|
ICSA Guide to Cryptography Randall Nichols $69.95 0-07-913759-8 |
|
| Chapter: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 9 | 10 |
| Reserve your copy at a Beta Bookstore near you! |
Contact Bet@books © 1998 The McGraw-Hill Companies, Inc. All rights reserved. Any use of this Beta Book is subject to the rules stated in the Terms of Use. |
Rotor machine cryptography became popular in the 1930’s, 40’s and 50’s. It was thought that longer keys in polyalphabetic substitution systems would provide stronger cryptograms and hence strong cryptosystems. Machines were developed to extend the cryptographic key. Unfortunately, machine cryptograms were breakable (with some heavy use of logic and a little bit of early computer help).
Code Systems
A code system is a highly specialized form of substitution. The basic principle underlying code systems is the replacement of entire words, long phrases, or complete sentences constituting the plain text of a message by arbitrarily selected equivalents having little or no relation to the elements they replace; these equivalents may be other words, groups of letters, groups of figures, or combinations thereof.
This replacement process is rarely applied to elements smaller than whole words and when this is done the elements are single letters, groups of letters, or syllables. In a codebook, the words, phrases, and sentences are listed in a systematic manner and accompanied by their code equivalents; correspondents must possess identical copies of the document in order to be able to communicate with each other. An ordinary dictionary may serve the purpose of code communication, so far as single words are concerned, but as a rule a specially prepared document containing the words, phrases, and sentences suited to particular types of correspondence is used. In the U.S., they are called codebooks or codes. Other names come from different locations: repertories, wordbooks, and cipher dictionaries.
Tritheim Code Book
One of the earliest codebooks was developed by the Benedictine Abbot, John Tritheim. He collected many of the ciphers used in the European courts. He was familiar with the occult and proposed a code based on cabalistic words wherein he tried to hide the real meaning under cover of a mysterious language. The courts burned his book "Polygraphia" in great pomp and ceremony. John was lucky that he didn't go with the fire. The first edition was published in Latin in 1518, a French translation in 1541, followed by a German translation.
Part one of Polygraphia consisted of a number of code words for each letter of the alphabet but arranged in such a manner that if each letter of the message was replaced by a code word, the result was a complete sentence having an innocent meaning. Table 5-1 shows a section of the fourteen coded alphabets.
Table 5-1
Tritheim's Code Alphabets
1st 2nd 3rd 4th
A Jesus Immortal Producing Angels
B God Omnipotent Saving Archangels
C Saviour Compassionate Illuminating Saints
D King Ineffable Conferring Spheres
E Pastor Universal Moderating Heavens
F Author Almighty Expressing Sea
G Redempter Magnificent Governing Earth
H Prince Puissant Disposing(of) World
IJ Maker Just Dominating Men
K Conservator Sempiterneal Creating Sun
L Governor Celestial Cognising Moon
M Emperor Divine Guiding All
N Moderator Excellent Blessing Hierarchies
O Rector Triumphant Constituting Bodies
P Judge Clement Confirming Spirits
Q Illustrator Peaceful Conducting Souls
R Illuminator Pacific Sanctifying Times
S Consolator Invisible Honoring Humanity
T Sire Eternal Ministrating Ages
UVW Dominator Invincible Exorcising Eternity
X Creator Benign Elevating Firmaments
Y Psalmist Pitiable Sustaining Stars
Z Sovereign Incomprehensible Vilifying Air
& Protector Excellent Ordering Cosmos
An example Tritheim code cipher text might read:
(The) King Triumphant Blessing (the) Bodies Manifests (to the) Catholics Pure Consolation (together with) His Servants (in) Perpetuity The Majesty (of the) Rector Devotedly Treated. Amen.
Note the interesting and rich language in the above alphabets. The unfortunate thing about Tritheim's codes was that coded messages required as many words as there were letters in the plain text, which made for a long cryptogram.
From Lloyd to Marconi
Edward Lloyd ran a coffeehouse in Tower Street, London, during the late 17th century. An enterprising man, he noted that several brokers used to discuss their business over coffee. To sell more coffee, he decided he must make things easier for them. Therefore, in 1688, he instituted a blackboard, and then a weekly bulletin of shipping information. More brokers that were independent came and consumed his coffee while doing their business. He later moved his coffeehouse to Lombard Street, in the very center of the old city of London frequented by merchants of the highest class. It was not until 1774, with the rapid increase of marine insurance business, that a committee was set up and a constitution formed which has remained practically unaltered to the present day. There is no longer a Lloyd’s coffeehouse, yet the name is preserved, and Lloyd’s is known all over the world as the center of the Marine Insurance business.
Lloyd’s devised a method of signaling between sea and shore, so that advance news of ships and cargoes might be received. A primitive projector was set up and a system of light signals based on the Polybius' system was started. This gave rise to the use of codes for commercial purposes; and apart from the Venetian merchants in the eighteenth century, Lloyd’s signals were the first to come into general use.
A system of rapid communications known as " aerial telegraphy", employing semaphores on high towers visible at considerable distances, was instituted in Europe in 1794. Whole phrases or sentences could be expressed by one group of signals.
In 1825, codes employing figure groups were in common use and the Telegraphic Vocabulary Code was used between Liverpool and Holyhead for the semaphore telegraph. Words, phrases, and long sentences appear in this code; each represented by groups of one to four digits.
The earliest practical trial of electric telegraphy was made in 1837 on the London and North Western Railway, and the first public telegraph line, under Wheatstone and Coke Patents, was laid from Paddington to Slough along the Great Western railway in 1843.
Brewell published his Mercantile Cipher for condensing telegrams in New York in 1860. It used five letter code groups to indicate English dictionary words producing a complete vocabulary sorted by categories.
ABC Code
The ABC code, also based on dictionary words, first appeared in 1874. (Refer to Table 5-2) Up to 1872, the telegraph companies, by international agreement, charged pronounceable code language words as plain text; the higher tariff applied only to cipher or numeral language. These were charged for at a rate of five characters per word; and in 1875, at St. Petersburg, the maximum length was fixed for either plain text or code words at seven syllables. This led to abuse, such as words as Chinesiskslutningsdon - 21 letters, but only six syllables were used by coders.
The rule was changed to apply to European or Latin words but not artificial words. In 1903, code words of ten characters were allowed. They had to be pronounceable to be authorized for transmission at the cost of plain text words.
Table 5-2
Example of ABC Code Page
Code No. Half Code Meaning
Word
00000 ABAAA 'ABC' CODE
00001 ABADE Please use 'ABC' Code 6th
edition
00002 ABAEF Please use 'ABC' Code 6th
edition and Code ---- (s)
00003 ABAFG Please Use 'ABC' Code 6th
edition and private Code
00004 ABAGH Using 'ABC' Code 6th edition
00005 ABAHI Using 'ABC' Code 6th edition
and Code -----------
00006 ABAIJ Abandon
00007 ABAJK Abandon altogether
00008 ABAKL Abandon for the present
00009 ABALM Abandon or (---)
00010 ABAMN Abandon the action
In 1904, Whitewall’s Telegraph Ciphers appeared with 400 million pronounceable words. Not really a codebook, it was a list of "artificials" used for private codes. These code words were composed of five letters only, for example FORAB, LUFFA, LOZOJ, etc. as are all words used in commercial codes today. Twenty-thousand words of five letters each were given, and since each was pronounceable, and any two of these words could be joined together to form a compound word which was chargeable according to telegraph regulations as one word, so 20,000 2 gave the total of potential words as 400 million.
In 1906 Bentley's code appeared, a compact phrase book based on five-letter groups, applicable to business affairs in general. It cut the cost of international transmissions by half.
Morse Code
Samuel Finley Breese Morse was born in 1791 in Charlestown, Mass. An artist by profession, his invention of the electric telegraph and development of the familiar dots and dashes of the Morse code is one of the major precursors of the modern Communication age. He based his Morse code on the frequencies of letters calculated on quantities of type found in the printing office. Since his frequency tables are an enormous help in deciphering every code, let's compare here the original calculation made by Morse with the Normal Frequency and the Telegraph Frequency. (See Table 5-3)
For the letters, which were most frequent, he used the simplest combination of dots and dashes. An automatic contrivance was used to alternately transmit and suspend electrical current during longer or shorter intervals and reproduce the effect at the other end of the wire on strips of paper.
Table 5-3
Comparative Table of Order of Morse's Count with Telegraph Frequencies
Printer Actual number of Order of
Frequency letters found by Normal
Morse at his printer Frequency
Morse's
Original
Order
E 1st 12,000 1st
T 2nd 9,000 2nd
A 3rd 8,000 3rd
I 3rd 8,000 6th
N 3rd 8,000 5th
O 3rd 8,000 4th
S 3rd 8,000 8th
H 4th 6,400 9th
R 5th 6,200 7th
D 6th 4,400 11th
L 7th 4,000 10th
U 8th 3,400 13th
C 9th 3,000 12th
M 9th 3,000 16th
F 10th 2,500 15th
W 11th 2,000 17th
Y 11th 2,000 18th
G 12th 1,700 20th
P 12th 1,700 14th
B 13th 1,600 19th
V 14th 1,200 21st
K 15th 800 22th
Q 16th 500 23rd
J 17th 400 25th
X 17th 400 24th
Z 18th 200 26th
Comparative Table of Order of Morse's Count with Telegraph Frequencies
Order 1 2 3 3 3 3 3 4 5 6 7 8 9
Morse: E, T, A, I, N, O, S, H, R, D, L, U, C,M
Telegraph: E, O, A, N, I, R, S, T, D, H, L, U C
Order 10 11 12 13 14 15 16 17 18
Morse: F, W,Y, G,P, B, V, K, Q, J,X, Z
Telegraph: M, P, Y,F, G, W, B, V, K,X,J, Q,Z
The Morse code was not only used in telegraphy but also in signaling by flags, by flashes of lights, by long and short blasts from a whistle, and knocks on the wooden cages, cell walls, and pipes to fellow prisoners in Viet Nam, Korea and W.W.II prisoner of war camps. The practice may date back to the Civil War and probably was not used in the Spanish American War because it was too short to establish a need for prisoner communications. The Count of Monte Cristo used a similar code during his imprisonment (or so it is written).
A simple method to learn the Morse Code was invented by Morse and is shown in Table 5-4. He developed a short list of words, one for each letter of the alphabet, the long and short syllables indicating dashes and dots.
Table 5-4
Learning Morse Code
(Invented by Morse and Symbolization by Morse)
Morse Phonetic
A Ag-ainst . - dit dah
B Bar-ba-ri-an -... dah dit dit dit
C Cont-in-ent-al -.-. dah dit dah dit
D Dah-li-a -.. dah dit dit
E (short) . dit
F Fu-ri-ous-ly ..-. dit dit dah dit
G Gal-lant-ly --. dah dah dit
H Hu-mi-li-ty .... dit dit dit dit
I I-vy .. dit dit
J Ju-ris-dic-tion .--- dit dah dah dah
K Kan-ga-roo -.- dah dit dah
L Le-gis-la-tor .-.. dit dah dit dit
M Moun-tain -- dah dah
N Nob-le -. dah dit
O Off-ens-ive --- dah dah dah
P Pho-tog-rapher-er .--. dit dah dah dit
Q Queen Kath-er-ine --.- dah dah dit dah
R Re-bec-ca .-. dah dit dah
S Sev-er-al ... dit dit dit
T Tea - dah
U Un-i-form ..- dit dit dah
V Ve-ry Var-ied ...- dit dit dit dah
W Wa-ter-loo .-- dit dah dah
X Ex-hi-bi-tion -..- dah dit dit dah
Y Youth-ful and Fair-.-- dah dit dah dah
Z (two long,
two short) --.. dah dah dit dit
Observe that each of these words contains as many syllables as there are dots and dashes in the corresponding Morse alphabet; but owing to the difficulty of finding suitable words, it was assumed that vowels followed by two or more consonants are long and those by single ones short. In the words Katherine and offensive, for instance, the final syllable must be considered long. Morse put together the following memorization aid:
GALLANTLY and FURIOUSLY, he fought AGAINST the foe at WATERLOO.
IVY creeping along the ground suggests HUMILITY.
The JURISDICTION of the NOBLE LEGISLATOR was OFFENSIVE to the BARBARIAN.
A PHOTOGRAPHER saw SEVERAL KANGAROOS on the MOUNTAIN.
Early Commercial Codes
Historically, commercial codes were not so much used for secrecy as for saving money on long telegrams. Authorized, pronounceable words of maximum length of ten letters were being used to cover several sentences. The code words used were entirely fictitious, and followed each other in alphabetical order, being made up of five letters each, so that two codewords could be sent by telegraph for the price of one. Modern day E-mail on the Net has completely made this a non-issue. In any day, we may write to friends in England, Germany, Italy, Japan and Spain, in less than 30 minutes have answers, with attachments, and be charged a flat rate for the service on this end!] Other codes constructed on these principles were Bentley's and Webster’s'. They allow two words, or even short sentences, to be formed into one telegraph word of ten letters. There are commercial codes today with equivalent translations into every European language, so that English, German, or Italian businessmen, without knowing each other's languages, can exchange telegrams (or FAXES).
Marconi Code
Senator Guglielmo Marconi was devoted to an idea - the sending and receiving of wireless signals through space. His wireless inventions are legendary. Marconi also invented and perfected the Marconi Codes. The complete Marconi code consists of four volumes comprising English, Spanish, Japanese, Russian, Italian, Portuguese, German and Dutch equivalents. The English text is alphabetical, and every other language has a complete index of all the words. The code is divided into two parts - one containing general phrases and the other a numerical system.
The chief aim of standard code was to reduce the cost of cable charges and the time required coding the messages. Upwards of 17,050 combinations could be obtained by the Marconi code. A checking system was used to ensure accuracy.
The code words in the Marconi Code were composed of five letters each, corresponding to a word or sentence used in trade or business. The code words could be combined into a telegraph word of ten letters by the International Telegraph regulations.
There were some differences with codes such as the ABC code. Each code word has a two-letter difference from each other code word. This two-letter difference ensured that no two words would have the same four letters in the same position. A code word like BOPEZ would eliminate codewords like COPEZ, DOPEZ and also such forms as BAPEZ and BEPEZ.
The Marconi Numerical System was arranged so that a range of figures in combination with some of the most commonly used qualifying phrases, together with an accuracy check, could be transmitted in one complete pronounceable word of ten letters. The first syllable in the Numerical section consisted of two consonants, thereby distinguishing it from a phrase section in which none of the code words began win two consonants. As the code words in the numerical section were only two letters long, five words or phrases could be included in one telegraph word of ten letters.
The Marconi arrangement is shown in Table 5-5:
The checking system is very simple. The check numbers given in brackets on each code syllable are added together for the four syllables used; tens are disregarded, and for the fifth syllable the letters are chosen from the column bearing the same number as the total arrived at from the addition of the first four syllables. Compare the ABC code Table 5-2 with the Marconi code in Table 5-5.
Table 5-5
The First part of the Marconi Code. General Phrases Code words, five letters
Phrase System. Code word of two letters.
No. Code English French Spanish
Word
00000 ABABA A or an un, une un,uno,una
00001 ABAHB A1 at Lloyds A1 chez A1 en el
Lloyds registro de
Lloyd
00002 ABALC Abandon(s) Abandonn(r) Abandona(r)
(z) (u)
00003 ABAND Abandon all Abandonne Abandona claims toutes rec- todas las
lamations reclamaciones
00004 ABAPE Abandon neg- Abandonne Abandona las
otiations les negocia- negociaciones tions
00003 ABARF Abandon pro- Abandonne Abandona
ceedings les demar- los proced-
ches imientes
1st Syllable
Check Code English French Spanish
No in Syll-
Red able
(0) BL Blank or At Blanc ou A Blanco o A
(1) CL Bought (we Nous avons Hemos comp-
have) achete rado
(6) CR Breadth (or Largeur (ou Anchura (o
thickness) epaisseur) espesura)
2nd Syllable
(5) AB Blank Blanc Blanco
(6) AC Acre(s) Acre(s) Acre(s)
(7) AD Ampere(s) Ampere(s) Amperio(s)
(8) AF Anna(s) Anna(s) Anna(s)
(9) AG Ante Mere- Matin, avant Antes de
dian (A.M.) midi mediodia
(A.M.)
3rd Syllable
(5) AB Blank Blanc Blanco
(6) AC 0 0 0
(7) AD 1/16 1/16 1/16
(8) BI 1 1 1
(7) BO 1/14 1/14 1/14
4th Syllable
(9) YA 000 000 000
(0) YB 100 100 100
(1) YC 200 200 200
(1) YM per annum par an por ano
(2) YN per cent- par cent- por cent-
imeter metre metro
5th Syllable: Control of check
0 1 2 3 4 5 6 7 8 9
Blanc AR EN BU HI JA NA OY TO VA YG
Anout AC EP BY HO JE NE OZ TU YE YH
Average AD ER CA HU JI NI PA TY VI YI
C.I.F. AF ES CE HY JO NO PE WB VO YJ
(Cost
Insurance
Freight)
each AG ET CI IB JU NU PI UC VU YK
Non-Secret Codes
Various codes are suited to particular types of correspondence. Many large commercial firms have their own private codes. For example, an early commercial codebook was made by ACME Commercial Code Company in the 1930's. Most industries have highly specialized technical language (part of the mystique in every industry or profession - Latin for doctors and lawyers, and mathematics for engineers, ISO 9000 terms for quality managers, snake oil terms for computer types, plus a whole bevy of terms for cryptographers, etc.). The purposes of many of these codebooks are brevity and compression not secrecy. The military and diplomatic applications call for security, and speed of communications, especially for front-line communications.
The PKZIP program, which is used so widely on the net, is compression "code book". It provides economy of transmission and minimal crypto-security. The power of the program lies in the ability to delineate and hold entire directories and then to create an indexed tree of the coagulated sum of files with indexed repetitions. PKZIP is an example of a non-secret code. Compression can be as valuable as secrecy. The condensing power of a code is dependent on its vocabulary. When we add the goal of secrecy to economy, we then have a secret code. Actually, code transmissions save money because of the fewer number of characters to be transmitted over the channel.
Brevity Codes
In military cryptography, the greatest degree of condensation is afforded by prearranged-message codes or brevity codes. A prearranged-message code is a tactical code adapted to the use of units requiring special or technical vocabularies; it is comprised almost exclusively of groups representing complete or nearly complete messages and is intended for shortening messages and concealing their content. The police "10" codes fall into this category. A brevity code has, as its sole purpose, the shortening of messages. A field code is a small tactical code which contains a large number of code groups representing words and a few common short phrases, from which sentences can be composed; a syllabary, which is a list of code groups representing individual letters, combinations of letters, or syllables, is used for spelling out proper names and, numerical tables, or list of code groups representing numbers, dates, and jargon. The Army Special Forces Codes fall into this category. A jargon code is a very short code in which bona fide dictionary words; baptismal names, rivers, lakes, etc. are used as code groups. Lincoln's wartime codes fall into this category. A voice code or recognition code is used for transmission by small radiotelephone sets used in combat. Other names are combat code or operations code. The Navy had a special brand of codes used for protection of marine traffic. An early example of this code system is the International Code of Signals (1969 edition, revised 1981 INTERCO)
International Code of Signals for Visual, Sound and Radio Communications (INTERCO)
The Defense Mapping Agency, Hydrographic/Topographic Center issued in 1969 and again in 1981, their Publication No. 102, "International Code of Signals For Visual, Sound, and Radio Communications," United States Edition. This code was adopted by the Fourth Assembly of the intergovernmental Maritime Consultative Organization in 1975. The document was prepared in nine languages: English, French, Italian, German, Japanese, Spanish, Norwegian, Russian and Greek.
This is a very good example of the brevity and non- secret codes that had wide distribution for ocean going vessels. Modern day vessels use uplinks to satellites in geosynchronous orbits to navigate and communicate.
The INTERCO was designed to communicate for situations relating to the safety of navigation and persons, especially when language difficulties arise. It is suitable for transmission of communication including radiotelephony and radiotelegraphy. The INTERCO embodies the principle that each signal has a complete and distinct meaning.
The INTERCO was broken into four parts: 1) Signal Instructions, 2) General Signal Code, 3) Medical Signal Code, Distress and Lifesaving Signals and Radio Procedures. The INTERCO appendix included National Identity Signals for Ships and Aircraft, plus US/USSR Supplementary Signals for Naval Vessels.
General Signal Code includes sections on: Distress, Emergency, Casualties, Damages, Aids to Navigation, Hydrography, Maneuvers, Cargo, Ballast, Meteorology, Communications and Sanitary Regulations. See Table 5-6 for sample entries. In Table 5-6, capitalized headings represent major topics; predominantly lower case headings represent subtopics. You can see from the small sample in Table 5-6 that the INTERCO deals with serious situations. In an U.S. Coast Guard Radio Room, specialists listen to 11 or more radios at the same time. It can be very intense. A MAYDAY may be heard only once and rarely in a calm voice. Sending the cutter is serious business. The USCG does its job exceptionally well.
Table 5-6
Sample Entries from INTERCO Codebook
Distress – Emergency
Code Meaning
ABANDON
AD I am abandoning my vessel which has suffered a nuclear accident and is a possible source of radiation danger.
Accident
SB I am proceeding to the position of the accident.
GC 2 I have searched area of accident but have found no trace of derelict or survivors.
Doctor
AM Have you a doctor on board?
AP I have ... (number) casualties.
ASSISTANCE
Required
CB I require immediate assistance.
CB 1 I require immediate assistance; I have a dangerous list.
CB 6 I require immediate assistance; I am on fire.
Given-Not Given
CN 1 You should give immediate assistance to pick up survivors
CO 1 I cannot give the assistance required (or vessel/aircraft indicated)
DISABLED-DRIFTING-SINKING
DS I have sighted disabled aircraft in lat ...
long ... at time indicated.
DX I am sinking.
SEARCH AND RESCUE
Proceeding To Assistance
FE I am proceeding to the position of the accident at full speed. Expect to arrive at time indicated.
Position of Distress or Accident
FF I have intercepted SOS/MAYDAY from vessel (name or identity signal or aircraft) in pos lat ... long at time indicated.
Results of Search
GJ 1 Wreckage is reported in lat .. long ... No survivors appear to be in vicinity.
ICEBREAKER
WC 1 Icebreaker is being sent to your assistance.
SEA
WY The state of the sea is ... (Complements 0-9 corresponding to following table):
Height
In Meters In Feet
0 Calm (glassy) 0 0
1 Calm (rippled) 0 - 0.1 0 - 1/3
2 Smooth (wavelets) 0.1 - 0.5 1/3 - 1 2/3
3 Slight 0.5 - 1.25 1 2/3 - 4
4 Moderate 1.25 - 2.5 4 - 8
5 Rough 2.5 - 4 8 - 13
6 Very Rough 4 - 6 13 - 20
7 High 6 - 9 20 - 30
8 Very High 9 - 14 30 - 45
9 Phenomenal over 14 over 45
MEDICAL
Diseases of Respiratory System
MIF Patient is coughing up blood.
MIM Patient has blueness of face.
Special Treatment
MRW Give frequent gargles one teaspoon of salt in a tumblerful of water.
RECEPTION OF SAFETY MESSAGES
MAYDAY (Distress) Indicates that the ship, aircraft, or other vehicle is threatened by grave and imminent danger and requests immediate assistanc!e.
PAN (Urgency) Indicates the calling station has a very urgent message to transmit concerning the safety of a ship, aircraft or other vehicle, or the safety of a person.
SECURITE (Safety) Indicates that the station is about to transmit a message concerning the safety of navigation or giving important meteorological warnings.
To indicate DISTRESS:
2. Send the following DISTRESS CALL:
MAYDAY MAYDAY MAYDAY. This is ...(name or call sign of ship spoken three times).
3. Then send the DISTRESS MESSAGE composed of:
MAYDAY followed by the name or call sign of the ship;
Position of ship;
Nature of distress;
And if necessary, transmit nature of the aid required and any other information which will help the rescue.
USE PLAIN LANGUAGE WHENEVER POSSIBLE or send the word INTERCO to indicate that the message will be in the International Code of Signals.
example:
MAYDAY MAYDAY MAYDAY ... (name of ship spoken three times, or call sign of ship spelled using Phonetic Alphabet in Table 5-7); MAYDAY ... (name or call sign of ship) Position 54 25 North 016 33 West I am on Fire and require immediate assistance.
Table 5-7
Phonetic Alphabet used with INTERCO
Letter/ Word Pronounced
Number
A Alfa AL FAH
B Bravo BRAH VOH
C Charlie CHAR LEE or SHAR LEE
D Delta DELL TAH
E Echo ECK OH
F Foxtrot FOKS TROT
G Golf GOLF
H Hotel HOH TELL
I India IN DEE AH
J Juliett JEW LEE ETT
K Kilo KEY LOH
L Lima LEE MAH
M Mike MIKE
N November NO VEM BER
O Oscar OSS CAR
P Papa PAH PAH
Q Quebec KEH BECK
R Romeo ROW ME OH
S Sierra SEE AIR RAH
T Tango TANG GO
U Uniform YOU NEE FORM or OO NEE FORM
V Victor VIK TAH
W Whiskey WISS KEY
X Xray ECKS RAY
Y Yankee YANG KEE
Z Zulu ZOO LOO
0 NADAZERO NAH-DAH-ZAY-ROH
1 UNAONE OO-NAH-WUN
2 BISSOTWO BEES-SO-TOO
3 TERRATHREE TAY-REE-TREE
4 KARTEFOUR KAR-TAY-FOWER
5 PANTAFIVE PAN-TAH-FIVE
6 SOXISIX SOK-SEE-SIX
7 SETTESEVEN SAY-TAH-SEVEN
8 OKTOEIGHT OH-TAY-AIT
9 NOVENINE NO-VAY-NINER
. DECIMAL DAY-SEE-MAL
Basic of Classical Code Construction
The encoding and reverse procedure of decoding is accomplished by replacing various words, phrases, sentences, and numbers by their code equivalents. The code text is built up from code units each representing the longest possible plaintext unit the codebook affords. Encoding the phrase "enemy force estimated at one battalion;" would require the lookup in the codebook. We might find phrases such as "enemy force," and "estimated at" and the individual words - we would write down the phrase equivalents.
The elements of which code groups are composed may be one or more of the following:
1. Bona fida words - real words from Dutch, English, French, German, Italian, Latin, Portuguese and Spanish.
2. Artificial words - groups of letters without meaning with vowels and consonants arranged to appear like real words.
3. Random groups of letters.
4. Groups of Arabic figures.
5. Intermix groups, i.e. call signs for stations K2KAA, or W5AZZ.
6. All the above.
Parallel Sets
A code may contain two or more parallel sets of code groups of different types. In many commercial codes and some military codes, there is one series of code groups of the bona fide type or artificial word type and another series of the figure-group type, both applying to the same series of words, phrases, and sentences of the code. In parts of the world where English letters are used for writing, letters possess greater advantages in accuracy of reading than figures--especially for telegraph or radio transmissions. For communications to China and Russia or obscure ports, Arabic figures are well accepted and code groups composed of figures are used. The main reason for this is assurance of the correct transmission and reception of messages in all parts of the world. Another reason is that certain methods of enciphering code messages for the sake of greater secrecy, figure groups often form the basis for encipherment more readily than do letter groups.
The greatest advantage possessed by letter groups over figure groups lies in the availability of a far greater number of permutations, or interchanges, of letter groups, because there are 26 letters which may be permuted to form letter groups compared to 10 digits for figure groups (assumes base 10 historical use). If code groups of five letters are used, then there are 26 5 or 11,881,376 groups of five letters versus 10 5 , or 100,000 groups of five figures. Letter code groups are usually constructed to reduce error in transmission.
The length of code groups used, whether the groups consist of two, three, four, or five elements, depends upon the size of the code. This applies almost exclusively to field military or naval codes, where transmission is through a governmental agency; in commercial messages or governmental communications transmitted over privately operated lines, five-letter or five letter groups are the standard.
Code groups of modern codes are constructed by the use of tables, which permit more or less automatic and systematic construction in the form desired. These are called permutation tables. Because they may be used to correct most errors made in transmission or writing, such tables are usually included in the codebook and are called mutilation tables, garble tables or error detector charts.
Two-Letter Differential
The average telegraph or radio operator did not work without error. One letter different code groups as ABABA and ABABE were easy to mistake and the message could be made unintelligible by only a few transmission errors. If however, every code group in the code book was distinguished from all other code groups in the same code by a difference of at least two letters, then there would have to be two errors in a single group and these two errors would have to produce a code group actually present in the code before a wrong meaning would be conveyed. The principle of making code groups differ by a minimum of two letters was called the two- letter differential. The two-letter differential reduced the possibilities for constructing letter code- groups from 265 to 264 (456,976) but considering the advantages, the sacrifice was worthwhile. Permutation tables for construction of figure-code groups are similar in nature and purpose to tables for construction of letter-coded groups. Because of a more limited number of characters available for permutations, the maximum number of 2-figure difference groups possible in a 5-figure code is 104, or 10,000. This does not account for ASCII code derivations.
Types
In their construction or arrangement, codes are generally of two types:
(1) One-part, or alphabetical codes. The plaintext groups are arranged in alphabetical order accompanied by their code groups in alphabetical or numerical order. Such a code serves for decoding as well as encoding.
(2) Two-part or randomized codes. The plaintext groups are arranged in alphabetical order accompanied by their code groups in a non-systematic order. The code groups are assigned to the plaintext groups at random by drawing the code groups out of a box in which they have been thoroughly mixed. Such a list serves for encoding. For decoding, another list must be provided in which the code groups are arranged in alphabetical or numerical order and are accompanied by their meanings as given in the encoding section. Another name for the two-part code is cross-reference codes. Here are extracts from typical one-part and two-part codes. (Tables 5-8 and 5-9.)
Table 5-8
One-part code
ABABD A
ABACF Abaft
ABAHK Abandon
ABAJL .....it
ABALN Abandoned
ABAMP .....by
ABAWZ Abandoning
ABBAD Abandonment
......................
......................
ZYZYZ Zero
Table 5-9
Two-part code
Encoding Section Decoding Section
GAJVY A ABABD Obstructed
TOGTY Abaft ABACF Term
FEHIL Abandon ABAHK Zero
BAYLT .....it ABAJL If it has not
ZYZYZ Abandoned ABALN To be sent by
NYSYZ .....by ABAMP Acceding
IFWUZ Abandoning ABAWZ Building
RUMGO Abandonment ABBAD Do not attempt
...................... ......................
...................... ......................
ABAHK Zero ZYZYZ Abandoned
Between the two extremes are codes which have features of both; that is, complete sections may be arranged in random sequence, but within each section the contents are arranged in some logical order.
When a strict alphabetic arrangement is used in the sequence of the phrases, the code is said to be a strictly alphabetical code. When the phrases are listed under separate headings based upon the principal word or idea in the whole expression, the code is called a caption code. (Tables 5-10 and 5-11)
Table 5-10
Caption code
Assistance
Give assistance
Require assistance
No assistance
Assistance has been sent
Assistance for
Assistance from
Assistance to
Assistant
Assisted
Table 5-11
Strictly-alphabetical
Assistance
Assistance for
Assistance from
Assistance has been sent
Assistance to
Assistant
Assisted
Give
Give assistance
No
No assistance required
Require
Require assistance
More precise and economical coding was possible with a caption code than with an alphabetical code. With a caption code, it was easier to assemble an extended variety of expressions and shades of meaning under specific headings than with alphabetical code. On the other hand, the use of a caption code involved more time and labor in encoding.
Two-part codes were used by many governments for their secret diplomatic, military and naval communications because of the advantages they offer over one-part codes. Some disadvantages include twice as large in context, printing and distribution costs; compilation is four times greater because of the requirement of accurate cross-references. The advantages of two-part codes are greater security and greater accuracy.
In some commercial code messages there were sometimes encountered the practice of mixing plaintext and code text. In governmental and naval communications, such intermixtures were rare because they present an abysmal ignorance of the fundamental rules of cryptographic security. Because the plaintext words give definite clues to the meaning of the adjacent code groups, even though the former convey no meaning in themselves (such words as and, but, by, comma, for, in, period, stop, that, the, etc.) constitutes a fatal danger to the message security.
Enciphered Code Systems
Sometimes the code groups of a code message underwent a further process of encipherment; the resulting cryptogram constituted an enciphered code message. Both transposition and substitution may be used to encipher the code. Enciphered code is used under the following circumstances:
(1) When the code has a wide distribution and may fall into enemy hands,
(2) To improve the security of commercial codes and non- secret codes, and
(3) When increased security is necessary for highly classified communications.
Transposition methods are generally used within code groups, such as rearranging or shifting the letters or figures composing them. A common method was keyed columnar transposition with special matrices with nulls. All the substitution methods previously reviewed may be used for "super-encipherment" of the code. However, the most effective methods of enciphering code are arithmetical methods.
If the code groups are numerical, the addition (usually mod 10) of an arbitrarily selected number (called the additive) to each code, group message constitutes a simple form of encipherment. The additive may be fixed.
Additive methods may actually be weak cryptographically if the basic code book and code groups embody limitations in construction. Instead of adding a fixed number in encipherment, the latter is subtracted, in which case, in decipherment; the fixed number must be added to the enciphered code groups as received. Such a group (called subtractive or subtractor) in decipherment becomes an additive. A third method used commonly is the minuend method. It involves the subtraction of the plain code group from the key to yield the enciphered code group in encipherment, and the subtraction of the enciphered code group from the key in decipherment. Addition and subtraction of a fixed numerical group may be alternated within the same message such as +200, +100 +400 as a cycle or +200, - 100, +400, -200, etc. Instead of a fixed additive, it is possible to employ a repeating large key.
When special tables are employed as the source of the additives or subtractors for enciphered code, a much more secure system is provided. These tables were called a key book or an additive book or a subtractor book. By applying identifying symbols called indicators to the pages, as well as to the rows and columns on each page of the key book, it is possible to provide for secure encipherment of a large volume of traffic. All correspondents must have the same key books. In employing the key book, the indicators tell the recipient of the message which key groups were used and where to begin the decipherment of the enciphered code.
In actual practice, indicators are often disguised or encrypted by a special key or set of keys; this procedure may add considerably to the security of the system.
Table 5-12 shows a page from a typical key book. It contains two sets of 100 4-digit key groups, dispersed in numbered blocks each containing 10 rows and 10 columns of groups. To designate a group as the initial one to be employed in encipherment or decipherment, we give the block number, the row and column numbers of the group.
For example, 0116 is the indicator for the group 8790. It is usual to take the successive groups in the normal order of reading. Some key books consist of 50 + pages containing 200 + groups making 10,000 in all. The digits in each block are random numbers. If the key book is used once and only once, security of the system approaches the one-time pad. The messages are one time system secure even if the enemy has the basic codebook.
Table 5-12
Indicators and Key Blocks
Block 00
1 2 3 4 5 6 7 8 9 0
1 0378 9197 3260 3607 2699 9053 9733 1844 6622 4213
2 7185 0135 6091 2387 4957 3113 7284 0750 3501 1945
3 5037 3365 1294 8261 2149 0718 3678 2510 7238 5268
4 8004 5199 3859 1293 5311 3550 9915 0512 1518 3776
5 9282 6893 4229 9736 0927 1418 1930 9864 0090 8974
6 7259 9399 0769 3144 9801 1378 4732 5134 1435 5282
7 2878 9963 7943 4519 3404 9810 1090 4467 7069 5348
8 1620 5879 0218 1064 9560 5732 6661 0883 1883 2619
9 3868 1905 2500 6654 0824 3710 3875 6332 1503 7259
0 4319 3298 7819 8721 1549 6630 6301 5701 3586 1907
Block 01
1 2 3 4 5 6 7 8 9 0
1 9328 1135 3871 1549 0839 8790 1771 8251 3274 1173
2 2297 9550 5033 0102 6817 5579 0847 4038 1200 2949
3 3640 3984 3299 1181 3811 8844 2500 4557 4133 0487
4 1256 9614 5520 8372 1941 2417 1098 4039 3943 8282
5 1751 4254 8479 8647 2684 5511 8680 4660 2315 4857
6 4587 5968 2568 1254 0258 1254 3568 2548 4521 8795
7 1258 6241 0125 2458 4587 5632 2589 1548 1235 1458
8 1254 2548 0004 4561 2565 2437 7849 1245 3265 4879
9 4582 1546 2589 2145 7854 7895 4589 6369 3698 1254
0 1255 1544 7850 2569 9989 8754 2548 1220 0387 0589
Dictionary Codes
Dictionary codes are highly specialized forms of substitution systems. Code books (modified dictionaries) used by the Department of State and military represent a greater condensation of words than commercial systems--a single code group may represent a long phrase. The average condensation of a diplomatic code is 1:5 while a commercial code is only 1:3. By way of comparison, modern PKZIP compression is 1:3 - 1:4 on normal text.
Codes used in conjunction with ciphers (super- encipherment) can be very difficult to break; but the work and time involved in making this combination can be significant (if done by hand in the field). Computers handle the repetitious analysis very efficiently. Modern devices are extremely compact and have a lot computer horsepower.
The typical dictionary code protocol is as follows:
1) Agree with the recipient on the exact edition of the dictionary to be used, i.e. Concise Oxford Dictionary, and current edition, by Fowler and Le Mesurier.
Given Plain: "Reunion Berlin Tomorrow"
Code:
1006 (page no.), 12(word no) = Reunion
0104 (pages with fewer than four numbers would have a 0 added in front to keep it uniform), 17 (word no.) = Berlin 1291 - 08 (on the same principles) = Tomorrow
Ciphertext: 100612 010417 129108
These figures, if greater secrecy is required, could again be enciphered and thus converted into letters by means of an agreed upon cipher.
3) Prepare for superencipherment by dividing the figures into pairs and then convert them into letters by means of a table such as Table 5-13.
Table 5-13
Digraphic Equivalents for Superencipherment
1 3 5 2 4 9 7 8 6 0
9 AN DA HN JT MB KC GF ES BZ ZA
2 CK AO DB HO JS GE ER BY FR YB
7 IR CJ AP DC GD EQ BT FQ LH VA
4 MC IY CI AR DD BS FP LI NL VB
8 MA KB GC CG AS DF HP JU OB VC
1 KA GB EP BR CE AT DG HQ JQ TZ
5 GA EO BP FO IX CC AX DH HR TY
3 EN BO FN LJ NK IZ CB AY DJ SB
6 BN FM LK NJ OA OC IV CB AZ QA
0 XY YA BY YB XC XE YD YE YX QC
Nulls: WA WE W, to end message in groups of five letters.
The numbers enciphered into letters:
TZYXBR XYXCDG BRANYE
and the cryptogram for transmission:
TZYXB RXYXC DGBRA NYEWA
The suggested cipher can easily be arranged to make pronounceable words suitable for telegraph or radiotelegraph transmission.
Certain dictionaries have been issued which give two columns on each page with words directly opposite to each other. Then it is possible to give the word opposite the one we really mean, or a word, which is 5 or 3 or 10 places either above or below the one, we want to encode. Codes of this kind can be solved readily.
Cryptanalysis of A Simple Dictionary Code
An Australian criminologist named Mansfield presented some interesting principles for solving dictionary codes. He calculated dictionary progressive lists, giving numbers of words beginning with any two letters in dictionaries of 10,000 - 100,000 words.
Given:
55381 42872 35284 44381 45174 56037 55381 46882
23171 44234 55366 55381 00723 12050 61571 36173
55381 56442
We rearrange the list from lowest numbers to highest.
00723 42872 55381 (5 times)
12050 44234 56037
23171 45174 56442
35284 46882 61571
36173 55366
Words beginning with XYZ are seldom used, so we can take it that the highest number indicates a word beginning with a W or a T. [Mansfield made big assumptions about nulls and standardization of the dictionary. However, the list of bigram frequencies gives us the commonest initial group as TH or THE, and if we fix any repetition of such nature, then we may have the T in that dictionary. Naturally, we start with 55381 occurring five times and assume it is THE.
The highest number after that is 61571, so that it could indicate a word beginning with a W. This gives us a clue to the probable number of words in the dictionary used for the code. It cannot be over 65,000 words as XYZ words are very few, seldom more than 3,000. [This part of Manfield's analysis is an extraordinary jump of faith--what is more extraordinary is that it will work more than 60% of the time on simpler dictionary codes.]
According to Mansfield's Progressive Dictionary Lists, we attempt to fix the probable first two letters of each word in the code. For instance the 2nd group 12050 will be between 11646 (terminating words beginning with DA) and 12850 (terminating words beginning with DE), so that it is probable to be a word beginning with DE. Using Mansfield's lists we obtain:
THE RE--- OF THE RO--- TO- THE SE- -HA - RE- TH- THE
RE- DE- - WA- OV- THE TO-
We locate in the dictionary the word THE (55381) and count back twenty words for 55366 (th). This gives us an area covering words THANE, THANK, THAT, THATCH. We try the most likely THAT. We note the two words starting with letters TO- 56037 and 564!42.
Words beginning with TO start at 56037 and stop at 56466, so that it is a reasonable guess to assume the first are TO and the second (56442), we count twenty words back to find the word TOWN. The R group is -RE- (42872) and RE- (44234) and RO- (45174). RE stands 300 words from the end of the RA's which stop at 42573, according to Mansfield's tables. This gives us the following words to select from: RECLINE, RECOMMEND, RECOMPOSE, RECONNAISSANCE, RECOUP, and RECOVER. We choose RECONNAISSANCE. The next look at our cipher is:
THE RECONNAISSANCE OF- THE ROUTE TO THE SE- HAS- REVEALED THAT THE AE- DE- WA- OV- THE TOWN.
We apply the same process to the AE- 00723 and get airplane, while the DE- 12050 occurring one-quarter of the way from the end of the DA to the end of the DE brings us to DEF, limited by DEFACE and DEFY, where only DEFEAT, DEFENSE, DEFEND, and DEFENSIVE are probable. We select airplane defensive use near the mark.
SE- should be sea 46882 and OVER for OV- 36173. The of- is in fact OF, and the HA- is has, and the WA- is was. The complete message reads:
THE RECONNAISSANCE OF THE ROUTE TO THE SEA HAS REVEALED THAT THE AIRPLANE DEFENSIVE WAS OVER THE TOWN.
tells us that the real message was off by two words. Instead of AIRPLANE DEFENSIVE, it was AIR DEFENSES, but the meaning was essentially the same.
What Mansfield did show us in 1936 was that the laws of probability work with dictionary codes. The search in the area of possible words could give us the root of the plain text so that we may deduce the whole meaning of the code.
Diplomatic Codes
One of the best references on historical codes (1775- 1938) in the United States was written by Professor Ralph Weber. He describes one interesting code used in 1867 by the State Department known as WE029. (Refer to Table 5-14) It used a simple substitution masking procedure, eliminated the use of the letter W because it was not used in European or Latin nations, focused on 24 letters of the alphabet and assigned them to the 24 most common parts of speech such as articles and other words (s= plural; a = THE; e = AND, etc.) other ordinary words were assigned to the approximately 600 combinations of 2 of the letters. Three letters were used for the remainder of the vocabulary required for common diplomatic usage; a fourth letter was added for plurals, participles and genitives. When encoding the plural, genitive, or participle of a 2-letter word, the third letter would be placed apart in order to avoid confusion. Code symbols were prepared for principal countries and cities in the world, for states, major cities, and territories of the United States, and for proper names of men in English. A cipher table was to be used for those words not on the list. The first 74 pages of the code was the encode section, and contained the words in alphabetical order together with the code symbols; for example the very first word was Aaron with the symbol ABA, the last word of the first page was Acknowledge with a symbol of EA. The decode section (3- letter symbols) was not published in one sequential alphabet and was time consuming. Transmission of the code by cable was awkward because number of characters was not standard. It was not until 1876 that the 5-digit form became standard in the American ciphers. This code became the secret communication mask for American ministers in foreign legations in the years to 1876.
Table 5-14
1/3 Sample page WE029
ekf Lamentation
elf Language
emf Languid
enf Languidly
eof Languish
epf Languishing
eqr Lapse
erf Large
esf Largely
etf Lasting
euf Lastly
evf Late
exf Latent
eyf Latently
ezf Latin
faf Latitude
fbf Later
fcf Laugh
fdf Launch
fef Lavish
fff Lavishly
fgf Lawyer
fhf Lawful
fif Lawfully
fjf Lawfulness
fkf Lawless
flf Lawlessly
fmf Lawlessness
fnf Lax
fof Laxity
fpf Laxly
fqf Laxness
frf Lay
fsf Laziness
ftf Lazy
fuf Leader
fvf League
fxf Leak
fzf Lean
gaf Leap
gbf Learning
gcf Leave
gdf Lecture
gef Lecturer
gff Left
ggf Legal
ghf Legally
gif Legibility
Another cryptographic dimension (pre-computer) that yields new clues into the science concerns the use of rotor machines. The invention of the rotor was ingenious. The best reference on machine cryptography is Devours. Kahn is also a good source of material.
History of Machine Cryptography
If we examine the 1,769 cryptography-related patents issued between 1861 - 1980, we find that the 1920s were the most productive era. Six inventors shined. They were Arvid Gerhard Damm, Edward Hugh Hebern, Hugo Alexander Koch, Arthur Scherbius, Willi Korn, and Alexander von Kryha. Twenty-two U.S. patents are credited to this group during the decade. William F. Friedman's name joined the list in the 1930s. Herbern was the most prolific, being credited with 9 U.S. patents.
The first cryptographs produced under Damm's patent were clumsy and unreliable. The most important of Damm's cryptographic ideas was a rotor invention under U.S. patent 1,502,376, July 22, 1924, which he was never able to exploit fully.
The rotor principle was, in one form or another, the most widely used method of machine cryptography. The rotors took two forms: pinwheel rotors and wired rotors. Pinwheel rotors were classified as active' and 'inactive' based on their projecting positions. The wired code-wheel was a disk constructed of some non-conducting material having on each face, a series of equally spaced contact studs which are interconnected so that the current entering on one face will be switched to exit from a different position on the other face of the rotor. Each face may have 26 studs (26 letters). The rotor acted as an electrical commutator (i.e. switch) and essentially caused a monoalphabetic substitution. By moving the rotors or employing a cascade of rotors, repeated substitutions were obtained and varied to produce polyalphabetic ciphers of great complexity.
Boris Caesar Hagelin, an employee of Damm's, created the B-211 cryptograph which used two electrical rotors in conjunction with four pinwheel rotors to sell the first commercially successful cryptograph.
By the end of W.W.I, the wired rotor was an idea whose time had come. Without knowledge of each other, Damm and three others conceived of using the wired rotor for cryptographic machines. In 1917, Edward H. Hebern created his famous Electronic Code machine under patent 1,510,441 awarded on September 30, 1924. This machine influenced greatly the America cryptosecurity systems throughout W.W.II. Hebern's rotors had the 26 contact A-Z sequence. To Hebern must also go credit for the idea of wiring rotors according to the "interval method". Up to Hebern, designers randomly connected the contacts to each face of the their rotors. Hebern chose his wiring to produce as flat a polyalphabetic frequency distribution as possible. The interval method of wiring rotors was used in the ECM.
An example of the interval procedure of wiring a rotor is:
Given:
Input Contact:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Output Contact:
G A D B O C T K N U Z X I W H F Q Y J V P M E L S R
Displacement was defined for any input contact, and measured the shift taken by the current traversing the rotor, so:
AG 06 BA 25 CD 01
DB 24 EO 10 FC 23
GT 13 HK 03 IN 03
JU 11 KZ 15 LX 12
MI 22 NW 09 OH 19
PF 16 QQ 00 RY 07
SL 17 TV 02 UP 21
VM 17 WE 08 XL 14
YS 20 ZR 18
Of the 26 possible displacements values, 0 to 25, every displacement occurs in this set except 4, while displacement 17 occurs twice. This was the construction of the Hebern rotors.
The rotor machine destined to be the most famous of all time was fathered by Koch and Scherbius. It was named "Enigma." The machine attained its real potential in patents held by Korn. Korn explicitly set forth the idea of interchangeable rotors and allowed for reversibility of the rotor turning. On October 29, 1929, Korn received U.S. patent 1,733,886, which provided for a feed check apparatus to ensure correct rotor positioning and movement. In 1933, two more patents were issued for the Enigma in final form.
During the same period, German cryptographers were altering Korn's commercial Enigma into a more secure form. In England, the British modified the Enigma for military use and called it the Typex. William F. Friedman started development on a tactical level rotor machine based on the Enigma. Friedman's machine, M-325 failed to work well under field conditions and was not accepted. This was William F. Friedman's only failure.
The Enigma was such a commercial success that many countries bought the machine for use and study. The Japanese Enigma known as GREEN machine had rotors mounted on the top of the machine with characteristic Japanese design eccentricity.
Probably the most mechanically and cryptographically complex wired rotor machine was the American top-level machine, known as the ECM Mark II or SIGABA (also known as the M-134-C in the Army and CSP - 888/889 in the Navy). The device was based on an idea by Frank Rowlett and was considered insolvable, and that it was back then.
In 1924, Alexander von Kryha of Germany invented a simple spring driven arrangement of concentric disks, which became widely used for 2 decades thereafter. European interests used many of the Kryha machines in banking, industrial, and transportation industries.
During W.W.II, the Germans used the Kryha machine and the U.S. cryptographic teams successfully analyzed intercepted diplomatic traffic. When proposed to be used in the U.S. Army, Friedman, Rowlett, Kullback, and Sinkov, solved an untypically long test message of 1,135 letters to demonstrate the weakness of the machines ciphers. Statistical analysis was used extensively in the solution. The Japanese actively pursued the development of machine ciphers during the 1920s and 1930s. Their RED ORANGE and PURPLE series were wired rotor machines based on the Hebern machine and German Enigma. Their RED machine had the distinction of being the first electromechanical cipher device to be broken by the American cryptanalysts.
While the German Enigma dominated the wired rotor market, Hagelin designed a series of machines first for the French and Russian Armies (the B-211). He then came up with the idea for using variable pin rotors in conjunction with a cage of horizontal bars containing lugs to develop a new series of machines known as the 'C' machines. The variations and elaboration’s of the 'C' machines are still debated today. The most famous was the C-38 (the number indicates the year of release) which became the standard low echelon cryptograph for both the Army (M-209) and Navy (CSP1500).
During 1941-42, the Germans penetrated the C-38 traffic successfully in North Africa. This is why the Americans failed to maintain the tactical advantage in the earlier battles. After W.W.II Hagelin ran Damm's old Swedish organization and moved it to Switzerland under the name Crypto AG. Hagelin's lug and pin machines were very commonly used in embassies everywhere.
After 1931, the German's developed a series of cipher teleprinters dubbed the Geheimschreiber (secret writer). The story of the Polish attack, then British, then American attack on the Enigma has been well documented. The English expanded Friedman's coincidence calculations published decades earlier to attack the Enigma.
In general, Axis code-breakers never scored regular penetration of the C-36 or M-209 systems. The Americans and British did a better job day-to-day on the details of cryptographic security. It has been demonstrated that failure to observe routine procedures in messages, and not changing keys, pointed to disaster. The machine ciphers of the 1930s and 1940s were often more than adequate to defeat normal cryptanalysis if used with care.
The role of computing technology in cryptanalysis has often been to aid in the rapid location of encipherment blunders in intercepted enemy traffic. The most fruitful cryptanalysis against the Russians in the 1980s and 90s has resulted from this approach rather than from any great conceptual advances caused by the development of computers.
By 1950, the increasing appropriations and diminishing success of the U.S. cryptanalytic effort in penetrating high level Soviet and eastern bloc cryptosystems forced a reorganization of the communications intelligence (COMINT) activities. At that time, there were four principal U.S. cryptanalytical agencies: the Army Security Agency (ASA), the Naval Security Group, the Air Force Security Services, and the Armed Forces Security Agency (AFSA). In practice all these groups worked independently.
President Harry Truman directed the Secretary of Defense to establish a committee to survey COMINT activities in the U.S. and to recommend actions. Based on this committee's report, the National Security Agency was formed via a secret executive order of October 24, 1952. The NSA was given clear responsibility over all U.S. COMINT activities. The NSA has a military Director and a civil Deputy Director.
Today, cryptography is virtually all electronic in the US. There is a tendency for our newer "sci.crypt" gurus to believe those faster and faster machines and larger storage devices could change the fundamental problems facing cryptanalysts after W.W.II. They tend to forget that the Third World's mail is the raison d'entre on NSA. These systems are usually easier to crack than those of the major powers and reveal much more information of highest priority and importance. The fact that cryptography is microcomputer based does not take away some of the conflicting system design aims just as decades ago.
Classifications
Cryptographic principles or methods, which are too complicated for hand operation, may nonetheless be readily mechanized and become highly practical. Electrical and electromechanical cipher machines have been developed which are capable of producing cryptograms of great complexity; these cipher machines are to be differentiated from cipher devices, which are relatively simple mechanical contrivances for encipherment and decipherment, usually hand-operated or manipulated by the fingers, such as sliding strips or rotating disks.
Circa 1930, machine cipher systems could be classified into two broad categories: (1) literal systems, in which the plaintext and ciphertext symbols produced or accepted are alphabetical characters and digits; and (2) nonliteral systems, designed for the transmission of data in which the symbols or signals produced or accepted are other than the normal alphabet and the digits (e.g., teleprinter, ciphony, cifax, civision, etc.). Literal cipher machines may be divided into two general classes of key generators and alphabet generators, or a combination of the two; nonliteral machines are usually of the key generator class.
Transposition Cipher Machines
Transposition machines were rarely encountered. Rudolf Zschweigert was granted a patent on 12 November 1920 in Germany on the first transposition cipher machine. The problems of letter storage and automatic transposing of letters within lines and the irregular displacements of the key were not easily accomplished prior to 1970.
Substitution Cipher Machines
Substitution methods lend themselves much more readily to automatic encipherment than do transposition methods. The substitution principle lends itself ideally to mechanization by cipher machines; these cipher machines range from the most primitive types which afford only monoalphabetic substitution to very complex types in which the number of alphabets and the length of the keying cycle run into the millions. If the encipherment is monoalphabetic for a succession of 20 or more letters before alphabet changes, the cryptosecurity is low, especially if the various alphabets are interrelated because of their derivation from a limited number of primary components. In some cipher machines the number of secondary alphabets is quite limited, or the manner in which the mechanism operates to bring cipher alphabets into play is so ingenious that the solution of cryptograms produced by means of the machine is exceedingly difficult.
Other things being equal, the manner of shifting about or varying the cipher alphabets contributes more to the cryptosecurity than does the number of alphabets involved, or their type. It is possible to employ 26 direct standard alphabets in such an irregular sequence as to yield greater security than is afforded by use of 1000 or more different random-mixed alphabets in a regular way or an easily ascertained method--inventors sometimes forget this principle.
Three Machine Cipher Systems
Let’s briefly examine three period machines: the CSP 1500, the ENIGMA and the SIGABA.
Hagelin C-38 Cipher Machine Family
Historically, in the United States the Hagelin Crypto- graph is probably best known as the U.S. Army's M-209 or the U.S. Navy's CSP-1500. Later versions were designated by Hagelin as C-48. This machine was one of an array of ingenious machines invent!ed and manufactured by a Swedish engineer by the name of Boris Caesar Wilhelm Hagelin. The C-38 (CSP 1500 or M-209A) was a small, compact, hand-operated, tape-printing, mechanical cipher machine, weighing 6 pounds, with overall dimensions of 7.25 " x 5.50 " x 3.5 ". The CSP 1500, the U.S. Navy version of the Hagelin C-38 cipher machine was a typical key generator Soldiers wore the CSP 1500 on their knee and typed in a crouched position. The instructions on the box told the encipherer to destroy at all costs. Since the box was solid steel, a normal way to destroy the box was to blow it up with a hand grenade.
The cryptographic principle employed was polyalphabetic substitution. The CSP 1500 employed a complex mechanical rotor arrangement to generate a long running key which is used in conjunction with reversed standard alphabets for the primary components. In encipherment, the machine in effect subtracts (mod 26) each Q p from the key to yield the Q c, and subtracts each Q c from the key to yield the Q p. Actually, the machine adds the key to the complements of the plain or of the cipher. In Chapter 3, we used the designation of "theta", i.e. Q c, Q p, Q k for the cipher, plain and key, to represent characters or letters without indicating its identity. So rather than "any letter of the plain text," we use the symbol Q p and so forth. Because of the subtraction feature, the C-38 and machines of similar genre have been called "letter subtractor machines."
>>INSERT FIGURES 5-1 & 5-2 HERE<<
C-38 or CSP 1500
Wheels or Rotors
The CSP 1500 has six wheels or rotors of identical diameters; these wheels have individual periods of 26, 25, 23, 21, 19, and 17. Equidistant around the peripheries of the wheels are engraved the following sequences of letters:
Rotor I or "26 wheel" : ABCDEFGHIJKLMNOPQRSTUVWXYZ
Rotor II or "25 wheel" : ABCDEFGHIJKLMNOPQRSTUVXYZ
Rotor III or "23 wheel" : ABCDEFGHIJKLMNOPQRSTUVX
Rotor IV or "21 wheel": ABCDEFGHIJKLMNOPQRSTU
Rotor V or "19 wheel": ABCDEFGHIJKLMNOPQRS
Rotor VI or "17 wheel": ABCDEFGHIJKLMNOPQ
At each lettered position there is associated a small pin near the edge of the wheel, which pin may be pushed to the left (or "inactive position") or to the right (or "active position"). The six wheels of the CSP 1500 move one step with each encipherment or decipherment. If they are initially aligned at AAAAAA, the second alignment will be BBBBBB, the 18th will be RRRRRA, and the 27th will be ABDFHJ. The formal name of these wheels is "variable pin rotors," to distinguish them from "fixed pin rotors" used in some types of cipher machines, and from "wired rotors used in electrical cipher machines.
Since the number of wheels are relatively prime to each other, the cycle of the machine will be the product (26x25x23x21x19x17) or 101,405,850; in other words, the wheels will not return to their initial position until after this number of letters has been enciphered.
The Squirrel-Cage
Just behind the six wheels is a revolving drum something like a squirrel-cage, composed of two circular retaining plates holding 27 horizontal bars, on each of which are two lugs, one or both of which may be set at six effective positions (corresponding to the six wheels) on the bar, or to neutral positions. The retaining plates actually had 29 slots, and in some models were equipped with 29 bars. The pins, when in the active position on a specific wheel, serve to engage those lugs which have been set opposite that wheel causing the particular bars to be displaced slightly to the left; these displaced bars act as teeth of a gear wheel, displacing the reversed standard alphabets a corresponding number of positions. In reality, an 'active' pin, when it reaches the sensing or 'reading' position, pushes back a key- wheel lever situated behind its wheel, and it is this lever that engages the lugs in that wheel position and causes the bars to move to the left; a lever in the forward position does not come into contact with lugs. If Rotors I-VI are aligned at the apparent or 'window' setting of AAAAAA on the bench mark, the reading or effective positions of the six wheels will be at PONMLK.
The number of lugs in the path of a particular wheel is known as the kick of that wheel; the total kick or key is the sum of all the kicks contributed at a given position of the six key wheels, as governed by those key-wheel levers which are in a position to contact the lugs on the drum. When both lugs on a bar have been set to effective positions, the activity of either one or both of the wheels involved will still contribute only one kick for that bar, since the bar acts as one tooth of a gear. This situation is known as the double lug effect, and the amount of overlap (i.e., the number of displaced bars having two effective lugs) must be subtracted from the total number of lugs actuated at a given setting to ascertain the actual total key; for example, if wheels with kicks of 1, 4, and 7 are the only ones at a given position with effective kicks, and if among the bars displaced there is an overlap of 2, the total key is (1+4+7) -2 =10.
Letter Encipherment
The encipherment (or decipherment) of a letter was accomplished by obtaining the sum mod 26 of the key and the complement of the letter. For example, assuming the juxtaposition of the reversed standard alphabets to be fixed as:
Plain : ZYXWVUTSRQPONMLKJIHGFEDCBA
Cipher: ABCDEFGHIJKLMNOPQRSTUVWXYZ
I R(plain) is enciphered at a setting of the machine where the total key is 5, the cipher equivalent is N (cipher), measured 5 intervals to the right of the complement, I: if the key were six, E (plain) would be enciphered as B (cipher), etc. In the operation of the CSP 1500, the kick imparted to the type wheel is in the order of the ascending alphabet, whereas the sequence on the indicating disk moves in the reverse direction. The relative juxtaposition of the reverse standard alphabets may be varied by what is known as a slide, which has the effect of adding a constant to all the elements of key being generated by the machine. The slide is brought about mechanically by adjusting the relative displacement of the type wheel and the indicating disk. In the example above, the slide was really A=Z (=0,mod 26). If instead of K - P = C we express the Hagelin formula as P(bar) + (K + S) = C, where P (bar) is the complement (the complement of a number a, mod m, is m-a), of the plain and S is the slide, and if we use the mod 26 scale:
A B C D E F G H I J K L M N O P Q R S T U
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
V W X Y Z
22 23 24 25 0
It can be seen that if R (plain) is enciphered with a kick of 7 and a slide of 22, then:
R(bar-plain) +(7 +22) = (26-18) +(7+22) = 37 = (11, mod 26)
= K (cipher)
Since the CSP 1500 employed reciprocal alphabets, the operations of encipherment and decipherment were complementary; therefore, the decipherment formula was C (bar) + (K + S) = P, as shown by the example:
K(bar-cipher) +(7 + 22) = (26-11) +(7+22) = 44
= (18, mod 26) = R (plain)
Message Encipherment
The following are detailed steps performed in the encipherment of a message with the CSP 1500:
(1) First, the pins and lugs are set up according to the key for the particular date. A slide is selected and is set on the machine. An initial message rotor alignment is chosen and recorded for future use. The slide and the initial alignment will be incorporated as indicator groups, which are usually included with the final cryptogram. These indicator groups are usually not sent in the clear. The letter counter is reset to a multiple of 5 and recorded; the knob is set to "C" for cipher position.
(2) The first letter of the message plain text is now set on the indicating disk against a benchmark and the drive knob is given a clockwise turn. This causes the drum to make a complete revolution, imparting a kick to the print-wheel assembly equal to the number of bars which have been displaced by the action of the pins against the key-wheel levers, and the enciphered letter is printed on the tape at the end of the operating cycle. The six key wheels have moved one step each during the process, and new pins have come into contact with the key-levers to set up the key for the encipherment of the next letter.
(3) The succeeding plaintext letters are treated in the same fashion; at the end of every word, a fixed letter (usually Z or K) may be enciphered as a word separator. After the encipherment of every 5th letter, the machine causes the tape to advance another space so that the final cryptogram is in 5 letter groups ready for transmission.
(4) In decipherment, the pins and lugs of the machine are set up according to the key, and the slide and the message rotor alignment for the particular message are established from the indicators. The encipher-decipher knob is set to the "D" position, and the first letter of the cipher message is set on the indicating disk against the benchmark; when the drive knob is operated, the decipherment is printed on the tape. The "D" position also suppresses the Z plain word separator.
The Hagelin C-38 was used during World War II by the United States armed forces as a low-echelon cipher machine, under the nomenclature of M-209 in the Army and CSP 1500 in the Navy; the U.S. machines, however, were not generally equipped with a settab!le slide; the reversed standard alphabets were set at A=Z.
We next will examine the historical implications of the ENIGMA machine - perhaps the most famous rotor machine in history. It also is arguable that PURPLE was the most famous because thousands of allied lives in the Pacific were saved. Victory in the Pacific was primarily do to intercept information. The PURPLE machine is discussed in many of the references. Its lifetime was relative short compared to Enigma, which was still in use by third world countries into the 1950’s. The Enigma solutions prevented the Nazis from getting their jets and "fliegende bombe" into mass production.
It could be contended that the Nazis could have killed millions, developed the atomic bomb and forced a negotiated peace rather than an unconditional surrender.
Enigma
ENIGMA was the generic term for the German machine ciphers. It was both the name of the first enciphering device and the many variations used during W.W.II. ULTRA was the British code-name for intelligence derived from cracking the Enigma machine ciphers by an organization of about 10,000 staff at Bletchley Park (BP), England. The extent of the penetration of the German command structure was so profound and so pervasive that it is clear that BP's work changed not only the conduct but also the outcome of Allied European and North African Operations in W.W.II. Most brilliant of ULTRA successes was against German Afrika Korps whereby the 8th Army HQ read Enigma telegrams before Rommel himself.
There exists a fair amount of material on Enigma – a few resources in the bibliography are devoted to this subject. Enigma was central to the Battle of the Atlantic in W.W.II. Professor Jurgen Rohwer's Comparative Analysis of Allied and Axis Radio-Intelligence in the Battle of the Atlantic, presents ENIGMA’s history in eight phases:
From September 1939 to June 1940, German U-boats cruised west of the British Isles and Bay of Biscay to intercept Allied Merchant ships. U-boats found enough targets. Radio signals were as indispensable to the German Commander in Chief, U-boats for directing his U-boat groups or wolf packs as they were for Allied commanders directing the convoys of merchant ships and their escorts. The aim of the Axis powers was to sever the lines of communication by surface radar’s, aircraft and especially U-boats to attack ships in the convoys and thus sink more vessels and tonnage than the Allied shipbuilding yards could replace.
In the first two phases of the Battle of the Atlantic, there was a clear superiority with cryptanalytic success on the German side. Intelligence was of limited value to actual operations. The Germans introduced the short signal system, using a codebook to shorten communications to a few four-letter groups which were superenciphered with daily settings of the Schlussel M [M Key] in the circuit of Heimische Gewasser (home waters). The Royal Navy used two crypto-systems--the first was the Naval Cipher, which used 4 figure codebooks, and the second was the 5-figure codebook naval code. Both used subtractor tables of 5000 groups changed monthly. B-dienst (German NSA equivalent) was reading about 30-50 % of the Naval Cipher, used by officers. The Merchant Navy Code was broken by the B-dienst in March 1940.
In the third phase, BP mastered the German machine known as the Schlussel M-3 and saved about 400 ships by rerouting convoys. The Schlussel M-3 used three rotors out of a stock of eight rotors. BP had no success against rotors VI-VIII and limited success against rotors I-IV.
The boarding of the German ship "Krebs" gave the British a box of five rotors. A key to Enigma is its two inner settings, the Walzenlage, or rotor order, and the Ringstellung, the setting of the alphabet rings. In addition to these were the plugboard, the Steckerverbindungen, of ten pairs of letters and the Grundstellung, the starting positions of the rotors. The capture of U-110 gave BP a consistent set of settings and grid maps to reference. The British STR (Submarine Tracking Room) became key to rerouting ships valued at 1.5 mm Gross Registered Tonnage.
Phase 4 clearly went to the Germans because of their score of ships sunk off the Americas.
In Phase 5, 1942, the German BdU had many interceptions because the B-dienst decrypted the rerouting signals more effectively. Triton introduced and stumps BP. In March 1943, BP solved the Triton and British Admiralty changed the ship operation patterns.
The sixth and seventh phases German cipher improvements broken by use of U. S. and British high speed computer "Bombes".
The code name bombe was ill chosen by the British – the Germans were listening in to their communications and the Enigma secret could have been compromised. Introduction of the German Kurier system for high-speed transmissions to new U-boat type XXI was released too late to stop operation Overlord.
Allied shipping losses were significant and import tonnage to Britain was reduced because of the U-boat success. T. J. Runyan and Jan M. Copes present details in ‘To Die Gallently’.
David Kahn presents an ENIGMA chronology in terms of world events. A clearer picture of the effect of information devived from ULTRA can not be found. Timelines were based on his and the honorable F. H. Hinsley books.
ENIGMA was a class of machines. Cipher A. Deavours and Louis Kruh; in Machine Cryptography and Modern Cryptanalysis provides detailed descriptions with pictures, rotor order, settings, plug board and their influence on frequency distribution. Numerous sources show the various ENIGMA variations: Dr. Klaus Brunnstein has catalogued excellent graph interface formats (GIF’s) available for downloading (see references) from the on-line museum at University of Hamburg and at the ACA Crypto drop box site.
Electric Cipher Machine Mark II (ECM MARK II aka SIGABA)
The ECM Mark II (also known in the Navy as CSP-888/889 and SIGABA by the Army) was a cipher machine used for sensitive communications during World War II. According to the National Maritime Museum, it was used aboard USS submarine Pampanito. USS Pampanito (SS-383) was a World War II Balao class Fleet submarine that has been preserved as a National Historical Landmark located at San Francisco's Fisherman's Wharf. Pampanito made six patrols in the Pacific during World War II, sank six Japanese ships, and damaged four others. It is operated by the National Maritime Museum Association. The USS Pampanito has its own web site where you can take a closer look at the many issues involved in managing a tactical submarine:
http://www.maritime.org
The ECM Mark II aboard Pampanito was provided by the Naval Security Group. After cleaning, lubrication, and minor repair it was put on display in July of 1996. It is currently the only fully operable ECM Mark II in existence. This machine was built in June of 1943 as a CSP-889, and sometime circa 1950, it was modified into a CSP-889-2900. The minor modifications added one switch and a knob that allow operation compatible with CSP-889 machines, or enhanced security when operated as a CSP-2900. "CSP" stands for Code and Signal Publication, its usage started during WWI.
In early September 1944, U.S. Fleet Radio Unit Pacific FRUPAC) in Hawaii recorded a Japanese cipher radio message that originated from Singapore. Unknown to the Japanese, U.S. forces had analyzed many Japanese messages and as a result of much brilliant and hard work were able to cryptanalyze their enemy's inadequately designed and implemented cryptographic system. FRUPAC deciphered the message that announced the route of an important Japanese convoy from Singapore to Japan. The timing and expected path of the convoy from the message was enciphered on an ECM in Hawaii and sent to Pampanito where it was deciphered on an ECM. Although Pampanito's crew did not know how FRUPAC got its information, they were able to go directly to the convoy's path and attack with great efficiency. Pampanito's attack was kept secret by the superior U.S. cryptographic system that revolved around the ECM Mark II.
The ECM Mark II based cryptographic system is not known to have ever been broken by an enemy and was secure throughout W.W.II. The system was retired by the U.S. Navy in 1959 because it was too slow to meet the demands of modern naval communications. Axis powers (primarily Germany) did however periodically break the lower grade systems used by allied forces. Early in the war (notably during the convoy battle of the Atlantic and the North Africa campaign) the breaking of allied systems contributed to Axis success.
In contrast, the Allies were able to break Axis communications for most of the war supplying many of the targets attacked by Pampanito. Intercepted messages provided not only the location of potential targets, but often insight into the thinking of enemy commanders. In the Pacific, this information was critical to success in the battles of Midway and the Coral Sea in 1942.
However, intelligence, including cryptanalysis, can be a double-edged sword. The intercepted message that directed Pampanito to attack the convoy during September 1944 did not indicate that 2000 Australian and British POWs were aboard the Japanese shi!ps.
Navy Systems
The Navy commenced W.W.II with three principle cryptographic systems (besides codes): The ECM (for high level communications); a Hagelin cryptographic machine adapted from the C-36 (1936), the CSP 1500 (for medium level communications); and a strip cipher (for tactical level communications and sometimes higher level signals). The ECM was in use during Corridor when immense quantities of enciphered poems, baseball scores, et cetera, were sent to provide artificially high traffic levels to confuse the Japanese.
Army Systems
The Army used the ECM (SIGABA) and the five rotor wired wheel M-134-A (SIGMYK), which was driven by a one-time Baudot tape to control its rotor movements. The two-tape Vernam system was also used, being later replaced by the M-228 (SIGCUM), a five rotor teletype machine. The Hagelin C-38 (1938) (M-209) was used for tactical communications along with a variety of hand systems. The strip system was used extensively for all levels of communications.
Combined U.S. - British System - CSP1700
During the war, communication between U.S. and British was paramount in importance. Don Seiler of the Navy designed the adapter system for the British Typex and the U.S. ECM. It was called the CSP1600. The hybrid machine was designated the CCM for Combined Cipher Machine or CSP1700. At the conclusion of W.W.II, the CSP1700 was adopted by the U.S. State Department for its highest level ciphers. It stayed in place for more than ten years.
Wrap-up
During the period preceding World War II and up through about 1960, two interesting dimensions of cryptographic activity were witnessed. Codes for both commercial and military applications proliferated. Condensation and brevity were as important goals as secrecy in some of these systems. The invention of the rotor, ushered in an era where machines were used to extend the security of the key(s) of established polyalphabetic cryptosystems. Three rotor machines, the CSP 1500, ENIGMA, and SIGABA were briefly discussed as examples of the period.
Chapter: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 9 | 10 |
| Reserve your copy at a Beta Bookstore near you! |
Contact Bet@books © 1998 The McGraw-Hill Companies, Inc. All rights reserved. Any use of this Beta Book is subject to the rules stated in the Terms of Use. |