), Machine Cryptography and Modern Cryptanalysis has a paragraph in RED (p.213), but Bouchaudy tells us it is different from RED because it "has no Period".

"Cipher Disk" before Alberti

I recently learned that before Leon Battista Alberti's treatise, there had been ideas similar to his cipher disk. In particular, Giovanni Fontana's disk for mnemonics looks very similar to Alberti's cipher disk, though there is no evidence Alberti knew this. (Another interesting thing about Fontana is that his ideas are described in a manuscript booklet almost entirely in cipher.)
I uploaded a short article about this: "Giovanni Fontana's "Cipher Disk" (ca. 1430) in an Encrypted Booklet". (This was delayed several weeks because of troubles of my PC....)

An Original French Naval Code (1778)

An original French code (1778) is reproduced in Pierrot, Chaline, Damoiseau-Malraux, Mekhail, Perret (2025), "A Caribbean Directory-based Encryption during the American War of Independence" (HistoCrypt 2025).
It was for D'Agoût, governor of Saint Domingue (1777-1780). It is a two-part code consisting of a table for encoding in alphabetical order and a separate table for decoding in numerical order. The substitution table assigns three figures for the vowels and one figure to the other letters and the ampersand.
The nomenclature includes entries for syllables and common words. As was typical with French ciphers, some variants are covered by one entry: "action, s" (for "action", "actions"), "it, e" (for "it", "ite"), "puis, que" (for "puis", "puisque").
It should be noted that the codes are made on printed templates. The template for encoding has syllables and words printed in alphabetical order, with a section "NOMS de Lieux" in which place names are not printed and are filled when preparing a code for a specific application. The decoding table has printed numbers 1-850.

Pierrot et al. (2025) reports their reconstruction of a similar code used in 1782 between Guillaume de Bellecombe, governor of Saint Domingue a few years after D'Agoût (1782-1883), and the Secretary of State for the Navy. The number ranges up to 857. There might have been a necessity for additional entries 851-857 beyond the template range 1-850.

Contemporary French diplomatic codes I know had 1200 entries (Barbé-Marbois (1782), Luzerne (1781), Napoleonic age), larger than these naval codes. On the other hand, the code used in one undecoded message between Admiral D'Estaing and Gerard, French minister in Philadelphia, (1779) ("Unsolved Historical Ciphers") has a highest number 597.

Tuple Ciphers (Enciphering a letter with two letters)

I read about reconstruction of an interesting cipher (1537-1547) in a paper by Lasry, Simonetta, and Biermann in HistoCrypt 2025. It enciphers a letter with two letters, while enciphering a syllable with a letter. Moreover, frequent omission of the dot to distinguish syllables makes it look polyphonic. My new short article "Tuple Cipher -- Enciphering a Letter with Multiple Letters" focuses on the aspect of enciphering a letter with multiple symbols.

Dutch Codebreaking Activities during WWI

Florentijn van Kampen (2025), 'Dutch Cryptanalysis of Four American Diplomatic Codes in World War I' (HistoCrypt 2025) is interesting in describing Dutch codebreaking activities during WWI. Beside that, it presents examples of how code (as opposed to a cipher) can be broken. It is also valuable for me to show sources about the US State Department Codes. I updated "How to Break a Code (Not a Cipher)" and "Red and Blue: First Official Codebooks Adapted for Telegraphy" by mentioning these.

Verification of Decryption of Beale Cipher No.2

I have not paid much attention to the famous cryptogram known as the Beal Ciphers (No.1 - No.3). Many consider them a hoax, but at least the Beale Cipher No.2 can be deciphered by using the Declaration of Independence as a key. I recently read that it has been pointed out that deciphering the Beale Cipher No.2 with the given key is not so straightforward. Indeed, there are numerous errors in the numbers. Although the correct reading might have been achieved by close study, it seems unnatural that such painstaking effort is not mentioned in the original pamphlet.
I uploaded a new article ("Errors in Beale Cipher No.2") about this.
(It's a pure coincidence that it's the Independence Day today.)

A Cipher of Eleanor of Navarre (1476)

I uploaded a short article "A Cipher between Eleanor of Navarre and her Father, John II of Aragon (1476)" presenting a simple cipher used between Eleanor of Navarre and her father, John II of Aragon (1476).

Imperial Ambassadors in the 1520s (Juan Manuel, Alonso Sanchez)

I added entries for Juan Manuel (imperial ambassador in Rome) and Alonso Sanchez (imperial ambassador in Venice) in "Unsolved Historical Ciphers". Searching archives may be more helpful than cryptographic methods for these ciphers with many nomenclature entries.

Lope de Soria's Cipher Letters (1523)

Once I was particularly interested in ciphers of Lope de Soria, a Spanish ambassador in Genoa in the 1520s (see "Tracing the Origin of Vowel Indicators in Spanish Ciphers"). Now some of his cipher letters (1523) are in the DECODE database. They use two keys, printed in Galende Diaz (1992). I added reference to these letters in "Ciphers during the Reign of Emperor Charles V".

(The two recent additions to DECODE, R9531, R9530, are the cipher letters from which I reconstructed the keys in "Spanish Ciphers before Accession of King Ferdinand: 1470-1479" (Academia.edu).)

Oral Cipher in Yoshiwara Pleasure Quarters in Edo

Women in the Yoshiwara pleasure quarters in Edo in the late eighteenth century used a cipher, called the Fukagawa Speak, in their conversation. I learned this from a contemporary novel depicted in a scene in a historical drama I watched on TV the other day. The scheme is simple enough: meaningless syllables "ka", "ke", "ki", "ko", "ku" are inserted in the message. But when used in conversation, the resulting sound would have been unintelligible to untrained ears.
Similar schemes, typically known as the tanuki cipher, have also been used in riddles for kids. (Tanuki means a raccoon dog, but may also be interpreted as "drop ta".)

And, of course, it's not limited to Japan. Even John Wilkins' Mercury (1641) mentions an example of a similar scheme: Ougour plogot igis digiscogovegereged.
A Japanese translation of a mystery novel in English uses the Fukagawa Speak to render secret conversation in "King Tut English" among kids: A-bub-shush-o-lul-u-tut-e-lul-ylum.

I described these in a new article in Japanese, 深川言葉　―　大河ドラマ「べらぼう」に出てきた遊里の暗号.

Substitution Cipher for Hangul Text in a Book for Kids

The other day, I said I was looking for a cipher in Hangul. Now, I've found the book I have been looking for. It is a Korean translation of a book in Japanese, which features a cipher. Although the ciphertext is not in Hangul but in graphic symbols, this is the first ciphertext for Korean I encountered. I uploaded a new article, "Substitution Cipher for Hangul", which supersedes my post the other day.
(There is also a Chinese version of the book. It would be interesting to see how the cipher was adapted into Chinese. The Taiwan version skips the relevant volume (vol.11), so we need to look for Hong Kong or Mainland Chinese version.)

D'Estrades' Ciphers with Mazarin and Others

I added ciphers used in the correspondence of Comte D'Estrades in "Ciphers Early in the Reign of Louis XIV". Most of the keys are now identified, but a key for a letter in Italian (BnF Clair. 577, p.629) is not. The interlinear decipherment of the first few words (wihch I partly parse as `41(L) ¨33(AR) ¨36(MA) ′56(TA) ¨56(NA) ′61(VA) `42(LO)) may allow one to reconstruct the whole code.

(15 Mary 2025: I uploaded the key for the remaining Italian cipher reconstructed by George Lasry and Norbert Biermann. My parsing should be corrected in various ways: `41(LA) ¨33(R) ¨36(MA) ′56(TA) ¨41(NA) ′61(VA) `42(LE).)

Chinese Telegraphic Codebook for Phrases (1948)

I got a copy of a Chinese telegraphic codebook (1948) including not only single characters but also phrases. It is Cheng yu Dian ma (成語電碼) already described in 「電碼――中国の文字コード」 (an abridged English version), but I now added three photos.

 

A Cipher in Italian used between Cardinal Gualterio and the French Foreign Minister Torcy (1718)

I added a section "Gualterio-Torcy Cipher (1718)" for a cipher used in a letter from Cardinal Gualterio to the French Foreign Minister Torcy in "A Syllabic Cipher (ca.1715) of Cardinal Gualterio Reconstructed Manually".

Yardley's Diplomatic Novel, Red Sun of Nippon (1934)

I enjoyed reading Yardley's diplomatic novel, Red Sun of Nippon (1934). It is a story of a young American diplomat and his half-Chinese, half-white girlfriend, set in the contemporary Washington D.C. It develops around an important document which would be evidence of the Japanese intention of establishing a buffer state in Manchuria. As expected from Yardley, breaking of Japanese diplomatic code plays some role. See my new article, "Yardley's Diplomatic Novel, Red Sun of Nippon (1934)".

Substitution Cipher in Hangul

Japanese text can be written with some fifty kana, which can be enciphered with substitution ciphers. (Historical examples can be seen e.g., at 明治日本の暗号いろいろ). The Chinese language employs thousands of characters, so any practical encryption in Chinese is based on numerical code of those Chinese characters.

What about Korean? I have long wondered whether substitution cipher is possible in Korean script (Hangul). This is because Hangul text is not simply a series of Hangul letters. Instead, two or three Hangul letters (consonant+vowel or consonant+vowel+consonant) are combined to form a syllabic block, which is the unit of writing (morphemic block). Moreover, placement of letters within a block differs depending on the vowel. The vowels for A, E, I (which have a vertical axis) are written to the right of the initial consonant, but the vowels for O and U (which have a horizontal axis) are written under the initial consonant. So, simply substituting one Hungul letter for another may result in a letter sequence that cannot be formed into morphemic blocks.

Now, I learned possible simple solutions to my question. There may be two ways for substitution ciphers to work in Hangul.
(i) Substitution is applied in separate groups for consonants and vowels. This way, the "consonant-vowel" grouping is preserved in substitution. This is the approach that AI (Copilot) on my new PC gave to my question. Actually, AI at first gave an example of a Caesar cipher of consonants alone. When I asked about vowels, AI gave a separate substitution table for vowels. I do not know whether this simple scheme really works for actual Hangul text. (For example, I hear not every consonant can be the third element in a block; there are letters that are not simple vowels or consonants.) To my repeated requests to give actual examples, AI simply ignored "in Hangul" and gave websites for the Caesar cipher in Japanese!

(ii) Substitution is applied to morphemic blocks rather than to letters. Unicode registers 11,172 Hangul morphemic blocks (399 consisting of two leters + 10,773 consisting of three letters). If we think this whole set as a single alphabet, substitution cipher can be used. (An attempt to use the Vigenere cipher in Hangul (pdf in Indonesian?) seems to use this approach.)

Googling now finds applications to use cipher in Hangul, but I still cannot find actual examples of substitution ciphers in Hangul. Considering that Hangul was not used in official documents until 1894 and that I have seen use of numerical codes for telegraphy (posted here), substitution in Hangul may not have been common historically. 

 

Yardley's Codebreaking of a Chinese Book Cipher (1939)

Herbert O. Yardley wrote The Chinese Black Chamber after Word War II, posthumously published in 1983. It describes his days in China from 1938 to 1940, where he was invited by the Chiang Kai-shek's government to work on Japanese codes and ciphers. Codebreaking of one particular cipher is described in some detail, which I described in a new article, "Yardley's Codebreaking of Book Cipher used by Pro-Japanese Traitors in China (1939)".

Yardley's "Device" to Convey a Secret Message under an Ostensible Plaintext?

I'm interested in encryption that allows more than one reading (see posts about Venetian, J.F.W. Herschel).
Yardley tells such a feat in The Chinese Black Chamber posthumously published, though no details are given (p.152-153).
He was teaching his Chinese students how to evade the censor in sending out a secret message in an apparently innocent message encoded with the standard codebook for Chinese characters. Whether the message passed the censor could be known by addressing it to a fictitious recipient in Hong Kong, because they got inquiries as to the unknown addressee.
When the censor (a general) came to confront Yardley directly, the ostensible message he questioned was "Please tell my cousin to send me airmail two hundred quinine tablets." while the "secret message, encrypted by a device I showed them" was "New airfield completed six miles up Little River."
His interpreter demonstrated to the general how to derive the true meaning by using the public codebook and succeeded in satisfying the censor.
To the astonished Yardley, the interpreter explained that he revealed a fake secret message, "Your first born is a male.," adding that "I can make it say that as easily as anything else." Actually, he didn't understand the method himself but he knew the general (censor) wouldn't understand it, either, and he was too proud to request further explanation by saying he couldn't understand!

Secret Chinese Codebooks Preserved in US

Secret codebooks of statesmen of the Republic of China are preserved in the Li Zongren (李宗仁) papers (covering 1944-1951) and the V. K. Wellington Koo (Weijun Gu, 顧維鈞) papers (covering 1932-1966) in Columbia University Libraries in New York.
Compared with commercially available standard telegraphic codebooks, not much is known about secret Chinese codebooks. The photos of the secret codebooks on the Libraries' website are invaluable. The photo of a page from the Li Zongren codebook shows it included not only characters but also words. The photo of the Wellington Koo codebook shows a list of proper names with sequential numbers (probably to be combined with page numbers to form numerical code).
I added mention of this in "Chinese Cryptography: 1871-1945" and "中国の暗号：1871-1945".

Undeciphered Letters of Richelieu and Mazarin

I added mentions of undeciphered letters of Richelieu (BnF fr.3829), Mazarin (Melanges de Colbert 11), and the Duke of Lorraine (BnF fr.3621) in "Undeciphered Historical Ciphers". I solved the last one, but the first two remain unsolved.

Variable-length Figure Cipher between Henry de la Tour and Duke of Nevers (1589, 1591)

Speaking of variable-length figure ciphers mentioned recently, BnF fr.3619 (catalogue), f.103 (DECODE 9442), is a letter of Henry de la Tour (viscount of Turennes), to the Duke of Nevers dated 29 November 1591. For the most part, the ciphertext consists of Arabic figures.
The cipher used is no.23 (f.46-47) of the Nevers Collection (BnF fr.3995), in which the letters A-I are assigned single digits and M-U are assigned two-digit figures (with a dot over the digit in the tens place). Although the cipher includes instructions to write figures continuously ("Aussi fault aduertir de ne separer les mots come lon fait comunem[ent] ains escrire tout aulong le chifre sans aucuns distinction"), chuncks of two digits are barely visible in the ciphertext.
De la Tour joined the Protestant party of Henry of Navarre in 1576 (Wikipedia). At first, I thought use of Arabic figures came from Navarre (see "A Cipher of Henry of Navarre before Accession to the French Throne (1587)"), but in view of the 1571 instance, it may be more natural to think it came from the Duke of Nevers at least for this case.

French Code at the time of Peace Talk at Geertruidenberg (1710)

I added a French Code at the time of the Peace Talk at Geertruidenberg (1710) in "French Ciphers during the Reign of Louis XIV".
Not only single letters but also some short words/syllables have homophones, though this is not an innovation at this time because a similar feature is seen at least as early as Greater Cipher (1691).

French Diplomatic Code Shortly before the Peace of Rijswijk (1694)

I added a Louis XIV's Code (1694) with Harlay and Callières, who sounded peace during the War of the Grand Alliance in "French Ciphers during the Reign of Louis XIV". Harlay and Callieres are two of the French representatives who signed the final Peace of Rijswijk in 1697, at which time they used two codes with code switching. The new specimen shows that code switching was not introduced as of 1694.