Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 2: The Lorenz Cipher and the Postman’s Computer.

Slides:



Advertisements
Similar presentations
“Advanced Encryption Standard” & “Modes of Operation”
Advertisements

By Megan Goatley. history one of the last of a top World War Two codebreaking team at Bletchley Park codebreaker Jerry Roberts dies aged 93, Capt Roberts,
Team Name: team13 Programmer: 陳則凱 b Tester: 劉典恆 b

WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:
Solving the Enigma How the Western Allies Cracked the German Secret Codes During WW II.
Enigma? Several Images from Wikipedia (an online encyclopedia)
Modern Cryptography.
Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 4: Modern Cryptography
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea
Creating Secret Messages. 2 Why do we need to keep things secret? Historically, secret messages were used in wars and battles For example, the Enigma.
CSE331: Introduction to Networks and Security Lecture 17 Fall 2002.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
Lecture 23 Symmetric Encryption
Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.
What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.
Computer Security CS 426 Lecture 3
Classical Encryption Techniques
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
IntroConcAnalysisPreviousSystemsRotors
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
Cryptography Week-6.
Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.
Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.
David Evans Class 17: Sex, Religion, and Politics CS150: Computer Science University of Virginia Computer Science.
Códigos y Criptografía Francisco Rodríguez Henríquez A Short Introduction to Stream Ciphers.
Alan Turing and Code Breaking
David Evans CS200: Computer Science University of Virginia Computer Science Lecture 12: Decrypting Work Circle Fractal.
The Turing machine Olena Lastivka. Definition Turing machine is a theoretical device that manipulates symbols on a strip of tape according to a table.
Team Name: team13 Programmer: 陳則凱 b Tester: 劉典恆 b
One-Time Pad Or Vernam Cipher Sayed Mahdi Mohammad Hasanzadeh Spring 2004.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Topic 21 Cryptography CS 555 Topic 2: Evolution of Classical Cryptography CS555.
Encryption: A Brief History Author: Margery Waldron.
Day 18. Concepts Plaintext: the original message Ciphertext: the transformed message Encryption: transformation of plaintext into ciphertext Decryption:
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Introduction to Cryptography Techniques How secure is that banking network traffic?
CSCI 5857: Encoding and Encryption
Cs3102: Theory of Computation Class 11: Moore, Mealy, and Markov Models Spring 2010 University of Virginia David Evans.
Cryptography Dave Feinberg. Suppose I send an from to Who has access to that ? What if I want the.
Enigma Plymstock School History Department. The Battle of the Atlantic The Battle of the Atlantic Since the evacuation of the British Army from the beaches.
Classical Crypto By: Luong-Sorin VA, IMIT Dith Nimol, IMIT.
Multiple Encryption & DES  clearly a replacement for DES was needed Vulnerable to brute-force key search attacks Vulnerable to brute-force key search.
Traditional Symmetric-Key Ciphers
Computer Security Cryptography. Cryptography Now and Before  In the past – mainly used for confidentiality  Today –Still used for confidentiality –Data.
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
Lecture 2: Introduction to Cryptography
David Evans Lecture 13: Astrophysics and Cryptology CS200: Computer Science University of Virginia Computer Science.
Lecture 23 Symmetric Encryption
DES Analysis and Attacks CSCI 5857: Encoding and Encryption.
CS 150 – Computing: From Ada to the Web Cryptography.
The Enigma Machine Eric Roberts CS 106A February 3, 2016.
University of Malawi, Chancellor College
CHAPTER 14 ENCRYPTION AND DECRYPTION Sajina Pradhan
Lecture 3 Page 1 CS 236 Online Basic Encryption Methods Substitutions –Monoalphabetic –Polyalphabetic Permutations.
Modes of Operation block ciphers encrypt fixed size blocks – eg. DES encrypts 64-bit blocks with 56-bit key need some way to en/decrypt arbitrary amounts.
Key words: Intercept | Decipher | Translate
David Evans Class 20: Objects I invented the term Object-Oriented, and I can tell you I did not have C++ in mind. — Alan.
Chapter 2 Basic Encryption and Decryption
Key words: Cryptography | Binary | Cipher
Basic Encryption Methods
In this lesson we will understand:
STREAM CIPHERS by Jennifer Seberry.
Block vs Stream Ciphers
An electro-mechanical rotor cipher machine created by the German engineer Arthur Scherbius.
Modern Cryptography.
Secret-Key Encryption
Presentation transcript:

Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 2: The Lorenz Cipher and the Postman’s Computer Colossus Rebuilt, Bletchley Park, Summer 2004

2 JILL WWII Crypto Spring Class 2: Breaking Fish One-Time Pad Vernam [1917] (AT&T Bell Labs) Plaintext Letters Key Letters Relays combine key and plaintext letters

3 JILL WWII Crypto Spring Class 2: Breaking Fish The Baudot Code (like Morse Code, not a cipher) A00011H10100space00100 B11001I return01000 C01110J01011V11110line feed00010 D01001K01111W10011letter shift11111 E00001L10010X11101figure shift11011 F01101M11100Y10101error00000 G11010N01100Z10001 Encode 32 letters using 5 on/off signals

4 JILL WWII Crypto Spring Class 2: Breaking Fish Why perfectly secure? For any given ciphertext, all plaintexts are equally possible. Ciphertext: J = Key1: I = Plaintext1: = K Key2: L = Plaintext2: = = shift

5 JILL WWII Crypto Spring Class 2: Breaking Fish Vernam’s Key A long paper tape with random letters on it (using Baudot code) Cannot reuse key – tape must be very long! This has 6 holes per letter (not Baudot code)

6 JILL WWII Crypto Spring Class 2: Breaking Fish Morehouse’s Improvement Like Vernam machine, but with two key tapes Tape 1 (999 letters) Tape 2 (1000 letters)

7 JILL WWII Crypto Spring Class 2: Breaking Fish Morehouse’s Improvement (patented in 1920) Tape 1 (999 letters) Tape 2 (1000 letters) Message Ciphertext   =

8 JILL WWII Crypto Spring Class 2: Breaking Fish Looping Tapes Tape 1 (999 letters) Tape 2 (1000 letters) The tape equivalent to Tape 1  Tape 2 would not repeat for 999 * 1000 letters! Note: it is no longer a perfect cipher though. Some keys are not possible after 1001 letters.

9 JILL WWII Crypto Spring Class 2: Breaking Fish Lorenz Cipher Based on the Vernam and Morehouse –Used Baudot code Believed managing long paper tapes during wartime was too difficult Machine generates key sequence –If two machines start in same configuration, same key sequence –Will not repeat for ~ letters All words ever spoken or written by all humans is estimated around letters

10 JILL WWII Crypto Spring Class 2: Breaking Fish Lorenz Cipher Machine

11 JILL WWII Crypto Spring Class 2: Breaking Fish Lorenz Wheels 12 wheels 501 pins total (set to control wheels)

12 JILL WWII Crypto Spring Class 2: Breaking Fish Wheel Operation Bit channels (5 for Baudot) Two XORs with key bits (like paper tapes)

13 JILL WWII Crypto Spring Class 2: Breaking Fish Wheel Operation Each K wheel rotates every letter M wheels control if S wheels rotate Each S wheel rotates when M wheels output 1

14 JILL WWII Crypto Spring Class 2: Breaking Fish Use by Nazis Considered most secure cipher machine Messages between Hitler’s army headquarters and European capital headquarters Each link had a slightly different system (British named them for fish): –Tunny: Vienna - Athens –Jelly: Berlin – Paris

15 JILL WWII Crypto Spring Class 2: Breaking Fish General Report on Tunny (1945, declassified in 2000) “It is regretted that it is not possible to give an adequate idea of the fascination of a Colossus at work: its sheer bulk and apparent complexity; the fantastic speed of thin paper tape round the glittering pulleys; the childish pleasure of not-not, span, print main heading and other gadgets; the wizardry of purely mechanical decoding letter by letter (one novice thought she was being hoaxed); the periods of eager expectation culmniating in the sudden appearance of the longed-for score; the strange rhythms characterizing every type of run; the stolid rectangle interrupted by the wild leaps of the carriage-return, the frantic chatter of a motor run, the ludicrous frenzy of hosts of bogus scores.”

16 JILL WWII Crypto Spring Class 2: Breaking Fish Breaking Fish GCHQ learned about first Fish link (Tunny) in May 1941 –Intercepted unencrypted Baudot-encoded test messages August 30, 1941: Big Break! –Operator retransmits failed message with same starting configuration –Gets lazy and uses some abbreviations, makes some mistakes SPRUCHNUMMER/SPRUCHNR (Serial Number)

17 JILL WWII Crypto Spring Class 2: Breaking Fish “Two Time” Pad Allies have intercepted: C1 = M1  K1 C2 = M2  K1 Same key used for both (same starting configuration) Breaking message: C1  C2 = (M1  K1)  (M2  K1) = (M1  M2)  (K1  K1) = M1  M2

18 JILL WWII Crypto Spring Class 2: Breaking Fish “Cribs” Know: C1, C2 (intercepted ciphertext) C1  C2 = M1  M2 Don’t know M1 or M2 –But, can make some guesses (cribs) SPRUCHNUMMER Sometimes allies moved ships, sent out bombers to help the cryptographers get good cribs Given guess for M1, calculate M2 M2 = C1  C2  M1 Once guesses that work for M1 and M2 K1 = M1  C1 = M2  C2

19 JILL WWII Crypto Spring Class 2: Breaking Fish Finding K1 From the 2 intercepted messages, Col. John Tiltman worked on guessing cribs to find M1 and M2 –4000 letter message, found 4000 letter key Bill Tutte (recent Chemistry graduate) given task of determining machine structure from key –Already knew it was 2 sets of 5 wheels and 2 wheels of unknown function

20 JILL WWII Crypto Spring Class 2: Breaking Fish Reverse Engineering Lorenz Looked at patterns of bits in key Found repeating sequence: –Repetition period of 41, learned first wheel had 41 pins –Similar for other wheels, determining S/M/K wheel structure After 6 months of hard work: determined likely machine structure that would generate K1

21 JILL WWII Crypto Spring Class 2: Breaking Fish Intercepting Traffic Set up listening post to intercept traffic from 12 Lorenz (Fish) links –Different links between conquered capitals –Slightly different coding procedures, and different configurations 600 people worked on intercepting traffic Sent intercepts to Bletchley (usually by motorcycle courier)

22 JILL WWII Crypto Spring Class 2: Breaking Fish Breaking Traffic Knew machine structure, but a different initial configuration was used for each message Need to determine wheel setting: –Initial position of each of the 12 wheels –1271 possible starting positions –Needed to try them fast enough to decrypt message while it was still strategically valuable

23 JILL WWII Crypto Spring Class 2: Breaking Fish Recognizing a Good Guess Intercepted Message (divided into 5 channels for each Baudot code bit) Z c = z 0 z 1 z 2 z 3 z 4 z 5 z 6 z 7 … z c, i = m c,i  x c,i  s c,i Message Key (parts from S-wheels and rest) Look for statistical properties –How many of the z c,i ’s are 0? –How many of (z c,i+1  z c,i ) are 0? ½ (not useful) ½

24 JILL WWII Crypto Spring Class 2: Breaking Fish Double Delta  Z c,i = Z c,i  Z c,i+1 Combine two channels:  Z 1,i   Z 2,I =  M 1,i   M 2,i   X 1,i   X 2,i   S 1,i   S 2,i = ½ (key) > ½ Yippee! > ½

25 JILL WWII Crypto Spring Class 2: Breaking Fish Double Delta  M 1,i   M 2,i   X 1,i   X 2,i   S 1,i   S 2,i = ½ (key) > ½ Yippee! > ½ Why is  M 1,i   M 2,i > ½ Message is in German, more likely following letter is a repetition than random Why is  S 1,i   S 2,i > ½ S-wheels only turn some of the time (when M-wheel is 1)

26 JILL WWII Crypto Spring Class 2: Breaking Fish Actual Advantage Probability of repeating letters Prob[ M 1,i   M 2,i = 0] ~ % of German digraphs are repeating Probability of repeating S-keys Prob[ S 1,i   S 2,i = 0] ~ 0.73 Prob[ Z 1,i   Z 2,I   X 1,i   X 2,i = 0] = * ( ) * (1-0.73)  M and S are 0  M and S are 1 = 0.55

27 JILL WWII Crypto Spring Class 2: Breaking Fish Using the Advantage If the guess of X is correct, should see higher than ½ of the double deltas are 0 Try guessing different configurations to find highest number of 0 double deltas Problem: # of double delta operations to try one config = length of Z * length of X = for 10,000 letter message = 12 M for each setting * 7  per double delta = 89 M  operations

28 JILL WWII Crypto Spring Class 2: Breaking Fish Heath Robinson Dec 1942: Decide to build a machine to do these s quickly, due June 1943 Apr 1943: first Heath Robinson machine is delivered! Intercepted ciphertext on tape: –2000 characters per second (12 miles per hour) –Needed to perform 7  operations each ½ ms Heath Robinson, British Cartoonist ( )

29 JILL WWII Crypto Spring Class 2: Breaking Fish Colossus Heath Robinson machines were too slow Colossus designed and first built in Jan 1944 Replaced keytext tape loop with electronic keytext generator Speed up ciphertext tape: –5,000 chars per second = 30 mph –Perform 5 double deltas simultaneously –Speedup = 2.5X for faster tape * 5X for parallelism

30 JILL WWII Crypto Spring Class 2: Breaking Fish Colossus Design Electronic Keytext Generator LogicTape Reader Counter Position Counter Printer Ciphertext Tape

31 JILL WWII Crypto Spring Class 2: Breaking Fish Impact on WWII 10 Colossus machines operated at Bletchley park –Various improvements in speed Decoded 63 million letters in Nazi command messages Learned German troop locations to plan D-Day (knew the deception was working)

32 JILL WWII Crypto Spring Class 2: Breaking Fish Colossus History Kept secret after the war, all machines destroyed During WWII Rebuild, Bletchley Park, Summer 2004

33 JILL WWII Crypto Spring Class 2: Breaking Fish Next Class Enigma and how it was broken Some similarities to Colossus: –Exploited operator errors –Built machines to quickly try possibilities

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.