Military and intelligence history mostly dealing with World War II.
Friday, February 24, 2017
Tuesday, February 14, 2017
Interesting reports on the Soviet crypto problem
Two new versions
of the following reports can be found at the NSA’s website.
American
Cryptology During the Cold War 1945-1989, Book I
The previous versions had a lot of pages deleted by these
seem to have fewer redactions.
It’s a step forward…
Thursday, February 9, 2017
Breaking Enigma messages
Frode Weierud
and Olaf Ostwald have written the interesting article ‘Modern breaking of Enigma cipher texts’ on modern techniques used in solving
original Enigma messages from WWII.
ABSTRACT
“Breaking German Army Ciphers” is the
title of a Cryptologia article
from 2005, describing the lucky survival of several hundred authentic Enigma
messages of World War II, and an account of a ciphertext-only cryptanalysis of
a large number of these messages, leaving only a few (mostly short messages)
unbroken. After reviewing the work done, and investigating the reasons for both
lucky breaks and close misses, the modern ciphertext-only attack on Enigma
messages is improved, especially on genuine ones with short lengths and/or many
garbles. The difficulties of a proper measure for the candidate’s closeness to
a plaintext are clarified. The influence on the decryption process of an empty
plugboard and one with only a few correct plugs is examined. The method is
extended by a partial exhaustion of the plugboard combined with an optimized
hillclimbing strategy. The newly designed software succeeds in breaking
formerly unbroken messages.
Frode has also summarized the previous efforts
to solve these messages at CryptoCellar
Tales.
Wednesday, February 1, 2017
The compromise of the Croat Enigma K cipher machine by the German Army’s codebreakers
Signals
intelligence and codebreaking played an important role in WWII. British and
American codebreakers solved many important Axis crypto systems and similarly
their Axis counterparts also had their own successes.
Both the
Allies and the Axis powers solved not only their opponents’ communications but
also those of neutral powers and in some cases the communications of their own
allies.
For example
the German codebreaking agencies solved Japanese and Italian diplomatic ciphers
during the 1930’s and in WWII.
The Germans
also solved the messages of their minor allies. One such case concerns the
Enigma K (commercial version) used by the Armed Forces of the Independent
State of Croatia in WWII.
The
Independent State of Croatia
The Kingdom of Yugoslavia was
one of the states that were created when the old Austro-Hungarian empire
collapsed at the end of WWI. The country covered a large area in the Balkans
but was politically unstable since it was made up of a diverse group of peoples
(Serbs, Croats, Slovenes, Montenegrins).
In April 1941 the
country was quickly defeated and occupied by German forces. The collapse of
the Yugoslav state led to its partition into new states, subservient to the
Axis powers.
One of them
was the Independent
State of Croatia, ruled by the Ustaše movement and its
leader Ante Pavelić.
Although the
Croat State was a puppet state of Germany its communications were targeted by
the German Army’s codebreakers.
The German
Army High Command’s codebreaking department
During WWII
the German Army made extensive use of signals intelligence and codebreaking in
its operations against enemy forces. German commanders relied on signals
intelligence in order to ascertain the enemy’s order of battle and track the
movements of units.
The German
Army’s signal intelligence agency operated a number of fixed intercept stations
and also had mobile units assigned to Army Groups. These units were called KONA
(Kommandeur der Nachrichtenaufklärung) - Signals Intelligence Regiment and each
had an evaluation centre, a stationary intercept company, two long range signal
intelligence companies and two close range signal intelligence companies.
The KONA
units did not have the ability to solve complicated Allied cryptosystems.
Instead they focused on exploiting low/mid level ciphers and even in this
capacity they were assisted by material sent to them by the central
cryptanalytic department. This was the German Army High Command’s Inspectorate 7/VI.
Inspectorate
7/VI had separate departments for the main Allied countries, for cipher
security, cipher research and for mechanical cryptanalysis (using punch card
machines and more specialized equipment).
The codes of
Balkan countries and of the Tito
and Mihailović resistance movements (1) were worked on by Referat 6. This
department also solved Croat communications in the period 1941-45 (2).
Yugoslav
communications were also worked on by a small detachment under Lieutenant
Wollny (Nachrichten Aufklärung Zug ‘W’) based in Belgrade and by the units of KONA
4 (Kommandeur der Nachrichtenaufklärung 4 - Signals Intelligence Regiment 4).
The Croat Enigma
K cipher machine
According to
German reports the Croatian forces used several cryptosystems, from Caesar
cipher and simple transposition to 4 and 5-figure enciphered codes.
A more
interesting system identified in Croatian radio traffic was the Enigma K cipher
machine.
Since the 1920’s the
Enigma cipher machine was sold to governments and companies that wanted to
protect their messages from eavesdroppers.
The latest
version of the commercial Enigma machine was Enigma K. In
WWII this device was used by the Swiss diplomatic
service and armed forces and also by the Croatian authorities.
The device
worked according to the Enigma principle with a scrambler unit containing an
entry plate, 3 cipher wheels and a reflector. Each of the cipher wheels had a
tyre, marked either with the letters of the alphabet or with the numbers 1-26,
settable in any position relative to the core wheel, which contained the wiring.
The tyre had a turnover notch on its left side which affected the stepping
motion of the device.
The position
of the tyre relative to the core was controlled by a clip called Ringstellung
(ring setting) and it was part of the cipher key, together with the
position of the 3 cipher wheels.
The
commercial version was different from the version used by the German Armed
Forces in that it lacked a plugboard
(stecker). Thus in German reports it was called unsteckered Enigma.
The Croatian
authorities first received 12 Enigma machines in July 1942 (3). More machines
were purchased in 1943 and 1944. In the period November ’43 - March ‘44 Enigmas
that had been used by the Condor Legion in Spain were rewired for the General
Staff of the Croatian Home Defence Forces (Kroatischen
Landwehr – Hrvatsko Domobranstvo) (4).
The reflector
remained on the commercial wiring Ch 11 Tz 86, however the 3 cipher wheels
received the new wiring Ch 11 Tz 364 a–c (5).
In total 12
new Enigma cipher machines and 29 rewired ones were prepared for Croatian use.
In addition it is likely that another 44 machines were also delivered (6).
Solution
of Croat Enigma K communications
Details on
the solution of Croatian messages enciphered on the Enigma K are available from
the postwar interrogation of Army cryptanalyst dr Buggisch and from the
relevant entries in the War Diary of Inspectorate 7/VI.
Dr Buggisch,
one of the top cryptanalysts of Inspectorate 7/VI, said in TICOM report I-92 ‘Final Interrogation
of Wachtmeister Otto Buggisch’, p2-3
2.
Solution of Croat Enigma. This was not an outstanding cryptanalytic
achievement. The machine used was the K model, with three wheels and no
stecker. The machines were made for the Croats by the firm of KROSKY and
KRUGER, Berlin, which gave the wirings promptly to OKW/WNV in about 1941 or
1942. A single key was used throughout the entire Croat Army and area, and this
consisted only of a list of 100 settings for a period of a month. As far as
Buggisch knew the Ringstellung stayed always at AAA, and the wheel order at 1,
2, 3. Just to make sure, the Germans paid for one of the first keys used, and
with this decoded traffic were able to establish stereotypes and solve almost
100% from the first.
The
solutions were done entirely by hand with wiring charts, assuming a pet
beginning (one third of all messages began with "MINORS") and
assuming the left hand wheels and Umkehrwalz unmoving (only one notch per wheel
as in the commercial model). The Croats also had pet indicators and so would
furnish depths in case this method did not work. The setting was indicated
directly by a two digit number unenciphered, so that the settings wore solved
almost as fast as they came, and the traffic read currently from then on.
Buggisch did not recall the contents in detail. 90% of it was uninteresting;
there were some interesting messages about actions against Tito
Buggisch
said the Germans had considered equipping the Croats With the military Enigma,
as they did for HUNGARY, ROUMANIA, FINLAND and ITALY (and JAPAN, he
thinks) in about 1942. However, they decided against this as they believed the
corrupt CROATS would go right on selling the keys to British agents, while
they, the GERMANS, would have to pay as well instead of solving free. (The
possibility of a BRITISH solution obviously did not occur to Buggisch during
this discussion of the K model.)
According to
Buggisch one third of all messages began with the word ‘MINORS’. MINORS stood
for ‘Ministarstvo Oruzanih Snaga’ -
Ministry of Armed Forces of the Independent State of Croatia (7).
Thus this was
high level traffic between the Ministry of Armed Forces and the regional
military commands.
The war diary
of Inspectorate 7/VI (8) confirms Buggisch’s statements and shows that in the
period 1943-45 the Croatian Enigma was regularly read by the Germans.
Information
from the War Diary of Inspectorate 7/VI
In June ’43
the report of Referat 13 (security of German cipher machines) said that the use
of the commercial Enigma K machine had been identified in Croatian 5-letter
cipher traffic and by using the wheel wirings supplied by the company Heimsoeth
& Rinke together with known key documents it was possible to break into
this traffic. Presumably ‘known key
documents’ would have been the compromised documents that Buggisch
mentioned in report I-92.
Bei einem kroatischen 5B-Verkehr wurde
festgestellt, daß er mit einer handelsüblichen Enigma Modell K verschlüsselt
ist. Ein Versuch mit den von der chiffriermaschinengesellschaft Heimsoeth &
Rinke an Kroatien gelieferten Walzen ergab, daß tatsächlich die betreffenden
Walzenschaltungen benutzt wurden. Unter Ausnutzung teilweise bekannter
Schlüsselunterlagen gelang ein Einbruch und damit die Deutung der
Schlüsseltechnik. Nach früher hier entwickelten Methoden wird eine laufende
Entzifferung möglich sein.
In einer Besprechung am 8.6.43 wurden
einige Entzifferungergebnisse über die handelsübliche Enigma mit dem Forschungsamt
ausgetauscht. (Wm.Döring, Uffz. Rinow.)
In July ’43
the report of Referat 6 (Balkan countries) said that there was cooperation with
Referat 13 (Wm. Buggisch) on the solution of the Croat Enigma. 23 indicators (for
the initial position of the rotors) were recovered and transmitted to Lieutenant
Wollny’s Nachrichten Aufklärung Zug ‘W’, together with a cipher machine for
processing the accumulating material.
Von den mit Chiffriermaschine
verschlüsselten kroatischen Sprüchen wurden unter Zusammenarbeit mit Referat 13
(Wm. Buggisch) 23 Kenngruppen (für Walzeneinstellung) gedeutet und mitsamt
einer Chiffriermaschine fur Nachr. Aufkl.-Zug "W" zwecks Bearbeitung
des dort anfallenden Spruchmaterials Herrn Oberleutnant Wollny übergeben. Die
mit der Chiffriermaschine gelösten Sprüche wurden in einer umfangreichen
VN-Meldung herausgegeben. (s.Schrb. Br.B.Nr. 1691/43 gKdos.)
The report of
Referat 13 said that by solving the frequently used indicators it was possible
to solve almost all the traffic.
Bei den kroatischen 5B-Sprüchen, die
als Enigma-Sprüche (Modell K) erkannt wurden, konnten die häufig benutzten
Kenngruppen erstellt werden, sodass fast der gesamte Verkehr mitgelesen werden
kann.
A table
contained in the Referat 6 report shows how many messages were processed during
the month:
In August ’43
Referats 6 and 13 solved 16 indicator groups and transmitted them to Nachrichten
Aufklärung Zug ‘W’ via teletype.
Referat 6:
Von den mit Chiffriermaschine
verschlüsselten kroatischen Sprüchen wurden unter zusammenarbeit mit Referat 13
(Wm. Buggisch) 16 Einstellungsgruppen gedeutet und dem Nachr. Aufkl. Zug mit
Fernschreibgspräch (G-Schreiber) am 10 und 17.8 zwecks Bearbeitung des dort
anfallenden spruchmaterials mitgeteilt.
In September
’43, indicator groups continued to be solved and sent to the Wollny unit for
direct exploitation. However according to the Referat 13 report the Croatian
authorities changed the indicator system by having 10 new indicators valid for
each day instead of the previous arrangement for 100 indicators valid for each
quarter.
Nachdem die Kroaten von
Vierteljährlichen Schlüsselwechsel (100 Schlüssel) zu täglichem
Schlüsselwechsel (10 Schlüssel) übergegangen sind, erfordert die laufende
Erstellung der schlüssel mehr Arbeit als bisher.
In October
’43, 13 indicators were sent to the Wollny unit. The report of Referat 13 says
that the current solution of the indicators could be stopped. This would seem
to imply that they got copies of the indicator tables, thus they didn’t need to
solve them cryptanalytically.
Da die Schlüsselunterlagen zur
kroatischen Enigma anderweitig besorgt werden, konnte die laufende Erstellung
der schlüssel Mitte des Monats eingestellt werden.
In November
’43 the report of Referat 6 says that Croatian ciphers were solved (hand
systems and cipher machine) and the results transmitted to Nachrichten
Aufklärung Zug ‘W’.
Bearbeitung umfangreichen
Spruchmaterials aus dem kroatischen Funkverkehr, Entzifferung einfacher Würfel
und mit Chiffriermaschine verschlüsselter Sprüche. Herausgabe von 9
V.N.-meldungen aus diesem Verkehr. sämtliche hier erstellten Losungen und neuen
überschlüsselungsarten wurden dem N.A.Zug "W" fernschriftlich oder
schriftlich mitgeteilt.
In December ’43
there were organizational changes in Inspectorate 7/VI, with Referat 6 becoming
Referat a5 and Referat 13 becoming Referat b2.
New
indicators were recovered by departments a5 and b2. The report of b2 says that
the solution of the Croat Enigma indicators had to be resumed because procurement
was not yet possible in the new key period.
Referat b2
3. Enigma: Die erstellung der
kroatischen Schlüssel wurde wieder aufgenommen, da die Beschaffung auf dem
früheren Weg in der neuen Schlüsselperiode noch nicht möglich war.
Also in the
second half of 1943 Referat 9, which was the Hollerith/IBM punch card section,
did statistics on the Croatian Enigma traffic (Statistische Untersuchungen für kroatische Enigma für Wm. Buggisch)
and on Croat language bigram and trigram statistics (Bi- und Trigrammstatistik aus kroatischen Klarsprüchen für Wm. Buggisch)
In February
’44, 18 indicator groups were solved.
The March ’44
report of Referat a5 says that the extensive Croatian Army traffic was tackled
only at the forward unit Nachrichten Aufklärung.
Referat a5
Ehem. Südslawien - Freies Kroatien:
Bearbeitung des gesamten umfangreichen
Heeres - Spruchmaterials ( einfache würfel, spaltencäsaren, Enigma) erfolgt nur
noch bei N.A.
11 VN- Meldungen mit 208 Sprüchen
In April, May
and June ’44 there seems to have been a halt on interception of this traffic.
The April’ 44 report says that ‘for
unknown reasons message interception has been discontinued as of 6.4’
Referat a5
Ehem. Südslawien - Freies Kroatien:
6 S- Meldungen mit 119 Sprüchen
Spruch aufnahme is mit dem 6.4 aus unbekannten Gründen eingestellt
worden, was sehr bedauerlich, da bei evtl. späterer Neubeobachtung
erfahrungsgemäss die Ez. erheblichen Zeit- und Arbeitsaufwand erfordert.
Interception
resumed in July ’44 with the report pointing out the negative consequences of
losing touch with this traffic (‘The
three-month interruption of interception makes itself felt in a disadvantageous
manner’)
Referat a5
Ehem. Südslawien - Freies Kroatien:
Eingestellte Beobachtung am 1.7.44
wieder aufgenommen. Spruchanfall mässig. 48 Sprüche (einfache Würfel)
entziffert, inhalt belanglos. Bearbeitung von 5Z- Sprüchen (vermutlich
überschlüsselter 4Z-Code ) bisher ohne Erfolg. Die dreimonatige unterbrechnunh
der Beobachtung macht sich nachteilig bemerkbar.
Angeforderte Schlusselunterlagen von Kdr 4 nicht eingegangen.
In August ’44
Referat b2 resumed work on the solution of the Enigma indicators.
Referat b2
Bei wieder aufgenommener Bearbeitung
der kroat. Enigma konnten einige Schlüssel erstellt werden.
In September
’44, 7 indicators were recovered by Referat b2.
In October
’44 there was another organizational change with Referat a5 becoming Referat 3c
and Referat b2 becoming Referat 1b.
During the
month 5 indicators were created and results transmitted to KONA 4 (Kommandeur
der Nachrichtenaufklärung 4 - Signals Intelligence Regiment 4) in the Balkans.
In November
’44 solutions increased with 33 indicators transmitted to Referat 3c.
Referat 1b
Erstellung von 33 Schlüsseln für
kroatische Enigma und Weiterleitung an 3c.
In December
’44, 59 indicators were recovered.
In January
’45 Referat 3c became Referat 2c. The report of Referat 1b says that 47 keys
for the Croat Enigma were solved and transmitted to Referat 2c.
In February
’45 the Ref 1b report simply says that a large number of keys for the Croatian
Enigma was solved and passed on to Ref 2c.
Eine grössere Zahl von Schlüsseln für
die Kroat. Enigma wurde gelöst und an Ref.2 c weitergegeben.
The final Ref
2c report from March ’45 says that 30 keys were recovered and 354 messages
solved.
Referat 2c
1. Balkan- Freies Kroatien
a). Für die mit der Enigma
verschlüsselten 5B-Sprüche des Kroatischen Heeres wurden 30 Schlüssel erstellt.
Es wurden damit 354 Sprüche entschlüsselt.
Notes:
(2). Reports
of Referat 6 – War Diary of Inspectorate 7/VI
(3). Correspondence
with Frode Weierud.
(4). ‘Spanish Enigma: A History
of the Enigma in Spain,’ p11
(5). ‘Spanish Enigma: A History
of the Enigma in Spain,’ p11 and CroatianMachines.pdf
(6).
Correspondence with Frode
Weierud.
(7).
Correspondence with dr Nikica Baric of the Croatian State Archives
(8). German
Foreign Ministry’s Political Archive - TICOM collection - files Nr 2760-2761
Additional
information:
The files of
Inspectorate 7/VI, listed in TICOM report IF-272 - TAB ‘D’, include the
following report on the Croatian Enigma in page 8:
Zusammengefasste Umkehrwalze.
Kroatien. AA-AZ.
Walze I. II. III.
These should
be the wirings for the reflector and the three wheels.
Acknowledgements: I have to thank Frode Weierud for his help in
translating the relevant passages from the War Diary of Inspectorate 7/VI and
for the information on the Croat Enigma orders and dr Nikica Baric for
explaining the meaning of the term MINORS.
Subscribe to:
Posts (Atom)