M-209 vs
Enigma:
Regarding the
cryptologic strength of the M-209 machine versus the plugboard Enigma, the
expert on classical cipher systems George
Lasry (15) has stated:
‘One comment about the security of the M-209.
The claim that the Enigma is more secure than the M- 209 is disputable.
1) The best modern ciphertext-only
algorithm for Enigma (Ostward and Weierud, 2017) requires no more than 30
letters. My new algorithm for M-209 requires at least 450 letters (Reeds,
Morris, and Ritchie needed 1500). So the M-209 is much better protected against
ciphertext-only attacks.
2) The Turing Bombe – the best known-plaintext
attack against the Enigma needed no more than 15-20 known plaintext letters.
The best known-plaintext attacks against the M-209 require at least 50 known
plaintext letters.
3) The Unicity Distance for Enigma is
about 28, it is 50 for the M-209.
4) The only aspect in which Enigma is
more secure than M-209 is about messages in depth (same key). To break Enigma,
you needed a few tens of messages in depth. For M-209, two messages in depth
are enough. But with good key management discipline, this weakness can be
addressed.
Bottom line – if no two messages are
sent in depth (full, or partial depth), then the M-209 is much more secure than
Enigma’.
I also added
Lasry’s M-209 articles in the notes:
No comments:
Post a Comment