lect1  Lecture 4
"Cryptography in Transition (Enigma) [from mechanical devices to electronics]"

Here are some "after the lecture" notes and pointers.
See the next lecture for the lecture notes.
 

Enjoy Java Enigma simulators! [You need to turn on Java/Java Script]

ENIGMA Applet [authentic version!]
Virtual ENIGMA [with Trace Diagram!!]
ENIGMA simulator [has no Enigma stepping peculiarity]

Brief Sketch of the Lecture

1. Historic connections
Alberti's disk, Vigenere, and Rotor machines
[all are polyalphabetic, all based on rotating alphabet disks].

2. First Rotor machines.
The inventors: Lester Hill, Edward Hebern (ECM),  Arthur Scherbius (Enigma),
Arvid Damm (Cryptotyper), Hugo Koch, Boris Hagelin (M-209) [Kahn, pp.394-434]

3. The Enigma Cipher
The first patents related to Enigma date back to 1919 (Koch's reflector). The first
commercial version appeared in 1923. With various improvements it was adopted
by the German Navy in 1926,  and the Army in 1928. Final "revised standard" for
Wehrmacht was issued in June 1930. The Air Force adopted the machine in 1935.
It was also used by the Abwehr, the the railways,  and other government departments.
Each department used its own variant of the machine, following successive refinements
and changes in operating instructions until 1945. At least 30,000 machines were
used during the war. In 1945, the wirings of the rotors from 1920s was still in use.
[Cipher A. Deavours, Louis Kruh, "Machine Cryptography and Modern Cryptanalysis",
Artech House, 1985.]
 
 

Basic Key-distribution/key-setup process (for some more details see here):
    a. rotor wirings   (were fixed for many years)
    b. rotor order, changed quarterly (three out of five I,II,III,IV,V) (Walzenlage)
     5x4x3 = 60 possible orders
    c. ring setting - relative shift of the letter ring and the internal wires (Ringstellung)
     26x26x26 = 17576 possibilities
    d. plugs (Steckerbrett)
     about 10^11 possibilities (for  6 plugs)
    e. day keys, also called 'indicator settings' (Grundstellung)
     26x26x26 = 17576 possibilities
    f. random message keys: (AAA, QWE, QSC, QAZ, WSX,...)
    g. the message keys were encrypted under a day key twice: QWE QWE
    h. messages were limited to 180-250 letters

Example of a key setup:
Date                Rotor Sequence    Ring Setting         Indicator Setting (Day key)       Plug connections



01.09.1939    IV    I    II                  12    15    21             X    A    E                                    AB    HU    YS    CZ    MI    OS    TD

4. Modifications through the years
It was the introduction of the plug-board (1930) that made German cryptanalysts believe
that the Enigma machine was unbreakable. The number of plugs in use varied from
four to all 13 depending on the organization using the machine and the year. Abwer
used plug-less machines. The Army used six plugs until November 1937, after
which the number of plugs varied from five to eight each day. In November 1939
the number of plugs was increased to 10. This last change obviated certain Polish
methods of cryptanalysis.

It is easy to get lost in the various modifications and  changes of operational procedure
of the Enigma cipher. We will thus consider only the Army variant. The standard
Wehrmacht practice was to use day key (Grundstellung - ground setting) known to
everyone on the network in order to encrypt message-key pairs. In September 1938
this idea of a common ground setting was abandoned. Each operator now chose his own
ground setting at random, which was sent in clear together with the twice-enciphered
message key. In May 1940 the double encipherment of the message key was abandoned.
 

    a. Plugboard introduced (June, 1930)
    b. Change in a key-setting method (15.1.1938)
    c. Rotors IV and V added (15.12.1938)
    d. Sharp increase in the number of plug connectors (1.1.1939)
    e. End of a key-pair encipherment (1.5.1940)
    e. Naval Enigma modifications: use tree rotors from eight (1939), faster stepping
5. Some properties of Enigma:
    a. It is an involution (application twice is an identity, due to a reflector)
       thus decryption is exactly the same as encryption.
    b. A letter can never be encrypted into itself, thus the 'cribs' which posses
       this property are obviously wrong ones
    c. The wirings of the rotors can be found here
    d. Stepping function peculiarity (the length of cycle is 26x25x26 = 16900, not 17576)

    Whenever the slowest rotor was steped the mid-rotor stepped too. Thus some of the intial settings
    are without predecessors, and some have more than one predecessor. Details are given here.
 

6. Polish cryptanalysis of the Enigma
Performed by three mathematicians: Rejewski, Zygalski, Rozycki, 1934-1939
Reconstruction of the wires. Cyclometers,  first bombes and perforated sheets.
[Deavours, Kahn, Kruh, Mellen, Winkel, "Cryptology: Machines, History & Methods"

Marian Rejewski "Mathematical Solution of the Enigma Cipher", Cryptologia, Vol.VI, No.1, 1982.
(is also given in a survey book above)]
 
 

Marian Rejewski

7. British analysis of the Enigma
    a. Turing's idea of loops (The Bombe), in a Probable word attack.
    b. Welchmann's idea of diagonal board (use all the implications), thus
        much shorter crib can be used (12-14 letters, instead of >20).
    c. Parallel guesses for all 26 plug  settings
    d. Array of Enigma's doing exhaustive search over all 17576
        (676 less due to Enigma stepping peculiarity), 5-seconds per rotor position [1 hour total]
    e. Loop-detection by lamps.

Some pointers (Web explodes with information on Enigma)

Ciphertext-only attack on Enigma
Codebreaking and Secret Weapons in World War II
Allied Breaking of NAVAL ENIGMA (by Ralph Erskine)
History of Enigma from NOVA
Turing's Treatise on Enigma (selected chapters online)
Bletchley Park (Enigma Java applets!)
History of Solving the Enigma
Enigma and the Turing Bombe
3D Enigma animation (??)
LANAKI's course (Lecture 9)
Mathematical Solution of the Enigma Cipher