[Cryptography] how to detect breakage -- lures etc.??

[Arnold Reinhold]

> On Dec 31, 2019, at 5:41 PM, John Denker <jsd at av8n.com> wrote:
> 
> There are a lot of things the Germans could have done if
> they had realized how thoroughly broken Enigma was.
> 
> The Enigma machine was /almost/ unbreakable.  It took
> tremendous cleverness and enormous resources to break it.
> A layer of modest superencryption would have pushed it
> far, far out of reach of the codebreaking technology of
> the day.
> 
> The Enigma has some strengths and some weaknesses.
> The main weaknesses are:
>    a) The session key is waaaay too short. 
>    b) The state of the machine doesn’t change enough from one letter to the next. 
>    c) No letter can encode to itself. 
>    d) The blocksize is too small (letter by letter). 
>    e) It is vulnerable to operator errors, including weak keys. 
> 
> You can fix all of these except (d) at very low cost.  In
> particular, it wouldn't take much to increase the key-space
> from 26^3 to 26^5 or even larger.
> 
> With help from Bear I worked out in some detail one particular
> way of doing this:
>  https://www.av8n.com/security/enigma-2.5.htm

You may be right about a "layer of modest super-encryption” rendering Enigma completely secure, but I would like to see a more thorough analysis. Desperation might have driven the allies to make more of an effort to steal machines and give more attention to all electronic solutions rather than electromechanical ones. Necessity is the mother of invention.

We know what William Friedman, who rejected Enigma for U.S. use, thought was needed in a rotor machine. (https://www.nsa.gov/Portals/70/documents/about/cryptologic-heritage/historical-figures-publications/publications/technology/The_SIGABA_ECM_Cipher_Machine_A_Beautiful_Idea3.pdf?ver=2019-08-07-124409-850) The SIGABA/ ECM-II sets, which by all accounts was never broken during the war, included: 

* five rotors in the alphabet maze, chosen from a set of ten
* pseudo random stepping of the five rotors, at first controlled by an additional set of rotors
* no reflector, eliminating the “no letter can encode to itself” weakness, at the expense of a bulky 26+ position encrypt/decrypt switch 

Also, using a cipher disk for super encryption would have doubled the labor needed to encrypt and decrypt messages and probably would have increased the number of garbles and request for repeats that can be gold for the cryptanalyst. 

To me the more interesting question is what would have been the impact on allied Enigma breaking if the German had adopted the same basic security steps that the U.S. employed with SIGABA:

* guidance for operators in selecting random message keys. (Dice would work, of course, but playing cards seem more practical. Just shuffle and deal three cards. The reduction in key space for a Skat deck, 26*25*24 vs 26^3, would not be significant.)
* message padding to eliminate easy cribs at the beginning of messages (The German Navy did take some measures to reduce cribs, but not enough)
* use of separate daily keys and indicators for messages at different security levels

Another simple fix would be to supply users more rotors to choose from.  Two more rotors would increase difficulty by a factor of 56; three more by a factor of 504.

Note that the German Navy did use a more complex indicator system, and had a special procedure for “Offizier’s" messages that double encrypted with Enigma. Both created considerable difficulty, but were broken to varying degrees. (See Budiansky’s Battle of Wits, esp. Appendix B.)

What the U.S. lost by its more complex machine was portability. The German Enigma was modest in size and weight compared to the radios it was used with, and it was mostly mechanical, only requiring a battery and using less power than a flashlight. 

> On Jan 1, 2020, at 5:31 PM, Ray Dillinger <bear at sonic.net> wrote:
> 
> f we're going to bring up rotor machines though, I've got a thought. 
> Remember the flat rotors that were made for the bombes?  They had all
> their contacts on one side, just because that made it convenient to set
> up the machine.  You could pop them in and out independently, without
> tearing down a stack and the machine around it, and setting it up
> again.  
> 
> Why weren't the rotor machines made that way in the first place?
> meaning, rotors making contact with contacts on the body of the
> machines instead of with each other?

One simple answer is size, cost and complexity. Each bombe was massive, weighting a ton and containing some ten miles of wiring, While a bombe had the equivalent of 36 Enigma machines, dividing those numbers by 36 still produces a bulky device. And there were many more moving electrical contacts involved, which reduce reliability. The bombe were notoriously finicky, even though there were operated in fixed indoor facilities. Stacked rotor machines with enough rotors and complex stepping were reasonable secure (unless the key lists were stolen as happened with the Walker spy ring) and were in use by the U.S. through the 1970s (e.g. NSA’s KL-7 and Soviet Fialka). 

Arnold Reinhold