Hacker News new | comments | show | ask | jobs | submit login
Cryptanalysis of Enigma (practicalcryptography.com)
74 points by lisper on Nov 1, 2016 | hide | past | web | favorite | 12 comments

I just want to mention that this site uses a kind of informed brute-force attack on Enigma. If you're interested in the wide range of techniques used to break the Enigma code in Bletchley Park without the use of a programmable computer (the machine they used, The Bombe, was essentially a bank of enigma wheels, hooked up to wires which generated logic circuits as the wheels rotated) then read Hodges biography of Turing.

If you don't have that exact book to hand, you swine, then the wikipedia page looks comprehensive from a glance, if a bit inaccesible.


The impressive thing about Enigma was that unlike most previous ciphers it was "secure" in the sense that even if you know its implementation details you still cannot break messages without a brute-force search. Particularly when the plugboard was used.

The key mistake was underestimating the ability to automate and parallelize a brute-force search. Turns out a keyspace of 3^26 is just too small. User error was a large contributing factor, of course, and ensured that the implementation details were always leaked. But when it came down to it, the Polish and British intelligence services could simply break the codes on a near-daily basis.

Well, also its susceptibility to both known-plaintext attacks and statistical analysis, though it depends a bit if you're talking about the army version of the enigma or the navy version. Also until very late versions, the machine couldn't map a letter to itself, which was another critical vulnerability.

The actual keyspace was around 76 bits [1], which is fairly respectable, particularly for the mid-20th century. Much of the weakness was, in fact, the result of the Enigma being an early device in a nascent technological field -- ie, the result of failures in the Enigma's design, as well as procedures surrounding its operation (not just operator error; for example, Polish cryptanalysts used the procedural repeating of the rotor setting initialization (it's conceptually similar to an initialization vector in modern crypto) to break early versions of the machine as early as 1932.

[1] https://en.wikipedia.org/wiki/Enigma_machine#Details

Another early device problem was the threat model post WWII is of course nations will put up a near Manhattan Project level of effort which turns out to be just enough to break it, everyone knows that.

Pre WWII of course, they figured if a PHD mathematician couldn't crack it in a couple hours with chalk and chalkboard, well, surely they'll just give up, right?

The ratio of optimism to pessimism was a bit off.

> The ratio of optimism to pessimism was a bit off.

Not much has changed then.

There is also a really good book called Cryptonomicon by Neal Stephenson that has a lot to do with Bletchley Park and WW2 in general. Less informative but more entertaining.

um, you know that book is fiction, right?

It's fiction, but there was a lot of interesting information in there about codes and codebreaking.

"The Code Book" by Simon Singh is the non-fiction book to read if codes and codebreaking interest you.

I was surprised about this bit:

It is interesting to note that the actual key settings used the indicator 'SIG' with ring settings 'PMP', but the [different] recovered key gives an identical decryption.

So there are keys of the enigma that produce the same ciphertext? Wouldn't that reduce the practical keyspace dramatically?

Also, would that mean a message could be "hardened" by referring to the original key within it? (E.g. "Execute order <second letter of indicator><first letter of indicator>)

David Kahn's books "Codebreakers" and "Seizing the Enigma" are both very good and detailed reads.

So reassuringly similar to my own attack on enigma :) http://williamedwardscoder.tumblr.com

The thing that helped me most was building a paper enigma.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact