The Art of Secret Communication in the 1632 Universe: Part 2, Machine Cryptosystems

Here is your preview of the story.

More complex (and hopefully more effective) encryption is possible with the aid of machines: dedicated mechanical and electromechanical devices, mechanical, electronic (and fluidic) calculators; and programmed electronic (and fluidic) computers.


Mechanical Crypto Machines


Prior to the advent of the digital computer, machines were built that could encipher or decipher messages according to rules too complicated to be carried out by hand with sufficient speed and accuracy.

Of these, my favorite is the Jefferson wheel cipher machine. As built it used 26 disks on a spindle, but that was arbitrary. The letters were in a different scrambled order on each disk. The disks were numbered, and the key determined the order of the disk and the "offset." You turned the wheels to form a segment of the plaintext (equal in length to the number of wheels deployed) on a single row then applied the offset to obtain the ciphertext row.

This is, in essence, a form of polyalphabetic substitution using scrambled rather than shifted standard cipher alphabets and with a long key consisting of a numeric wheel sequence and the offset. If the message was longer than the key, the key sequence would be repeated on the next plaintext segment.

Is the Jefferson wheel cipher machine known in Grantville? It's possible. Students might have been taken on a school trip or family vacation to Monticello (about a five-hour drive). There are certainly biographies of Jefferson in the school libraries, and one of them might have provided information about the machine. It is described in detail in Katz (193) and a similar later machine in Smith (76).

Ironically, in 1802 Jefferson decided that a columnar transposition with nulls devised by Patterson was "much more convenient in practice than my wheel cipher," and adopted Patterson's much weaker cipher for diplomatic use. The Jefferson machine was forgotten until 1922.

The concept was reinvented by by Etienne Bazeries (1891), whose machines used 20 disks. Parker Hitt experimented (1914) with both disks and slides (see below) and Joseph Mauborgne made modifications (1917), resulting in the 25-disk Army M-94 machine (used 1922-45). The latter machine also had means for locking the disks into a particular alignment after rotation to display the plaintext, and a guide rule attached to a rotatable blank disk for reading off the ciphertext. The M-94's ciphertext alphabets are available online (Proc) so you can see just how scrambled they are.

The M-94 was succeeded by the M-138 strip machine. This was essentially a Saint Cyr slide with multiple slidable elements ("multiplex"), each corresponding to a different cipher alphabet. The Army provided 100 slides, of which 30 were used simultaneously. The key would specify which slides to insert, in which order, with what offsets (Katz 323).

The M-138 in turn was replaced by the M-209, first manufactured in 1942. During WWII, 140,000 were made at a cost of $64 apiece. It was intended for tactical use. and it's small and portable ( EB15 describes it as a polyalphabetic substitution in which the individual cipher alphabets are shifted reverse standard alphabets (Beaufort type), and the shift is determined for each letter in the message by a very long repeating key. It is long because it is established by the combined positions of six key wheels, with 26, 25, 23, 21, 19, and 17 positions respectively, and thus a key period length of 101,405,850. The shift is determined by how many of 27 bars are engaged. Each bar has two lugs and one or both can be set to be engaged by a wheel (but not the same wheel). Each wheel has a pin at each position, which may be active or inactive. Thus, there are 131 pin positions. If the current position of a wheel is that of an active pin, and one of the lugs of a bar is set to that wheel, the bar is engaged. All wheels advance one pin position for each letter being enciphered. The shift progression is determined by the internal key (initial pin and lug settings) and external key (initial wheel positions). This is essentially a mechanical pseudorandom number generator.

While we have this generic description of how the components interact, anyone trying to build an M-209 in the NTL would have to work out the specific mechanisms to effectuate the operation. It is certainly quite a bit more complex than an ordinary typewriter.

One point I think EB15 doesn't make clear is that there is a separate typewheel which produces the output. I believe that before the typewheel prints a letter, the drum containing the bars rotates once, and each time an engage bar passes a trigger point the typewheel turns one notch. Then after the letter prints, the key wheels advance one position, changing which wheels have an active pin engaged and thus which bars are engaged (Bouchaudy).

The Germans could cryptanalyze M-209 messages in a few hours if they intercepted two sufficiently long messages with the same indicators (and thus the external key) and correctly guessed some plaintext (Christos; Bouchaudy). Ciphertext-only attacks are now known (Reeds; Lasry).

There were more advanced cipher machines than the M-209, but I doubt they are described in Grantville literature.



Crypto Machine Ciphers (Electromechanical)


EB15 provides a good overall description of the wired rotor machines; however, I am going to describe them in a way that emphasizes the historical evolution.

Several rotor machines were patented in the period 1918-19. The key component was the wired rotor. This was a hollow wheel having 26 electrical contacts arranged in a circle, near the periphery, on each of its two sides. Let us say that the left side is the input side and the right side is the output side. Then, inside the rotor, there are 26 wires, each wire connecting one of the input contacts to one of the output contacts. The connections were scrambled.

Now, imagine that when you press a key on a keyboard, you send a current to the corresponding contact on the input side; the current travels to the contact on the output side, and from there to some sort of output, which could be a labeled lamp, a printing element like the hammer on a typewriter, or a punch for a teletype tape.

Moreover, imagine that after you press the key, the rotor advances one position. What we have at this point is a machine that implements a polyalphabetic substitution using a progressive key. The key specifies the shift in the mixed alphabet established by the scrambled wiring inside the rotor. Since the scrambling pattern was fixed, there are a total of 26 possible keys (the possible initial rotor positions). It is true that there are also 26! different scrambling patterns in a single rotor, but once you cryptanalyze the pattern you needn't solve it again.

Now suppose that you add additional rotors, each with the wiring scrambled in a different way, and connect them so that when the first rotor completes a full revolution, it causes the second rotor to advance one step, when the second rotor completes a full revolution, it causes the third rotor to advance one step, and so on. With three rotors (with fixed scrambled wiring and fixed order), you have expanded the keyspace to 263.

That, in essence, was the Hebern rotor machine (with up to five rotors). A similar typewriter-linked machine, with ten rotors, was designed by Scherbius and offered in 1918 for sale to the German Foreign Office for $1600-2000 per machine ($14,400-18,000 in 1991 dollars), or $560-720 if the government would buy a thousand machines (Katz/Enigma 34).

The Hebern machine was offered to the US Navy in 1924, which declined to purchase it. They didn't tell Hebern, but they had given ten Hebern machine-encrypted messages of 300 characters each, all encrypted with the same key (initial rotor arrangement and settings), to Friedman, who solved them by hand within two weeks and reconstructed the internal wiring of the rotors (Bauer 132). The weakness exploited by Friedman—not mentioned by EB15—was the regular, odometer-like stepping pattern.

The 1920s vintage German ENIGMA machines added several refinements, of which only one is mentioned by EB15: the reflector. This does not turn, and it only had one set of 26 contacts, connected in pairs. The current leaving the last rotor would enter the reflector at one contact and leave by the connected one, then passed back through the rotors in reverse order and leaving by way of one of the input contacts on the first rotor.

EB15 comments, "The advantage of this scheme is that when a pair of rotor machines is set to the same starting configuration, plaintext input to one machine generates ciphertext, which when input to the other reproduces the plaintext. The reflector also ensures that the ciphertext symbol is different from the plaintext symbol. " But these advantages come with corresponding disadvantages. If the cryptanalyst deduces that with a particular rotor setup A encrypts to W, then it follows that W encrypts to A. Moreover, in trying to guess the location of a probable plaintext word, the cryptanalyst can disregard any alignment that would cause the plaintext and ciphertext letters to be identical (Katz/Enigma 38). Grantville literature may include Robert Harris' novel, Enigma (1995), which points this out (61).

So described, we have a machine similar to the American Convert M-325, which, with three rotors, a reflector, and a lamp readout, cost $60 in the 1930s (Kruh).

The features ignored by EB15 were the following (Katz/Enigma 37):

—making the rotors removable, so they could be placed in the basket in any order (which thus was part of the key) and indeed could be chosen from a larger set of rotors

—taking the cam (that caused the next rotor to advance) off the rotor and placing it on a rotatable alphabet ring surrounding the rotor core like a tire on a wheel (so the position of the alphabet ring relative to the rotor core was a part of the key). The cam (breakpoint) on the alphabet ring was in a different position on each ring. This separate alphabet ring feature was incorporated only into the military versions of the Enigma (Deavours).

While the device still mostly featured regular stepping, there was an occasional double step by the middle rotor (Id.).

In 1930, the army version added the plugboard, with 26 sockets, as a preliminary encipherment. If sockets were connected by a patch cord, the corresponding letters were exchanged, and letters denoted by empty sockets were passed straight through. In WWII, the plugboard settings were part of the predetermined daily key (Katz/Enigma 41).

EB15 mentions briefly that in the Japanese PURPLE cipher machines, rotors were replaced by telephone stepping switches.


All of the commercial mechanical or electromechanical cipher machines that I am aware of perform a substitution encipherment. A transposition encipherment is easy enough to achieve with a computer, as a block of plaintext characters can be stored in memory and then output in a scrambled order. But how can one reorder characters with a simple electromechanical system?

Here is one suggestion of how transposition might be achieved; I suspect it is too complex for practical use. Let us say that the transposition is performed on each block of n characters. We have n input wheels, each wheel having a standard alphabet. A single row of the characters on these wheels is displayed through an input window and the wheels are individually rotated so that input block of text is so displayed. Each wheel has one or more electrical contacts so that the position of each input wheel is known.

Likewise, there are n output wheels, again with standard alphabets. The desired transposition is encoded by a plugboard so each input wheel is connected to one and only one output wheel, but of course the connections are scrambled. When an actuator key is pressed, each output wheel turns to match the setting of the connected input wheel. This turning could be effectuated by a motor that turns until the match occurs and shuts down the motor.

It would of course be possible to combine transposition by substitution if the output wheels used scrambled alphabets.



The Role of the Computer in NTL Cryptology


While the computer can be programmed to implement a manual, mechanical, or electromechanical cryptosystem, and thereby simplify character-based encryption and decryption, modern computer cryptosystems are designed from the ground up with bitwise encryption in mind. The plaintext must of course first be converted to some sort of bitwise representation (such as ASCII) but then the individual bits, or fixed length groups of bits, are replaced or moved about, often many times in different patterns, before finally (perhaps) being converted back into characters.

Assuming the cryptographer has a computer, there are three possibilities: using canned cryptographic software; programming the computer to implement a cryptosystem disclosed in Grantville literature or programming the computer to implement a new cryptosystem, which may be derived at least in part from components of the disclosed cryptosystems. Obviously, the second and third require programming skills, and the third also mathematical analysis to verify the security of the new system.

But before we consider these possibilities, we must ask: who will have computers when?


On the eve of the Ring of Fire, personal computers were owned by Grantville local government, businesses, schools, and households. By Eric-approved analysis, there are 884 households in Grantville (DeMarce). As of August 2000, 51% of US households had one or more computers, which would imply at least 441 Grantville households did (Newburger). Admittedly, Grantville is likely to be less than the national average, being nonmetropolitan and skewing toward low income, low educational attainment, and elderly (2000 census). Taking that into account, the households with computers rate drops to perhaps 42-44%, so, 371-389. Some, of course, would have more than one.

One estimate (Bartholemy?) , without explaining how it was arrived at, assumed 30 government, 180 school, 100 commercial, 440 "in use" household computers, for a total of 750, and another 150 "scrap" computers in storage.

Obviously, the USE will have an advantage over foreign powers with respect to the use of computers. Some computers are already owned by local government, some up-timers will take government positions and bring their personal computers, and some up-timers will lend computers to down-timer friends and colleagues.

While I expect that some computers will be sold as time passes, the price is likely to be astronomical, and the sellers may be reluctant to sell to down-timers who are obviously from countries hostile to the USE.

For cryptanalysis, all a government needs to acquire is a single computer and the software for writing programs to input text and subject the text to various analyses.

However, to support cryptography, using cryptosystems so complex that they must be encrypted and decrypted by digital electronic computer to have adequate speed and accuracy, a government needs one computer for each node in its cryptographic communications network. It does no good for the sender to have a computer with which to encrypt the message if the intended recipient does not have a computer with which to decrypt it.

Moreover, there is the issue of the nature of the output. Obviously, it's a digital electronic output and ideally it would be transmitted as digital data. That is possible on Grantville's LAN, where you can send or post a file.

Outside Grantville, it initially will have to be translated into a sequence of characters that can be printed, sent as Morse code, or read aloud. The recipient will then have to translate it back into computerese, i.e., type the encrypted message into a computer file.

Modern cryptological software usually takes the input characters and subjects them to a bitwise encryption that, to maximize confusion, results in an output that isn't a sequence of letters, or a mixture of printable characters, but of bytes that have the full range of values from 0-255 (00-FF hex). This includes non-printable characters.

If the government that acquires the computer also acquires programming language software, and people who know how to use it, then it is relatively easy to write software to read the output file at the byte level and print off the byte values as three decimal digit values.

That is the end of the preview.
Only active subscribers can read the full story.
If you would like to, please subscribe.
We hope you enjoyed the preview.

About Iver P. Cooper

Iver P. Cooper, an intellectual property law attorney, lives in Arlington, Virginia with his wife and two children. Two cats and a chinchilla rule the household with iron paws. Iver has received legal writing awards from the American Patent Law Association, the U.S. Trademark Association, and the American Society of Composers, Authors and Publishers, and is the sole author of Biotechnology and the Law, now in its twenty-something edition. He has frequently contributed both fiction and nonfiction to The Grantville Gazette.


When not writing (or trying to get an “orange blob” off his chair so he can start writing), he has been known to teach swing dancing and folk dancing, or to compete in local photo club competitions. Iver adds, “I can’t get my wife to read my fiction, but she has no trouble cashing the checks.”

Iver’s story “The Chase” is in Ring of Fire II