|
Home Page Hebern's machines Home Page Hebern 1 rotor Home Page Cryptanalysis, Home Page
|
Known plain text cryptanalysisIf the cryptanalyst has the cryptogram and the corresponding cleartext, he can recover the wiring of a 1-rotor Hebern cipher machine. In this chapter, we will base our reconstruction of the machine on mathematical formulas. The next chapter uses cipher tables. Reminders on mathematical formulasOnly the rotor intervenesIf the encryption is based solely on the rotor, we have the following formula which connects the plain and the cipher (advancement in the trigonometric direction): y = PI[ x + i ] - i If the key is 0 (A), the formula boils down to: y (0)= PI[ x(0) ] With y = cipher letter, y(i) = the ith cipher letter x = clear letter, x(i) = the ith clear letter i = the key (the position of the rotor) PI = rotor permutation. PI[j] the output connector associated with connector j.Note: Only the most common form of the Hebern machine is discussed. The rotor chapter describes in detail the other forms. Other permutations occur (Lampboard and/or Keyboard)If other permutations occur, the formulas are more complex: Rotor + Keyboard : y = PI[ K[x] + i ] - i Rotor + Lampboard : y = L[ PI[ x + i ] - i ] R + K + L : y = L[ PI [ K[x] + i ] - i ] It is no longer possible to use the formulas directly. On the other hand, if y(i) = y(j), we can simplify the previous formulas: Rotor + Keyboard : y(i) = PI[ K[x(i)]+i]-i = y(j) = PI[ K[x(j)]+j]-j Rotor + Lampboard: PI[ x(i) + i ] - i ] = PI[ x(j) + j ] - j R + K + L : PI [ K[x(i)] + i ] - i = PI[ K(x(j) + j ] -j We can see that if the rotor and the lampboard are unknown, it is quite simple to first reconstruct the rotor and then the lampboard. An example, only the rotor is unknownCreating the encrypted messageC:\H1_TOOLS> echo Hello World | python hebern1_tui.py -R p17 MZJOGOJSTY Sample Analysisy(0) = M = PI[ H ] => PI[ 7 ] = 12 y(1) = Z = PI[ E + 1 ] - 1 => PI[ 4 + 1 ] = 25 + 1 => PI[ 5] = 26 = 0 y(2) = J = PI[ L + 2 ] - 2 => PI[ 11 + 2 ]-2 => PI[ 13 ] = 9 + 2 = 11 y(3) = O = PI[ L + 3 ] - 3 => PI[ 11 + 3 ]-3 => PI[ 14 ] = 14 + 3 = 17 y(4) = G = PI[ O + 4 ] - 4 => PI[ 14 + 4 ]-4 => PI[ 18 ] = 6 + 4 = 10 ...We have reconstructed part of the wiring of rotor p17:
PI: [5, 19, 16, 9, 21, 0, 23, 12, 22, 3, 18, 13, 7, 11, 17, 20, 2,
14, 10, 1, 15, 4, 8, 6, 25, 24]
As we can see, a few dozen characters are enough to reconstruct
the rotor wiring.
An example, the rotor and the lampboard are unknownDisplay the cryptogram and the associated plain textC:\H1_TOOLS> python groupe.py < MSGS\bronte_p17_rfs.cry ZRBZC KPHVZ DQVFM KVHVI EJCEU WYBTH KAHFM XNMFQ SKXJH THJND NQZVY CXITG KLPSJ OESEI SBIFX OMQJM SMJYC AGDUS JHJPP MRFZY SDYXR CXMEW PEQAV BBFI C:\H1_TOOLS> type MSGS\bronte.txt I have just returned from a visit to my landlord the solitary neighbour that I shall be troubled with stop This is certainly a beautiful country Sample AnalysisHere are the couples for which we have y(i) = y(j):crypted: Z(0) = Z(3) = Z (9), plain: I(0), V(3), R(9) crypted: K(5) = K(15) plain: J(5), E(15) crypted: H(7) = H(17) plain; S(7), F(17) crypted: V(8) = V(12) = V(16) plain: T(8), U(12), D(16)We deduce the following elements: For Z: PI[ I ] = PI[ V + 3 ] - 3 => PI[ 8 ] = PI[ 21 + 3 ] - 3 => PI[ 8 ] = PI[ 24 ] - 3 PI[ 8 ] = PI[ R + 9 ] - 9 => PI[ 8 ] = PI[ 17 + 9 ] - 9 => PI[ 8 ] = PI[ 0 ] - 9 For K: PI[ J + 5 ] - 5 = PI[ E + 15 ] - 15 => PI[ 9 + 5 ] + 10 = PI[ 4 + 15 ] => PI[ 14] + 10 = PI[ 19 ] For H: PI[ S + 7 ] - 7 = PI[ F + 17 ] - 17 => PI[ 18 + 7 ] + 10 = PI[ 5 + 17 ] => PI[ 25 ] + 10 = PI[ 23 ] For V: PI[ T + 8 ] - 8 = PI[ U + 12 ] -12 => PI[ 19 + 8 ] - 8 = PI[ 20 + 12 ] - 12 => PI[ 1 ] + 4 = PI[ 6 ] PI[ T + 8 ] - 8 = PI[ D + 16 ] - 16 => PI[ 1 ] + 8 = PI[ 3 + 16] = PI[ 19 ] => PI[ 1 ] + 8 = PI[ 19 ] In summary: PI[ 8 ] = PI[ 24 ] - 3 PI[ 8 ] = PI[ 0 ] - 9 PI[ 14] + 10 = PI[ 19 ] PI[ 25 ] + 10 = PI[ 23 ] PI[ 1 ] + 4 = PI[ 6 ] PI[ 1 ] + 8 = PI[ 19 ] We have partially reconstructed the wiring of the rotor, and again in a relative manner. Conclusion :
|