Thursday, November 29, 2018


In the The American M-209 cipher machine I’ve added the following under ‘Additional information’:

M-209 vs Enigma:

Regarding the cryptologic strength of the M-209 machine versus the plugboard Enigma, the expert on classical cipher systems George Lasry (15) has stated:

One comment about the security of the M-209. The claim that the Enigma is more secure than the M- 209 is disputable.

1) The best modern ciphertext-only algorithm for Enigma (Ostward and Weierud, 2017) requires no more than 30 letters. My new algorithm for M-209 requires at least 450 letters (Reeds, Morris, and Ritchie needed 1500). So the M-209 is much better protected against ciphertext-only attacks.

2) The Turing Bombe – the best known-plaintext attack against the Enigma needed no more than 15-20 known plaintext letters. The best known-plaintext attacks against the M-209 require at least 50 known plaintext letters.

3) The Unicity Distance for Enigma is about 28, it is 50 for the M-209.

4) The only aspect in which Enigma is more secure than M-209 is about messages in depth (same key). To break Enigma, you needed a few tens of messages in depth. For M-209, two messages in depth are enough. But with good key management discipline, this weakness can be addressed.

Bottom line – if no two messages are sent in depth (full, or partial depth), then the M-209 is much more secure than Enigma’.

I also added Lasry’s M-209 articles in the notes:

No comments:

Post a Comment