Breaking of the Commercial Enigma by Germans

My crypto Home Page
Enigma Cryptanalysis home Page

Rejewski's break of the
Enigma rotor wiring
Elizebeth Friedman's break of the
Enigma rotor wiring
Breaking of the Commercial Enigma by Germans (This Page).
Buttoning-up
Rodding
Rejewski's Catalog
Cyclometer
Rejewski's Bombe
Zygalski's Sheets
Turing's Bombe
Turing / Welchman Bombe

Introduction : TICOM DF-38

After the end of World War II, US cryptographic agencies investigated through German archives and questionned POW (Prisonner Of War) about German cryptogaphic methods. This organization was called TICOM (Target Intelligence COMmittee).

The documents produced by TICOM were tagged TOP SECRET. Recently, these documents were declassified and many of them can be downloaded on Internet.

There are different kinds of document: A, D, DF, I, IF, … "I" correspond to the Interrogation of a POW (written P/W too) and "DF" a translation of a German document.

The DF-38 document is written by Dr. Rudolf Kochendörffer, a Geman mathematician belonging to OKH/In 7/IV (a cryptologic service of the Army). This document deals with the mathematical analysis of the commercial Enigma using permutations (like report written by Rejewski). This analysis allows the author to indicate how to recover the rotor wiring from in-depth messages.

According to Frode Weierund (the editor of this document), the report from which document DF-38 comes dates back to 1944.

The structure and the content of the DF-38 document

The structure of DF-38

Description of the Enigma
1. The cipher wheels
2. The wiring of a sequence of two wheels
3. The turning of a wheel
4. The reversing wheel
5. The operation of the Enigma
Determining the wiring of an Enigma from a sequence of T26 (substitution alphabets)
1. Cryptanlytic foundation.
2. Theorical calculation of the wheel wiring.
3. Practical calculation of the wheel wiring.

The Content of DF-38

Description of the Enigma
The great originality of Dr. Rudolf K.'s article is to use the mathematics of permutations that belong to the group theory of which he was a specialist. He begins with a summary of this part of mathematics, a bit equivalent to the Wikipedia web page on permutations: notation, composition, associativity, inverse permutations, identity, ... (cf. References).
Then, the Enigma encryption formula is presented (cf. the following paragraph). The first part ends with the description of the advancement of the rotors.
Determining the wiring of an Enigma
The second part explains how to find the wiring of the rotors from in-depth messages and the permutations that describe the Enigma.

Mathematical vision of the Enigma encryption

The Dr. Rudolf K. (like Rejewski) used group theory and more specifically permutations to describe the Enigma encryption. Consider the following permutations:

P = Permutation of the Enigma with the rotor positions at k (for right rotor), l (for middle rotor) and m (for left rotor).
A = Permutation of the Rotor at the right position (the fast rotor)
B = Permutation of the middle rotor
C = Permutation of the left rotor
U = Reflector permutation
Z = Permutation of the rotation.

\( P_{k,l,m} = (Z^kAZ^{-k})(Z^lBZ^{-l})(Z^mCZ^{-m})U(Z^mC^{-1}Z^{-m})(Z^lB^{-1}Z^{-1}) (Z^kA^{-1}Z^{-k}) \)

Cryptanalytic and true reconstruction of the Enigma

The cryptanalysis made by Dr.K. does not allow an exact description of the rotors due to the twist and offset effects (cf. rotor).

In fact, in the header of the enemy messages the indicator contained the initial position of the rotors. In addition, this position corresponded to a pronounceable four-letter word. Thanks to this, the real wiring of the rotors could be reconstructed.

Origin of the traffic analyzed: the Swiss hypothesis

The report by Dr. Rudolf K. aims to show how to find the wiring of a commercial Enigma from in-depth messages. But where does this traffic come from?

I think it comes from the Swiss army. Indeed, we know that the Swiss were equipped with Commercial Enigmas. On the other hand, that at least at the beginning of their use, dozens (or even hundreds) of messages were sent with the same key (in-depth messages). On the other hand, the reflector had not been modified (This is the case of the machine analyzed by Dr. Rudolf K.). Finally, we know that the Germans deciphered the Swiss Enigma traffic. All these clues together lead us to deduce that the messages analyzed by Dr. Rudolf K. come from the Swiss army.

Christos' article (see References) describes the breaking of the Swiss Commercial Enigma by several countries, including Germany. It so happened that it was precisely the OKH/In 7/VI service, to which Dr. Rudolf K. belonged, which was responsible for analyzing Swiss traffic. Still in Christos' article, we learn that Originally the indicator (showing the starting position of the rotors) was sent in the clear but from August 1942 it was enciphered (see below). As far as I am concerned, this last clue convinces me that it is indeed a Swiss traffic that is handled by Dr. K.

The American Coast Guard, in 1940, were confronted with the a Commercial Enigma whose traffic had the same characteristics and it was indeed traffic of Swiss origin (link).

We are not certain about the origin of the messages but we can say that the cryptologists who created the encryption procedures used were not experts. Indeed, two major mistakes were made:

Sending several dozen in-depth messages. This is the main mistake. No system can resist it.
Sending the rotors' position in plain text. This procedure alone could have jeopardized the system. The indicator must be encrypted!

References

Internet links

The Enigma Collection, Editor: Frode Weierud.
DF-38, The Enigma by Dr. Rudolf Kochendörffer. (link).
Wikipedia: Permutation
Christos military and intelligence corner.
The compromise of the Swiss diplomatic Enigma K cipher machine in WWII (link)