[Cryptography] Nundrum cipher = hypothetical WWII cipher machine = can Enigma/Tunny be fixed?
John Denker
jsd at av8n.com
Sun Oct 30 17:56:30 EDT 2016
On 01/04/2015 04:56 PM, Henry Baker wrote:
>> What would be required to "fix" these codes for modern usage, e.g.,
>> converting the mechanical bits into software, adding more wheels,
>> etc. ?
I prefer to look at a more challenging question, namely how
to create a more secure machine using technology that was
*available at the time*.
On 07/17/2015 10:56 PM, Ray Dillinger wrote:
> He's writing a WWII spy thriller, and the MacGuffin is a
> super-duper cipher machine that the protagonist and his little
> group have to prevent from falling into the hands of the Axis.
> Having broken Enigma, the Allies don't want them adopting
> something that's actually secure.
OK.
> One of the problems with Enigma, and most rotor machines, is
> that too much of their state is static.
Yes indeed. A related point is that the state vector is just
not large enough.
> Will it make real cryptographers laugh?
Cryptography exists at the intersection of fancy mathematics and
down-to-earth engineering. Here is my attempt at a machine that
could be built using methods and materials of the time: It's
called the Nundrum machine:
https://www.av8n.com/security/nundrum.htm
The key idea is to use a large number of very simple rotors.
This stands in contrast to Enigma, which used a fatally-small
number of unnecessarily-complicated rotors.
It uses a large state vector, with relatively rapid changes
in state.
It comes with procedures to ensure a random session key, i.e.
no cillies.
I'm not claiming it's unbreakable in the modern sense, just
that it would have been ridiculously hard to break using the
methods of the time.
I would argue that codemakers of the time worried too much
about what happens when different messages are sent using
the same session key ... and didn't worry enough about making
sure you just never see a repeated key or a related key.
The design basically follows a checklist approach: Look at
the weaknesses of Purple, Enigma, and Tunny, and don't make
those mistakes. Those machines were just barely breakable at
the time, and relatively small improvements would have pushed
them beyond reach. Nundrum avoids the worst features and
borrows the best features from each, and from NeMa and SIGABA.
It tries to uphold Kerckhoffs' principle: Even if the adversary
knows everything about the machine, they still can't break it
without the key.
Some diagrams and 3500 words of discussion can be found at
https://www.av8n.com/security/nundrum.htm
It might or might not be useful as a novelist's Plot Device
with a
> cool, interesting, understandable illustration
The illustrations are readily understandable, but perhaps /too/
readily understandable, and not sufficiently flashy. Perhaps
the novelist could lampshade this by saying the power isn't in
the complexity but in the simplicity ... and in the large number
of rotors. It's an emergent property. One quill taken from a
porcupine isn't very scary, but the living porcupine as a whole
is not to be trifled with.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161030/900b6a4b/attachment.sig>
More information about the cryptography
mailing list