Monday, August 10, 2009

Enigma Mathematics

The German Enigma cipher machine is the best known example of an ingeniously designed encryption device that ultimately was a true disaster, as it proved to be the Achilles heel of the German forces. Their blind thrust in the Enigma was partially based on the theoretical security of the machine, which was a truly astronomical 3 x 10114 . There's an NSA paper (pdf) on this theoretical number. It was absolutely impossible to perform an exhaustive search on a machine with so many possible variations, not even with today's computerpower.

But the German cryptologists were wrong. Deadly wrong! The Allied codebreakers did break it and intercepted and deciphered millions of German military tactical messages during the war, revealing many battle orders and plans, and thus changing the outcome of war.

In reality, a Wehrmacht (Army) Enigma machine had a practical security (number of possible different settings), of only 1.07 x 1023. Now, this is still a huge number. To give you an idea of the size of the number 1.07 x 1023, you need 1.5 x 1015 sheets of paper (0.0039 inch each) to make a stack from the Earth to the Sun and with 1.07 x 1023 sheets you can build roughly 70,000,000 of these stacks! No wonder the German cryptologists believed it was secure.

However, the security of a crypto device is more than key sizes and numbers, theoretical security and having to search through all possible combinations. On my website you can find all the facts and figures about Enigma's mathematical security. There's also a very good Cryptologia paper by Rebecca Ann Ratcliff on the misleading statistics on Enigma and how dangerous it can be to rely on such theoretical security.

No comments: