Enigma procedures

• Enigma procedures
  • Enigma (1930)
  • (1931)
  • (1937)
  • (1938)
  • (1939)
  • (1940)
  • (1943)
• GenKeys Software

Introduction (protocol, addresses, network, security, cipher)

In order to be able to exchange messages, correspondents must share conventions. Nowadays we call it a protocol.

For example, the messages will be numbered and acknowledgments will be used to check that the messages have been received correctly. A message will have a sender and one or more recipients. The protocol will describe how to specify these addresses. A particular address will indicate that the message is intended for all correspondents. All of the correspondents who respect the same protocol form a network. For example the components of the German army (Heer): divisions, army corps, armies, form a network.

Depending on the nature of the messages and the mode of transmission, confidentiality will be required. So if components of the army exchange messages by radio about their plans for an attack, it can be assumed that they do not want to inform the enemy. Message encryption is the solution. The enemy will be able to listen to the messages but he will not be able to understand them if he does not know the encryption method or at least if he does not know the keys (secret variable elements known only to official correspondents (Kerckhoffs's principle)). Using encryption alone does not solve all security concerns. The cipher office (Chistelle) will have to set up the organization for the creation of keys, their distribution, their use and finally their destruction. Finally he will have to create procedures that will be applied in the event of a compromise (if one or more keys are discovered by the enemy) or in the event of loss of the means of encryption (cipher machine, keys, etc.).

Using the Enigma (Walzenlage, Steckerverbindungen, ...)

If the crypto-system used is an Enigma, the correspondents need to share secretly the same key, that is to say: The order of rotors (Walzenlage), the setting of the ring of each rotor (Ringstellung), the location of plugs (Steckerverbindungen) and the starting position of the rotors.

The keys (key list, message key, in-depth, size, period of duration...)

It is not possible to use the same key for all messages because in this case the enemy will have no problem to understand them.

Indeed, a neophyte might believe that the simple fact of using a cipher machine (compared to the use of a manual process) provides absolute security because its key space is astronomical. In fact, if the same key is used for several messages then these encrypted messages can be decrypted without even knowing the key (or even the cryptographic system). The quality of the encryption system is irrelevant.

The key is thus divided into two parts: a static part known by all correspondents and valid for a particular period of time, most often one day. The other part must be different for each message. For the Enigma, the shared key is the key of the day (Tageschlüssel). It includes the Walzenlage, the Ringstellung and the steckerverbindungen. This key is included in a keylist (Schlüsseltafel) which contains all the keys for the month and distributed from hand to hand to each correspondent in the network.

For each message, we will have a different key (Spruchschlüssel). It will correspond to the starting position of the rotors used to encrypt (and therefore decrypt) the message.

Also to avoid overlap (the main flaw in any cryptographic system), it is necessary to divide a network into several networks if the traffic becomes too important. Indeed, from a certain number of messages exchanged, the fact of having overlays (that messages, or part of them, have been encrypted with the same key) becomes inevitable. Other elements of the protocol also exist to limit the possibilities of overlap. For example, limit the validity of a key over time (to one day, one week, one month) and limit the size of messages (for example 250 characters).

Destruction of key lists

Whatever the encryption system used during WWII, old keys must be destroyed to improve security. An old key is a key that is no longer used. Indeed if the enemy captures it he can read all the messages that have been encrypted thanks to it. Thus the French cipher office during the war, recovered the key tables for the month and then destroyed them or else demanded from the units which held them an official report of destruction. The German approach was more subtle and more secure. Here is the state of an Enigma key table for the Gestapo network used for the month of August 1940 to August 21 in the evening (completely fictitious):

 - Gestapo  - Schlüsseltafel 453 - August  1940
Tag Walzenlage    Ringst.  Steckerverbindungen
 31 III  II   IV   U K P   JR MU OV CK AB EG IZ PT LY FQ
 30 IV   II   III  L X T   HS BL FY DM RT NZ KW JU GP IQ
 29 I    II   V    X P W   JZ CT GQ MN KU AI PR DW VY EL
 28 V    I    IV   V T I   KS JO DY ET IQ FX PV MR WZ BC
 27 IV   V    II   K F S   KS DM HW IZ CU PR FO JQ BL EY
 26 IV   I    III  P E Y   GM KO ES CI JN HR DL XZ AF UY
 25 I    V    II   W E K   HJ AW GK BP MQ UV CY TX EO DR
 24 IV   I    II   R Y V   BQ JW HN XY LR DG CV FP UZ IT
 23 III  IV   I    M F G   BG ST VW DK OY MX AE QR CF HI
 22 II   IV   III  N D W   GO EZ LM KU BD AF IP JR QS HV

Concretely, every day, usually around midnight, the head of the communication center (the signal officer) removes the key table from his safe and cuts out the last line (which corresponds to the configuration of the day, in the example the key of August 22) and gives it to the operators. They use it to set all the Enigmas in the center and then burn this piece of paper.

Indicator system

When a cipher clerk sends a ciphered message to his correspondent, he needs to transmit him every things needed to decipher it, especially the message key. The indicator contains precisely those information. The indicator is either in the header or in the cryptogram or partly in the header and partly in the cryptogram. To ensure the reliability of its transmission it is often repeated.

If the network membership isn't obvious (the radio call signs can indicate the network for example), the indicator must indicate which network is used (and so which key list is used).

When correspondents use several crypto-systems, the indicator must indicate which one was used.

Finally, it must contain the message key or information that allows it to be deduced.

A good indicator method is a central part of the security. For example, if the indicator contains in clear the starting position of the rotors, it will be easy to superimpose the messages in depth and thus decipher them. The history of the Enigma tells us that if, at first the wiring of the rotors of the Enigma was discovered and then the Enigma messages were read until May 1940, it is mainly because the Germans used a bad indicator system.

Destruction of the means of encryption

Using an encryption system need to foresee the worst: the enemy will soon invade the transmission center. Security requires that the means of encryption (the Enigma machine, the key tables, the user manuals) must be destroyed as well of course as the forms containing the clear messages and the cryptograms. In fact, anything that would allow the enemy to decipher past and future encrypted messages.

Compromise and emergency procedures

We have just indicated that a transmission center could be attacked and that its means of encryption (machines, key tables, procedures, etc.) could be captured. The cipher office can be made aware that a center is falling into enemy hands and considers that the staff did not have time to destroy the encryption means. In this case, the cipher service must imagine the worst and inform the compromise to all transmission centers that, either it is necessary to use another encryption system or to change the current key for another which results from a procedure not written and only memorized.

Drafting

• The Enigma only allows encryption of letters. The spaces, numbers and punctuation characters are excluded.
• The transmitted text must not facilitate the decryption by the enemy.

The genkeys software

I wrote a little program that generates key lists. It has several options, here is a simple example of use:

$ python3 genkeys.py
Usage:
 -h          This help
 -N nets     The number of Networks (by default one)
 -H header   Header, you can use this several times
             If nets > 1, the headers will be different
 -n          No Fields (remove the name of fields)
 -W n        The nomber of rotors [3,5,8], 5 by default
 -R          Ringstellung in letter (in number by default)
 -G          Grundstellung in letter (in number by default)
 -K          Print the Kennzeichnung in place of Kenngruppen
 -D          Print the key only for one day
 -M          Print a whole month (only one key by default)
 -S          Steckers in number (in letter by default)
 -P n        The numbers of steckers (10 by default)
             If a comma is present, that means -P min,max
 -C          The CSKO constraint applies
 -F fields   The fields, by default:  -F DWRSK
    D: Day, W: Walzenlage, R: Ringstellung, G: Grundstellung
    S: Steckers, K: Kenngruppen, E: Space, e: Space[in header]
    navy: Day(only one two), Walz above Ring
 -Z          Print numbers preceded by zero

$ python3 genkeys.py -M  
Tag Walzenlage    Ringst.    Steckerverbindungen            Kenngruppen
 31 III  V    II    7 20 17  CN FP EL BY GR HQ JS MT KX OW  eft tfi jln pok
 30 IV   III  I    16 26 26  GZ QU FY IO CS AT MV LX BE HK  zyn khc lno wfa
 29 V    II   I    26  2 20  VZ OR IQ LP AN EJ HK FY UX GT  ync kct bmz utl
 28 V    III  I    20  7 16  LQ CV SX AT ER FK PU MZ GH IN  lvk eig jmu frq
 27 III  V    II   20  9 16  FV AY QZ TU GX MP NO CH SW KR  tys ocw mgc iqp
…