Chaocipher

Last updated January 27, 2024

The Chaocipher^[1] is a cipher method invented by John Francis Byrne in 1918 and described in his 1953 autobiographical Silent Years.^[2] He believed Chaocipher was simple, yet unbreakable. Byrne stated that the machine he used to encipher his messages could be fitted into a cigar box. He offered cash rewards for anyone who could solve it.

Byrne tried unsuccessfully to interest the US Signal Corps and Navy in his system. Although numerous students of classical cryptanalysis attempted to solve the challenge messages over the years, none succeeded. For 90 years, the Chaocipher algorithm was a closely guarded secret known only to a handful of persons.

In May 2010 Byrne's daughter-in-law, Patricia Byrne, donated all Chaocipher-related papers and artifacts^[3] to the National Cryptologic Museum in Ft. Meade, Maryland, USA. This led to the disclosure of the Chaocipher algorithm.^[4]

Design

In Byrne's embodiment of Chaocipher, the system consists of two disks, referred to as the left and right disks, each having 26 equal-sized removable tabs around its periphery. These removable tabs contain the 26 letters of the alphabet (i.e., A through Z) in some prearranged order. On the circumference of each disk are studs that allow the two disks to 'engage' or interlock. When engaged, turning one disk in one direction (e.g., clockwise) will cause the other wheel to turn in the opposite direction (e.g., counterclockwise). The tabs are removable, meaning that a tab can be removed from the periphery, another block of tabs shifted, and the extracted tab inserted into an empty space in the periphery.

At any point in time, the disks can be engaged with each other so that moving one moves the other in the opposite direction. Similarly, engaged disks can be disengaged, at which point a disk can be turned without moving the other disk. Engagement and disengagement could conceivably be performed by placing a lever in one of two positions.

The two disks mentioned above sit on a platform consisting of two spindles.

On the platform around each disk are two marks known as the 'zenith' and the 'nadir.' The zenith can be thought of as 12 o'clock on an analog clock, while the nadir is 6 o'clock.

Operation

In its classic form, the Chaocipher system consists of two alphabets, with the right-side alphabet used for locating the plaintext letter, while the other ("left") alphabet is used for reading the corresponding ciphertext letter. The underlying algorithm is related to the concept of dynamic substitution^[5] whereby the two alphabets are slightly modified after each input plaintext letter is enciphered. This leads to nonlinear and highly diffused alphabets as encryption progresses.

Deciphering is identical to enciphering, with the ciphertext letter being located in the "left" alphabet while the corresponding plaintext letter is read from the "right" alphabet.

A detailed description of the Chaocipher algorithm is available^[4] as well as discussions of the deciphered plaintexts^[6] and the solution to Byrne's challenge.^[7]

Overview of the encryption process

Given left and right disks, enciphering a plaintext character consists of five steps:

Verify the left and right disks are engaged.
Rotate the plain (right) disk, bringing the desired plaintext letter to the zenith position.
Read the corresponding ciphertext letter at the zenith position on the cipher (left) disk.
Permute the left disk.
Permute the right disk.

These five steps are performed continuously until the plaintext input is exhausted. To illustrate the process we will encipher the first plaintext letter of Byrne's Exhibit 1 using the same alphabets and disk setting he used, as shown in Figure 1.

How to Encipher Plaintext

Locate the plaintext letter

Suppose we want to encipher the letter "A". Locate 'A' on the periphery of the plaintext (right) disk. You can see the plaintext letter highlighted in Figure 2.

While the disks are engaged, rotate the right disk to bring the plaintext letter 'A' to the zenith (Figure 3). Note how the left (cipher) disk rotates respectively in the opposite direction.

The letter in the zenith position on the cipher (left) disk is our ciphertext letter (i.e., 'C').

At this point we have completed the enciphering of a plaintext letter into ciphertext, i.e. 'A' (pt) was enciphered into 'C' (ct).

See the next section for instructions on performing Chaocipher's unique permuting of the two disks in preparation for enciphering the next plaintext letter.

Permuting the alphabets

Now that the plaintext letter and its corresponding ciphertext letter are known, proceed to permute the alphabets on both disks in preparation for enciphering the next plaintext letter.

Permute the left wheel

Permuting the left wheel's alphabet involves the following general steps (Figure 4):

Physically extract the letter tab found at position zenith-1 (i.e., one counter-clockwise position past the zenith) taking it out of the disk's alphabet, temporarily leaving an unfilled 'hole.'
Shift all letter tabs in positions zenith-2 (advancing counter-clockwise) down to and including the nadir (zenith-13), moving them in unison one position clockwise. This will close the current 'hole,' leaving a new 'hole' at the nadir position.
Insert the previously extracted letter tab into the empty nadir position.

Before performing the permuting step, the left disk should look like the diagram in Figure 4a.

Performing step (1), extract the letter at position zenith-1 (i.e., "P") leaving a momentary 'hole' at that position (Figure 4b).

For step (2) shift all letters in the counter-clockwise sequence beginning with zenith-2 ("E") down to and including the nadir ("O"), moving the sequence ("EDQRSTIXYLMO") as a complete block one position clockwise (Figure 4c).

In the final step (3), insert the extracted letter ("P") back into the alphabet at the nadir position. The left is now permuted and should now look like Figure 4d.

Permute the right wheel

Permuting the right disk is similar to that of the left disk, with small but significant differences. It consists of the following general steps (Figure 5):

Disengage the two disks, rotate the right disk one position counter-clockwise (i.e., the current letter at the zenith should rotate to position zenith-1), and reengage the two disks.
Physically extract the letter tab now found at position zenith+2 (i.e., two clockwise positions past the zenith) taking it out of the disk's alphabet, leaving a temporarily unfilled 'hole.'
Shift all letter tabs in positions zenith+3 down to and including the nadir (zenith+13), sliding them in unison one position counter-clockwise. This will close the current 'hole,' leaving a new 'hole' at the nadir position.
Insert the previously extracted letter tab into the empty nadir position.

Let's perform the above steps on the right disk using our example. The right disk should look like the diagram in Figure 5a. In this configuration the letter at the zenith is 'A'.

In step (1) first disengage the two disks. This allows rotating the right disk (see next step) without moving the left disk. Next, rotate the disk one position counter-clockwise, moving the letter 'Y' to the zenith position (Figure 5b). Lastly, reengage the two disks.

In step (2) extract the letter tab at position zenith+2 ('N') from the disk, temporarily leaving a 'hole' (Figure 5c).

In step (3) slide the eleven letter tabs from zenith+3 until zenith+13 (i.e., 'BQDSEFGHLWI') one position counter-clockwise. This closes up the 'hole' at zenith-2 while opening a new 'hole' at the nadir (Figure 5d).

For the final step ( 4) insert the previously extracted letter tab ("N") back into the disk at the nadir position. This completes permuting the right disk, which should now look like Figure 5e.

Reengaging the disks prepares the system for enciphering the next plaintext letter (Figure 6).

How to decrypt ciphertext

Deciphering a Chaocipher-encrypted message is identical to the steps used for enciphering. The sole difference is that the decipherer locates the known ciphertext letter in the left (cipher) disk, reading off the plaintext letter from the right (plain) disk. Left/right disk permuting is identical in enciphering and deciphering.

Points of interest

Henry E. Langen discussed Chaocipher with John F. Byrne

Henry E. Langen,^[8] editor of The American Cryptogram Association's newsletter The Cryptogram between 1952-1956, was quoted as saying "He did explain that the machine is made up somewhat like a typewriter with two revolving disks with the alphabets arranged along the periphery in a complete disorder [...] With only two disks used, I am a bit confused as to how this can result in such utter chaotification of the plaintext message."^[9]

Who knew how Chaocipher worked?

Although John F. Byrne presented Chaocipher challenge messages in his autobiographical "Silent Years", he never described how the system worked. Anyone tackling the challenge messages had to do so with no knowledge of the system.

Until 2010 at least three people knew how it worked: Byrne's son John, and two of the editors of Cryptologia to whom John confided the underlying method in 1990 (i.e., Lou Kruh and Cipher Deavours).^[10]

In August 2009, Moshe Rubin located Byrne's daughter-in-law Patricia Byrne (nee Neway) who, in May 2010, donated her father-in-law's Chaocipher artifacts and papers to the National Cryptologic Museum.^[11]

Related Research Articles

In cryptography, a cipher is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. An alternative, less common term is encipherment. To encipher or encode is to convert information into cipher or code. In common parlance, "cipher" is synonymous with "code", as they are both a set of steps that encrypt a message; however, the concepts are distinct in cryptography, especially classical cryptography.

The Enigma machine is a cipher device developed and used in the early- to mid-20th century to protect commercial, diplomatic, and military communication. It was employed extensively by Nazi Germany during World War II, in all branches of the German military. The Enigma machine was considered so secure that it was used to encipher the most top-secret messages.

In cryptography, a substitution cipher is a method of encrypting in which units of plaintext are replaced with the ciphertext, in a defined manner, with the help of a key; the "units" may be single letters, pairs of letters, triplets of letters, mixtures of the above, and so forth. The receiver deciphers the text by performing the inverse substitution process to extract the original message.

In cryptography, a transposition cipher is a method of encryption which scrambles the positions of characters (transposition) without changing the characters themselves. Transposition ciphers reorder units of plaintext according to a regular system to produce a ciphertext which is a permutation of the plaintext. They differ from substitution ciphers, which do not change the position of units of plaintext but instead change the units themselves. Despite the difference between transposition and substitution operations, they are often combined, as in historical ciphers like the ADFGVX cipher or complex high-quality encryption methods like the modern Advanced Encryption Standard (AES).

In cryptography, a Caesar cipher, also known as Caesar's cipher, the shift cipher, Caesar's code, or Caesar shift, is one of the simplest and most widely known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet. For example, with a left shift of 3, D would be replaced by A, E would become B, and so on. The method is named after Julius Caesar, who used it in his private correspondence.

<span class="mw-page-title-main">Vigenère cipher</span> Simple type of polyalphabetic encryption system

The Vigenère cipher is a method of encrypting alphabetic text where each letter of the plaintext is encoded with a different Caesar cipher, whose increment is determined by the corresponding letter of another text, the key.

In cryptography, unicity distance is the length of an original ciphertext needed to break the cipher by reducing the number of possible spurious keys to zero in a brute force attack. That is, after trying every possible key, there should be just one decipherment that makes sense, i.e. expected amount of ciphertext needed to determine the key completely, assuming the underlying message has redundancy.

An autokey cipher is a cipher that incorporates the message into the key. The key is generated from the message in some automated fashion, sometimes by selecting certain letters from the text or, more commonly, by adding a short primer key to the front of the message.

In cryptography, coincidence counting is the technique of putting two texts side-by-side and counting the number of times that identical letters appear in the same position in both texts. This count, either as a ratio of the total or normalized by dividing by the expected count for a random source model, is known as the index of coincidence, or IC for short.

In cryptography, a rotor machine is an electro-mechanical stream cipher device used for encrypting and decrypting messages. Rotor machines were the cryptographic state-of-the-art for much of the 20th century; they were in widespread use in the 1920s–1970s. The most famous example is the German Enigma machine, the output of which was deciphered by the Allies during World War II, producing intelligence code-named Ultra.

<span class="mw-page-title-main">Lorenz cipher</span> Cipher machines used by the German Army during World War II

The Lorenz SZ40, SZ42a and SZ42b were German rotor stream cipher machines used by the German Army during World War II. They were developed by C. Lorenz AG in Berlin. The model name SZ was derived from Schlüssel-Zusatz, meaning cipher attachment. The instruments implemented a Vernam stream cipher.

A straddling checkerboard is a device for converting an alphanumeric plaintext into digits whilst simultaneously achieving fractionation and data compression relative to other schemes using digits. It also is known as a monôme-binôme cipher.

In cryptography, the ADFGVX cipher was a manually applied field cipher used by the Imperial German Army during World War I. It was used to transmit messages secretly using wireless telegraphy. ADFGVX was in fact an extension of an earlier cipher called ADFGX which was first used on 1 March 1918 on the German Western Front. ADFGVX was applied from 1 June 1918 on both the Western Front and Eastern Front.

In cryptography, the M-209, designated CSP-1500 by the United States Navy is a portable, mechanical cipher machine used by the US military primarily in World War II, though it remained in active use through the Korean War. The M-209 was designed by Swedish cryptographer Boris Hagelin in response to a request for such a portable cipher machine, and was an improvement of an earlier machine, the C-36.

The Jefferson disk, also called the Bazeries cylinder or wheel cypher, was a cipher system commonly attributed to Thomas Jefferson that uses a set of wheels or disks, each with letters of the alphabet arranged around their edge in an order, which is different for each disk and is usually ordered randomly.

The trifid cipher is a classical cipher invented by Félix Delastelle and described in 1902. Extending the principles of Delastelle's earlier bifid cipher, it combines the techniques of fractionation and transposition to achieve a certain amount of confusion and diffusion: each letter of the ciphertext depends on three letters of the plaintext and up to three letters of the key.

The Two-square cipher, also called double Playfair, is a manual symmetric encryption technique. It was developed to ease the cumbersome nature of the large encryption/decryption matrix used in the four-square cipher while still being slightly stronger than the single-square Playfair cipher.

The Alberti Cipher, created in 1467 by Italian architect Leon Battista Alberti, was one of the first polyalphabetic ciphers. In the opening pages of his treatise De componendis cifris he explained how his conversation with the papal secretary Leonardo Dati about a recently developed movable type printing press led to the development of his cipher wheel.

Giovan Battista Bellaso was an Italian cryptologist.

BATCO, short for Battle Code, is a hand-held, paper-based encryption system used at a low, front line level in the British Army. It was introduced along with the Clansman combat net radio in the early 1980s and was largely obsolete by 2010 due to the wide deployment of the secure Bowman radios. BATCO consists of a code, contained on a set of vocabulary cards, and cipher sheets for superencryption of the numeric code words. The cipher sheets, which are typically changed daily, also include an authentication table and a radio call sign protection system.

References

↑ What is Chaocipher?, The Chaocipher Clearing House, retrieved August 8, 2010
↑ Byrne, J. F. 1953 . Silent Years: An Autobiography with Memoirs of James Joyce and Our Ireland . New York : Farrar, Straus, and Young (Reprinted in 1975 by Octagon Books, a division of Farrar, Straus, and Giroux).
↑ Chaocipher Machine and Papers Archived 2010-07-22 at the Wayback Machine National Cryptologic Museum, retrieved July 2, 2010
1 2 Rubin, Moshe (July 2, 2010). "Chaocipher Revealed: The Algorithm" (PDF). Retrieved July 3, 2010.
↑ Substitution Cipher with Pseudo-Random Shuffling: The Dynamic Substitution Combiner. Ritter, T. 1990. Cryptologia. 14(4): 289-303. Retrieved July 2, 2010
↑ Rubin, Moshe (August 8, 2010). "Chaocipher Revealed: Deciphering Exhibit #1" (PDF). Retrieved August 9, 2010.
↑ Cowan, Mike (December 2010). "Chaocipher: Solving Exhibits 1 and 4" (PDF). Archived from the original (PDF) on 2016-11-01.
↑ Henry E. Langen biographical information, The Chaocipher Clearing House, retrieved July 2, 2010
↑ Langen's entry for Chaocipher in his personal memoirs "Cryptography - Confidential"
↑ ?, ?. "The Tragic Story of J.F. Byrne." PurpleHunt.com. 1998. Aug 17, 2007 Archived August 7, 2007, at the Wayback Machine
↑ NCM acquires the Chaocipher artifacts and papers

External links

The Chaocipher Clearing House - Basic resources and analyses for working on the Chaocipher
The Crypto Forum - Discussion and analysis of the Chaocipher
Cracking Chaocipher - A visual description of how Chaocipher works, and an explanation of cracking Exhibit 1
Interesting ciphers and computer methods for solving - A review of Chaocipher.
Famous Unsolved Codes and Ciphers - Elonka Dunin's famous site dedicated to unsolved codes and ciphers, including Chaocipher. Retrieved April 23, 2014

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] What is Chaocipher?, The Chaocipher Clearing House, retrieved August 8, 2010

[2] Byrne, J. F. 1953 . Silent Years: An Autobiography with Memoirs of James Joyce and Our Ireland . New York : Farrar, Straus, and Young (Reprinted in 1975 by Octagon Books, a division of Farrar, Straus, and Giroux).

[3] Chaocipher Machine and Papers Archived 2010-07-22 at the Wayback Machine National Cryptologic Museum, retrieved July 2, 2010

[Revealed-4] 1 2 Rubin, Moshe (July 2, 2010). "Chaocipher Revealed: The Algorithm" (PDF). Retrieved July 3, 2010.

[5] Substitution Cipher with Pseudo-Random Shuffling: The Dynamic Substitution Combiner. Ritter, T. 1990. Cryptologia. 14(4): 289-303. Retrieved July 2, 2010

[6] Rubin, Moshe (August 8, 2010). "Chaocipher Revealed: Deciphering Exhibit #1" (PDF). Retrieved August 9, 2010.

[7] Cowan, Mike (December 2010). "Chaocipher: Solving Exhibits 1 and 4" (PDF). Archived from the original (PDF) on 2016-11-01.

[8] Henry E. Langen biographical information, The Chaocipher Clearing House, retrieved July 2, 2010

[9] Langen's entry for Chaocipher in his personal memoirs "Cryptography - Confidential"

[10] ?, ?. "The Tragic Story of J.F. Byrne." PurpleHunt.com. 1998. Aug 17, 2007 Archived August 7, 2007, at the Wayback Machine

[11] NCM acquires the Chaocipher artifacts and papers

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]