Breaking into the Enigma and Lorenz networks during WW2 was one of the first examples of a large scale wireless communications network breach. This online exhibition will explore some of the major similarities between a breach in WW2 and modern day cyber security.
In 1939, hundreds of people from many different backgrounds were ordered to report to a Victorian mansion in Buckinghamshire. What they achieved at Bletchley Park, against all the odds, is thought to have shortened the war by at least 2 years.
Their collective task was to break into the different cipher networks used by the Axis for communications, the most well-known of these being Enigma and Lorenz.
As technology has changed, developed and expanded, it is more important than ever that private and personal information is kept secure. The stakes are perhaps higher than ever before, but the premise remains the same: confidential documents, communications and monetary transfers must be protected by encryption.
When WW2 codebreakers were working on complex problems, it was often a team effort and a variety of approaches that led to the cryptanalsts’ success. They specialised in a wide range of fields: linguists, mathematicians, scientists and chess grandmasters amongst many others. A problem would be passed around the hut until it reached someone who was able to solve it, or to contribute to solving it before passing it on again. Gordon Welchman, leading Hut 6, likened his team to “a pack of hounds trying to pick up the scent.” (Welchman in Singh, 1999, p165)
Improving Encryption - The Shark Blackout
Bletchley Park's early successes against the U-Boats in the Battle of the Atlantic and the ease with which the Allied shipping convoys were evading the Wolf Packs had led Admiral Karl Donitz, the admiral in charge of the German U-Boats, to suspect that something was very wrong.
Donitz took the opportunity to make the submarine cypher even more secure through a slight internal re-design of the Enigma machine. A new, thinner reflector with different wiring was introduced, adding a further factor of twenty-six to the number of possible solutions. The German cypher experts were convinced that Enigma would now be impossible for anyone to break. Hut 8 was effectively locked out of the Cypher for approximately 10 months.
"We knew it was coming. But it was a grim time. We were very much frustrated; the things that we'd hoped to use went bad on us". Shaun Wylie, Head of Hut 8 Crib Section (Smith, 2000, p109).
Exploitation of flaws by codebreakers, leading to a review and subsequent improvement of encryption methods, is a pattern that can still be seen in modern computing and security.
"There is no such thing as permanent security, or when you're playing offense and trying to intercept another nation's communications, there's no such thing as permanent success either." - General Michael Hayden (NSA and CIA).
The standard 3 rotor Enigma machine was capable of being set to approximately 159,000,000,000,000,000,000 different possible combinations.
Each one of the machine's billions of possible combinations generated completely different cyphertexts. Finding the settings for each network, which were reset at midnight every day, was the challenge faced by the Codebreakers.
To encipher a message, the operator first set up his machine according to the daily key which was provided to him in a code book. He had to select certain rotors and adjust the rings on them to the correct setting, then slot them in the right order into the machine. The plug board was set up by connecting ten pairs of letters as instructed on the setting sheet. Next, the operator would choose three letters at random for the indicator setting and set the machine to these letters. He had to choose another three letters at random for the message setting. After typing this in and making a note of the resulting illuminated letters, the machine was set to this enciphered message setting.
The operator then keyed in the plaintext of the message and each letter of the ciphertext would be written down as it illuminated.
From May 1940, the practice of repeating the encipherment of the message setting was abandoned, as it was recognised that this increased the vulnerability of the code – indeed, it was the repeated triplets of letters that initially enabled the Poles to break Enigma. In addition, it was an operational rule that messages should be no longer than 250 characters, in order to improve security.
German Enigma operators had strict protocol to follow. One of these rules was that message-keys were supposed to be randomly chosen, and used only once. However, keys were often chosen that were rather easier to guess: three consecutive letters on the keyboard such as QWE, for example, or using a word or the initials of a loved one. One set of initials used, C.I.L., may have been the origin of the term cillies, meaning message-keys that were not random but had an element of predictability. Frequently, settings were used more than once or were not changed from the ending of one message to the beginning of the next.
Routinely, the cryptanalysts tried out cillies when trying to work out the Enigma settings for a particular day, and this proved to be extremely useful.
The importance of unique message keys cannot be understated. The mistakes by the German operators meant that the Bombe machine had fewer potential setting combinations to test, speeding up the process of decryption.
“We could usually break things when we identified the human error and that was what it was all about. If the Germans had kept to the rule book and done it properly, as they were instructed to do, then of course we wouldn’t have been able to get it out.” (Mavis Lever, in Smith, 2000, p51)
Just as the human error of the machine operators exposed important information about the setup of the machine, so too is this true of the users of computers today. Many people, when selecting passwords, choose words, phrases or numbers that are easy for them to remember and often contain some element of personal information or keyboard pattern. Sometimes the same passwords are chosen for more than one account. These factors dramatically reduce the security of the password and mean that confidential information is more vulnerable to the attacks of hackers.
The machine itself had a built-in flaw whereby no letter could be enciphered as itself (i.e. P in plaintext would never be converted to P in ciphertext). This flaw was exploited regularly by Codebreakers, but when combined with a breach of user protocol it enabled a huge breakthrough.
“I picked up this message and – one was so used to looking at things and making instant decisions – I thought: ‘Something’s gone. What has this chap done. There is not a single L in this message.’ My chap had been told to send out a dummy message and he had just had a fag and pressed the last key of the middle row of his keyboard, the L. So that was the only letter that didn’t come out.” (Mavis Lever in Smith, 2000, p52)
Smith, M. (2000) Station X. London: Macmillan.
Mavis Lever and the team, including her future husband Keith Batey, were able to exploit this crib provided by the lazy Enigma operator and worked out the wiring of a new rotor that had been introduced in the Italian machine.
The principles of this situation are directly relevant to modern cyber security issues. Complacency and laziness, when it comes to following protocol for personal data, is a factor that can be exploited easily for the benefit of the attacker.
A further example of a simple lapse in protocol resulting in a security breach was made on the Lorenz machine.
The Lorenz machine was a teleprinter cipher machine used by Hitler, the German High Command and German Army Field Marshals to carry high level communications. Intelligence from Lorenz provided Allied Commanders with details of top secret German policy decisions and tactics. It was specifically designed to be faster, more complex and even more secure than Enigma.
In a string of teleprinter characters, each character consisted of five impulses (or 'bits'). These teleprinter characters could be punched into teleprinter tape then read and sent by a transmitter using radio waves at a steady, high rate, without typing errors.
Each letter of a message was obscured by the addition of a pseudo-random letter generated by a cipher attachment.
On 30th August 1941, a 4000 character message was sent from Athens to Vienna, from one part of German Army High Command to another. The operator transmitted an indicator which told the receiving operator the rotor start positions, and entered the message. The receiving operator sent back a message by radio asking for it to be sent again as he hadn’t received it.
They then both put their Lorenz machines back to the same start position, a shortcut which was forbidden. The operator at the sending end began to key in the message again. He began to make differences and shortcuts in the second message compared to the first. For example, the phrase ‘Spruchnummer’ or ‘message number’ was used at the beginning of the first message, and in the second it was shortened to ‘Spruchnr’. This meant that, following the N, the two texts were different, but the machines were generating the same obscuring sequence.
John Tiltman at Bletchley Park spotted that the second message was nearly identical to the first. Thus the combined errors of putting the machines back to the same start position and the text being re-keyed with just slight differences enabled Tiltman to completely recover both texts. Eventually, codebreakers at Bletchley Park were able to crack the Lorenz cipher – thought to be unbreakable.
Codebreakers and engineers such as Bill Tutte, Max Newman and Tommy Flowers were able to determine the internal structure of the machine – a remarkable feat considering they had never seen one. They created an electro-mechanical machine to determine the settings that were changed day to day, eventually refining this machine into the first programmable computer - Colossus.
In order to deal with the vast amounts of data accumulating each day, Bletchley Park made use of Hollerith Punch card machines. These machines, originally developed by American inventor Herman Hollerith to analyse information for the 1890 US census, allowed quick sorting of, and easy access to, important cribs and information.
Block C at Bletchley Park was purpose-built to house Hollerith machines. The Hollerith system was key to the success of its codebreaking work, specifically recording Enigma decryption information. The machines and systems, used on an unprecedented scale, were secretly and constantly adapted and improved.
The intelligence gathered enabled Codebreakers to cross reference a wide variety of features in order to spot patterns or clues in encrypted messages, such as call signs or commonly used words.
The challenge to store and catalogue data in a user-friendly way was one that workers at Bletchley Park faced head on. Coping with huge amounts of data both in volume and velocity is a challenge still faced by the computer industry to this day. In one six month period of WW2, 250,000 messages were intercepted and passed to Bletchley Park. However by comparison, in 2016 it is estimated that there are an estimated 215 billion emails being sent daily.
Big data is an assortment of data from both traditional and digital sources that, in the modern era, can include web behaviour, social network interactions, product transaction information, financial records and interaction channels.
Just as wartime intelligence officers made use of the information decoded at Bletchley Park, so too do modern companies gather and interpret data to inform their decision making in areas such as finance and marketing strategies.
Those at Bletchley Park during the Second World War worked tirelessly to break into the Axis communications networks to help the Allies understand what the enemy was doing.
In the modern context, it's not just military forces who put a considerable amount of data online. Through activities such as social networking, using integrated networks, online banking and shopping, the average person is building up a vast amount of data that is vulnerable to attack. Those working in the cyber security industry are not only working on keeping information protected for the nation, but are also endeavouring to ensure that each individual has a safe experience online.
To see and find out more, visit the Cyber Security exhibition and the rest of the museum at Bletchley Park. http://www.bletchleypark.org.uk/
Nicola Gale - Bletchley Park & Intel Security Online Safety Education Officer.
Catherine Holden - Bletchley Park & Intel Security Online Safety Education Officer.
Singh, S. (1999). The Code Book. London: Fourth Estate.
Smith, M. (2000). Station X. London: Macmillan.