Sigaba, procedures

• Introduction
• Description (how it works)
• Procedures (This Page)
• Simulators

Introduction

In an encryption network, for example, the US Army, transmission centers equipped with Sigaba must share documents and procedures to be able to exchange encrypted messages and obtain a maximum level of security.

In addition to having the same model of Sigaba, each center must have the same key. This is subdivided into three parts:

• The basic key.

  It is a set of 15 rotors. 10 rotors with 26 contacts which can either play the role of encryption rotor or control rotor, as well as 5 index rotors each with 10 contacts.

• The daily key.

  It mainly specifies the order of the encryption, control and index rotors. On the other hand, for each rotor its direction is specified: normal or reversed. In this sense, the index letters are read backwards. It also specifies the starting position of the index rotors.

• The message key. It specifies the starting position of each encryption and control rotor. This key must be different for each encrypted message.

In addition, procedures must be taught to operators allowing them to react quickly to particular situations, such as the compromise of a key following its capture or the imminent invasion of a transmission center.

An example of a key

• The basic key:

  Let the rotors set have 26 contacts: 11, 12, 13, 14, 15, 16, 17, 18, 19, 20 and the rotors set with 10 contacts: 20, 30, 40, 50, 60 (note a index rotor can have the same name as an encryption rotor because it does not have the same number of contacts).

• Here is a daily key:
  • Cypher rotors: 20 11 15R 19 13 (rotor 15 is reversed)
  • Control rotors: 18R 12 16 17R 14 (rotors 18 and 17 are reversed)
  • Index rotors: (order and position): 53 61 30 28 44 (order: 50, 60, 30, 20, 40, position: 3, 1, 0, 8, 4)

• Here is a message key:
  • Cypher Rotors: X L B R A
  • Control rotors: C N E X W

Indicator methods used by the US Army

The Army, at first (especially during the Second World War) used its own indicator methods. Its code name is SIGQZF. Several versions of this document have emerged.

A - Army origin indicator method (SIGQZF or SIGQZF-1) [July 1941 to June 1945]

Each month, each transmission center of the same encryption network (a priori the centers of the Army equipped of Sigaba formed a single network), receives a key list which specifies for each day globally the key of the day (as described previously).

Specifically, for each day of the month, is specified:

• The day of the month,
• The order and orientation of the 5 index rotors.
• The order and orientation of the 5 control rotors.
• The order and orientation of the 5 encryption rotors.
• The initial position of the rotors to encrypt the message key (the same for the encryption rotors and the control rotors).

Fig. 1: Key list, SIGQZF-1 (1941-1945)

For each message:

1. The operator positions the rotors to the initial position indicated by the key list. For example, on January 1, the control rotors and encryption rotors are keyed to JUDPX.
2. Then, the operator chooses a group of 5 letters (except Z) which form a random sequence (therefore different from a word with a meaning), for example, XARPG. This sequence is called the internal indicator.
3. He encrypts this internal indicator. The result is the external indicator, for example GKZGO.
4. The operator puts the machine in Plain mode and writes the message header which includes the external indicator.
5. The operator returns to encryption mode and positions the encryption and control rotors based on the internal indicator (so both sets of 5 rotors use the same key).
6. The operator encrypts the message.

Note: To increase the reliability of operations and avoid errors, several methods have been used:

• A second operator monitored the actions of the active operator.
• Decryption of an encrypted message (if possible by a second operator). If the message is urgent, decryption can take place after transmission.
• Connecting a second Sigaba via an Ad Hoc cable which allowed a message to be decrypted as it was encrypted.

B - Army Origin Indicator Method (SIGQZF-2) [June 1945 to November 1946]

Now a monthly key list, contains for each day of the month:

• The day of the month,
• The order and orientation of the 5 control rotors.
• The order and orientation of the 5 encryption rotors.
• A control group corresponding to the encryption of the letter A encrypted 30 times (only the last group is specified, ie, letters 26 to 30). The initial position of the rotors is now generated by the Zeroize operation (key: OOOOO:OOOOO) (see Zeroize operation in the next section).

  Note: The control is carried out using the position of the index rotors specified for the SECRET level.

• A configuration of the starting position of the rotors (encryption, control and index rotors) to encrypt the message key for each Security level : Secret, Confidential, Restricted:
  • The order and initial position of the 5 index rotors
  • The initial position of the 26-contacts rotors (the same for the encryption rotors and the control rotors).

Other than that, the procedure for generating the message key remains the same.

Fig. 2: Key list, SIGQZF-2, Table 1 (1945-1946)

Fig. 3: Key list, SIGQZF-2, Table 2 (1945-1946)

C - Army Origin Indicator Method (SIGQZF-3) [from November 1, 1946]

The Army now uses the same procedures as the Navy (see below).

Fig. 4: Key list, SIGQZF-3, Table 1 (from 1946)

Fig. 5: Key list, SIGQZF-3, Table 2 (from 1946)

The indicator method used by the Navy

key list

A monthly key list, contains for each day of the month (Figures N°4 & 5):

• The day of the month,
• The order and orientation of the 5 control rotors.
• The order and orientation of the 5 encryption rotors.
• A configuration of the index rotors for each Security level: Secret, Confidential, Restricted:
  • The order and initial position of the 5 index rotors
  • A control group corresponding to the encryption of the letter A encrypted 30 times (only the last group is specified, ie, letters 26 to 30). The initial position of the 26-contacts rotors is generated by the Zeroize operation.

The zeroize operation

The Zeroize operation is used not only to validate the key of the day but also before encrypting or decrypting a message. In short, the Zeroize operation positions the rotors at the following position:

• Initial position of crypto rotors: OOOOO
• Initial position of control rotors: OOOOO

Encryption of a message

1. Perform the Zeroize operation. This operation is carried out in Zeroize Mode with the main switch in the Reset (R) position.
2. Then the operator chooses an external indicator, for example MERDE. Then, after putting the machine in Operate mode, the operator, using the first five number keys (from 1 to 5) steps the control rotors to display the internal indicator (MERDE) at the level of the control rotors benchmark . We proceed from left to right: we first press key 1 until the first control rotor reaches position M. Then we press key 2 to bring the second rotor to position E, then we Press key 3 to bring the third rotor to position R, and so on. Note: The cipher rotors step too automatically.
3. We switch to Plain mode (P) to type the header of the message which contains the internal indicator (MERDE). We reset the counter to zero.
4. We switch to Encrypt mode (E) and encrypt the message.

The format of a message

1. As indicated previously, we position the machine at the message key.
2. We switch from Reset mode to Plain mode to print the header:
   • The date/time group
   • The external indicator (also called System indicator) which indicates the network and the classification level. In the monthly key list, there are several external indicators for each classification level (secret, confidential, restricted).
   • The internal indicator (also called Indicator Message). It is thanks to this indicator that we can deduce the initial position of the rotors from the message.
3. After putting the machine in Encrypt mode and resetting the counter to zero, the message is encrypted. The cryptogram is printed in groups of 5 letters.
4. Return to Plain mode and print the footer:
   • re-enter the internal indicator again.
   • Enter again the external indicator.

The evolution of practices related to index rotors

In the Sigaba prototype, a Plugboard was used to easily change the order of the relays which act on the stepping of the encryption rotors. Navy cryptologists ultimately opted for 5 10-contact rotors to play this role. These rotors only moved manually and in fact they do not advance during the encryption of a message.

At first, the order of these rotors and their initial position was part of the key of the day.

Notes:

• It seems (but I have no proof) that the index rotors have never been indicated in the inverted position in the key lists.
• The 26 contact rotors are classified at Secret level. The rotors index are only classified confidential.

After the Second World War, their order became fixed and followed the order of the rotor numbers, for example 10,20,30,40,50. Their configuration was therefore limited to changing their initial position each day but which was different depending on the level of classification of the messages: Secret, Confidential, Restricted.

Other indicator methods

No documents specify whether other indicator systems were used for Sigaba. But of course, we can imagine that this was the case.

A – The method used for CCM

In 1942, a network linking Washington to London was established to allow allied leaders (Roosevelt and Churchill) to communicate. The american Sigaba and the English Type-X were modified to allow compatible encryption.

A dictionary permits to specify the message key used: a three-letter key corresponded to a five-letter key. As a preamble to the message, the key was indicated and the remote operator could deduce the key, i.e. the initial position of the rotors.

We can imagine that this method could have been used by encryption networks equipped with Sigaba (there is no proof). The advantage is that we can imagine any keys. On the other hand, it is difficult to prohibit the reuse of a key.

B – The method used by the Germans for the Enigma

We can imagine that we position the Sigaba rotors at an initial position, transmitted in the header of the message followed by the encryption of the true initial position used to encrypt the message. The disadvantage is having a very long header and also not being safe if the operator chooses a guessable key (CILLIES).

Crypto networks and the basic key

It has been noted that an encryption network is made up of a set of transmission centers which share at least one encryption means and therefore, in the case of Sigaba, the same set of rotors, monthly key tables which stipulate the keys of each day and the same procedures, in particular the indicator system which permits the transmission of the message key.

During World War II, Sigaba (model CSP-889) was used by three encryption networks:

• The Marine.
• The Army.
• An Army-Navy network which allowed the exchange of messages between the two armed forces.

This compartmentalization increases security: the compromise of one network does not impact the security of another network.

Each of the networks was associated with a set of 15 rotors. Additionally, in anticipation of a compromise, one center also had a set of backup rotors. For example, an Army communications center that was authorized to communicate with a Navy center had three sets of rotors: the current set of rotors for the Army, a set of backup rotors (if the rotors of the Army were compromised) and a set of rotors to communicate with the Navy.

To further increase safety, the rotors were regularly changed and the old rotors were destroyed. Thus, during the Second World War, the different sets of rotors (one for each US armed force) were changed every year (or almost): year 1941-1942, 1943, 1944, 1945. As a reminder, the rotors of the Enigma put into service in 1930 were still in use in 1945.

When a set of rotors was replaced with a new set, the wiring of the old rotors was destroyed (cut or unsoldered) without damaging the rotors which were then returned to the cipher office.

Drafting

Before encryption, a message coming from an authority (an army general for example), undergoes several transformations. Generally these transformations are called “Drafting”.

1. The message is broken down into several parts, each limited to 350 groups of 5 characters (1750 characters). Each of these parts is encrypted by a different message key.

   Notes:

   • Limiting the size of a message is not linked to security but simply to make message exchanges between transmission centers fluid (interspersing short urgent messages, retransmission of a non-decipherable message, etc.).
   • The army limited the size of a message to 100 groups of 5 characters at the start of the Second World War (SIGQZF-1).

2. The message is cut in two parts (bisection) and each of the two generated parts are swapped. The objective is to hide stereotypical beginnings (several attack methods are based on their exploitation by the enemy). If the message is very short (less than 50 words), instead of using bisection, the operator adds text that does not make sense at the beginning and end of the message.

   The procedures used for the M-209 specified that the location of the bisection was indicated by the same letter repeated five times. It was perhaps the same for Sigaba.

3. Punctuation characters are replaced by the letter X. If understanding the message requires it, punctuation characters or generally characters that are not letters are spelled out:
   • Numbers: ONE, TWO, THREE, …
   • Parentheses: PAREN
   • New paragraph: PARA
   • The question mark (?): QUES

Security procedures related to a real, suspected or possible compromise

Preventive security measures

Note: The measures described below are jointly agreed to by the Army and Navy.

1. If the Sigaba is used abroad, it must be used in a place where there will be sufficient American soldiers to physically protect it.
2. If Sigaba is used by US allies, it remains managed by American operators. American communications centers form a sort of tunnel (to use a modern concept) to convey messages from American allies. Of course, the Americans will necessarily be aware of the exchanges :-)
3. The plans of the Sigaba, the wiring of the rotors, the key lists and the procedures are labeled SECRET and can only be accessible to Americans with this degree of authorization and the need to know this information.
4. A Sigaba must be kept in a safe place (an encryption room) or guarded by armed men 24 hours a day. In fact this security measure came into force in June 1945. It is undoubtedly one of the consequences of the Colmar compromise: In February 1945, a Sigaba in its transport trunk was lost (it would be found later), (see History of Converter M-134-C in the Web links section).
5. One of the consequences of the Colmar compromise is to provide a set of emergency rotors to be distributed and used in the event of a compromise.
6. At the start of its commissioning, even if no document specified the details (as after the compromise of Colmar), the security implemented around the Sigaba was still very important. Thus, some units carry Sigaba with explosives to destroy them in the event of an attack.
7. From March 1943, it was decided never to transport Sigaba by plane over enemy territory.
8. From February 1945, a Sigaba is kept in a special safe (CH-76) made of two compartments: the upper one containing the machine, the lower one, the associated documents (manual, key lists, etc.).
9. During transport, a Sigaba is accompanied by an officer.

Security measures in response to a compromise or to the invasion of a transmission center

1. If a device (such as the Sigaba) or document (such as a key list or manual) classified Secret or Confidential is lost or compromised, a report must be sent as quickly as possible to the CNO (Chief of Naval Operation) in specifying the name of the unit commander or the name of the unit or ship as a reference. Then, the unit commander investigates and informs the CNO of the measures taken.
2. Any situation that could have resulted in a compromise, such as a machine or documents being left unattended, must be reported to the CNO.
3. Destruction of devices and documents: In the event of a capture of a transmission center or the boarding of a ship, the encryption means and documents must be destroyed. By order of priority :
   1. The rotors
   2. The key lists
   3. The machine
   This destruction is simple on the high seas: just throw them into the water. Otherwise, a torch and pliers are used to cut or destroy the rotor wiring. key lists must be burned. Regarding the machine itself, every cable must be cut, particularly those connecting the Zeroize equipment. If possible, complete the destruction with a sledgehammer or an ax and burn the machine. If we have explosives or incendiary bombs, we can use them except for the rotors. A destruction kit should be available for each machine and must be maintained in operational condition.

Web Links

• NSA - Friedman documents - History of Converter M-134-C, Volume 3, Declassified in 2013. This document describes, among other things, the Sigaba procedures of US Army (Key list, indicator methods, ...). This document describes in details the Colmar incident too. (link).

  Note: the key lists given as examples on this page came from this document.

• San Francisco Maritime National Park Association - ECM Mark II -
  • Navy operating manual from 1944 (link).
  • Army operating manual from 1949 (link).