Hall of Codebreakers
Twenty-six profiles — codebreakers, cipher designers, and the untold biographies behind the greatest cryptanalytic achievements in history
"A cipher is only as strong as the mind trying to break it."
Person: Abu Yusuf Yaqub ibn Ishaq al-Kindi, Baghdad
Technique: Frequency analysis
His nine-page manuscript is the founding document of cryptanalysis. Every substitution cipher made before 850 AD and for centuries after was rendered permanently insecure. He did this with nothing but a count of letters and an understanding that language has statistical structure.
Al-Kindi's insight was simple but devastating: in any natural language, some letters appear far more often than others. In Arabic, the most common letter is alif. In English, it's E. Map the most frequent ciphertext symbol to the most frequent plaintext letter, and the cipher begins to unravel.
Person: Thomas Phelippes, agent of Sir Francis Walsingham
Technique: Frequency analysis + contextual knowledge
Mary's encrypted correspondence with Babington Plot conspirators was intercepted and decoded. She was executed February 8, 1587. The break is one of history's clearest examples of cryptanalysis determining a human life.
Person: Commandant Étienne Bazeries (1846–1931), French Army cryptanalyst
Technique: Syllabic-substitution analysis on a 587-symbol nomenclator, with contextual cribbing against historical Louis XIV correspondence
Bazeries spent three years on the Great Cipher of Louis XIV — a nomenclator created by father-and-son Antoine and Bonaventure Rossignol in the 1620s and used by the Sun King's court for over a century. After the Rossignols died, the system became unreadable; entire chapters of French diplomatic history sat in archives as unreadable digits. Bazeries's insight was that the symbols encoded syllables, not letters — a single number such as 124-22-125-46-345 spelled les en-ne-mi-s. He also discovered embedded traps: a few symbols meant "ignore the previous symbol," planted to mislead anyone who recovered partial mappings.
Bazeries published his solution in 1893, identifying — among other things — the long-disputed prisoner who became known as the Man in the Iron Mask. He went on to design the Bazeries Cylinder (1898), a 20-disk wheel cipher, and authored Les Chiffres Secrets Dévoilés (1901), the first major French history of cryptology written by a working cryptanalyst.
The Great Cipher break is the canonical example of cryptanalysis as historiography: the tool was invented to decrypt diplomacy in real time, but its lasting payoff was unlocking a 200-year-old archive. See the exhibit: Hall II · Great Cipher (1626).
People: Room 40, British Naval Intelligence
Technique: Code book reconstruction from partial recoveries
Germany secretly offered Mexico an alliance against the United States. Britain decoded it, waited strategically, then shared it with Washington. The telegram helped bring America into WWI. The war ended 20 months later.
People: Marian Rejewski, Jerzy Różycki, Henryk Zygalski
Technique: Permutation group mathematics + known message indicators
Polish mathematicians used pure mathematics — specifically permutation group theory — to reconstruct Enigma's rotor wiring without ever seeing the machine. They built the first Enigma-breaking machines. In July 1939, six weeks before Germany invaded Poland, they handed everything to Britain and France. Without Warsaw, there is no Bletchley Park.
Rejewski's breakthrough came from analyzing the message indicator system — the first six characters of each Enigma message. By collecting enough indicators, he found patterns that revealed the mathematical structure of the rotors. Pure mathematics, applied to an engineering problem, by a 27-year-old mathematician.
People: Alan Turing, Gordon Welchman, and 10,000 Bletchley Park staff
Technique: Crib-based electromechanical search
The Bombe tested thousands of Enigma configurations per minute by exploiting known plaintext cribs — stereotyped phrases like WETTER, KEINE BESONDEREN EREIGNISSE, HEIL HITLER. The intelligence product, codenamed Ultra, remained classified until 1974. Historians estimate it shortened WWII by 2–4 years.
People: Bill Tutte (analysis), Tommy Flowers (engineer)
Technique: Statistical wheel-pattern analysis
Tutte deduced the entire Lorenz machine structure without ever seeing it — working only from intercepted traffic. Tommy Flowers built Colossus, the world's first programmable electronic computer, to automate the attack. The need to break a cipher built computing.
Person: William F. Friedman, US Army Signal Intelligence
Technique: Statistical analysis + machine reconstruction
Friedman's team reconstructed the Purple machine without ever possessing one. The US could read Japanese diplomatic traffic for years before Pearl Harbor. The intelligence existed. The failure was in how it was shared — not cryptanalytic but bureaucratic.
The lesson: Breaking the cipher was not enough. The intelligence from Purple (codenamed MAGIC) warned of Japanese intentions, but inter-service rivalry, poor distribution, and bureaucratic inertia prevented the warnings from reaching Pearl Harbor's commanders in time. The cryptanalysis succeeded. The intelligence system failed.
People: 420 Navajo Marines, US Marine Corps
Cipher: Navajo language as operational field code
This is the only story in this hall about a code that was NOT broken. It belongs here because the story of wartime cryptography is incomplete without it. 420 Navajo Marines transmitted battlefield orders in a language that Japanese linguists could not touch. The code was declassified in 1968 and the Code Talkers received the Congressional Gold Medal in 2001.
Person: Joan Elisabeth Lowther Clarke (later Murray), 1917–1996
Technique: Banburismus — Bayesian sequential analysis of Enigma indicators
Recruited from Cambridge mathematics in 1940, Clarke became one of the most productive cryptanalysts in Hut 8 and rose to deputy head — extraordinary in a service that paid female staff at clerical rates and barred them from "officer" titles. She was a fluent practitioner of Banburismus, the Bayesian sequential procedure invented by Turing to slash the Bombe's workload by ranking which wheel orders to test first. On the most stubborn naval traffic she shared the load with Turing himself; on shorter runs she worked alone.
Her work fed directly into the Battle of the Atlantic: Hut 8's reads of Hydra, Triton (the four-rotor U-boat key), and other naval keys let convoys be re-routed around U-boat wolf packs. Clarke remained at GCHQ until 1977. Her contribution was not declassified in any meaningful detail until the 1990s; she was appointed MBE in 1946 and otherwise spent the rest of her life in deliberate obscurity.
Person: William Thomas "Bill" Tutte, 1917–2002, Cambridge graph theorist
Technique: Statistical period-finding on a 4,000-character depth produced by an operator's August 1941 mistake
In August 1941 a German operator sent a 4,000-character message twice on the same Lorenz key after the receiving station asked for a repeat — the kind of depth that should never happen. John Tiltman recovered the plaintext by hand. Tutte then spent four months turning that single keystream into a complete schematic of a machine he had never seen. Working only with pencil and squared paper, he discovered the SZ40/42 used twelve wheels in two banks (the chi-stream and psi-stream wheels) plus two motor wheels, and he derived the period of every wheel from the statistical structure of the recovered key. The result, "Tutte's 1+2 break-in," became the foundation of the British attack on Hitler's strategic cipher.
Tutte's analytical method was what Tommy Flowers needed to mechanise. Colossus exists because Tutte's break gave it something to compute. After the war Tutte returned to mathematics and became one of the founders of modern graph theory. The Bletchley Park work was classified for fifty years; Tutte's role was not publicly acknowledged until the late 1990s. Canada later named the Tutte Institute for Mathematics and Computing in his honour.
See also: Hall VII · Lorenz exhibit for the machine; Story 6 above for Tommy Flowers and Colossus.
Person: Elizebeth Smith Friedman, 1892–1980
Technique: Hand cryptanalysis of commercial codes, polyalphabetics, and one-part nomenclators across 12,000+ messages
Hired by oilman George Fabyan's Riverbank Laboratories in 1916, Elizebeth and her husband William essentially invented modern American cryptanalysis as a married team. From 1923 she ran the cryptanalytic unit of the US Coast Guard and broke the encrypted radio traffic of the Prohibition rum-runners — testifying as the government's expert witness in 33 federal trials and reading aloud, in court, messages the defendants insisted no one could read. Her unit decoded cipher systems from the simplest substitution to multi-stage Hagelin-class machines.
During WWII the Coast Guard unit was folded into a joint operation that broke the South-American Abwehr networks — the German clandestine radio circuit running from Hamburg through Brazil, Argentina, and Chile. Hoover's FBI publicly took credit for rolling up the spy ring; Elizebeth's unit had done the cryptanalysis. The full story stayed classified until her papers were opened at the Marshall Library in 2008 and Jason Fagone's The Woman Who Smashed Codes (2017) reconstructed it.
Person: Agnes Meyer Driscoll, 1889–1971, US Navy civilian cryptanalyst
Technique: Stripping superencipherment off four-digit code groups; manual book reconstruction
Driscoll joined the Navy's code and signal section in 1918 and stayed for the rest of her career — through the Red Book of the 1920s, the Blue Book in 1930 (after a covert physical compromise of the Japanese codebook in New York), and the long entry into JN-25, the Imperial Japanese Navy's main fleet operational code. The same JN-25 line of work was the one Joe Rochefort's Hawaii team rode to the Midway intelligence break in 1942. Driscoll trained nearly every senior US Navy cryptanalyst of the WWII generation; her nickname inside the building was "Madame X."
She also helped design the Navy's "CM" cipher machine in the 1930s and reviewed the work that became SIGABA. By the time the Navy fully mechanised cryptanalysis after 1945 Driscoll's hand methods were being phased out, but the JN-25 lineage she opened ran straight through the Pacific war.
Person: Leopold Samuel "Leo" Marks, 1920–2001, Head of Codes, Special Operations Executive
Technique: Replacing memorised "poem codes" with printed-silk one-time pads; introducing planned indicator schemes that survived agent error and torture
Marks took over SOE's code section at 22 and inherited a system in which agents in occupied Europe encoded radio messages using lines from memorised poems. Memorised keys are short, agents under stress make transcription mistakes, and an "indecipherable" message that has to be re-transmitted gives direction-finding teams a second chance to fix the radio. Marks proved that a meaningful fraction of "indecipherables" were in fact breakable by his own staff in London with a few hours of work — and started doing it routinely so the agent did not have to repeat the message.
He then replaced the poem codes with printed-silk one-time pads: small, silent, easily concealed, and disposable strip by strip after use. Combined with worked-out keys (WOKs) and letter-one-time-pads (LOPs), the silks gave SOE field circuits something approaching real cryptographic security for the first time. Marks also wrote, for an agent killed in 1944, the poem The Life That I Have — later one of the most-quoted English love poems of the century. His memoir Between Silk and Cyanide (1998) is the canonical inside account of agent cryptography.
See also: Hall IX · One-Time Pad for the underlying mathematics of what SOE's silks actually delivered to the field.
People: Meredith Gardner and the US Army Signal Intelligence Service
Technique: Depth attack on reused pad pages
The OTP is mathematically unbreakable. Soviet signals officers reused pad pages under WWII supply pressure. XOR-ing two messages with the same key eliminates the key: C1 ⊕ C2 = P1 ⊕ P2. VENONA decoded thousands of messages and exposed Julius Rosenberg, Klaus Fuchs, Donald Maclean, and others. The project remained classified until 1995.
The math never failed — the people did. The one-time pad's mathematical proof of perfect secrecy remains unbroken. What broke was operational discipline. Under the pressure of wartime logistics, Soviet cipher clerks reused key pages. That single human decision exposed an entire intelligence network and changed the course of the Cold War.
People: David Oranchak, Sam Blake, Jarl Van Eycke
Technique: Computational search + n-gram statistical scoring
51 years unsolved. Cracked during COVID lockdown by a three-person remote team using modern computing and classical cryptanalytic intuition. The key insight: the Z-340 used a diagonal transposition before homophonic substitution — a reading order nobody had tried. Once the transposition was identified, the substitution fell to standard techniques. The killer was not identified.
Person: Frank B. Rowlett, US Army Signal Intelligence Service
Technique: Stepping-switch cryptanalysis from intercept traffic alone
William Friedman is rightly famous for Purple, but Rowlett led the day-to-day attack. His team had no captured machine, no diagram, no defector — only ciphertext. Rowlett organized the SIS into specialized units that hunted statistical regularities in switch stepping, and he kept the project alive through 18 months of dead ends. When MAGIC began producing Japanese diplomatic intelligence in 1940, the analytic engine behind it was Rowlett's.
Awarded the Presidential Medal for Merit (1946) and the National Security Medal (1965). Co-author with Friedman of the SIGABA design — the only major US cipher machine that was never broken.
Person: Genevieve Grotjan Feinstein, SIS junior cryptanalyst
Technique: Pattern recognition across aligned worksheets
On the afternoon of September 20, 1940, Grotjan asked Rowlett to look at a worksheet she had prepared. Aligning intercept plaintext-ciphertext pairs, she had identified a recurring relationship in the consonant cipher alphabet — the alignment that revealed how Purple's stepping switches were wired. Rowlett later described the moment as “one of the great breaks of the war.” Grotjan had been with SIS for less than two years.
Grotjan continued working on Soviet ciphers after the war as part of the team that produced VENONA, then later joined the National Security Agency. She received the Exceptional Civilian Service Award in 1946. Her single afternoon's insight is one of the most consequential pattern recognitions in cryptologic history.
Person: Boris C. W. Hagelin, Swedish-American engineer
Contribution: Pin-and-lug rotor mechanics for hand-portable cipher machines
Hagelin inherited the AB Cryptograph engineering shop in Stockholm and turned it into the dominant supplier of mechanical cipher machines for the Western tactical market. The C-36 fit in a uniform pocket; its US derivative, the M-209, served the US Army from 1943 through Korea. After the war he reorganized the company in Switzerland as Crypto AG — later infamous for Operation RUBICON, the CIA/BND backdoor program declassified in 2020.
People: Kevin Knight (USC ISI), Beáta Megyesi and Christiane Schaefer (Uppsala University)
Technique: Hidden Markov models + statistical machine translation
A 105-page handwritten manuscript from the East Berlin Academy archive had resisted manual cryptanalysis for two and a half centuries. Knight and his collaborators treated the symbol stream as a translation problem: they trained an HMM on German n-grams, ran expectation-maximization to align symbols to phonemes, and after testing several wrong source languages, German emerged. The text turned out to be the initiation ritual of an 18th-century mystical society called the Oculist Order. The first major historical cipher broken by computational linguistics.
People: Moshe Rubin (algorithm reconstruction, 2010), George Lasry (cryptanalytic verification)
Technique: Documentary reconstruction + simulated annealing
John F. Byrne refused to disclose how Chaocipher worked from 1918 until his death in 1960. His family donated the papers to the National Cryptologic Museum in 2010, and Moshe Rubin reconstructed the dynamic-permutation algorithm from Byrne's worked examples within months. George Lasry then demonstrated that with sufficient ciphertext (a few hundred crib characters), simulated annealing recovers the two starting alphabets — proving Chaocipher was secret rather than secure.