Forgot your password?
typodupeerror
Encryption Security Hardware IT

The Secrets of the Chaocipher Finally Revealed 121

Posted by timothy
from the my-day-is-made dept.
nickpelling2 writes "In 1918, John F. Byrne invented a truly amazing cipher system, called 'The Chaocipher,' that fit inside a small cigar box, could be operated by a ten-year-old, yet produced practically unbreakable ciphertext (arguably even stronger than the Nazi Enigma machine). But now, thanks to the efforts of Chaocipher fan Moshe Rubin and the generous gift of Byrne's cryptographic effects by his daughter-in-law Pat Byrne to the National Cryptologic Museum, the secrets of the Chaocipher are finally starting to be revealed — it's a great story. To accompany Moshe Rubin's excellent textual description of the Chaocipher, I've posted a 30-second animation of the Chaocipher in action to YouTube, just in case anyone wants to see the most devious cipher of the 20th century in action (sort of)."
This discussion has been archived. No new comments can be posted.

The Secrets of the Chaocipher Finally Revealed

Comments Filter:
  • Wow (Score:2, Interesting)

    by Anonymous Coward on Saturday July 03, 2010 @06:11PM (#32788462)

    Don't know how the previous cretins managed to extract SCO and APPLE FUD from the article, but after reading the summary, reading the linked articles, and watching the video... looks to me its an easily breakable substitution cipher. Anybody care to fill me in on what I missed?

  • Re:Wow (Score:5, Interesting)

    by thms (1339227) on Saturday July 03, 2010 @06:33PM (#32788614)

    Yes, the Enigma algorithm, or actually wiring, was known and Polish and later English Cryptologists worked long and hard to crack it since a lot was at stake. This one as of now relied a lot on security through obscurity. I doubt it would have lasted long in a world war scenario.

    Just as the Enigma it might be impossible to de-cypher it manually, but with a machine and Turing-level minds to help you I would think it is solved quickly. But since secure encryption is perceived as a solved problem (still, where is the AES equivalent of a secure hash?) maybe bright minds turn their attention elsewhere nowadays.

  • by Lord Crc (151920) on Saturday July 03, 2010 @09:19PM (#32789390)

    So if you have known plaintext anywhere in the message, you can look for it with the usual techniques for monoalphabetic substitution, while considering
    all of the small number of possible changes to the two alphabets on each cycle.

    From what I can gather the "key" in this system is the ordering of the two alphabets, which is not fixed. Doesn't your method assume that you already have the key? If not, how does your method deal with all the possible alphabet permutations?

    I'm no crypto guy tho so I might be missing the obvious :)

  • by IICV (652597) on Saturday July 03, 2010 @10:46PM (#32789666)

    Well, just think about it: in a substitution cipher, the "key" is a permutation of the alphabet (i.e, a -> q, b -> w, etc). If you used this device without the "twizzling" step, it would be exactly like a plain old sub cipher. I just don't see how that twizzle step injects enough entropy into the system for this to be significantly more secure than even a Vignere cipher with a sufficiently long keyword, and that you can do with pen, paper and a good memory.

    Basically, if nobody ever broke the known-plaintext ciphertexts, it's more likely to be because nobody cared enough to reverse-engineer this guy's algorithm than because of any actual cryptographic considerations.

    Chalk up another win for security through obscurity!

  • by IICV (652597) on Sunday July 04, 2010 @02:28AM (#32790414)

    Well but that's the thing - this cipher can be described as a specific case of "substitution cipher, except you permute the key after every character in deterministic manner 'x'". Note that a Vignere cipher can be described in much the same way, except it's a shift cipher instead of a substitution cipher (the difference is that the key to a substitution cipher is a permutation on the alphabet, whereas a shift cipher's key is just a shift of the alphabet).

    The question boils down to: "is substitution cipher with some sort of non-random key permutation worthwhile?" The answer is probably no (and if you allow random key permutations, then it's basically a one-time pad). Indeed, I wouldn't be surprised if this thing is only a little bit more secure than a sort of Vignere cipher hybrid that uses a list of substitution ciphers instead of a list of shift ciphers.

    So yeah, while this might have been useful in the roaring twenties, it's peanuts compared to modern cryptography.

  • by Ciggy (692030) on Sunday July 04, 2010 @10:21AM (#32791760)
    It's not a two wheeled enigma for at least three reasons:

    1) A plain text letter can be encrypted as itself (something an enigma machine cannot do due to physical design).
    2) In an enigma machine each wheel is wired in a fixed "permutation"; in the Chaocipher "machine" each wheel is "rewired" depending upon the letter just encrypted.
    3) In an enigma machine it is necessary to rotate the wheels semi-independently (ie like the wheels in a tape counter, each one causing the next one to rotate one letter each time it makes a complete revolution) whereas in the Chaocipher "machine" the wheels do not actually need to rotate - by rotating the wheels it makes the "rewiring" easier to explain.

    The "rewiring" could possibly be seen as the effect of rotating the enigma wheels, but without a closer look at the algorithm than that I have done I cannot definitely say but my gut feeling is that it is not - I am sure a properly devised plain text with 676 (26^2) characters would show that they are not equivalent as after encrypting the 676th character the 2 wheel enigma machine will now be back in the position in which it started and the Chaocipher "machine" will not.

Never put off till run-time what you can do at compile-time. -- D. Gries

Working...