SIGABA

Last updated August 09, 2023

In the history of cryptography, the ECM Mark II was a cipher machine used by the United States for message encryption from World War II until the 1950s. The machine was also known as the SIGABA or Converter M-134 by the Army, or CSP-888/889 by the Navy, and a modified Navy version was termed the CSP-2900.

History

It was clear to US cryptographers well before World War II that the single-stepping mechanical motion of rotor machines (e.g. the Hebern machine) could be exploited by attackers. In the case of the famous Enigma machine, these attacks were supposed to be upset by moving the rotors to random locations at the start of each new message. This, however, proved not to be secure enough, and German Enigma messages were frequently broken by cryptanalysis during World War II.

William Friedman, director of the US Army's Signals Intelligence Service, devised a system to correct for this attack by truly randomizing the motion of the rotors. His modification consisted of a paper tape reader from a teletype machine attached to a small device with metal "feelers" positioned to pass electricity through the holes. When a letter was pressed on the keyboard the signal would be sent through the rotors as it was in the Enigma, producing an encrypted version. In addition, the current would also flow through the paper tape attachment, and any holes in the tape at its current location would cause the corresponding rotor to turn, and then advance the paper tape one position. In comparison, the Enigma rotated its rotors one position with each key press, a much less random movement. The resulting design went into limited production as the M-134 Converter, and its message settings included the position of the tape and the settings of a plugboard that indicated which line of holes on the tape controlled which rotors. However, there were problems using fragile paper tapes under field conditions.

Friedman's associate, Frank Rowlett, then came up with a different way to advance the rotors, using another set of rotors. In Rowlett's design, each rotor must be constructed such that between one and four output signals were generated, advancing one or more of the rotors (rotors normally have one output for every input). There was little money for encryption development in the US before the war, so Friedman and Rowlett built a series of "add on" devices called the SIGGOO (or M-229) that were used with the existing M-134s in place of the paper tape reader. These were external boxes containing a three rotor setup in which five of the inputs were live, as if someone had pressed five keys at the same time on an Enigma, and the outputs were "gathered up" into five groups as well — that is all the letters from A to E would be wired together for instance. That way the five signals on the input side would be randomized through the rotors, and come out the far side with power in one of five lines. Now the movement of the rotors could be controlled with a day code, and the paper tape was eliminated. They referred to the combination of machines as the M-134-C.

In 1935 they showed their work to Joseph Wenger, a cryptographer in the OP-20-G section of the U.S. Navy. He found little interest for it in the Navy until early 1937, when he showed it to Commander Laurance Safford, Friedman's counterpart in the Office of Naval Intelligence. He immediately saw the potential of the machine, and he and Commander Seiler then added a number of features to make the machine easier to build, resulting in the Electric Code Machine Mark II (or ECM Mark II), which the navy then produced as the CSP-889 (or 888).

SIGABA is described in U.S. Patent 6,175,625, filed in 1944 but not issued until 2001. SIGABA-patent.png — SIGABA is described in U.S. Patent 6,175,625 , filed in 1944 but not issued until 2001.

Oddly, the Army was unaware of either the changes or the mass production of the system, but were "let in" on the secret in early 1940. In 1941 the Army and Navy joined in a joint cryptographic system, based on the machine. The Army then started using it as the SIGABA. Just over 10,000 machines were built.^[1]^{: p. 152}

On 26 June 1942, the Army and Navy agreed not to allow SIGABA machines to be placed in foreign territory except where armed American personnel were able to protect the machine.^[2] The SIGABA would be made available to another Allied country only if personnel of that country were denied direct access to the machine or its operation by an American liaison officer who would operate it.^[2]

Description

SIGABA was similar to the Enigma in basic theory, in that it used a series of rotors to encipher every character of the plaintext into a different character of ciphertext. Unlike Enigma's three rotors however, the SIGABA included fifteen, and did not use a reflecting rotor.

The SIGABA had three banks of five rotors each; the action of two of the banks controlled the stepping of the third.

The main bank of five rotors was termed the cipher rotors (Army) or alphabet maze (Navy) and each rotor had 26 contacts. This assembly acted similarly to other rotor machines, such as the Enigma; when a plaintext letter was entered, a signal would enter one side of the bank and exit the other, denoting the ciphertext letter. Unlike the Enigma, there was no reflector.
The second bank of five rotors was termed the control rotors or stepping maze. These were also 26-contact rotors. The control rotors received four signals at each step. After passing through the control rotors, the outputs were divided into ten groups of various sizes, ranging from 1–6 wires. Each group corresponded to an input wire for the next bank of rotors.
The third bank of rotors was called the index rotors. These rotors were smaller, with only ten contacts, and did not step during the encryption. After travelling though the index rotors, one to four of five output lines would have power. These then turned the cypher rotors.

The rotors (wheels) and rotor unit SIGABA-rotor-unit.jpg — The rotors (wheels) and rotor unit

The SIGABA advanced one or more of its main rotors in a complex, pseudorandom fashion. This meant that attacks which could break other rotor machines with simpler stepping (for example, Enigma) were made much more complex. Even with the plaintext in hand, there were so many potential inputs to the encryption that it was difficult to work out the settings.

On the downside, the SIGABA was also large, heavy, expensive, difficult to operate, mechanically complex, and fragile. It was nowhere near as practical a device as the Enigma, which was smaller and lighter than the radios with which it was used. It found widespread use in the radio rooms of US Navy ships, but as a result of these practical problems the SIGABA simply couldn't be used in the field. In most theatres other systems were used instead, especially for tactical communications. One of the most famous was the use of Navajo code talkers for tactical field communications in the Pacific Theater. In other theatres, less secure, but smaller, lighter, and sturdier machines were used, such as the M-209. SIGABA, impressive as it was, was overkill for tactical communications. This said, new speculative evidence emerged more recently that the M-209 code was broken by German cryptanalysts during World War II.^[3]

Operation

Because SIGABA did not have a reflector, a 26+ pole switch was needed to change the signal paths through the alphabet maze between the encryption and decryption modes. The long “controller” switch was mounted vertically, with its knob on the top of the housing. See image. It had five positions, O, P, R, E and D. Besides encrypt (E) and decrypt (D), it had a plain text position (P) that printed whatever was typed on the output tape, and a reset position (R) that was used to set the rotors and to zeroize the machine. The O position turned the machine off. The P setting was used to print the indicators and date/time groups on the output tape. It was the only mode that printed numbers. No printing took place in the R setting, but digit keys were active to increment rotors.

During encryption, the Z key was connected to the X key and the space bar produced a Z input to the alphabet maze. A Z was printed as a space on decryption. The reader was expected to understand that a word like “xebra” in a decrypted message was actually “zebra.” The printer automatically added a space between each group of five characters during encryption.

The SIGABA was zeroized when all the index rotors read zero in their low order digit and all the alphabet and code rotors were set to the letter O. Each rotor had a cam that caused the rotor to stop in the proper position during the zeroize process.

SIGABA's rotors were all housed in a removable frame held in place by four thumb screws. This allowed the most sensitive elements of the machine to be stored in more secure safes and to be quickly thrown overboard or otherwise destroyed if capture was threatened. It also allowed a machine to quickly switch between networks that used different rotor orders. Messages had two 5- character indicators, an exterior indicator that specified the system being used and the security classification and an interior indicator that determined the initial settings of the code and alphabet rotors. The key list included separate index rotor settings for each security classification. This prevented lower classification messages from being used as cribs to attack higher classification messages.

The Navy and Army had different procedures for the interior indicator. Both started by zeroizing the machine and having the operator select a random 5-character string for each new message. This was then encrypted to produce the interior indicator. Army key lists included an initial setting for the rotors that was used to encrypt the random string. The Navy operators used the keyboard to increment the code rotors until they matched the random character string. The alphabet rotor would move during this process and their final position was the internal indicator. In case of joint operations, the Army procedures were followed.

The key lists included a “26-30” check string. After the rotors were reordered according to the current key, the operator would zeroize the machine, encrypt 25 characters and then encrypt “AAAAA”. The ciphertext resulting from the five A's had to match the check string. The manual warned that typographical errors were possible in key lists and that a four character match should be accepted.

The manual also gave suggestions on how to generate random strings for creating indicators. These included using playing cards and poker chips, to selecting characters from cipher texts and using the SIGABA itself as a random character generator. ^[4]

Security

Although the SIGABA was extremely secure, the US continued to upgrade its capability throughout the war, for fear of the Axis cryptanalytic ability to break SIGABA's code. When the German's ENIGMA messages and Japan's Type B Cipher Machine were broken, the messages were closely scrutinized for signs that Axis forces were able to read the US cryptography codes. Axis prisoners of war (POWs) were also interrogated with the goal of finding evidence that US cryptography had been broken. However, both the Germans and Japanese were not making any progress in breaking the SIGABA code. A decrypted JN-A-20 message, dated 24 January 1942, sent from the naval attaché in Berlin to vice chief of Japanese Naval General Staff in Tokyo stated that "joint Jap[anese]-German cryptanalytical efforts" to be "highly satisfactory", since the "German[s] have exhibited commendable ingenuity and recently experienced some success on English Navy systems", but are "encountering difficulty in establishing successful techniques of attack on 'enemy' code setup". In another decrypted JN-A-20 message, the Germans admitted that their progress in breaking US communications was unsatisfactory. The Japanese also admitted in their own communications that they had made no real progress against the American cipher system. In September 1944, when the Allies were advancing steadily on the Western front, the war diary of the German Signal Intelligence Group recorded: "U.S. 5-letter traffic: Work discontinued as unprofitable at this time".^[5]

SIGABA systems were closely guarded at all times, with separate safes for the system base and the code-wheel assembly, but there was one incident where a unit was lost for a time. On February 3, 1945, a truck carrying a SIGABA system in three safes was stolen while its guards were visiting a brothel in recently liberated Colmar, France. General Eisenhower ordered an extensive search, which finally discovered the safes six weeks later in a nearby river.^[6]^{: pp.510–512}

Interoperability with Allied counterparts

The need for cooperation among the US/British/Canadian forces in carrying out joint military operations against Axis forces gave rise to the need for a cipher system that could be used by all Allied forces. This functionality was achieved in three different ways. Firstly, the ECM Adapter (CSP 1000), which could be retrofitted on Allied cipher machines, was produced at the Washington Naval Yard ECM Repair Shop. A total of 3,500 adapters were produced.^[5] The second method was to adapt the SIGABA for interoperation with a modified British machine, the Typex. The common machine was known as the Combined Cipher Machine (CCM), and was used from November 1943.^[2] Because of the high cost of production, only 631 CCMs were made. The third way was the most common and most cost-effective. It was the "X" Adapter manufactured by the Teletype Corporation in Chicago. A total of 4,500 of these adapters were installed at depot-level maintenance facilities.^[5]

Related Research Articles

In cryptography, a cipher is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. An alternative, less common term is encipherment. To encipher or encode is to convert information into cipher or code. In common parlance, "cipher" is synonymous with "code", as they are both a set of steps that encrypt a message; however, the concepts are distinct in cryptography, especially classical cryptography.

<span class="mw-page-title-main">Cryptanalysis</span> Study of analyzing information systems in order to discover their hidden aspects

Cryptanalysis refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic security systems and gain access to the contents of encrypted messages, even if the cryptographic key is unknown.

The Enigma machine is a cipher device developed and used in the early- to mid-20th century to protect commercial, diplomatic, and military communication. It was employed extensively by Nazi Germany during World War II, in all branches of the German military. The Enigma machine was considered so secure that it was used to encipher the most top-secret messages.

In cryptography, the one-time pad (OTP) is an encryption technique that cannot be cracked, but requires the use of a single-use pre-shared key that is larger than or equal to the size of the message being sent. In this technique, a plaintext is paired with a random secret key. Then, each bit or character of the plaintext is encrypted by combining it with the corresponding bit or character from the pad using modular addition.

In the history of cryptography, Typex machines were British cipher machines used from 1937. It was an adaptation of the commercial German Enigma with a number of enhancements that greatly increased its security. The cipher machine was used until the mid-1950s when other more modern military encryption systems came into use.

In cryptography, a substitution cipher is a method of encrypting in which units of plaintext are replaced with the ciphertext, in a defined manner, with the help of a key; the "units" may be single letters, pairs of letters, triplets of letters, mixtures of the above, and so forth. The receiver deciphers the text by performing the inverse substitution process to extract the original message.

In the history of cryptography, the "System 97 Typewriter for European Characters" or "Type B Cipher Machine", codenamed Purple by the United States, was an encryption machine used by the Japanese Foreign Office from February 1939 to the end of World War II. The machine was an electromechanical device that used stepping-switches to encrypt the most sensitive diplomatic traffic. All messages were written in the 26-letter English alphabet, which was commonly used for telegraphy. Any Japanese text had to be transliterated or coded. The 26-letters were separated using a plug board into two groups, of six and twenty letters respectively. The letters in the sixes group were scrambled using a 6 × 25 substitution table, while letters in the twenties group were more thoroughly scrambled using three successive 20 × 25 substitution tables.

<span class="mw-page-title-main">Hebern rotor machine</span> Electro-mechanical encryption machine

The Hebern Rotor Machine was an electro-mechanical encryption machine built by combining the mechanical parts of a standard typewriter with the electrical parts of an electric typewriter, connecting the two through a scrambler. It is the first example of a class of machines known as rotor machines that would become the primary form of encryption during World War II and for some time after, and which included such famous examples as the German Enigma.

In cryptography, a rotor machine is an electro-mechanical stream cipher device used for encrypting and decrypting messages. Rotor machines were the cryptographic state-of-the-art for much of the 20th century; they were in widespread use in the 1920s–1970s. The most famous example is the German Enigma machine, the output of which was deciphered by the Allies during World War II, producing intelligence code-named Ultra.

Articles related to cryptography include:

Cryptography, the use of codes and ciphers to protect secrets, began thousands of years ago. Until recent decades, it has been the story of what might be called classical cryptography — that is, of methods of encryption that use pen and paper, or perhaps simple mechanical aids. In the early 20th century, the invention of complex mechanical and electromechanical machines, such as the Enigma rotor machine, provided more sophisticated and efficient means of encryption; and the subsequent introduction of electronics and computing has allowed elaborate schemes of still greater complexity, most of which are entirely unsuited to pen and paper.

The bombe was an electro-mechanical device used by British cryptologists to help decipher German Enigma-machine-encrypted secret messages during World War II. The US Navy and US Army later produced their own machines to the same functional specification, albeit engineered differently both from each other and from Polish and British bombes.

In cryptography, the M-209, designated CSP-1500 by the United States Navy is a portable, mechanical cipher machine used by the US military primarily in World War II, though it remained in active use through the Korean War. The M-209 was designed by Swedish cryptographer Boris Hagelin in response to a request for such a portable cipher machine, and was an improvement of an earlier machine, the C-36.

Cryptanalysis of the Enigma ciphering system enabled the western Allies in World War II to read substantial amounts of Morse-coded radio communications of the Axis powers that had been enciphered using Enigma machines. This yielded military intelligence which, along with that from other decrypted Axis radio and teleprinter transmissions, was given the codename Ultra.

Cryptography was used extensively during World War II because of the importance of radio communication and the ease of radio interception. The nations involved fielded a plethora of code and cipher systems, many of the latter using rotor machines. As a result, the theoretical and practical aspects of cryptanalysis, or codebreaking, were much advanced.

The TSEC/KL-7, also known as Adonis was an off-line non-reciprocal rotor encryption machine. The KL-7 had rotors to encrypt the text, most of which moved in a complex pattern, controlled by notched rings. The non-moving rotor was fourth from the left of the stack. The KL-7 also encrypted the message indicator.

Below is a timeline of notable events related to cryptography.

<span class="mw-page-title-main">Combined Cipher Machine</span> WWII-era Allied cipher system

The Combined Cipher Machine (CCM) was a common cipher machine system for securing Allied communications during World War II and, for a few years after, by NATO. The British Typex machine and the US ECM Mark II were both modified so that they were interoperable.

<span class="mw-page-title-main">SIGCUM</span> US encryption machine, in use from 1943 until the 1960s

SIGCUM, also known as Converter M-228, was a rotor cipher machine used to encrypt teleprinter traffic by the United States Army. Hastily designed by William Friedman and Frank Rowlett, the system was put into service in January 1943 before any rigorous analysis of its security had taken place. SIGCUM was subsequently discovered to be insecure by Rowlett, and was immediately withdrawn from service. The machine was redesigned to improve its security, reintroduced into service by April 1943, and remained in use until the 1960s.

Cryptanalysis of the Lorenz cipher was the process that enabled the British to read high-level German army messages during World War II. The British Government Code and Cypher School (GC&CS) at Bletchley Park decrypted many communications between the Oberkommando der Wehrmacht in Berlin and their army commands throughout occupied Europe, some of which were signed "Adolf Hitler, Führer". These were intercepted non-Morse radio transmissions that had been enciphered by the Lorenz SZ teleprinter rotor stream cipher attachments. Decrypts of this traffic became an important source of "Ultra" intelligence, which contributed significantly to Allied victory.

References

Notes

↑ Jason Fagone (26 September 2017). The Woman Who Smashed Codes: A True Story of Love, Spies, and the Unlikely Heroine Who Outwitted America's Enemies. HarperCollins. ISBN 978-0-06-243050-2.
1 2 3 Sterling, Christopher H (2008). Military Communications: From Ancient Times to the 21st Century. USA: ABC-CLIO. p. 565. ISBN 9781851097326.
↑ Schmeh, Klaus (September 23, 2004). "Als deutscher Code-Knacker im Zweiten Weltkrieg" [As a German code-breaker in World War II]. Heise Online (in German). Retrieved March 26, 2019.
↑ CSP-1100 (C) Operating Instructions for ECM Mark 2 and CCM Mark 1, U.S.Department of the Navy, 1944
1 2 3 4 Timothy, Mucklow (2015). The SIGABA / ECM II Cipher Machine : "A Beautiful Idea" (PDF). Fort George G. Meade: Center for Cryptologic History, National Security Agency. Archived from the original (PDF) on 15 May 2017. Retrieved 6 January 2020.
↑ Kahn, David (1967). The Codebreakers: The Story of Secret Writing. New York: The Macmillan Company. ISBN 978-0-684-83130-5. OCLC 59019141

Sources

Mark Stamp, Wing On Chan, "SIGABA: Cryptanalysis of the Full Keyspace", Cryptologia v 31, July 2007, pp 201–2222
Rowlett wrote a book about SIGABA (Aegean Press, Laguna Hills, California).
Michael Lee, "Cryptanalysis of the Sigaba", Masters Thesis, University of California, Santa Barbara, June 2003 (PDF) (PS).
John J. G. Savard and Richard S. Pekelney, "The ECM Mark II: Design, History and Cryptology", Cryptologia, Vol 23(3), July 1999, pp211–228.
Crypto-Operating Instructions for ASAM 1, 1949, .
CSP 1100(C), Operating Instructions for ECM Mark 2 (CSP 888/889) and CCM Mark 1 (CSP 1600), May 1944, .
George Lasry, "A Practical Meet-in-the-Middle Attack on SIGABA", 2nd International Conference on Historical Cryptology, HistoCrypt 2019 .
George Lasry, "Cracking SIGABA in less than 24 hours on a consumer PC", Cryptologia, 2021 .

External links

Electronic Cipher Machine (ECM) Mark II by Rich Pekelney
SIGABA simulator for Windows
Code Book Tool for the Sigaba Simulator (Windows 2000-XP)
The ECM Mark II, also known as SIGABA, M-134-C, and CSP-889 — by John Savard
Cryptanalysis of SIGABA, Michael Lee, University of California Santa Barbara Masters Thesis, 2003
The SIGABA ECM Cipher Machine - A Beautiful Idea
A Practical Meet-in-the-Middle Attack on SIGABA by George Lasry

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[Fagone2017-1] Jason Fagone (26 September 2017). The Woman Who Smashed Codes: A True Story of Love, Spies, and the Unlikely Heroine Who Outwitted America's Enemies. HarperCollins. ISBN 978-0-06-243050-2.

[Sterling-2] 1 2 3 Sterling, Christopher H (2008). Military Communications: From Ancient Times to the 21st Century. USA: ABC-CLIO. p. 565. ISBN 9781851097326.

[3] Schmeh, Klaus (September 23, 2004). "Als deutscher Code-Knacker im Zweiten Weltkrieg" [As a German code-breaker in World War II]. Heise Online (in German). Retrieved March 26, 2019.

[4] CSP-1100 (C) Operating Instructions for ECM Mark 2 and CCM Mark 1, U.S.Department of the Navy, 1944

[NSA-5] 1 2 3 4 Timothy, Mucklow (2015). The SIGABA / ECM II Cipher Machine : "A Beautiful Idea" (PDF). Fort George G. Meade: Center for Cryptologic History, National Security Agency. Archived from the original (PDF) on 15 May 2017. Retrieved 6 January 2020.

[kahn1967-6] Kahn, David (1967). The Codebreakers: The Story of Secret Writing. New York: The Macmillan Company. ISBN 978-0-684-83130-5. OCLC 59019141

[1]

[2]

[3]

[4]

[5]

[6]