Is the Enigma cypher still used by government organizations or companies?

[szputnyik]

While vintage Enigma machines are rare museum pieces, replicas made from solid-state electronics and software-based emulators are widespread.

Are there still state-owned organizations in any country, or even private companies who use Enigma replicas to send information that is not as sensitive to warrant the use of modern cyphers, but more sensitive to be hidden from the layman?

[78stonewobble]

While vintage Enigma machines are rare museum pieces, replicas made from solid-state electronics and software-based emulators are widespread.

Are there still state-owned organizations in any country, or even private companies who use Enigma replicas to send information that is not as sensitive to warrant the use of modern cyphers, but more sensitive to be hidden from the layman?

Hmm... I don't have the greatest insight into cryptology, but couldn't an encryption scheme like this be easily broken by a layman, with a any suitable programme?

[Tex_NL]

If the enigma code is easy to break by any layman then surely it would have been broken in WWII by the hordes of well trained, skilled professionals.

Modern computers could probably crack it by brute force but without knowledge of the inner workings it is still a very difficult and well designed code.

[szputnyik]

The Enigma cypher is not computer-based, it's more like a very complicated pen-and-paper style cypher that would be very slow and require long calculations if actually done on pen and paper, so it is automated by the machine. In mathematical terms, it's more like a slide rule, than a calculator.

Which means, that there is no software into which you can plug a coded enigma message, and out it comes decoded.

In order to decode the message on your side, you would need to set your machine's rotors to the correct positions, wire up your plugboard with the correct connections, and set how many steps the rotor jumps after pressing a key. One mistake, and out comes gibberish.

That means that if the machine set-up instructions are changed often and sent with good enough discretion, it would be very hard for non-crytographers to decode the message.

[78stonewobble]

If the enigma code is easy to break by any layman then surely it would have been broken in WWII by the hordes of well trained, skilled professionals.

Modern computers could probably crack it by brute force but without knowledge of the inner workings it is still a very difficult and well designed code.

My point was more that, considering the computational power of modern computers, a layman would only need a suitable programme (which access to the internet affords) and x amount of time to break it.

Back in the day it was quite a bit more difficult and gaining insights into the machine through intelligence and capturing examples we're high priorities.

[78stonewobble]

That means that if the machine set-up instructions are changed often and sent with good enough discretion, it would be very hard for non-crytographers to decode the message.

Definately a place where the germans didn't do too well during the war.

Dönitz was deeply involved in the daily operations of his boats (uboats), often contacting them up to seventy times a day with questions such as their position, fuel supply and other "minutiae". This incessant questioning hastened the compromise of his ciphers by giving the Allies more messages to work with.

This might also work a bit counter to using an enigma today. The amount of only lightly private/secret information being exchanged is by orders of magnitude higher.

[Jouni]

The Enigma is a badly designed cipher from an era, when people really had no idea of how cryptography should be done. Modern encryption algorithms are good enough that it's basically pointless to try to break them, no matter how much resources you have. The weak point of security is always somewhere else: badly written software, compromised hardware, people in general, or something similar.

[szputnyik]

I remember about 10 years ago, I downloaded a zip file and when I tried to open it, I discovered it required a password. After some googling I came across a program to break passwords of archived files. I set it to try breaking it with the brute force method, trying every ASCII character with a password lenght between 1 and 15 characters. I hit start, and it displayed "600 years left". I though, "oh well, might as well keep running this, my great-great-great-great-grandchildren will be able to access the file." XDDD

[xcorps]

Back in the day it was quite a bit more difficult and gaining insights into the machine through intelligence and capturing examples we're high priorities.

It was first broken in 1932 by the Poles using math. In 1940 the Poles broke the first wartime cypher. The Brits were breaking 30,000 messages a month in 1941.

Enigma was a grand failure by the Germans. The protection of the data infiltration by the Allies was so complete that even today people think that Enigma was some sort of godlike code.

The Enigma is a badly designed cipher from an era, when people really had no idea of how cryptography should be done. Modern encryption algorithms are good enough that it's basically pointless to try to break them, no matter how much resources you have. The weak point of security is always somewhere else: badly written software, compromised hardware, people in general, or something similar.

That is exactly why the Enigma program failed. The Germans thought the Allies couldn't/wouldn't have the resources to break it. Had the Germans exercised due diligence and discipline in executing Enigma traffic, it would never have failed as badly as it did. The only truly secure ciphers are one time pads.

Edited July 20, 2014 by xcorps

[K^2]

I remember about 10 years ago, I downloaded a zip file and when I tried to open it, I discovered it required a password. After some googling I came across a program to break passwords of archived files. I set it to try breaking it with the brute force method, trying every ASCII character with a password lenght between 1 and 15 characters. I hit start, and it displayed "600 years left". I though, "oh well, might as well keep running this, my great-great-great-great-grandchildren will be able to access the file." XDDD

ZIP encryption is very vulnerable to plain text attack. I you happen to know enough about the contents to have the beginning of the archive figured out, or better yet, have the first file in the archive decoded somewhere, it's very easy to crack. Albeit, it doesn't give you the actual password, but rather the key codes derived from it. But if you have the codes, you can open an archive.

And yeah, Enigma is trivially cracked with a modern computer.

[jwenting]

Enigma was good enough for its intended purpose: (near) real time communications between headquarters and forward deployed units.

Where it failed was when it was used for communicating orders that would take days to execute, THAT was long enough to decrypt its messages with the technology available to the British at the time (though the Germans didn't know the British had such technology, got to be fair here).

So no, it was no failure, it was just pushed past the limits where it was still secure, and that unknown to its operators.

[xcorps]

So no, it was no failure,

90,000 ULTRA decrypts a month.

The Battle of the Atlantic was won directly because of Enigma decrypts.

Complete revelation of Barbarossa. Stalin just refused to act on it.

Half the Axis supply ships sunk in the Mediterranean are directly due to Engima decrypts.

Complete disposition of OOB and deployment of Axis forces in Sicily.

Battle of North Cape.

Confirmation of the success of Operation Bodyguard, critical to Operation Overlords success.

Uncountable and unquantifiable successful avoidance of Uboats by Allied transports in the North Atlantic.

Engima was NOT good enough for it's intended purposes, because it was used incorrectly. The dependence of Germany on Enigma was a disaster for the German effort. Engima was a total failure.

[Seret]

Enigma is about as useful for keeping secrets today as a Spitfire is in air-to-air combat.

Even during WW2 Enigma messages were being decrypted fast enough to be useful tactically on the battlefield. Allied army units would sometimes have advance warning of impending German attacks and be able to prepare their defences.

The kind of processing power that governments had the 40's is now ubiquitous. There are even online enigma simulators. So no, nobody would use enigma these days.

[cantab]

While vintage Enigma machines are rare museum pieces, replicas made from solid-state electronics and software-based emulators are widespread.

Are there still state-owned organizations in any country, or even private companies who use Enigma replicas to send information that is not as sensitive to warrant the use of modern cyphers, but more sensitive to be hidden from the layman?

Probably not. Modern computer systems are powerful enough to break Enigma even without the use of the "clues" as they had in the Second World War. I believe the key length for the German military enigma equates to 67 bits or so, which is way too short for a symmetric cipher nowadays. It has other weaknesses too.

Meanwhile there are so many much stronger modern algorithms around to choose from.

On a final note, one of the reasons the Enigma cryptanalysis was kept secret for so long was so the British could market Enigma to foreigners, knowing they could break the messages thus sent. Something perhaps we should bear in mind today when using algorithms the NSA has been involved in developing.

Edited July 20, 2014 by cantab

[guto8797]

You should read Digital Fortress, by Dan Brown. W/o spoiling one of the plot things is that the NSA has a super-computer that uses brute force to hack any code. But the thing is that pc is fictional. Modern Codes are so extensive that the only way to break em is brute force and with things like 64 bit codes etc passwords can be near ad infinitum.

The enigma machine was actually a decent machine. The allies managed to crack it tough and were smart about it. They kept quiet, and used spied to make the germans believe they were struggling with it. There was a general at nuremberga that was stunned when he heard that enigma has long been cracked.

[Superfluous J]

This whole thread reminds me of MC Frontalot's Secrets from the Future

Get your most closely kept personal thought:

put it in the Word .doc with a password lock.

Stock it deep in the .rar with extraction precluded

by the ludicrous length and the strength of a reputedly

dictionary-attack-proof string of characters

(this, imperative to thwart all the disparagers

of privacy: the NSA and Homeland S).

You better PGP the .rar because so far they ain’t impressed.

You better take the .pgp and print the hex of it out,

scan that into a TIFF. Then, if you seek redoubt

for your data, scramble up the order of the pixels

with a one-time pad that describes the fun time had by the thick-soled-

boot-wearing stomper who danced to produce random

claptrap, all the intervals in between which, set in tandem

with the stomps themselves, begat a seed of math unguessable.

Ain’t no complaint about this cipher that’s redressable!

Best of all, your secret: nothing extant could extract it.

By 2025 a children’s Speak & Spell could crack it.

(Here's the song on Youtube)

Essentially, no code from 60 years ago will stand up to today's computers.

[cantab]

Modern Codes are so extensive that the only way to break em is brute force

That's what the spooks would like you believe. There's every chance "they" know ways to significantly weaken the code that aren't public. Then there's the approach of attacking aspects of the implementation rather than the "core" algorithm. For example the NSA during the noughties promoted a random number generator for use in encryption software that potentially (and IMHO almost certainly) had a backdoor that allows the NSA to predict its output and thereby break encryption that uses it. More recently you may have heard of the Heartbleed vulnerability; while there's no reason to think that was a deliberate backdoor it's quite likely it was being exploited by some group or other before it was made public,

[Arran]

Correct me if i'm wrong i was allways under assumption that the allies captured an engima device from a german uboat and managed to keep this from the germans, and with this device they cracked the code, and could intercept and decipher all the communications.

[Kerbart]

Correct me if i'm wrong i was allways under assumption that the allies captured an engima device from a german uboat and managed to keep this from the germans, and with this device they cracked the code, and could intercept and decipher all the communications.

No, the Brits were basically able to crack all Enigma communications (with the help of the knowledge of the Polish secret service) without capturing any devices. The name "Enigma" was well chosen though; cracking the code meant figuring out many aspects: the encoding of each of the code wheels, which ones were used, and what their initial settings were. Knowing the configuration of the code wheel sped up things and capturing devices sped things up but without them results were made as well.

An implementation that made Enigma very practical in daily use was the reverser stator, but this also proved to be the key weakness. The way Enigma was constructed meant that the same machine and the same "code" (initial settings) could be used to code and decode. That is practical on the battlefield; you don't need to lug around separate machines for sending or receiving, or set them up differently for sending or receiving. It also meant though that a letter could never be encoded to itself (e.g. an "a" could never be encoded as an "a") and that turned out to be key in deciphering the messages.

In the end, Enigma was not as secure as the Germans thought although this posed a problem to the Allies: acting upon all information intercepted Enigma traffic revealed would signal to the Nazis that their communciation was compromised. The fact that the German forces never realized Enigma was broken shows that this was handled successfully.

[CleverWalrus]

Hello,

Where i work (IT department of a pretty big worldwide insurance company) we use AES encryption for most of our stuff, recently the security office decided to move on from 256 bit keys since, eventually, they could be broken with enough "effort" in a few years from now and to start using 1024 bit keys that should last for a bit.

Enigma "today" is a joke, for 2 reasons:

1) the key is too simple for avoiding a mere brute force attack to succeed;

2) the algorythm behind it is not "matematically proven", i mean, if you know how it works it's very easy to break it.

[cpast]

No, the Brits were basically able to crack all Enigma communications (with the help of the knowledge of the Polish secret service) without capturing any devices. The name "Enigma" was well chosen though; cracking the code meant figuring out many aspects: the encoding of each of the code wheels, which ones were used, and what their initial settings were. Knowing the configuration of the code wheel sped up things and capturing devices sped things up but without them results were made as well.

Furthermore, if having an Enigma machine did make it easy to crack, the system is inherently utterly awful for cryptography. Rule number one of cryptography design - assume the enemy knows the system. Keeping the system secret isn't inherently awful for military purposes (for starters, if you have strong cryptography, it prevents your enemy from having that strong cryptography), but the entire security of a system should be provided by an easy-to-change key; the security of cryptography is worked out assuming that everything but the key is compromised. Indeed, modern strong codes generally publish the algorithm to the world, allowing anyone who wants to to try to find vulnerabilities. If someone finds a vulnerability and is public-minded, or wants to claim a bounty posted by someone who is public-minded, or wants fame as the one who broke that cryptosystem, then the flaw is announced and people move away from the system. The systems that result obviously rely only on the key, and are among the strongest systems that have been devised.

Edited July 21, 2014 by cpast

[andrewas]

Capturing an enigma machine didn't get anybody anything, the rotor wirings were already known by then. The important thing on the captures U-boats was the codebooks which enabled decryption of naval enigma messages, which were far harder to crack than other branches of the german military because the naval procedures were better.

[GoSlash27]

Pretty much everybody these days is using P(Y) prime factoring encryption. Enigma really isn't all that difficult to break with modern computer technology.

Best,

-Slashy