M-209 homepage
|
There are many books on Enigma. Several books talk about M-209 among
others things, but only one is dedicated to it. It is the Barker's
book "Cryptanalysis Of the Hagelin Cryptograph".
Battle of Wits, The Complete Story of Codebreaking in World
in World War II – by Stephen Budiansky – 2000
In fact, this book talks only of the Allied codebreakers. About
M-209, there are only few words: "… German POWs and captured
documents would reveal periodically throughout the war that German
Army field units were also breaking the American M-209 cipher
machine, though this was a fairly insecure device used for
enciphering tactical signals, made all the more insecure by the
fact that it was so difficult to reset the rotors that operators
tented to reuse settings day after day." The author is not
familiar with M-209. In fact, it was very easy to reset the rotors
and then to have several messages in depth (this was the main flaw
of the M-209). The operators didn't choose the Internal setting,
it was imposed by SOI documents. Generally, there was a key by day.
Cipher Systems, The Protection of Communications –
by Henry Beker & Fred Piper - 1982
This book talks about modern cryptography (Block Cipher, Public
Key, …), but almost a chapter is dedicated to cryptanalysis of
M-209 (plain text attack and crypto-alone attack).
Codes and Ciphers, Julius Caesar, the Enigma, and the internet –
by Robert Churchhouse – 2002
This book talks about the cryptanalysis from very simple methods
to modern cipher methods. The author uses a mathematical approach
but very simple to understand. A chapter is dedicated to M-209.
The Code Book – by Simon Singh – 1999
This popular book does not say a single word on the M-209, amazing!
Codebreakers, Arne Beurling and the Swedish crypto program
during World War II – by Bengt Beckman - 2002
This book talks principally about the A. Burling's success against
the German cipher machine T-52 but few pages describe the invention
of B-21, C-35/C-36 and M-206 by Boris Hagelin.
Codebreakers' victory, How the Allied Cryptographers Won World
War II – by Hervie Haufler – 2003
Excerpt : "The Russians ...They also made some field use of
hagelin's M-209 machines, which they received in lend-lease from the
U.S. and copied." Personally, I have not seen this information
anywhere, so I am very dubious.
The CodeBreakers, The Comprehensive History of Secret
Communication from Ancient Times to the Internet – by David
Kahn – 1967, 1996
This is the most famous book about the history of Cryptology.
Obviously, several pages are dedicated to Hagelin's machines and
particularly to M-209. Excerpt :
"The O.S.S. Employed a variety of other cryptographic systems for
inter-communication among its branches in London, Chunking, Karachi,
Burma, North Africa, and other places around the world. It had
on-time pads, with random numbers generated by I.B.M. Machines,
SIGABAS, which it called ''Berthas'', M-209s, and strips."
Cryptanalysis Of the Hagelin Cryptograph – by Wayne G. Barker
– 1977
This book is my "bible" about M-209: At first, it describes in
details the working of M-209. Then it gives the methods to break
messages ciphered by machines with only one wheel, then two wheels
until six wheels. It describes too a crypto-alone attack method on
a message of only 800 characters … but ciphered with only four
wheels! In the Barker's book there is a challenge with several
messages of 1000 characters. They were broken only in 2015 by
Georges Lasry.
Cryptology, Yesterday, Today, and Tomorrow – by C.A. Deavours
& all - 1987
This book gathers several articles from Cryptologia review, among
them some deal with M-209 :
-
Statistical Analysis of the Hagelin Cryptograph by Ronald L.
Rivest, 1981.
-
The Hagelin Cipher Machine (M-209) : Reconstruction of the
Internal Settings, by Robert Morris, 1978. This article is
very famous in the history of M-209 cryptanalysis. It
describes clearly how to find the Internal key when 75 letters
of plain text are known.
-
Solving a Hagelin, Type CD-57, Cipher by Wayne G. Barker, 1978.
In this article, Barker finds a CD-57 key thanks to two messages
in depth. The position of superimposition is found using a
probable word.
Decrypted Secrets, Methods and Maxims of Cryptology – F.L.
Bauer, Springer – 2002
This book is dedicated to classical Cryptography and Cryptanalysis.
It covers manual methods and cipher machines. There are many pages
about M-209, but it contains an error which comes from the C.A.
Deavers and L. Kruh's book (Machine Crytpography and modern
cryptanalysis): "Messages of over 1000 characters are in any case
at risk, since automatic decryption techniques for the M-209, for
example, work well with a message of about 800 characters or more …"
Delusions of Intelligence, Enigma, Ultra, and the End of
Secure Ciphers – by R.A. Ratcliff – 2006
This book contains some pictures and some interresting information
about M-209. Excerpts :
"...Heer cryptanalysts began attacking the American M-209, a
hand-held cipher they called a ''machine'' cipher. The M-209 (code
named AM-1 by the Germans) operated mechanically, not electrically.
Far more portable than the Enigma, M-209 apparead in all the
theaters where Americans fought, carrying tactical-grade information.
Well before D-Day, the Heer cryptanalysts exploited two types of
weakness in the M-209 : physical capture of key lists and messages
in ''depth''.
The German quickly discovered the vulnerability of the M-209 to
depths (more than one message being encrypted at the same or nearly
the same setting). Two German cryptanalysts, Herbert Schwartz and
Werner Graupe, described the cracking of M-209 signals to their
captors in late 1944. They noted that in five days they could locate
the set of similar messages and then establish the internal settings
of the M-209 that sent them. Since decryption of these messages took
about five days, ''the value of cracking this code ..lay...in the
order of battle information, casualtry figures and personality data
which it was valuable to learn even after five days's delay''.
Consistently they read 10 percent of all M-209 trafic in the
European theater."
Mr Ratcliff cites his sources :
NARA : RG 457 HCC Box 1367 NR 4263 - Reports on Enemy Successes
Against U.S. Crypto Systems, 17 may 1945 ; pp. 4-5.
NARA : RG 457 HCC Box 769, NR 1995 – Reports on Iterrogation of
Werner Graupe and Herbet Schartz, 9 December 1944, p 10.
"The U.S. Signal Security Service conducted a ''cryptographic
security survey of other government departments'', including the
State Department. They also had units to attack the security of
all military systems. One unit, headed by Margaret Evans Lerche,
took on the popular M-209 (a medium-grade nonelectric rotor cipher).
The unit broke this widely used machine numerous times in several
different ways. The first SIS attack on the M-209 in 1942 found
several possible methodes of acquiring material sufficient for an
inital break. When they studied ''live'' trafic from the battles
in Europe, the team reconstructed keys and read serveral days'
signals. They urged better security trainning for operators and
noted that the forces using M-029s in North Africa had demonstrated
improved security. With this proff of M-209's weaknesses, the
Americans did not remove the system completely but rather limited
its use to information of only short-term value to the enemy."
NARA : RG 457 HCC Box 1019 NR 3242 – Weekly Notes on Cryptanalytic
Efforts Against U.S. Equipments, 1943-45.
NARA : RG 457 HCC Box 1124 R 3609 – Research and Development of
Cryptogaphic Equipments 1918-45.
"The breaks into M-209, perphaps the most widely used and most
insecure mechanical U.S. system, came almost exclusively from depths.
These depths into the ''American Hagelin'' as the German called it,
all stemmed from errors such as sloppily repeated mssages, reuse of
identical indicators, and similar security violations. None of the
Wehrmacht's cryptanalysts seems to have expanded these lucky breaks
into a more systematic compomise of the system. In spite of having
known the general weaknesses of Hagelin machines for years, even the
OKW/Chi's experts considered ''common and regular solution
impossible''.
Dr. Erich Hüttenhain in NARA : RG 457 HCC Box 1006 NR 3142 –
Statements by POWs, p 5.
"In the case of the tactical cipher machine M-209, the Americans
had postwar confirmation that the machine had been read. Yet, the
U.S. military continued to include the M-209 in its cryptographic
inventory through the Korean War. Only early in the Vietnam War,
when a speech ciphony system known as the KY-8 became available,
did the United States retire M-209. One reason for the long wait
for M-209's replacement may very well have been the considerable
costs involved..."
Reference : Mr Ratcliff is indebted to Robert J. Hanyok of NSA for
this point.
Ghosts of the ETO: American Tactical Deception Units in the
European Theater 1944-1945, by Jonathan Gawne, Casemate Publishers
(2007)
This book tells the deception operations done by the men of th US 23rd
Special Troops against the German Army during WWII.
Excerpts:
Operation ELSENBORN (dec. 1944)
... Going out over the name of William C. Westomerelad, chief of staff
of the 9th Infantry Division (and later commander of U.S. forces in VietNam),
was the order for a radio operation test:
1. Commencing at 1400 on ____ October 1944 the following messages
(encipherred by means of the M-209 Converter) will be transmitted on
your ___net. The net control station will divide the traffic as equally
as possible among the subordinate stations.
2. All stations will turn in their logs and files covering these
transmissions to the Division Signal Officer.
What followed was a list of sixteen messages ranging from (message #1)
"Patrols third Bn have taken seven enemy prisoners," to (message # 16)
"Activity slight. Baker and Charlie reported nothing and Able reported
only slight patrol action. Dog Company had some trouble in their sector
by OK now".
What this did was set the stage for the Germans to see that American
divisions in a rest area might be called upon to test their equipment and
operators' competency wiht transmissions and cipher machines. When the 9th
moved out, the Germans would not suspect anything when 4th Division
radios began sending the same type of test messages. It was even possible
that a German agent might hear some grumbling from signalmen who had to
give up some of their free time to takje part in some ridiculous radio
test....
Hitler's Codebreakers, German Signals Intelligence in World
War 2 – by John Jackson – 2012
This book describes the German successes during WW2, among them,
their attacks on M-209. Unfortunately it lacks TICOM documents
references that are the basis of this book.
Inside Enigma, The secrets of the Enigma and other Historic
Cipher Machines – by Professor Tom Perera - 2010
This book is dedicated to Enigma but it contains several pages
about M-209 with many pictures. It contains too the TM 11-380
manual of 1944.
Machine Cryptogaphy and Modern Cryptanalysis – Cipher A.
Deavours and Louis Kruh – 1985
This book describes the principal cipher machines and the methods
to attack them. About M-209, this book gives an example of
ciphering and an example of Morris's method attack with know plain
text. Unhappily, it states wrongly (in 1985) that only a message
of 800 letters long is enough to find the key :
"Analysis of Hagelin lug and pin machines using only ciphertext is
also possible under certain circontstances ...The best publicly
known techniques using these types of methods require a cryptogram
of at lesat 800 (M-209) characters to have a chance at solution."
Remark: The crypto-only attack method known in 1985 needed several
thousand of letters to hope to be successful. A method which needs
only 800 characters was published only in 2015.
Manual of Cryptography – General L. Sacco – 1941
This book describes the cipher methods and how to break them.
About Hagelin serie C cipher machines, it describes the
Kerckhoffs's superimposition method. The example given uses three
messages ciphered by the same key.
Military Cryptanalytics, Part II – Volume 2 – By Lambros D.
Callimahos and William F. Friedman - 1985
The ciphering of a message by M-209 is described in details.
Selections from CRYPTOLOGIA, History, People, and Technology –
C.A. Deavours & all – 1998
This book contains several articles from Cryptologia review
related with M-209 and more generally with Hagelin serie C machines:
- The Story of Hagelin Cryptos – Boris C. W. Hagelin, edited by
David Kahn – 1994 :
Among other things, this article describes the invention of
B-21, C-35/C-36, C-38 and the negotiations with the Americans
that led to the production of the M-209.
-
The Cryptogaphic services of the Royal (British) and Italian
navies A comparative analysis of their activies during
analysis World War II – Rear Admiral Luigi Domini, tranlated
by Augusto Buonafalce. - 1990. This article describes the
using of cipher machine C38m by Italians. It describes too
the indicator procedure and the attack by probable word when
the Internal key was known.
|