How long would it take an average computer to figure out the WWII Enigma machine

[Beamin]

Say we recreated the "bomb" (I think it was called the bomb; the thing in blechly park with all the tubes in it that they would feed intercepted codes) in software and fed it some 3 or 4 rotor and plug board enigma codes how hard would it be to figure out the message? Using the same cryptography the British used no special modern day NSA code cracking.

Could you do it on an arduino? Would it take minutes, seconds, milliseconds? How many lines of code would it take in C or python?

[tpowell1830]

Hi Beamin

Judging from your past posts, my guess is that you know the answer to this, however, without knowing the key codes, this could not be done (until you have the algorithm).

But, further, if all is known and the c code is in place, my guess is that on an arduino, this would take milliseconds.

Your turn...

[CJay]

Hi Beamin

Judging from your past posts, my guess is that you know the answer to this, however, without knowing the key codes, this could not be done (until you have the algorithm).

But, further, if all is known and the c code is in place, my guess is that on an arduino, this would take milliseconds.

Your turn...

Nope, there were examples written a few years ago for (I think a Pentium 3) PC and it only just beat the Bombe, I suspect an Arduino would take considerably longer.

https://www.zdnet.com/article/uk-code-breakers-release-enigma-war-machine-simulator/

[ledtester]

This talk is excellent presentation on how to use modern cryptoanalysis techniques on Enigma. Includes a live demo of cracking a message.

https://youtu.be/gNXzMDulp7M

Unfortunately their site enigmacrack.com and source code don't seem to online anymore.

[JohnnyMalaria]

It would be interesting to compare how long it takes with and without the essential knowledge Turin et al had regarding weaknesses in Enigma (i.e., that a given letter never gets encrypted to itself and messages (nearly) always ended with Heil Hitler).

[themadhippy]

cyberchef seems to get the job done rather quickly,description of how to use  it  and  links to examples https://github.com/gchq/CyberChef/wiki/Enigma,-the-Bombe,-and-Typex

[ledtester]

cyberchef seems to get the job done rather quickly,description of how to use  it  and  links to examples https://github.com/gchq/CyberChef/wiki/Enigma,-the-Bombe,-and-Typex

From that page at the bottom:

A three-rotor Bombe run (which tests 17,576 rotor positions and takes about 15-20 minutes on original Turing Bombe hardware) completes in about a fifth of a second in our tests. A four-rotor Bombe run takes about 5 seconds to try all 456,976 states. This also took about 20 minutes on the four-rotor US Navy Bombe (which rotates about 30 times faster than the Turing Bombe!). CyberChef operations run single-threaded in browser JavaScript.

[CJay]

cyberchef seems to get the job done rather quickly,description of how to use  it  and  links to examples https://github.com/gchq/CyberChef/wiki/Enigma,-the-Bombe,-and-Typex

It does,*much* faster than the original Bombe simulator I saw, would be interesting to see if it could be implemented on something embedded.

[Beamin]

This talk is excellent presentation on how to use modern cryptoanalysis techniques on Enigma. Includes a live demo of cracking a message.

https://youtu.be/gNXzMDulp7M

Unfortunately their site enigmacrack.com and source code don't seem to online anymore.

So how do they know they are actually breaking the code? Does the computer/gpu try a combination see what comes out, then does a second step where it checks if the text is jibberish?

Not sure how they did it but I would do a hybrid brute force like this:
1. Start with a combination rotor setting 1,2,3:  Code word: QWER ASDF
2. Get a result: ZXCV BNMK
3. Take that result compare to an english dictionary and see if ZXCV is a real word. IF NOT then go back to 1 but with rotor setting 1.2.4
4. Get Result BLUE DOGS
5. Compare to dictionary: Yes those are real words stop program, or if more jibberish goto 1,2,5  try again.

I dont see how they were error checking, and 20 min on a 2012 GPU would take an arduino a VERY long time, correct me if im wrong.

As an aside: How can a GPU take 18 in the video but a tube based navy bomb take 20 min according to the posters in this thread? Thats like the DSKY running an iphone app.

[CJay]

This talk is excellent presentation on how to use modern cryptoanalysis techniques on Enigma. Includes a live demo of cracking a message.

https://youtu.be/gNXzMDulp7M

Unfortunately their site enigmacrack.com and source code don't seem to online anymore.

So how do they know they are actually breaking the code? Does the computer/gpu try a combination see what comes out, then does a second step where it checks if the text is jibberish?

Not sure how they did it but I would do a hybrid brute force like this:
1. Start with a combination rotor setting 1,2,3:  Code word: QWER ASDF
2. Get a result: ZXCV BNMK
3. Take that result compare to an english dictionary and see if ZXCV is a real word. IF NOT then go back to 1 but with rotor setting 1.2.4
4. Get Result BLUE DOGS
5. Compare to dictionary: Yes those are real words stop program, or if more jibberish goto 1,2,5  try again.

I dont see how they were error checking, and 20 min on a 2012 GPU would take an arduino a VERY long time, correct me if im wrong.

As an aside: How can a GPU take 18 in the video but a tube based navy bomb take 20 min according to the posters in this thread? Thats like the DSKY running an iphone app.

And you'd fail mightily with that sort of brute force attack, it could take an incredibly long time.

The Bombe didn't decrypt messages, it determined rotor settings AFAIR, it also relied on 'preprocessing'  based on a *lot* of knowledge of how Enigma worked and how it was used plus the rigid message format used for things like weather reports, general messages ending with Heil Hitler etc.

All those factors combined to greatly reduce the work the Bombes had to do.

I suggest watching one of the demos on youtube (if you choose the right/wrong one you might even catch a glimpse of me)

[jmelson]

Say we recreated the "bomb" (I think it was called the bomb;

that's the "bombe", name apprently from the Poles who first started working on cracking Enigma.

 the thing in blechly park with all the tubes in it that they would feed intercepted codes)

That was Colossus,m and was used to crack the Lorenz SZ42, the first serious cypher machines.  Cracking that made the Enigma look like a
ceral box decoder ring toy.

in software and fed it some 3 or 4 rotor and plug board enigma codes how hard would it be to figure out the message? Using the same cryptography the British used no special modern day NSA code cracking.

Could you do it on an arduino? Would it take minutes, seconds, milliseconds? How many lines of code would it take in C or python?

A PDP-8 from the 1960's could crack Enigma codes in minutes.  Actually, there were two Enigmas, the army Enigma ha 3 rotors, the navy version had 4.  The US built several hundred bombes for the cracking effort.  Every day at midnight, the Germans changed the order and selection of rotors, and then they were not changed for the rest of the day.  The NCR-built bombes were set up with all possible rotor combinations (that took something like 26 machines) and would try to crack the correct rotor combination.  That took several MINUTES on an all electromechanical bombe (for army Enigma) and about 20 minutes for navy.  Once they knew the rotor combination to use, all machines were set up with those rotors and they ran all the machines in parallel to crack all the messages.  This was done in a huge barn-like building in downtown Washington, DC.

As for the SZ42, code-named "tunny" by the British, they had several electromechanical machines before building Colossus, which was part electromechanical with a lot of electronics.  It read the SZ42 cyphertext from punched paper tape at several thousand characters per second, allowing the character stream to slip one character per full pass against the crib tape.  Maintaining the alignment of the two tapes was a problem, so they eventually stores the crib electronically, so there was only one tape to deal with.  (The "crib" is snippets of expected cleartext such as "heil Hitler" or
"commander" etc.)

There is a LOT of info on these systems available online, for your reading pleasure.  There are sample Enigma cyphertexts and decoding programs for one to try out.

Jon

[Beamin]

This talk is excellent presentation on how to use modern cryptoanalysis techniques on Enigma. Includes a live demo of cracking a message.

https://youtu.be/gNXzMDulp7M

Unfortunately their site enigmacrack.com and source code don't seem to online anymore.

So how do they know they are actually breaking the code? Does the computer/gpu try a combination see what comes out, then does a second step where it checks if the text is jibberish?

Not sure how they did it but I would do a hybrid brute force like this:
1. Start with a combination rotor setting 1,2,3:  Code word: QWER ASDF
2. Get a result: ZXCV BNMK
3. Take that result compare to an english dictionary and see if ZXCV is a real word. IF NOT then go back to 1 but with rotor setting 1.2.4
4. Get Result BLUE DOGS
5. Compare to dictionary: Yes those are real words stop program, or if more jibberish goto 1,2,5  try again.

I dont see how they were error checking, and 20 min on a 2012 GPU would take an arduino a VERY long time, correct me if im wrong.

As an aside: How can a GPU take 18 in the video but a tube based navy bomb take 20 min according to the posters in this thread? Thats like the DSKY running an iphone app.

And you'd fail mightily with that sort of brute force attack, it could take an incredibly long time.

The Bombe didn't decrypt messages, it determined rotor settings AFAIR, it also relied on 'preprocessing'  based on a *lot* of knowledge of how Enigma worked and how it was used plus the rigid message format used for things like weather reports, general messages ending with Heil Hitler etc.

All those factors combined to greatly reduce the work the Bombes had to do.

I suggest watching one of the demos on youtube (if you choose the right/wrong one you might even catch a glimpse of me)

Do you have a link to the video you are in?

[floobydust]

https://www.youtube.com/watch?v=ZY1Y5xyKcBw&feature=youtu.be

How Enigma's key compares to a serial-killers, I'm not sure.
The recent cracking of the Zodiac Killer messages, long considered a Holy Grail in cryptography for decades, is an excellent lesson and the last two videos 4, 5 are great.
https://www.eevblog.com/forum/security/nerds-solve-50-years-old-zodiac-killers-cipher/

It shows he made PC software Cipher Explorer that takes the ciphertext and applies multiple key patterns. But you must have a human to interpret the results, not sure how automated it could be unless you know words in the plain text.

[jmelson]

But you must have a human to interpret the results, not sure how automated it could be unless you know words in the plain text.

Yes, the Germans made the Enigma cracking easy, every message signed off with "heil Hitler".  All you needed was to run the last ten characters of ciphertext against all steps of the decode permutation rotors, and it would give you the ending position of the rotors.  The Bletchley Park crew had tables so you could back up the rotors by the length of the message and then decode the full text.  Since there were seven rotors and you could pick any 3 (army) or 4 (navy) that added some more permutations that you needed to run.

Jon

[Cyberdragon]

cyberchef seems to get the job done rather quickly,description of how to use  it  and  links to examples https://github.com/gchq/CyberChef/wiki/Enigma,-the-Bombe,-and-Typex

It does,*much* faster than the original Bombe simulator I saw, would be interesting to see if it could be implemented on something embedded.

Would that have been this one?

https://www.101computing.net/turing-welchman-bombe-simulator/

[CJay]

Do you have a link to the video you are in?

Probably not, it's just a video from someone else who was at Bletchley on the day I was there a few years ago and I slip into shot a couple of times.

[CJay]

cyberchef seems to get the job done rather quickly,description of how to use  it  and  links to examples https://github.com/gchq/CyberChef/wiki/Enigma,-the-Bombe,-and-Typex

It does,*much* faster than the original Bombe simulator I saw, would be interesting to see if it could be implemented on something embedded.

Would that have been this one?

https://www.101computing.net/turing-welchman-bombe-simulator/

No idea, that one may be based on their code but this is on the GCHQ Github:
https://github.com/gchq/CyberChef/wiki/Enigma,-the-Bombe,-and-Typex

[Kjelt]

3. Take that result compare to an english dictionary

That is presuming the cleartext message is in english.
A different language, one extra permutation or the use of numbers in the start of the message and you will never find an answer.

[Kleinstein]

The simulation of teh Enigma is rather fast. The tricky part in breaking such a code it to decide if the decifert text is valid or not. This part depends very much on what you know about the text - like knowing he likely end.  Imagine someone writing text with so many errors that it is bareley readbl a kompder wyll haf a hrt tme tu chech.

[CJay]

The simulation of teh Enigma is rather fast. The tricky part in breaking such a code it to decide if the decifert text is valid or not. This part depends very much on what you know about the text - like knowing he likely end.  Imagine someone writing text with so many errors that it is bareley readbl a kompder wyll haf a hrt tme tu chech.

That's the difficulty, to automatically check the validity of a solution you have to have some idea of the possible message content.

I could make an assumption based on your forum profile that a ciphertext from you is likely plaintext in German or English but I have no idea if you speak other languages too so my 'dictionary' may have just expanded immensely.

Similarly I don't know if you've used a translation application to a language you don't speak, if you've abbreviated, used txtspk, made typos, used a code or are just enciphering a message from somebody else who speaks a completely different set of languages.

There are so many possibly permutations that it becomes nigh impossible without a 'crib' and even after all that, if you somehow miraculously manage to get a machine to 'recognise' valid plaintext, it's possible there could be multiple 'hits' which will need to be checked and analysed.

It's not a trivial problem even if the keyspace is small enough to make a brute force decryption possible.

[Kjelt]

That's the difficulty, to automatically check the validity of a solution you have to have some idea of the possible message content.
................
It's not a trivial problem even if the keyspace is small enough to make a brute force decryption possible.

That is true however it will become easier is you have a more other ciphertexts that were encrypted with the same cypher.
In the above Zodiac case there are only three or four samples with different ciphers and the maniac also made some encoding errors which contribute significantly to the difficulty of breaking it.

In the enigma case the same cipher was used by all "senders" during the entire day, so the samplesize would be quite large, so enough ciphertexts to double check all your found possible correct solutions.
If the germans would have started and ended with a random alphanumerical sequence, I doubt the code would have been broken, at least not until they also recovered the coding book (which is an example of a one time pad which is still the only perfect encryption scheme).

[jmelson]

As an aside: How can a GPU take 18 in the video but a tube based navy bomb take 20 min according to the posters in this thread? Thats like the DSKY running an iphone app.

There was NEVER a "tube based" bombe.  Colossus was used only to crack "tunny" or Lorenz SZ42 ciphers, electromechanical bombes were used for Enigma, which was a vastly simpler code.

OK, there are several issues with Enigma.  **IF** you know the wiring of the rotors that interchange the letters, it is not a very robust code.  If you **DO NOT** know the wiring, it is a VERY difficult code to crack.  As I understand it, Enigma was NEVER cracked without capture of a set of rotors.
The Germans changed out the set of rotors sometime in the middle of the war, and it took six months to capture a set of rotors, meanwhile all efforts at breaking the new rotor wiring with code-cracking methods were fruitless.

Since there were only seven rotors to choose from, the combinatorics limited the search space of the number of possible setups of the machines.  That only had to be done once per day.  Then, you only had to find the starting position of the rotors for each message.  The Bletchley Park bombes could test about 26 positions a second.  When they matched an adjustable number of characters of the crib, they stopped and the position was noted.  The NCR bombes tested something like 780 positions per second, and when a match was detected had to slow down and back up so that the position and number of matched characters could be printed on an adding machine tape.  then, the machine resumed the search automatically.

I'm kind of guessing that the GPU program is either starting out not knowing the order of rotors, or maybe without even knowing the rotor wiring, although I think that search space is so huge you would not be able to find the correct hits among all the random ones that looked probable.
But, if the crib was the entire cleartext, then it could be done.  I don't know how long that would take.

Jon

[jmelson]

In the enigma case the same cipher was used by all "senders" during the entire day, so the samplesize would be quite large, so enough ciphertexts to double check all your found possible correct solutions.
If the germans would have started and ended with a random alphanumerical sequence, I doubt the code would have been broken, at least not until they also recovered the coding book (which is an example of a one time pad which is still the only perfect encryption scheme).

If you have the code books, then you know the start position of the rotors for every message.  Then, the messages can be decoded with an Enigma machine, with no effort to break the system.  The codebooks only covered a relatively short time period, so quickly became outdated.  As I understand it, for each day, they had a page of 3 digit numbers with a rotor starting position for each.  So, number 123 would have you set the rotors to S Z K V, for a navy machine.  The operator would send 123 in cleartext before transmitting the ciphertext, so the receiving operator could set his machine to the same starting position.

As long as you had SOME known "crib" text anywhere in the message, you could still decode it, but a bombe would not have worked, as it only compared 10 characters of the ciphertext against the full key to see if it matched the crib.  Yes, just another shortcoming of how the Germans used the Enigma.

One other shortoming of Enigma is that no letter could ever be represented by itself.  This was the result of using a reflector disc at one end of the rotor stack to send the signal back through the rotors again.  Somebody once sent a message of all "L" characters, the Bletechley Park guys immediately spotted that,  and it became basically a readout of part of the rotor wiring.

Jon

[CJay]

Rotor wiring is laborious to work out but there were occasions where it was reverse engineered without having access to the physical hardware.

Rejwski did it, Knox did it and I'm sure others too.

[alank2]

The bombe was not a put in the message and wait for the answer type of thing - there were hundreds of talented code breakers at Bletchley Park responsible for obtaining a daily key and the bombe was only a part of that process.

I think someone tried a distributed computer attack in 2008 to break some of the remaining unencrypted German messages from WWII, but it did not do well at it.