HN Theater @HNTheaterMonth

⬐ rkagerer

I had a chance to play on one many years ago.

Many are in museums behind glass, but a private collector brought one to a bunker museum I volunteered at, I asked if I could try it out and he obliged.

In Maryland at the NSA's National Cryptologic Museum in Fort Meade visitors can try their hand at using one to encipher and decipher messages (per Wikipedia).

⬐ rpmuller

The National Cryptologic Museum is well worth visiting for the Enigma Machines alone. It's free to get in, right next to NSA headquarters, but you don't need a visitors pass or to go through a guard station. When I was there they had ~4 Enigma Machines available to look at.

⬐ gregsadetsky

Super interesting, thanks! This is also a good companion video -- https://www.youtube.com/watch?v=RzWB5jL5RX0 -- about the feasibility of cracking Enigma "in 2021" i.e. using computational power available to us today.

TLDW & AFAIK: it's crackable (just as it was back then, using a bag of approaches & heuristics), but you still couldn't plain brute force an encrypted message today if you didn't have any portion of the plain text, the Enigma was using 10 plugboard pairs, etc.

Also see https://crypto.stackexchange.com/a/33631

⬐ nullc

> but you still couldn't plain brute force an encrypted message today

The analysis you link to shows that it has about 76-bits of keystate based on the most generous analysis for the 3 of 5 rotor machines. This should be within the range of a motivated nation-state attacker using custom hardware to just outright brute force.

Even if you don't know the plaintext, you can do a quasi plaintext attack where you just try every long enough word in the dictionary at every non-prohibited location and apply the classic attack-- and I expect this would still be much faster than a brute force search while only having extremely limited assumptions about the plaintext.

⬐ legitster

While the Enigma Machine is truly fascinating, we largely only know about it because it failed.

Meanwhile, the Allies had multiple encryption technologies fielded during the war that were far superior:

https://en.wikipedia.org/wiki/SIGABA

https://en.wikipedia.org/wiki/SIGSALY

https://en.wikipedia.org/wiki/SIGTOT

But that's only part of the story - the allies were far more robust operationally. The Nazis were terrible at intelligence and counterintelligence (something to do with the subtlety required). And because they didn't take spying or intelligence seriously, they never "pentested" their own processes very well. They were fairly happy enough to create the Enigma machine and use it everywhere.

Meanwhile, the allies were much more careful about what sort of encryption was used in each circumstance, and much more cautious about how much information (even encrypted) they made available for their enemy to intercept.

If you really want to get into the details of how and why the Enigma was a failure, I strongly recommend Seizing the Enigma by David Kahn. It does an excellent job of combining the technical details of the Enigma codebreaking with the overall story of naval intelligence.

⬐ sounds

Thanks!

I think it's worth giving a mention of https://en.wikipedia.org/wiki/Code_talker as well. (The Allies were not sure if their encryption was secure, and attempted to find other means of securing their comms.)

⬐ Daniel_sk

Very good explanation and the actual mechanism is way simpler than I thought.

⬐ xtiansimon

Wait, if you press the key for ‘k’ and the three way switch moves from lightbulb contact to battery contact. As the video explains the letter is rewired from one letter to another letter, say ‘x’, and when the circuit returns to the three-way switchs it’s now directed to the letter ‘x’ which is not pressed and in the lightbulb contact position.

So what happens if ‘k’ randomly returns to itself and the switch is in the battery contact position and not the lightbulb position—no light?

⬐ geiser

The rotor is "per se" designed to never let this happen. The combination from the beginning to traverse all 3 switches is 1:1, so unless the reflector connects to itself, it will never actually collide. Or let's put it differently. Imagine just 1 switch, as it's the same reasoning. It will always change the letter, and will never return the same letter, given that the first switch always follows the key you are pressing.

⬐ xtiansimon

Not 100% random then, no?

⬐ mbauman

The reflector ensures that's not possible. There are 26 independent circuits that go from the key switch through the pegboard through the rotors and to the reflector.

Pressing a key makes one of those 26 circuits hot. Now attach the reflector: it necessarily connects that hot circuit to a different one.

⬐ None

None

⬐ vha3

In case seeing it in software helps anyone else, here is some C which implements an Enigma machine: https://vanhunteradams.com/Enigma/Enigma.html

⬐ DantesKite

I just finished watching the Imitation Game and while it obviously took artistic license with the story, I never realized just how high the stakes were during WWII. Turing and his team were incredible.

⬐ legitster

> took artistic license with the story

This is an understatement. It was well enough as a movie, but I think you will come away with a worse understanding of Turing and Bletchley Park than if you had never watched it. I cannot say enough about how it mischaracterized Turing's work, his personality, the nature of the codebreaking endeavors, or the contribution of others.

⬐ DantesKite

It was outlandish enough that the only history lesson I took away from it was that the Enigma machine existed and Turing and his team helped break it.

⬐ missedthecue

I always thought it was such an elegant design. Shame (or fortunate rather) that the Allies were able to break it so quickly.

⬐ tialaramex

The German assumption, throughout the war, was that Enigma could be cracked but it was probably too hard so the Allies would not try. You can see that not all of the German Military was as easily sold on this belief, because some forces stayed with a relatively basic machine while at the end the U-Boats were using a four rotor machine and much stricter rules to reduce attack surface. Ironically they were undone by their need to transmit and receive very succinct messages in order to spend less time on the surface where they were vulnerable.

Germany was in particular unaware that Poland - understandably nervous of an increasingly combative Germany years before the war started - had cracked Enigma when it was a commercial system in the 1930s. This knowledge was transmitted to the British in 1939, and the cryptanalytic team who did it began leaving Warsaw before (inevitably) Germany invaded in September.

There's a small memorial to the Polish code breakers at Bletchley Park, it's not exactly on the main tour, so if you care ask someone when you're there to tell you where. People who were there suggest it made maybe 12 months difference, specifically to Enigma (Bletchley Park did other less famous cryptographic work) which is a pretty significant difference.

Enigma is interesting because it's so famous and yet it's completely the wrong design, and this is exactly the era when people stop doing that. The Colossus computer, also at Bletchley park, is to break the Lorenz cipher not Enigma, because Lorenz is a much more "normal" design to us today. It's a Vernam stream cipher, it encrypts bit streams and it merely so happens that those bit streams are Morse code. You could perhaps say Lorenz is a (distant) ancestor of, say, ChaCha20.

In contrast Enigma looks like cryptography from previous centuries, it encrypts symbols, one symbol in -> one encrypted symbol out. No letter on your Engima machine's keyboard representing the symbol you wanted? Say it in words or don't encrypt it. This is in some ways more practical (Enigma was actually used with radio traffic, but in principle you could send letters, or encrypt your diary, or whatever) but in cryptographic terms it's a complete nightmare.

⬐ nullc

> Enigma is interesting because it's so famous and yet it's completely the wrong design,

The allies sigaba was basically the same design-- but it lacked the reflector so letters could encrypt to themselves. The down side of this is that it needed a complex mechanism to reverse the signal flow when switching between encrypting and decrypting.

(there were many other improvements in sigaba, but the big one that made it hard to crack was eliminating that one weakness)

> You could perhaps say Lorenz is a (distant) ancestor of, say, ChaCha20.

The first cracked Lorenz message happened because a signal re-transmission was needed so they sent the same message again using the same keystream-- except it wasn't the same message: the operator abbreviated a word, shifting the following characters. So they effectively reused the same keystream with different messages.

Systems using stream ciphers (e.g. CTR mode) are still falling to this today.

Seems we haven't learned that much after all!

⬐ legitster

Even after it was "broken", it took a lot of work to decrypt - sometimes allies were months the German messages.

⬐ thatswrong0

(Gross oversimplification but..) One seemingly innocuous bug deep in the encryption "library", that no letter could map to itself, plus a bit of social "engineering" in taking advantage of the fact that messages often included the same text (e.g. "heil hitler") often in the same position, with a smattering of German complacency and arrogance assuming that their machine was uncrackable.

Pretty funny that the lessons learned here are still relevant to this day.

⬐ abraae

My bank disallows "simple" pin codes like 1234, 1111, etc.

This even further reduces the difficulty of guessing pin codes.

⬐ netsharc

Meta-commentary: Damn, that channel has lots of videos of the same genre and millions of views, I guess "Create 3D graphical reconstructions of objects and explain how they work" is a viable occupation...

⬐ kristofferR

Branch Education is another channel that does this brilliantly: https://www.youtube.com/c/BranchEducation/videos

⬐ atonse

Watch his Apollo mission videos.

I love Jared Owen. He’s so damn good at explaining how stuff works.

It reminds me of my grandpa always taking time to explain how things worked by taking it apart and showing me what the insides looked like. Things like his transistor radio, table fan, etc.

⬐ implements

It’s worth implementing a basic Enigma in whatever language you’re happy with - it’s a tiny bit of code and you end up with a great sense of satisfaction in completely understanding how they work, wrinkles (1) and all.

(1) Lamps light on the key downstroke, rotors move on the upstroke. Rotors advance their neighbours from different positions, sometimes from two positions, etc.