Development of the First Japanese Cipher Machine: RED

The RED cipher machine, as designated by US codebreakers, was the first cipher machine used for Japanese diplomatic communications. Although the Japanese are said to have been (and indeed were) prompted to introduce machine cipher by the publication of Yardley's The American Black Chamber in 1931, the development of the cipher machine had begun in 1927.

Development of RED Cipher Machine

It was in 1927 that Kakimoto Genichiro of the Navy conceived the idea of making a cipher machine that would solve the problems associated with conventional codes such as time-consuming encoding/decoding work, difficulty of training code officers, and security concern. When Engineer Tanabe Kazuo of the Navy Technical Research Institute worked out a concrete plan, patent applications were filed on 2 February 1928 and secret patents were granted on 22 November 1928 (Nos. 79061, 79062). (The secret patent system was abolished in 1948 in Japan.) Their supervisor, Ito Risaburo, Chief of Telegraph Section of the Naval Ministry, had once broken a Playfair cipher used by the British and French Navy in 1915.

Prototype at London Naval Conference (1930)

In November 1929, nine sets were completed in time for the London Naval Conference in January to April 1930. Of these, five were supplied to the plenipotentiary delegation sent to London (two for the plenipotentiaries themselves, two for attendants from the Navy, and one as a reserve), two to the Foreign Ministry, and two to the Naval Ministry. The Navy boasted the cipher machine increased the capacity of handling transmissions by more than four times compared with conventional codebooks. However, the Foreign Ministry found "from practical viewpoints, there were various defects and its performance was very unsatisfactory", though its security was considered sufficient. Ito later explained that it was because of hasty production to get it ready by the conference, which led to poor qualities of materials, production, and alignment. (B13080930600 p.37; see also Appendix 1, Appendix 2 below)

Feedback and Improvement (1931)

After the conference, the Navy proposed to the Foreign Ministry, with Ito's observations dated 9 July 1930, use of machine cipher in all important transmissions. He realized concurrent use of a weaker code would lead to compromise of the otherwise secure (so it was believed) machine cipher. (Appendix 1)

However, this proposal was forgotten until after the publication of Yardley's The American Black Chamber on 1 June 1931 and its newspaper coverage in Japan on 20 July (see another article). On 29 July 1931, Ito made a telephone call to Sakuma, Chief of Telegraph Section of the Foreign Ministry, and renewed his proposal in view of the situation now that "the Yardley incident is much clamored".

Sakuma visited Ito and when he was satisfied with Ito's explanation of designed improvements based on a blueprint, he drafted a proposal on behalf of the Foreign Ministry, dated 6 August 1931, asking for Cabinet approval of introducing the new cipher machine of the Navy for use during the Geneva Naval Conference (Wikipedia) scheduled in 1932 (B13080930600 p.36-39). He pointed out the machine cipher would be more secure than the conventional code system and the defects of the previous model used during the London Naval Conference in 1930 were to be largely corrected. The improvements being planned were explained as follows.

(A) Complexity (security) of the cipher has been increased.
(B) Reduced in weight and size from the previous device. Allows easy disassembling into four parts and is more portable.
(C) Mechanism has been improved and simplified, thus reducing failures and allowing uninterrupted operation.
(D) Electric wiring can be easily changed.
(E) Reduced price. (While the previous device cost 4500 yen each, the new device is about 2300 yen.)
Whereas the documents of the Kryha cipher machine, under study in the Telegraph Section [of the Foreign Ministry], have been sent to Chief Ito, the new cipher machine has taken into account merits of the Kryha electric automatic cipher machine to a considerable extent.

Geneva Conference (1932)

It was decided that the Foreign Ministry and the Ministry of War would use the device for the coming Geneva Conference. The Foreign Ministry was supplied with twenty sets by the end of December 1931 and another ten by the end of April 1932. Two were supplied to the Ministry of War by the end of April 1932. (Appendix 2) The Naval Ministry used eight (C05023390000 p.24, p.14).

In a report submitted in January 1933, the Navy (Chief Ito) repeated that it reduced the encoding time by a factor of four compared with codebooks and concluded the device demonstrated its advantage, despite occasional failures (C05023390000 p.27-30). Ito added that a naval attache in America even used it for secret papers (as opposed to secret telegrams). The Ministry of War and the Foreign Ministry also appreciated the advantage of the device in short reports (C05023390000 p.31-34). The Foreign Ministry added that although there had been plans to employ machine cipher in the ministry, after using the Navy's cipher machine and realizing its security, it intended to use it as extensively as the budget allowed.

Japanese-character version (1932)

These are all about enciphering alphabetical letters for overseas telegraph communications. For communications between warships in domestic waters and terrestrial radio telegraph stations, a Japanese-character version was produced with the same system. During the year 1932, twenty-two were produced and were supplied to the naval stations, major ports, and flagships. (Appendix 2 below)

Official Adoption (1932) and Variants

In September 1932, the cipher machine was officially adopted as ordnance by the Navy as 91-Shiki Injiki [Type 91 Printing Machine]. (Appendix 2 below) "Type 91" is from the year 2591 in the Imperial Calender, which corresponds to 1931 (After World War II, the Western calender is used as in "Type 74" tank.). The Navy designated the Japanese-character version for its own use as "Model 1" (see the photo below). The Foreign Ministry called the alphabetical version Angoki Taipu A [Cipher Machine Type A].

The original alphabetical device, called 91-Shiki Obun Injiki [Type 91 Alphabetical Printing Machine], was designated as RED by US army codebreakers. The US Navy team called it M3 or the A machine, before which it had broken IKA, its successor M1 (a kana machine used by the Japanese Navy for about 1933-1936) and M2 (an alphabetical machine used by naval attaches) (a 1991 article printed in David Kahn (2014), How I Discovered World War II's Greatest Spy and Other Stories of Intelligence and Code p.47). M1 is sometimes called ORANGE. While this etymology appears to have been derived from Kahn's speculation in The Codebreakers (1967) p.20, Kahn now denies his former speculation (ibid.).

Mechanism of RED Cipher Machine

The mechanism of the RED cipher machine has long been known from documents of codebreakers rather than Japanese archives, where apparently materials related to code/cipher had been destroyed at the end of World War II.

Basic Encryption Mechanism

A striking weakness of RED was that vowels were always turned into vowels and consonants into consonants. This produces pronounceable ciphertext, which could be regarded as code words by telegraph offices and thus could be sent at a lower rate than arbitrary sequence of letters (see another article). (By the way, in telegraph regulations at the time, a pronounceable sequence was regarded as a code word and an arbitrary sequence was called a cipher, a different distinction between code and cipher from that in modern cryptology. It should also be borne in mind when reading Japanese sources in English that the Japanese word ango covers both code and cipher.)

Basically, the six wires from the six vowel keys (a, e, i, o, u, y) of the input typewriter are coupled via a rotor to six wires to the six vowel keys of the output typewriter and the twenty input wires for the consonants are coupled to twenty output wires for consonants. This can be implemented with two rotors for the vowels and the consonants, as was done by the US codebreakers in constructing a RED workalike. (The operation itself can also be simulated with a hand-operated simple cipher wheel (Wikimedia Commons; Deavours p.220).)

However, the original Japanese RED machine had a single rotor to handle both vowels and consonants. The rotor receives input from the keys with 6+20 circumferential metal strips on a shaft via rolling contacts placed around them. The rotor disk had 60 output contacts, which were wired with the 6 metal strips on the shaft over and over in the same pattern. Different sets of six among the 60 contacts on the disk come in contact with six output rolling contacts on a fixed disk opposing the rotor disk. (Deavours, p.218, 219, 216 (photo), The RED Machine) The other side of the rotor disk also had 60 contacts, which presumably come in contact with 20 output rolling contacts on another disk. The number 60 is the least common multiple of 6 and 20.

Between the input typewriter and the rotor was provided a plugboard. Again, initially, the vowels and the consonants were permuted within themselves, respectively (Deavours p.219).

Each time a letter is typed and enciphered, a rotor is stepped, thus shifting the substitution pattern by one place. In order to give it an irregularity, the stepping was controlled by a break wheel with 47 pins, of which eleven were removable. Usually, a rotor is stepped by one place but when a pin is removed, the stepping is by two places, skipping one. When two consecutive pins are removed, the rotor may be stepped by three places. In operation, however, the number of pins removed was limited to either 4, 5, or 6, resulting in 43, 42, or 41 steps per revolution.(Deavours p.219, Budiansky p.87)

An account of Nagata Junko, Nagata Ango Juku Nyumon p.259 seems to suggest each pin could be independently unremoved with 47 buttons corresponding to them (see the photo below). Probably, only eleven of the 47 buttons were actually used, which made allied codebreakers think only eleven were removable.

Japanese-character Variant

Below is a photo of an actual Type 91 machine at the US National Cryptologic Museum, to which the present author provided some annotations. A high resolution photo may be found at Wikipedia. Further close-up photos by Ralph Simpson can be seen at Japanese Red in CRYPTO MACHINE MENU PAGE as well as in Trips09 Cryptologic Museum 13 Feb. The National Cryptologic Museum also provides photos (search for: Japanese RED machine) (I thank Chris Christensen for letting me know of the NCM site.).

While RED is for alphabetical letters, this model is for kana (Japanese syllabic characters). So the rotor shaft has 56 circumferential metal strips instead of 6+20. Since kana is syllabic ("a", "ka", "sa", ...), ~~there is no separation of vowels and consonants~~there should be no reason to split between vowels and consonants. Somehow, however, the kana variant ORANGE employed a 42+14 split of the characters (its predecessor IKA had a 42+7 split, including parentheses, diacritics (nigori, hannigori), and stop) (Christensen (2021). A photo (the original of the one shown below) of the keyboard shows keys for figures 1-9).

The photo shows Japanese-character keyboards. The key arrangement of this keyboard (at least that of the main keys accessible without Shift) is that of the first Japanese-character typewriter adopted for real-time receiving operation in the Osaka Central Telegraph Office in 1917. The typewriter was adapted from an L. C. Smith typewriter. (History of Typewriter (in Japanese) written by Kurosawa Teijiro in 1927; §20, 24; Here is also a photo of the keyboard; Apart from the keyboard arrangement, Hatakeyama Seikou, Hiroku Rikugun Nakano Gakko says the Smith typewriter made in Japan was adopted for PURPLE and an imported Underwood typewriter was used for RED, but this book occasionally seems to be unclear whether RED or PURPLE is referred to)

This particular machine is said to have been captured by the US Navy (Was it during World War II? It seems improbable that it was in 1935 as mentioned as a possibility in Deavours p.218, Smith p.53, which is denied by Layton p.79, Budiansky p.84). So it must be the variant used by the Navy ships for communication with land stations in Japan. (Naval attaches must have had to use an alphabetical system for cabling at overseas telegraph offices but many sources say naval attaches used a kana system. Further check is needed.)

Encryption Keys

Apart from the change of substitution patterns for each letter enciphered, the enciphering varies depending on the initial settings (keys) of the machine. The plugboard setting was changed initially on the first, eleventh, and twenty-first of each month but later on a daily basis (Deavours p.220, Smith p.66).

In addition, each message was preceded by a five-digit indicator that specified the starting positions of the rotor and the break wheel as well as the pins to be removed from the break wheel (Deavours p.220, Smith p.67). The indicator was selected from a list of 240 options, which list itself was not changed.

Although change of the wiring pattern of the rotor may have been contemplated (cf. "first-tier key" mentioned by Ito in Appendix 1 below), it was never effected.

Non-cryptologic Security Measures

By the way, the RED machine had non-cryptologic security measures such as a letter order destructor (see Appendix 2 below). This is said to destroy the letter order changer if an attempt is made to disassemble the machine to figure out the inside mechanism. A slightly more detailed account is as follows.

Perfect protection measures were provided. Any attempt to disconnect the cords for transport would disassemble the wiring and obscures the mechanism. The apparent switch is a fake and pressing it would not cause any current flow. One of the screw of the housing is the actual screw [i.e., switch?]. The invention was so unique in the world.
Hatakeyama Seikou, Hiroku Rikugun Nakano Gakko (Sihncho Bunko edition) p.66

Cryptologic Security

Japanese documents about the development of the RED machine show a naive trust in the security of a cipher machine, which may be understandable in view of the general belief (Deavours p.213) at the time that breaking machine cipher purely through analytical work was impossible. Chief Ito of the Navy observed "if the order of variations of each letter is irregular, each letter is varied in a series of 26²⁶ " in explaining the motivation of designing a cipher machine (Appendix 1 below). But in reality, the pattern produced by the machine fell far short of such ideal irregularity.

Basically, the 20 consonants are permuted among themselves by the rotor and the permutation (i.e., the substitution alphabet) shifts by one place every time a letter is enciphered. This is no more than a classic Vigenere cipher with progressive shifting of rows in a Vigenere tableau. Together with similar permutation of the 6 vowels, the number of substitution patterns amounts to 60 (the least common multiple of 6 and 20) but once recognizing that consonants are enciphered independently of vowels, codebreakers will see there are only 20 patterns. Although the break wheel adds some irregularity to the succession of the patterns (resulting in a period of 60 revolutions of the break wheel, which corresponds to either 60*41, 60*42, or 60*43 letters depending on the removal of the pins), it was only a matter of occasionally shifting by two or three places instead of one.

That is, even if the substitution pattern is not the same, sequences of ciphertext resulting from enciphering the same plaintext with different rotor positions are apparent. Moreover, occasional long messages sent with the same settings provided ample clues for the codebreakers.

Now, the RED cipher machine is remembered as a classic example of a weak machine cipher broken by codebreakers. There is even a view that the weak RED cipher provided a tutoring period for codebreakers to prepare themselves for more complicated ones such as PURPLE.

Appendix 1: Navy's proposal of introduction of cipher machine (9 July 1930)

The following is a translation of the Navy's proposal to the Foreign Ministry for introduction of cipher machine (9 July 1930), by Chief Ito Risaburo of the Telegraph Section of the Naval Ministry (B04122581000).

Observations on Code/Cipher for Naval Conference

Chief of Telegraph Section of the Naval Ministry, Ito Risaburo

1. It is well-known today that the achievements of the Portsmouth Conference [the peace conference for the Russo-Japanese War] largely relate to our government's code leak. (I could not find confirmation of this. Yoshimura Akira, Potsumasu-no Hata, which has many references to codes and telegrams, does not mention it. Though it does mention a code at the Consulate at The Hague was copied, it had nothing to do with the peace conference. The word "achievements" sounds like referring to the the peace conference for the Sino-Japanese War, during which Japan took advantage of the knowledge of Chinese code but the context supports "leak" of Japanese code. Judging from Hatakeyama Seikou, Hiroku Rikugun Nakano Gakko, which says Russia knew of Japanese conditions from telegrams sent to her ally Britain by the Great Northern Telegraphy Company via Siberia, the Navy believed at the time that the heavy concessions on the part of Japan at Portsmouth were due to leak of secret information.) It is also evident that such a leak is not only due to improper storage of codebooks but is caused by special techniques to study and break codes.

2. In 1922 (a 1925 edition is mentioned in C01003761500), the document "Constantinople and the Straits" published by the Soviet government included translations of 97 encoded telegrams between the ministers of various countries and their governments during the European War. Targets included not only Germany, their enemy, but also the neutral United States as well as friendly Japan, Britain, France, Italy, etc., totalling ten countries. Whereas this is remarkable in view of good faith among nations, the fact also shows the development such techniques have made.
(N.B.)
Of the above 97 telegrams, the following three relate to the Empire [of Japan].
23 November 1914, telegram from Ambassador Motono to Foreign Minister Kato
19 March 1915, telegram from Ambassador Motono to Foreign Minister Ishii
3 March 1915, telegram from Military Attache Odagiri to Chief of the General Staff Hasegawa

3. When this is considered with respect to the history of development of cryptology and achievements during the said War, the Russians are not particularly adept in such techniques but rather their skills are substandard. It is evident that such deeds were not only conducted by the Russian government at the time. It is only that other nations do not publicize it as the Soviet government did. In my view, had this not been done under the Czarist regime, even the Soviet government would not have resorted to their characteristic policy of disclosing everything. From the account of modern French cryptographer Langie below one can imagine that such a special organization exists in every country now and how they are active.

Nowadays all the great Powers have a Cipher Department. There is one in London, and others at Paris, Rome, Petrograde, Berlin, and elsewhere. When the head of a State and his Minister of Foreign Affairs leave the country, they are always accompanied by a Staff of experts from the Cipher Department. M. Poincare, during his last journey to Russia, a few days before the German aggression, had with him the Director of the French Cipher Department, with whose collaboration he was able to keep in touch with Paris without running the risk of indiscreet confidences.
(1922 Langie's "CRYPTOGRAPHY", translated into English by Macbeth.)

4. Today, it would be almost an open secret that the countries in Europe and America have a codebreaking unit as part of an intelligence organization and take advantage of it in domestic affairs and diplomacy.
In particular, in a disarmament conference, which may decide the issue of a war beforehand among ministers from great powers meeting at one place, the host country can have access to every telegram of participating countries and it is natural that they try to decipher them to find out the intentions of the other countries. Moreover, since the government of the host country may infer the contents of such telegrams from the proceedings of the conference and may provide informative materials, the deciphering work would be relatively easy. Therefore, special care must be taken for the code/cipher used by ministers of participating nations and its use in practice.

5. Among codes/ciphers, the most vulnerable are those that always turn the same letter in the plaintext into the same form in code/cipher, such as, for example, turning several instances of "...ING" or "NAVY" all into "...MYH" or "DECOP". The simplest one of this kind is a letter-by-letter substitution cipher. As long as there is 100 or more letters in the Roman alphabet, a mere single message is enough to allow codebreaking in a matter of several hours.
Even a method with most secure codebooks (or ones called a telegraphic code book and having more than ten thousand, in particular around one hundred thousand, codes) would become less secure as it is used more and more. In particular, when reference materials (materials with which the content of an encoded telegram may be inferred) are available, a few telegrams of more than five hundred words are enough for codebreaking. With substitution ciphers, however frequently the cipher form for the same letter is changed, as long as there is some relation among the forms, one telegram is generally enough for codebreaking. In short, the above described codes and ciphers are not secure however many versions are prepared to use different ones every time.

6. What kind of code/cipher is secure then?
According to the principles of codebreaking, mathematically absolutely secure one should have irregular and infinite cipher forms for the same letter of the plaintext and should allow different encryptions for every occurrence.

7. However, such a complex cipher requires significant time and effort for encryption and decryption and is not suitable for telegrams, for which speed is required.
Thus, while security and simplicity in handling are two requirements for codes/ciphers, in particular those for telegrams, it is natural in practice the latter has to carry great weight and consequently security of the code/cipher is neglected, which may potentially lead to leak of secret.

8. Thus, it is reasonable to provide a typewriter to achieve infinite variation of letters in a simple way (if the order of variations of each letter is irregular, each letter is varied in a series of 26²⁶(This is an unbelievable naiveté.) and its number of variations is substantially infinite) to satisfy the two requirements for the code/cipher. This is the motivation for designing a cipher machine.

9. Thus, nowadays, in Europe and the United States, various cipher machines (such as Marconi [Kryha (Wikipedia)] in Britain, Hebern in America, and Enigma in Germany, etc.) are produced and sold for commercial use. The Navy did produce and use such a machine for the Disarmament Conference [the London Naval Conference in January to April 1930] to the great advantage.

10. Regrettably, however, only nine cipher machines could be produced because of the time, of which two were for the plenipotentiaries, two were for attendants from the Navy, one was a reserve for the plenipotentiary delegation, and two each for the Foreign Ministry and the Naval Ministry. The embassies to the United States, France, and Italy could not be provided with one.
Therefore, related telegrams to these districts had to rely on conventional codes and there is concern because Britain, the United States, etc. could naturally obtain copies of those. In particular, the concern is aggravated by the fact that in this case most of the telegrams between the Foreign Minister and the plenipotentiary delegation were transferred to the embassy in the United States.

11. In the Great War, there was an instance in which use of two codes with different hardness resulted in leak of secret first from the less secure code and then the other secure code was broken.
The failure of the first general attack in the Western Front by the German army in 1918 was a case in point (He may refer to ADFGX and ADFGVX; cf. Wikipedia).
In the first place, use of several cods with different hardness in telegrams concerning the same event (not to speak of telegrams of the same content) is most dangerous. While it is human nature to avoid difficulty and take the easiest way at all events, naturally easy code tends to be used more often, resulting in leak of secrets, or concurrent use of codes with different hardness leads to the above-mentioned failure.
What deserves the greatest attention is that although such errors on the part of the user lead to grave results, it is almost impossible to bring them to light and, moreover, it is extremely difficult to check them beforehand.
With a view to the fact that grave errors such as to affect a course of events tend to be made in practice in code and are never accounted for, it is most important to eliminate any occasion to commit such errors by specifying some appropriate single kind of code/cipher to encrypt everything about one event and prescribing how the key should be changed.

12. Therefore, for the next disarmament conference or other important international conferences, etc., it is absolutely necessary to prepare required cipher machines beforehand and supply them to the countries involved and use them for all the telegrams related to the conference.
The cipher machine produced by the Navy has three tiers of keys, change of which allows automatically changing the encryption scheme. At least the second key must be changed once every month and the third key must be changed for every number of telegrams.
(The first-tier key may be changed when the whole mechanism of the present machine should be known to others and thus serves to still provide security.)
For telegrams of utmost importance which should not be disclosed other than to the sender and the recipient, it is required to specify a third key of a different kind, for which a personnel to handle the machine should be specified beforehand.
In such a case, if ever the sender and the recipient specify another kind of code/cipher other than the machine and use it even once, it would result in a grave consequence.
It is because such a code/cipher would be inevitably of very low security, whereas the message is particularly important. Presumably it is for this reason that ministers of great powers are attended by experts when travelling abroad.

13. Since the mechanism of the cipher machine is considerably complex, persons who handle it must learn the mechanism beforehand and be adept in its use. (Was it not supposed that less training was required for machine cipher?)
Since the machine produced this time was hastily completed, the quality of components was poor and the alignment of the mechanism was insufficient. In particular, shipping a long way resulted in many faults. Notwithstanding, as far as the Navy is concerned, it did serve throughout the term anyhow, which is considered to be owing to constant and diligent study on the part of the persons who handled it.
In summary, it is hereby submitted that, for a future disarmament conference or other important international conferences etc., it is necessary to secure absolute secrecy of related telegrams through sole use of an appropriate cipher machine and its appropriate operation.

Appendix 2: Recommendation of Remuneration of the Developers of the RED Cipher Machine

The following is a translation of Observations on Remuneration for the Development of 91-Shiki Injiki [Type 91 Printing Machine] dated 24 April 1933 submitted to the personnel section of the Navy (C05023390000 p.39; C05023390100). This recommends the developers to remuneration.

Observations on Remuneration for the Development of 91-Shiki Injiki (Typewriter-based Cipher Machine)

1. Merits and Demerits of Performance of the Present Device
(A) Previous Problems
Performance of radio communication equipment of the Navy has significantly advanced owing to persistent experimentation and study such that excellent ordnance has been manufactured. In addition, the equipment specifications have been unified into a standardized system through many years of investigation and research; associated new ordnance has gradually come into general use; and thus, now, requirements for operations and planning can generally be satisfied. Still, there still remain the following problems in encrypting and decrypting.
(1) Preparation of messages in code is done by a code officer with reference to a codebook and thus takes much time.
(2) There is the same problem in decoding, too.
(3) Much time is required to cultivate and train code officers.
(4) A code has a certain lifetime regardless of its type. It must be replaced with a new type before it is detected by a third party or its security is compromised.
(5) Security of a code is compromised when a codebook is got possession of by espionage.
In short, secret communication with a codebook has demerits such as requiring much time, requiring more time for more security, and need of many days for training code officers. Moreover, in order to constantly maintain security of the code, there are practical difficulties in storage, revision, supply, etc. of codebooks and still one cannot be free of concern. Thus, there is a pressing need for mechanical encryption for military purposes and in international communication
(B) Merits of the Present Device
(1) The present device consists of two typewriters, wherein when the original text is typed on one typewriter, a mechanically encrypted ciphertext is printed on the other typewriter. The process requires no expertise for decrypting or encrypting. Since all one needs is to learn the usage of the device, there is little need to cultivate and train code officers. Further, time taken for encrypting and decrypting is only for typing on a typewriter, thus taking very little time.
(2) In conversion of plaintext to ciphertext, the same letter is printed as a different letter each time. Thus, a third party is never given a chance of deciphering and the lifetime of the cipher is long.
(3) A letter order destructor is provided. Thus, even if the present device falls into the hands of a third party, if an attempt is made to look inside, the letter order destructor destroys the order of the letters. Thus, there is no risk of being deciphered. This is a characteristic of the present device, of which no analog is found in foreign devices.
(4) The order of letters may be easily changed with simple rules. Thus, by changing it occasionally, the security of the cipher is absolute.
(5) Printing plaintext and ciphertext at the same time makes it easy to organize documents as well as to detect and correct errors.
(6) The present device works at low voltage, leading to few electric faults. In addition, it also works by lamp outlet, which makes it very convenient to use.
(7) It has a robust construction.

2. Backgrounds of Recommendation of the Present Device
The present device was conceived by Lieutenant Commander Kakimoto of the Naval General Staff in 1927 and was granted secret patents (Secret Patent Nos. 79061 and 79062 issued on 22 November 1928). On the basis of consultation from the Vice-Chief of the Naval General Staff to the Vice-Minister of the Navy in November 1927, the Navy Technical Research Institute set about making a prototype in February 1928.
When the design was generally successfully implemented in July 1929, it was decided to use the present device in the London [Naval] Conference in the fiscal year of 1929 [ending in March 1930]. Nine sets were produced, of which two were supplied to the Foreign Ministry, two to the Naval Ministry, and five to the plenipotentiary delegation in London. During no less than 99 days up to the end of the conference, the device withstood continual use with an average of 2300 plus letters per day (Early devices were unreliable. In a 1925 test of Damm's device, no more than 1000 consecutive letters could be deciphered correctly. --Deavours, p.3), whereby encrypting and decrypting were conducted quickly and precisely. The capacity of handling transmissions was more than four times that with codebooks. The present device not only contributed significantly to promptitude and accuracy of communications for the conference but also was effective for maintaining their secrecy.
However, the device relied on a spring for power, which made its adjustment somewhat difficult and its construction not robust. Because of criticisms on these points, a project was undertaken to revise the system to work by electromagnetic force for the purpose of definite operations and robust construction. Production of its prototype was begun in May 1930 [after the London Naval Conference of January to April 1930].
For the Geneva [Naval] Conference (Wikipedia) [scheduled in 1932], it was decided that not only the Navy but also the Ministry of War and the Foreign Ministry were to use the device and its production was commissioned. By the end of December 1931, twenty were supplied to the Foreign Ministry. By the end of April 1932, ten were supplied to the Foreign Ministry and two to the Ministry of War.
The above devices were for roman letters and were supplied for use by overseas embassies and military attachés to embassies. Although the sets for the Geneva Conference were completed in no more than four months because of the budget etc. ("because of approval of the budget for the conference (including the cost for producing the device) and the timing of the conference" --p.28), as shown in the observations on separate sheets of the Chief of the Telegraph Section of the Naval Ministry, during 314 days from 5 February to 15 December, the Telegraph Section of the Naval Ministry could handle no less than 213,930 letters (681 letters per day on average) and the device is still now being used without problems. Further, as can be seen in the observations of the Telegraph Section of the Foreign Ministry and an adjutant of the Ministry of War, the present device fully demonstrated its capability and brought about a revolution in the history of Japanese encrypted communication.
For communications between warships in domestic waters and terrestrial radio telegraph stations, a Japanese-character printing machine was needed and was planned with the same system. During the year 1932, twenty-two were produced and were supplied to the naval stations, major ports, and flagships.
Regarding the Japanese-character printing machine, its name, structure, etc. were examined in a technical conference of the Navy in July 1932 to determine its design and guidelines. It was decided that in future the printing machine for ships would be remodelled to allow use by submarines. In accordance with the result of this conference, the device was officially adopted as ordnance as 91-Shiki Injiki [Type 91 Printing Machine] by Private Order on Ordnance No. 51 dated 9 September 1932.

3. Pros and Cons for Remuneration
It may be said the success of designing and producing the present device solved many difficult problems in encrypted communication:
(i) It ensured security of our encryption and eradicated the concern about its being broken.
(ii) It reduced time taken to prepare an encrypted message and decrypt it, allowing promptitude and accuracy of communication.
(iii) It could solve the problems considered to be most difficult in practice of encrypted communication, such as training code officers, storage and revision of codebooks, etc.
Its mechanism has quite a unique design and is far superior to foreign products such that it is beyond the reach of foreign products. The pain and effort of those concerned until the completion of the present device were remarkable. It is believed that their conspicuous achievement is worth remuneration.

4. Timing of Remuneration
The present device was previously used in the London [Naval] Conference and, with many additional improvements in view of its performance [at the Conference] and experimentation and study afterwards, proved its merits during the recent Geneva Naval Conference and its superiority was confirmed. Thus, it is believed that it is already time to remunerate them.

5. Degrees of Remuneration
Commander Kakimoto Genichiro of the Navy conceived the design of the present device in 1927, when he served at the Naval General Staff and obtained secret patents thereof. In particular, major features such as mechanical operation of encrypting and decrypting, a letter leap device to allow the same letter to be enciphered as different letters every time, and a letter order destructor, etc. are attributable to his creativity. Further, he occasionally joined production, experimentation, and research at the [Navy] Technical Research Institute, eventually contributing to the completion of this major ordnance. Such distinguished services are considered to entitle him to awards with conferment of an order and a bounty.
Engineer Tanabe Kazuo of the Navy was engaged in embodying the detailed plan of the present device according to the creativity of Commander Kakimoto when he served at the Electric Research Unit of the Navy Technical Research Institute. He continued research and experimentation for many years; occasionally made improvements; and eventually completed the present ordnance that provides accuracy, promptitude, and absolute security. Such distinguished services are considered to entitle him to awards with conferment of an order and a bounty.
Assistant Engineer Suzuki Eikichi was constantly engaged in the design, production, experimentation, and research on the present device as assistant to Engineer Tanabe, making no small pain and effort, which is considered to entitle him to awards with a silver cup and a bounty.
Captain Ito Risaburo of the Navy provided from the beginning appropriate leadership and advice to the conception and design of the present device by Commander Kakimoto and contributed to the completion of the present design and is considered to be worth awarding accordingly.

Later Version

The above draft was somewhat adapted in a later stage of recommendation. The section related to the mechanism is translated below (C05023390000 p.21 ff.).

2. Merits of the Present Device
(A) It consists of merely two typewriters and an electric circuit connecting them. When typing on the first typewriter, the text is mechanically turned into ciphertext on the second typewriter or the ciphertext is turned into plaintext. Thus, encrypting and decrypting are really easy and do not require many trained code officers.
(B) In conversion of plaintext to ciphertext, the same letter is printed as a different letter each time. Thus, a third party is never given a chance of deciphering and the lifetime of the cipher is long.
(C) The letter order changer is provided with a destructor. Thus, even if the present device falls into the hands of a third party, if an attempt is made to disassemble it to figure out the inside mechanism, this destructor operates to destroy the letter order changer and eliminates the state of its use. Thus, there is no risk of being deciphered. This is a characteristic of the present device, of which no analog is found in foreign devices.
(D) The order of letters may be easily changed with simple rules. Thus, by changing it occasionally, the security of the cipher is absolute.
(E) Printing plaintext and ciphertext at the same time makes it easy to organize documents as well as to detect and correct errors.

Appendix 3: Initial Patent Design

Of the two patents 79061, 79062, the latter is about an electric machine as with RED and provides more detailed explanation of the pin wheel etc. But the design is quite different from the RED machine described above. Probably, it shows the structure of the prototype used during the London Naval Conference, after which major design changes were made.

A cipher machine as described herein,
wherein each hitting on a tap [i.e., key] on one typewriter electromagnetically causes operation of the other typewriter via a current path changer for changing a current path by irregularly rotating on every hitting on a tap of the typewriter, and
wherein plaintext is turned into ciphertext and the ciphertext can be translated into the plaintext with the same machine with numerous combinations by changes of the starting position of a rotor of the current path changer, the starting position of a pin wheel, the arrangement of pin pieces [sectors] of the pin wheel, and electric wiring of a letter order changer.

It can be seen the curent path changer 3 is quite different from the rotor of the RED machine. The letter order changer 7 would be similar to the plugboard of RED.

The handle 23 on the pin wheel 11 allows reverse rotation when there is an error.

The other patent (79061) also uses two typewriters to produce plaintext and ciphertext at the same time. It uses two identical disks with character types on the periphery. Presumably, rotation of the disk changes the substitution pattern. Depending on whether encrypting or decrypting, one of the disks moves every time a key is hit by spring mechanism according to a pin wheel. (In the electric version of the 79062 patent, encryption and decryption are switched by reversing the direction of current.)

The 79062 patent explains adjustment of the current path changer and changes in the starting positions allow about 4610 different substitution patterns. The 79061 patent also refers to the 4610 patterns but explains it is obtained by the starting position of the character type disk, the order of the character types, and the arrangement of pins of the pin wheel. The latter seems wrong because if the order of the characters is taken into account, there would have been as many as 26! (for alphabetical letters) or about 50! (for kana) patterns (which is really a big number). Both patents explain that with the same settings, the same word in the plaintext is never turned into the same ciphertext within about 600 letters.

Additional Remarks (18 December 2021)

The remuneration discussed in the document in Appendix 2 above is for the development of "91-Shiki Injiki", that is, ORANGE rather than RED. So, from the navy's perspective, the first cipher machine was ORANGE, though both RED (for alphabetical letters) and ORANGE (for kana) are said to have been similar (Michael Smith, The Emperor's Codes, p.65; Wikipedia) and both were officially designated "91" (from the year 2591 in the Imperial Calendar corresponding to 1931 in the Western calendar). In the first place, from this document, it is clear that the prototype first used during the London Conference in 1930 was for alphabetical letters (as in RED).

Regarding the difference between the prototype and the finalized RED and ORANGE, since the spring mechanism of the prototype used during the London Naval Conference caused troubles, the device was revised to work by electromagnetic force. In the Geneva Conference in 1932, not only the Navy but also the Ministry of War and the Foreign Ministry used the device (Cf. The document in Appendix 1 says two were for the Foreign Ministry for the London Conference in 1930.).

Now, the remuneration document says the device of the patents Nos. 79061 and 79062 was used in the London Conference. It is wondered which.

The description of 79061 patent is cursory, but the overall structure comprising two typewriters, reference to the pin wheel (not explained at all), and the numerical values 4610 or 600 in the assessment of its strength all seem to indicate it is similar to the 79062 patent in the mechanism for achieving irregular stepping. The 79061 patent works mechanically, while the 79062 patent employs electromagnetics. Although I wrote in the above that the electric machine of the Japanese Patent No.79062 prorably "shows the structure of the prototype used during the London Naval Conference, after which major design changes were made.", if the remuneration document is correct in stating that the device was revised to work by electromagnetics after the London Conference, the 79061 patent may be closer to the prototype used in London.

According to further sources, the first Japanese cipher machine was an imitation of Kryha (長田順行(Nagata Junko) (1983)「日本暗号戦史」, 『歴史への招待27』(Introduction to History 27)日本放送出版協会, p.142-144; 山本正治(Yamamoto Masaharu)(1992)「海軍暗号機と暗号関連事項について」, 『海軍史研究』no.2 p.84-90; Introduction to History 27 includes an interview of Yamamoto and others p.149). Yamamoto's recollection provides some more details, including a statement that electromagnetics was introduced after the London Naval Conference:

The [prototype] machine worked in principle in the fashion called the Kryha scheme from Germany, in which the relative position between a table for specifying a plaintext letter and a ciphertext letter table for obtaining a ciphertext letter is irregularly changed for every letter by gears with gaps. Specifically, it works electromechanically. There is a circuit whereby a plaintext letter typed on a typewriter is automatically converted to a ciphertext letter. The gear for changing the circuit was powered by mainspring of an old gramophone. It was said that six or seven machines were produced at the time....
In the London Conference, the Army, the Navy, and the Foreign Ministry used this machine.
In the following year, 1931, the machine was designated Type-91 Cipher Machine as official ordnance of the Navy.... In 1932, it was used in offices of overseas officers in Rome, Moscow, etc. Power was improved to eletromagnetics. However, there was poor contact at letter conversion electrodes. The Foreign Ministry also used this as Type-A, but the United States at the time of World War II called it RED (Red Cipher).

This is a personal recollection in what seems to be a private publication by veterans and related people, and should be collated with other sources.

References

B04122581000 Navy's proposal of introduction of cipher machine (9 July 1930) (translated above)

C05023390000 documents related to remuneration of the developers of the RED machine

C01003761500 a report on the Soviet publication Constantinople and the Straits

Cipher A. Deavours, Louis Kruh (1985), Machine Cryptography and Modern Cryptanalysis

Edwin T. Layton (1985), And I was There: Pearl Harbor and Midway -- Breaking the Secrets

Chris Christensen (2021), "The Imperial Japanese Navy IKA Cipher Machine" (HistoCrypt2021)