1965 Cryptanalysis Training Workbook Released by the NSA

In the early 1960s, National Security Agency cryptanalyst and cryptanalysis instructor Lambros D. Callimahos coined the term “Stethoscope” to describe a diagnostic computer program used to unravel the internal structure of pre-computer ciphertexts. The term appears in the newly declassified September 1965 document Cryptanalytic Diagnosis with the Aid of a Computer, which compiled 147 listings from this tool for Callimahos’s course, CA-400: NSA Intensive Study Program in General Cryptanalysis.

The listings in the report are printouts from the Stethoscope program, run on the NSA’s Bogart computer, showing statistical and structural data extracted from encrypted messages, but the encrypted messages themselves are not included. They were used in NSA training programs to teach analysts how to interpret ciphertext behavior without seeing the original message.

The listings include elements such as frequency tables, index of coincidence, periodicity tests, bigram/trigram analysis, and columnar and transposition clues. The idea is to give the analyst some clues as to what language is being encoded, what type of cipher system is used, and potential ways to reconstruct plaintext within it.

Bogart was a special-purpose electronic computer tailored specifically for cryptanalytic tasks, such as statistical analysis of cipher texts, pattern recognition, and diagnostic testing, but not decryption per se.

Listings like these were revolutionary. Before computers, cryptanalysts did this type of work manually, painstakingly counting letters and testing hypotheses. Stethoscope automated the grunt work, allowing analysts to focus on interpretation, and cryptanalytical strategy.

These listings were part of the Intensive Study Program in General Cryptanalysis at NSA. Students were trained to interpret listings without seeing the original ciphertext, a method that sharpened their analytical intuitive skills.

Also mentioned in the report is Rob Roy, another NSA diagnostic tool focused on different cryptanalytic tasks, but also producing frequency counts, coincidence indices, and periodicity tests. NSA had a tradition of giving codebreaking tools colorful names—for example, DUENNA, SUPERSCRITCHER, MADAME X, HARVEST, and COPPERHEAD.

Tags: , ,

Posted on September 2, 2025 at 7:08 AM7 Comments

Comments

KC September 2, 2025 10:33 AM

From Mr. Callimahos’ “Invitation to Learning”:

“Errors (but nonduplicative!) are encouraged, as they are particularly instructive to the entire class; without errors, there is no assurance of complete understanding. In other words, if you breeze through problems, you are on the wrong problems, or in the wrong course […]

You can now look forward to 18 weeks of sheer delight!”

Some lessons are timeless

Clive Robinson September 2, 2025 10:34 AM

@ ALL,

@ Bruce notes,

“In the early 1960s, National Security Agency cryptanalyst and cryptanalysis instructor Lambros D. Callimahos coined the term “Stethoscope” to describe a diagnostic computer program used to unravel the internal structure of pre-computer ciphertexts.” … “Bogart was a special-purpose electronic computer tailored specifically for cryptanalytic tasks, such as statistical analysis of cipher texts, pattern recognition, and diagnostic testing, but not decryption per se.”

Seymour Cray’s Bogart was indeed a not just special-purpose it was large, power hungry and very expensive. But quickly became less expensive and a version was sold to others not just the NSA.

You can read more,

https://www.nsa.gov/portals/75/documents/news-features/declassified-documents/history-today-articles/10%202018/05OCT2018%20SEYMOUR%20CRAY%20and%20NSA.pdf?ver=P3xsKeHprvcBBChHKi77Gw%3d%3d

However in a little over a decade Bogart was effectively redundant, as the clever use of 8 bit computer chips had out paced it. And smart kids with access to Apple ][ computers with dual floppy drives were developing their own programs based on what had become public knowledge by the end of the 1970’s.

Frode Weierud September 5, 2025 1:55 AM

@ ALL,

If you are interested in cryptodiagnosis, three historical texts come to mind; alas, they are still classified. They and other cryptanalytical texts were presented to the readers of the NSA Cryptolog, Vol. XVI, No. 1, 1st Issue, 1989, Page 13–14 in an article entitled ”One Cryptanalyst’s One-Foot Shelf.” https://media.defense.gov/2021/Jul/01/2002754974/-1/-1/0/CRYPTOLOG_114.PDF

The first text is historical for many reasons, but most importantly because it is written by the British mathematician Irving J. Good. If any of these texts should be declassified and published, this is the one.

STANDARD REAGENTS AND DIAGNOSTICIAN’S DICTIONARY by. I. J. Good (Blue Ribbon Series, Monograph No. 11)
This exceptionally well-written paper is considered by many cryppies as the best friend to take along when you lay siege to a difficult system; it will advise, comfort and sustain you, and keep you from straying. It contains specifics in compact form on how to go about things, including thinking, and so it is a practical handbook as well as good reading that invites dipping into. And the cryppie who seeks guidance in these pages when the prospects are gloomy will come away enlightened, and heartened and refreshed by the uplifting and optimistic tone.

This most valuable tome, unfortunately, is out of print, and no reissue is planned for the near future. If you do not have a copy, make friends with someone who does, especially if he is about to retire. Meanwhile, there’s a copy in the CA library that you can read.

The subsequent text is L. D. Callimahos’ well-known 
ARS CONJECTANDI: THE FUNDAMENTALS OF CRYPTODIAGNOSIS by L. D. Callimahos (Blue Ribbon Series, Monograph No. 18)
It’s neatly put in the foreword by Dr. Tordella: ”This monograph represents a milestone in cryptologic literature: it is the first detailed and comprehensive exposition of the fundamentals of cryptodiagnosis, treating the techniques and procedures of manipulating data and recognizing and interpreting phenomena. Broadly theoretical in its treatment of the principles of diagnosis, it is applicable to both manual and machine cryptosystems, whether the diagnostic examination is performed by manual methods or with machine aids.

”Any cryptanalyst, whether he has two years; or 20 years’ background, will profit from the study of this pioneering work. For the experienced cryptanalyst, it is an indispensable vade mecum.”

And finally, we have 
COLLECTED PAPERS ON CRYPTANALYTIC DIAGNOSIS (S-194,074)
These interesting papers range from the philosophical through the theoretical to the practical. Some are reprints and others are newly presented; all bear re-reading. Mr. {redacted, but known to be: Morton Kupperman’s} article may shock some by its very title: ”Is the Index of Coincidence Obsolete?” but it will prompt thinking about statistical tests in general. It should be mentioned that {redacted} appears to be the missing link between the mathematicians and the cryptanalysts, for his exposition is understandable to a cryppie who came in through the liberal arts.

This last text also contains the article by Carolyn Palmer, ”General Utility Programs for Cryptanalysis.” Carolyn Palmer and Marjorie Mountjoy were instrumental in developing algorithms in the later GUPPIES series of cryptanalytical programs.

ResearcherZero September 5, 2025 8:04 AM

Another good read which includes information not before published is Nuclear War: A Senario

The book describes in detail what happens following the detection of a launch of an ICBM, plus all of the procedures and complications involved in maintaining readiness of the nuclear triad, what that entails and questions if such hardware might withstand the blast.

Annie Jacobsen has written other books too that include information normally available in a training session or from handbooks and archives, which paint a vivid picture of what takes place in restricted environments and would normally be the domain of insiders. Described in terms that make it both interesting, accessible by the lay-person and a good read.

Historical accounts of what took place within restricted areas or classified operations. Area 51, the CIA and other subjects are each subjected to analysis which is far more interesting (IMHO) than the many conspiracies and myths popular amongst folklore and rumor.

‘https://www.nytimes.com/2025/08/08/books/review/podcast-annie-jacobsen-nuclear-war.html

Frode Weierud September 7, 2025 4:56 AM

The statement “Also mentioned in the report is Rob Roy, another NSA diagnostic tool focused on different cryptanalytic tasks, but also producing frequency counts, coincidence indices, and periodicity tests” is unfortunately not correct. ROB ROY was not a diagnostic tool, but a remote user terminal system operating on the BOGART computer, named after John B. Bogart, the famous city editor of the New York Sun. The system had five outstations and started operation in February 1960.

It was not the first NSA remote terminal system. It was preceded by ROGUE (Remotely Operated General-Use Equipment), which was running on the ALWAC IIIE computer delivered by Logistics Research Incorporated, later Alwac Corporation. ROUGE started operation in April 1956 and continued operation until ROB ROY replaced it. ROB ROY was itself replaced by RYE, an extended capacity remote access system, running on the UNIVAC 490 in April 1964. With RYE came the GUPPIES, the cryptanalytic General Utility Programs, developed and maintained by the “GUPPY Mother” Carolyn Palmer. RYE ceased operation in April 1983, when other remote terminal systems and personal workstations took over.

More information about the computers and remote terminal systems at NSA can be found in Samuel S. Snyder’s History of NSA General-Purpose Electronic Digital Computers. Virginia Jenkins’ article A Natural History of Guppies provides detailed information about the GUPPY cryptodiagnostic programs.

Bob Bishop September 16, 2025 9:28 AM

“Bogart was a special-purpose electronic computer tailored specifically for cryptanalytic tasks, such as statistical analysis of cipher texts, pattern recognition, and diagnostic testing, but not decryption per se.”

Doesn’t this also describe Colossus?

Clive Robinson September 16, 2025 6:53 PM

@ Bob Bishop,

With regards,

“Doesn’t this also describe Colossus?”

That depends on your definition of

“… a special-purpose electronic computer …”

And,

tailored specifically for…”

A simple counter as used in statistics gathering does not a computer make.

Nor if you extend it with a counter trip mechanism.

To be a computer it has to also be capable of discrimination against a changeable/selectable reference of some kind. That can be programmatically changed at will. Thus have both a “test” and result dependent “branch” / “loopback”. The test also requires to have memory storage for the result for this to work, be it just a simple bit latch or more complex register of flags.

A simple statistics system just needs two or more incrementing counters and a magnitude comparator. Which does not quite give it sufficient ability to be a general purpose computer.

In some circles the jury is still out on Colossus…

Arguably Conrad Zuze’s relay based Z family of machines were the first “electro-mechanical computers” even though over in the US a bomb designed around relays not rotors was already in design and production.

What appears beyond doubt is the Tommy Flower’s use of very high speed thermionic valves/tubes put Colossus as the first fully electronic comparitor that was programmable. Thus made it easily hundreds to thousands of times faster to switch than electromechanical relays.

Supprisingly in the available records it took comparitively many times longer to go from valve/tube to transistor than it did from relay to valve/tube.

Leave a comment

Blog moderation policy

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.