SIS and Cipher Machines: 1930 – 1940

John F DooleyKnox College

1

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States License.

Presented at the 14th Biennial NSA CCH History Symposium, October 2013

1Thursday, November 7, 2013

The Results of Friedman’s Training

• The initial training regimen as it related to cipher machines was cryptanalytic

• But this detailed analysis of the different machine types informed the team’s cryptographic imaginations when it came to creating their own machines

22Thursday, November 7, 2013

The Machines

• Wheatstone/Plett Machine• AT&T machine• Hebern cipher machine• Kryha• IT&T (Parker Hitt)• Engima• B-211(and B-21)

• M-94• M-138 and M-138-A• M-209 • Red• Purple• SIGABA (M-134 and M-134-C)

33Thursday, November 7, 2013

The Wheatstone/Plett Machine

• polyalphabetic cipher disk with gearing mechanism rotates the inner alphabet.

• Plett’s improvement is to add a second key and mixed alphabet to the inner ring.

• Friedman broke this in 1918

4

Principles: (a) The inner workings of a mechanical cryptographic device can be worked out using a paper and pencil analog of the device. (b) if there is a cycle in the mechanical device (say for particular cipher alphabets), then that cycle can be discovered by analysis of the paper and pencil analog.

4Thursday, November 7, 2013

The Army M-94

• Traces its roots back to Jefferson and Bazieres

• Used by US Army from 1922 to circa 1942• 25 mixed alphabets. Disk order is the key.

5

Principles: For wheel ciphers and their equivalents one can create a series of tables representing all the possible substitutions for all the letters in each mixed alphabets and use the resulting tables to try probable word attacks. In addition, the use of indicators and probable words offer an excellent avenue for cryptanalysis of these types of ciphers.

5Thursday, November 7, 2013

The Hagelin B-21•rotor and pin system (2 rotors, 4 pin-wheels) •B-211 could operate with or without electricity•its effect is a fractionating cipher•first encounter of SIS with an irregularly

stepped system.

6

Principles: First rotor-type device SIS saw. “This was our first encounter with anything like the effect of several elements, such as the four control (pin) wheels, operating together to produce a key which in turn controlled the stepping of electrical switching components such as the commutators (cipher wheels).” (Rowlett)

6Thursday, November 7, 2013

Kryha

• gear-based single wheel with changeable mixed alphabet sliding against a fixed alphabet (either standard or mixed)

• Rowlett: “A noisy brute of a device...”

7

Principles: A gear-based rotating wheel that changed the cipher letters sliding against the fixed (and mixed) alphabet.Regular wheel stepping is a weakness. Ability to change both the movable and fixed alphabets between messages.

7Thursday, November 7, 2013

The AT&T teletype machine• original system that Friedman cracked in

1919 used a single key tape (later two, offset tapes)

• weakness is in key repetition and non-randomness

• Maubourgne improvement leads to one-time pad system

8

Principles: Automatic transmission of encrypted text. Use of multiple key streams. First example of using “digital” circuits – the system employed an exclusive-or operation.

8Thursday, November 7, 2013

The Hebern Mark I•rotor system - originally one rotor, later expanded to 5 rotors

•Friedman broke the Mark I in 1924

•“The most important cipher machine we studied.” (Rowlett)

9

Principles: First electro-mechanical rotor machine that SIS tackled. Number of rotors and complex stepping mechanism. Recovery of rotor wiring diagrams. Interval method of rotor wiring. Use of statistical analysis in recovering the rotor wiring and starting positions. (SIS attacked an updated Hebern in 1934. Led to realization that automated computation would be necessary in the future.)

9Thursday, November 7, 2013

The Army M-209 (The Hagelin C-38)

•pin and lug cage to control rotor stepping

•purely mechanical

•6 rotors, all different sizes

140,000 manufactured during WW210

Principles: The use of the pin and lug system can improve security. Complex keys can improve security if used correctly.

10Thursday, November 7, 2013

The Army M-138 and M-138-A

• Parker Hitt’s original version from 1916

• Maubourgne evolved this into the M-94

• Friedman has the patent

1111Thursday, November 7, 2013

The IT&T Machine of Parker Hitt

• teletypewriter designed to send encrypted text end-to-end

• used 10 cams with relatively prime periods

• several weaknesses, including operating use

1212Thursday, November 7, 2013

Enigma

• Friedman acquired commercial version of the system

• Little luck in breaking it

• surprising considering his success with the Hebern

• SIS never saw military version during the 1930s

1313Thursday, November 7, 2013

The Japanese Red Machine

•Introduced in 1932; broken by SIS in 1935

•used variation on Hagelin half-rotor (see B-21)

•irregular motion of cipher wheel governed by a 47-position pin (break) wheel

•Japanese added the “sixes” and the “twenties” and plugboard

•separation was a basic weakness recognized early by SIS

1414Thursday, November 7, 2013

The Red Machine Movie

• 2009

• Plays fast and loose with the facts

1515Thursday, November 7, 2013

The Japanese Purple Machine

•Introduced in 1938, first messages intercepted in early 1939.

•more sophisticated than RED (although still kept the “sixes” and “twenties”)

•small number of daily keys used (~1000)•cipher wheel gone - uses telephone stepping switches in banks instead

•plugboard used for input and output•broken by Rowlett’s team in September 1940

1616Thursday, November 7, 2013

SIGABA (The M-134, M-134-C, and M-229)

• Friedman’s original M-134 design

• Rowlett’s improvement (M-229)

• using irregularly stepping rotors to change the cipher alphabets (the stepping maze)

• Navy combined the ideas and built the M-134-C (Safford & Seiler)

1717Thursday, November 7, 2013

Patents

SIGABA 6,175,625

1818Thursday, November 7, 2013

Cryptanalysis informs Cryptography

• electro-mechanical systems• automatic computation necessary for cryptanalysis• rotor construction and use

• Hebern’s level method of designing rotors• reversible rotors• irregular stepping (complex rotor movement)

• pin and lug systems• irregular stepping

• statistical analysis of rotor systems is possible (and essential)19

19Thursday, November 7, 2013

Conclusions

• The cryptanalytic work of SIS lead directly to their expertise in cryptographic work

• Friedman’s work in the 1920s in cryptanalyzing cipher machines provided the foundation for his training regimen and the subsequent successes of SIS in the late 1930s.

2020Thursday, November 7, 2013

References

21

Barker, Wayne G. 1989. The History of Codes and Ciphers in the United States during the Period Between the Wars: Part II. 1930 - 1939. paperback ed. 54. Laguna Park, CA: Aegean Park Press. 99 pgs.

Callimahos, Lambros D. 1973. Q.E.D.-2 Hours, 41 Minutes. NSA Technical Journal XVIII (4):13-34.Clark, Ronald. 1977. The Man Who Broke Purple. hardcover. Boston: Little, Brown and Company. 271 pgs.Deavours, Cipher A. 1977. Analysis of the Hebern Cryptograph using Isomorphs. Cryptologia 1 (2):167-185.Ellison, Carl M. 1988. A SOLUTION OF THE HEBERN MESSAGES. Cryptologia 12 (3):144-158.Freeman, Wes, Geoff Sullivan, and Frode Weierud. 2003. PURPLE Revealed: Simulation and Computer-aided Cryptanalysis of Angooki Taipu B.

Cryptologia 27 (1):1-43.Friedman, William F. 1940. Preliminary Historical Report on the Solution of the "B" Machine (SRH-159). edited by S. I. S. US Army. Washington, DC:

National Archives.———. 1942. A Brief History of U.S. Cryptologic Operations 1917 - 1929 (June 29, 1942). SRH-029. Washington, DC: NARA. RG 457 Entry 9032.———. 1991. A Brief History of The Signal Intelligence Service (SRH-029). Cryptologia 15 (3):263 - 272.———. 2006. The Friedman Legacy: A Tribute to William and Elizebeth Friedman (Third Printing). Fort Meade, MD: NSA Center for Cryptologic

History. 226 pgs.Hannah, Theodore M. 1981. Frank B. Rowlett - A Personal Profile. Cryptologic Spectrum 11 (2):4 - 21.Kahn, David. 1967. The Codebreakers; The Story of Secret Writing. hardcover ed. New York: Macmillan. xvi, 1164 pgs.Kullback, Solomon. 1982. Oral History of Solomon Kullback. In Oral History Collection. Ft. Meade, MD: National Security Agency.Lewin, Ronald. 1982. The American Magic: Codes, Ciphers and the Defeat of Japan. hardcover ed. New York: Farrar Straus Giroux. 332 pgs.Marks, Philip. 2011. Operational Use and Cryptanalysis of the Kryha Cipher Machine. Cryptologia 35 (2):114-155.Morris, Robert. 1978. The Hagelin Cipher Machine (M-209): Reconstruction of the Internal Settings. Cryptologia 2 (3):267-289.Rowlett, Frank R. 1974. Oral History of Frank Rowlett (1974). In Oral History Collection. Ft. Meade, MD: National Security Agency.———. 1976. Oral History of Frank Rowlett (1976). In Oral History Collection. Ft. Meade, MD: National Security Agency.———. 1998. The Story of Magic: Memoirs of an American Cryptologic Pioneer. hardcover. Laguna Hills, CA: Aegean Park Press. 258 pgs.Savard, John J. G., and Richard S. Pekelney. 1999. THE ECM MARK II: DESIGN, HISTORY, AND CRYPTOLOGY. Cryptologia 23 (3):211-228.Schmeh, Klaus. 2010. Alexander von Kryha and His Encryption Machines. Cryptologia 34 (4):291-300.Sinkov, Abraham. 1979. Oral History of Dr. Abraham Sinkov. In Oral History Collection. Ft. Meade, MD: National Security Agency.Smoot, Betsy Rohaly. 2012. Pioneers of U.S. Military Cryptology: Colonel Parker Hitt and His Wife, Genevieve Hitt. Federal History Journal (4):87-100.Snyder, Samuel. 1976. Oral History of Samuel Snyder. In Oral History Collection. Ft. Meade, MD: National Security Agency.

21Thursday, November 7, 2013