the IDIOT

PGP is an exciting thing. but while i get the concept and operation, i don’t understand it as well as i like to understand most things (quite deficient mathematically). the enigma machine, on the other hand, i understand almost completely, and it’s a trip. as simple as it is in concept, the encryption it offers is still quite deep, especially if you know nothing about the machine that generated the code you’re trying to crack.

the standard 3-rotor enigma machine ran a voltage from the pressed key through an effective total (with a limitation discussed below) of 7 single-translation disks, 6 of which rotated. (there were really only 3 rotors, but the signal was sent through them twice via a “reflector” disk on the end, which i’m counting as the effective 7th. later machines added multiple disks to the reflector, and i’ve seen one reflector that was user adjustable, albeit with difficulty.) at least one rotor shifted one click with each keystroke, thereby giving a new alphabet every time. operators needed the starting rotor positions (usually supplied ahead of time for each day), then they sometimes sent new positions as the first part of the message. policies, and even equipment, differed among branches of the german military.

still, all each rotor did was change the incoming “letter” to a different letter via 26 arbitrary but permanent internal connections. by selecting only 3 of the 5 standard rotors and putting them in the prescribed order for that day (or whatever), a practically non-repeating chain of alphabets was enacted that was quite difficult to decrypt, or use as a base to decrypt later messages. the machine included a patch panel to further skew the coding, and of course those parameters needed to be conveyed externally as well (you can see and use the actual settings on intercepted messages if you download the sim mentioned below). a minor mod later allowed each rotor to be offset from its displayed setting — more parameters to set up.

reading how the enigma machine was compromised is fascinating. had the germans followed strict procedure, they might have preserved their privacy, at least in large part. however, they slopped it up in many ways, giving generous clues to the code breakers. one helpful clue came from the design of the enigma machine — it could never code a letter as itself. still, what recent security experts assert held true then too: most security lapses are from human, not system, failures (e.g., a user who writes his passwords on a post-it note left in his desk drawer).

if you enjoy WWII history at all, you should download the kickass enigma machine sim at this site, spend a few minutes understanding how to assemble and set it up for a message, then do the really fun part — decrypt an actual message intercepted from the germans during the war:

Befordert am: 07.07.1941 1925 Uhr Durch:
Funkspruch Nr.:20 Von/An: f8v/bz2

Absendende Stelle : SS-T Div Kdr An: LVI A.K.

fuer m7g 1840 – 2tl 1t 179 – WXC KCH -

RFUGZ EDPUD NRGYS ZRCXN
UYTPO MRMBO FKTBZ REZKM
LXLVE FGUEY SIOZV EQMIK
UBPMM YLKLT TDEIS MDICA
GYKUA CTCDO MOHWX MUUIA
UBSTS LRNBZ SZWNR FXWFY
SSXJZ VIJHI DISHP RKLKA
YUPAD TXQSP INQMA TLPIF
SVKDA SCTAC DPBOP VHJK

wow, but is that fun! you feel like you’re back in the 40s doing it for real. even with some modern shortcuts, setting up the machine is hard work. you have to hand it to the people who dealt with such a cumbersome device. can you imagine decoding a message by looking at which bulb is lit while you hold down a key, having to keep your exact place because any extra key presses would advance the rotor(s) and toss the correct alphabet? jeez. how do i know this? because i just did it yesterday on the sim. i think there were typically at least 2 people decoding, but it must still have been a bear. [BTW, if you try the sim and have any trouble setting up the rotors, reflector, or patch panel to decode the actual message samples, feel free to email me; i'll help if i can. there are a couple of crucial details that aren't very obvious.]

years ago i dived U-85, a german sub sunk off cape hatteras. it was at 110′ or so, and quite a thrill to visit since it wasn’t completely hosed over by “restoration” nonsense (as at the alamo and other sites easy for interfering dipshits to back up a wheelbarrow to). i didn’t know it then, but i was only a few feet (separated by a thing known as “the hull” — heh heh) from 2 real enigma machines! they were recovered in 2001 by some serious U-85 freaks. U-85 was also one of the rare times on a group dive that i was blessed with the freedom of being alone (almost unheard of with the nazi “buddy system” that ruins most recreational diving, in my opinion). it was just i, alone at the bottom of the atlantic, skimming alongside the sub and imagining what it must have been like in that final battle. nice memory, courtesy of a pretty cool dude who realized it was okay to escort his spooked girlfriend back to the top while leaving me to enjoy myself. wish i had been involved in that enigma recovery. serious stuff going inside that mucky rig.

if you’d like to look more into the enigma machine, here’s an artistic online sim (flash) that might not be fully appreciated until you understand the inner workings of the real machine. it’s much simpler than the sim mentioned earlier, but both have kickass benefits that you almost wouldn’t want to be intermingled. try and savor ‘em both. tasty, modern design on the flash one. here’s a bare bones online sim, but it didn’t do much for me, much as i admire whoever put it together.

two immediate questions i had when reading about the engima machine: 1) can i buy an original one, and 2) can i buy a replica?

yep, original ones are sold, but only rarely, and for between $10k–$40k. on the replica side, i think you can only buy a DIY electronic version right now, but that’s not my bag; it’s the mostly mechanical aspect of the enigma machine i find attractive and beautiful. and speaking of mechanical beauty, take a look at this new, hottie descendant of the enigma machine. i’m in love!

geeky ramblings
depite the wonderful design, there were comparatively simple things they could have done to make the enigma even more difficult to crack, such as varying the rotation rates of rotors 2 and 3 (the standard was that the following rotor only clicked once for every complete rotation of its predecessor, meaning the 3rd one didn’t even move for most messages). another problem that shouldn’t have been too difficult to overcome was the inability of enigma to code a letter as itself. from studying the schematic of the enigma, it seems that the biggest obstacle for that change was the “reflector” that sent the signal back through the same set of 3 rotors — an efficient way to further boggle up the incoming letter while keeping the same basic mechanical design, but one which always returned the voltage through a different path. [UPDATE: see Dirk's (creator of EnigmaSim) excellent human-action oriented comment below about the setting simplification offered by the reflector — a point i'd ignored in this post] so while the letter may temporarily have been coded as itself along the way, there was no way it could return to the original pin of the first rotor. one apparent option would have been to grab the signal before it entered the final rotor on the return path, but that would mean a complicated rotary connector with all sorts of potential for getting dirty and screwing the pooch. speaking of dirt, i wonder how often they had to clean the contacts on the rotors. can you imagine missing a letter because of dirt, then having to repeatedly return the ratcheted rotor(s) back to the same position to try again? ha!

if the reflector had been replaced with 1 disk and 3 rotors to accomplish the same thing, a letter could have ended up coded as itself on the far side. any modifications required downstream (in the switches, if the schematic’s accurate), would have been minor, but only after the mechanical nightmare of that first part.

the design of the patch panel is intriguing, since it acted both on the outbound and return trips. i’m wondering why they didn’t simply have it act on one trip, which would have allowed a letter to be coded as itself (unless my brain’s shorted and i’m missing something). maybe they didn’t understand that it was a flaw. or perhaps they thought it gave twice the bang for the buck. i don’t think the problem is that it could lead to multiple possibilities for the same letter. (any enigma machine geeks reading this, please educate me if you don’t mind.)

[UPDATE: dirk's comment below definitely ruins my brief implication that maybe the reflector self-letter cancel problem could have been "solved" if somehow they'd been able to grab the signal at the penultimate rotor on the return trip; then the simplification "benefit" of the reflector (same settings in and out) would be gone — still probably a superior solution, but not a plausible one given the knowledge at the time, where the human frailty of the enigma chain was devalued in analysis by focusing on the theoretical power of the device's encryption).

his comment also might answer my question about the dual-path design of the patch panel, though i'm going to save thinking about it for later (possibly forever, since i don't have a verifiable schematic of the machine). sure would be fun if somebody made an "erector set" version of the enigma (kinda like on a robust breadboard) where you could fiddle with mods yourself. i don't have enough energy to commit to doing that though. maybe i'll draw it out on paper one day though; easier for my sadly skewed brain.]

Posted 20050422 18:41 under neato. Follow responses through the RSS 2.0 feed. Both comments and pings are closed.