[HN Gopher] P1030680: Unbroken Enigma message (U534, 01 May 1945) ___________________________________________________________________ P1030680: Unbroken Enigma message (U534, 01 May 1945) Author : petecooper Score : 179 points Date : 2023-06-26 18:10 UTC (4 hours ago) (HTM) web link (enigma.hoerenberg.com) (TXT) w3m dump (enigma.hoerenberg.com) | petecooper wrote: | https://archive.is/JE6MR | | https://web.archive.org/web/20230626181049/https://enigma.ho... | | (I wasn't expecting this to hit #1) | mewse-hn wrote: | Was this never broken because the enigma@home community lost | interest? It looks like their last forums posts were from 2019 | mechatrocity wrote: | Ive been apart of that project but it's been dead for years, | seems like it's unmaintained now :( | nwallin wrote: | Impossible to say. The German commo who was tasked with | decrypting this message couldn't/didn't decrypt it, and he had | the keys. | | For all we know, some bored German submariner sent garbage over | the radio as protest; this message was sent two days after | Hitler committed suicide, 7 days before VE day. (8 days if | you're of the Soviet persuasion) Morale and discipline has a | tendency to break down under those circumstances. | | Or it could be a transcription error. Modern cryptanalysis | tends to be more resilient to transcription errors; one | character wrong is gonna be ok, one character inserted/deleted | will tend to produce two messages, one with garbage after the | insertion/deletion and another with garbage before it. But | Enigma messages were...terse, so a half-successful decrypt that | gets half garbage and half plaintext might still be recognized | by the cryptanalysis algorithm as the wrong key. I expect there | would have to be at least two transcription errors to cause | both the original German commo to be unable to decrypt it and | modern attempts to fail. | hinkley wrote: | Garbled message, or garbled key? I wonder how often mis-keyed | messages were sent out. Not typos in the message, but setting | the initial state to the wrong value. Transposition, for | instance. | adastra22 wrote: | Or it's a garbled message. | fifilura wrote: | Or a message from an allied conscript who was just doodling | after he found this weird typewriter | jameshart wrote: | Amusing image though this is, Enigma machines were, in case | you weren't aware, not actually radio | transmitter/receivers. | | An enigma message would be typed in to the machine and the | output characters written down on a piece of paper, then | the message would be transmitted over Morse by hand, | transcribed to paper at the other end, then typed through | the correspondingly configured Enigma machine to obtain | plaintext. | hinkley wrote: | I have enough trouble typing things I mean to say without | trying to transcribe line noise. That sounds like a | terrible job. | gnu8 wrote: | In absolute terms, pre-digital cryptographic equipment | operator isn't the worst wartime job I can think of. | However, on a U-boat, all of the jobs were equally worse | (due to life expectancy). | jameshart wrote: | Actually makes me wonder - given the way encrypted messages | were transmitted in the era, wasn't it possible for an | adversary to flood the channel with bogus messages? Transmit | messages with valid addressing and header data but fake | content, forcing radio operators to transcribe and attempt to | decrypt garbage? | bonestamp2 wrote: | Also, what if the machine was broken? Or if there was an | error in transcription? There are so many possible reasons | why this message may never be decrypted. | bragr wrote: | I think this is the most likely answer. Everything in Germany | was collapsing at the time, so a garbled message being sent, | or incorrectly received seems likely. Consider the | circumstances: | | - 6 days after US and Soviet forces linked up bisecting | Germany | | - 1 day after Hitler's suicide | | - 5 days before the unconditional surrender of the Flensburg | Government | kristopolous wrote: | That's a pretty good set up for some wild fiction. You | could go to the fabled moon / arctic bases, time travel, | aliens ... it's a nice foundation. Problem is these days | people would start believing in whatever fiction you write. | The internet is broken like that. | danielvaughn wrote: | A company I used to work for was partly comprised of | hackers, and one of the books they always raved about was | called Cryptonomicon. I know that it involves the nazis | and encoded secrets, though I never read it (still on my | to-read list). I'd recommend checking it out if that kind | of thing sounds interesting to you. | andyjohnson0 wrote: | I read it back in the day. I can't remember much of the | plot, but i do remember that it seemed about twice as | long as it needed to be. Which I find ro be typical of | Stephenson's fiction. Plenty of people seem to like it | though. | buildbot wrote: | Less so than his later books in my opinion. It's a lot of | great plot throughout with good explanations of the math | concepts it refers to. | | I may be biased, After reading wheel of time, nothing | seems too long anymore! | sleepybrett wrote: | He does like regressions into historical causes and | effect chains... hell the whole system of the world | trilogy is almost nothing BUT that (and contains some | character/family crossovers with cryptonomicon) | wkat4242 wrote: | I liked it but I thought it was overly dramatic in a | "survival of the fittest" way and indeed way too long. | But I'm not a fan of the guy anyway. | | It is a decent book to read once though. | buildbot wrote: | Cryptonomicon is almost exactly this premise :) It's an | amazing book, one that any aspiring hacker should read! | RajT88 wrote: | Not just the internet. | | Animal Planet made a fake documentary about Mermaids (a | somewhat hokey one at that), with a disclaimer that it | was a work of fiction. | | Despite that, it's convinced a generation of fools that | mermaids are real. | | https://www.snopes.com/fact-check/mermaids-the-body- | found/ | | But back to the internet. Plenty of youtube clips from | this program where commenters are insistent that it's | evidence that Mermaids are real. And comments linking to | the footage of the disclaimer, and resulting dumb | arguments. Still! In 2023! | bemusedthrow75 wrote: | It is only _somewhat_ hokey. | | I love a bad/earnest low-budget movie. I think they are | often much more revealing about the nature of culture, | cinema and art than -- to pick a single counterpoint -- | really anything in the MCU except _Age of Ultron_ [0]. | | There were plenty of things in that to like. I watched it | only recently, I'm glad they made it, and I hope the | people who make it continue to reject the big bucks. | | [0] This is a hill I will die on. Almost everything in | the MCU is pointless dross except James Spader as Ultron. | canjobear wrote: | This is basically the setting of Gravity's Rainbow. | kristopolous wrote: | You could claim that about nearly anything and nobody | would/could really challenge you for Gravity's Rainbow! | | See also, Finnegan's Wake. For instance, here's a | nonsense claim that sounds plausible: Finnegan's Wake is | the best book about the Irish Civil War. You feel the | frenzy and delirium of the lucid somnambulism that comes | with insomnia on the battlefield. As foggy and vivid as | war, the words carefully balance the interregnum between | the forbidden, forgotten and forsaken laid bare as | poetry. Nothing is clear and there is no closure. It | shows how hard narratives are to cobble together using | shattered pieces. The deconstruction of the language is | married with the deconstruction of life as belligerents | fight over conflicting dreams. | netsharc wrote: | I can picture it: a German soldier feeling defeated just | set the keys to something random and typed his message, | sending a message without expecting anyone to hear... | | "In the old days, if someone had a secret they didn't want | to share, they went up a mountain, found a tree, carved a | hole in it, and whispered the secret into the hole. Then | they covered it with mud and leave the secret there | forever." - Wong Kar Wai/In The Mood for Love | bredren wrote: | Maybe solving this would be determining a set of likely | encrypted messages. | | They could be scored by decrypted content matching | structure of priors and context. Along with char difference | from the encrypted message on record. | somedude895 wrote: | [flagged] | lucideer wrote: | > _I still thought it interesting_ | | I don't know why you've been downvoted to oblivion but I DO | find this thoroughly uninteresting. I am however interested in | why anyone WOULD find it interesting. | lionkor wrote: | Did you expect ChatGPT to generate a meaningful response? | CrazyStat wrote: | I have a friend--a software engineer--who was convinced when | ChatGPT came out that it would be able to do things like invert | sha1 hashes, if only you found the right prompt. | | There's a lot of magical thinking around LLMs, but in the end | they're "just" fancy Markov chains. | RajT88 wrote: | I'm sure it's possible for some SHA1 hashes along the lines | of "password1234". | | A shockingly high number of SHA1 hashes with their cleartext | was available on Google Code back in the day. I assume you | can crawl github for the same now. | kens wrote: | The page doesn't make it very clear, but the analysis at the | bottom says that is a message that the German recipient tried to | decode in several different ways and then gave up. Apparently the | message indicates the key (indicator group?) twice, but was VA in | one place and VR in another, so the message was clearly received | corrupted. Neither indicator worked so the recipient tried other | things that also didn't work. | | Given that the message is corrupted and the recipient with the | key couldn't decode it, it's not surprising that the message | remains unbroken. Even brute force isn't going to work if you | start with garbage. | 29athrowaway wrote: | Probably an input error. They set the machine wrong. | 1970-01-01 wrote: | Google Bard tried to find a pattern and was quickly confused: | Sure, I can help you with that. The string "JCRSAJT | GSJEYEXYKKZZSHVUOCTRFRCRPFVYPLKPPLGRHVVBBTBRSXSWXGGTYTVKQNGSCHVGF | " contains the following patterns: Three | consecutive uppercase letters: JCR Three consecutive | lowercase letters: eye Three consecutive digits: 000 | One uppercase letter followed by two lowercase letters: RC, SR, | VY, VV, GR, TF, BB, SX, GG, NG One lowercase letter | followed by two uppercase letters: EY, ZZ, SH, VU, OC, PF, PL, | GR, HF, VF Three consecutive letters, one uppercase and | two lowercase: JCR, EYE, ZZSH, VUOC, PFVY, PLGR, GRHV, VBBT, | BRSX, GGTY, TVKQ, NGSC Three consecutive letters, one | lowercase and two uppercase: RCSH, SRVY, VVGR, TFBB, SXGG, NGSC | wizzwizz4 wrote: | Why did this seem worth trying, to you? | 1970-01-01 wrote: | It's a great way to verify the machine knows nothing. | stubybubs wrote: | [flagged] | FredPret wrote: | Time to dust off Cryptonomicon again! | edent wrote: | My favourite Enigma message - as told to me by a tour guide at | Bletchley Park - was thought to be a stream of indecipherable | gibberish. | | Until a WREN noticed that the message never contained the letter | Z. | | One weakness of that generation of Enigma was that it could not | self-encode a letter. That is, A was never encrypted to A. | | This had no letter Zs. A statistical improbability. Unless, so | she reckoned, the _entire_ message consisted of _only_ the letter | Z repeated. | | Apparently, their best guess was that a bored soldier sent a | stream of Zzzzzz to a friend. That was enough to crack that day's | key. | | Of course, every guide at Bletchley has a range of stories they | tell credulous geeks. But it is a delightful tale of how OpSec is | everything. | soperj wrote: | Pretty sure Germans use Chrrrr. | awesomelvin wrote: | [dead] | jonathankoren wrote: | Doesn't matter. You're interpreting it as some stupid | message, when it's literally a bored 19 year old pressing | which ever key is most convenient again and again and again | and again... simply to create bogus radio traffic. | | There were tons of bogus messages where the wheels were set | to whatever German teenager's favorite four letter swear word | was. | bragr wrote: | IIRC there was one German operator who used his | sweetheart's initials over and over as the combination | allowing for decryption. | andrepd wrote: | >One weakness of that generation of Enigma was that it could | not self-encode a letter. That is, A was never encrypted to A. | | That's not just "a weakness", that is afaik _the_ central | weakness that allowed the breaking of the enigma in the 30s by | Polish codebreakers. | jfengel wrote: | At this point, how long would it take to brute-force an Enigma | message on a modern home computer? Is it on the order of hours, | or millennia? | | I found this: | | https://crypto.stackexchange.com/questions/33628/how-many-po... | | which says the key space is something like 10^20 or 10^23. | | A modern supercomputer does something like 10^18 FLOPS. I assume | that an enigma decryption is considerably more than a single | floating point operation, but presumably just a few orders of | magnitude. | | So... if I'm reading that right, we're talking about months, | perhaps? | aquova wrote: | An episode of Computerphile attempted to answer the question - | https://www.youtube.com/watch?v=RzWB5jL5RX0. | | TL;DW: With some clever tricks, and the advantage of hindsight, | it can be done reasonably quickly on a modern computer. | DSMan195276 wrote: | I'm not sure I'd count that as brute-force because his method | can't decrypt every possible message. He's using a | statistical test to determine whether a given configuration | is better or worse and then uses that to narrow down the | search space, but he clarifies it's not generic - it can't | decrypt all possible messages (ones which trip up his tests) | and also requires a minimum message length for the | statistical tests to be effective. | | It's still extremely cool, don't get me wrong, but I don't | think it's really what OPs asking. Given what's mentioned in | the video (~12:50) and what some other commenters have | mentioned I get the impression an actual brute-force is not | really practical. | louwhopley wrote: | Also curious! | captaincrunch wrote: | It would still take many orders of magnitude longer than the | current age of the universe to brute-force decrypt an Enigma | message on todays fastest desktop. | [deleted] | DavidSJ wrote: | Hmm, the universe is over 10^17 seconds old and the key space | is apparently only a few orders of magnitude larger, so this | seems wrong. | WirelessGigabit wrote: | But how do you know that the outcome you have is the right one? | | It's text. It's not something formatted. | | If I encrypted a JSON string, gave it to you, you can brute- | force all day trying to parse the output as a JSON string. If | it works, you probably have it right. | | But here? Because of how the Engima machine works you still get | an output. And since we don't need to decode this output (like | JSON to an actual JavaScript Object) we don't have that many | ways of validating the output. | | It's German from 1945. Abbreviations, different (older) | spelling, spelling mistakes, ... all make it really hard to | distinguish real output from incorrect output. | tasty_freeze wrote: | Although all keys generate _some_ string of letters and | numbers, the right key will produce a message with reasonable | letter frequencies and of course with legible words. | | For English, about 13% of letters are "e", so if the | frequency is too far off that it is probably not the right | key; likewise, if 13% of the letters are "z" it is also not | likely to be the right key. By applying frequency checks to | the most and least common letters it should be a fairly | strong filter for plausible keys. | jcranmer wrote: | This is what the successful decrypt of another Enigma | message looks like: | | UUUVIRSIBENNULEINSYNACHRXUUUSTUETZPUNKTLUEBECKVVVCHEFVIERXU | UUFLOTTXXMITUUUVIERSIBENNULZWOUNDUUUVIERSIBENNULDREIZURFLEN | DERWERFTLUEBECKGEHENXFONDORTFOLGTWEITERESX | | There's enough code language being used in these messages | that frequency analysis is not going to a major help | (especially since it doesn't work well on very short texts | anyways). | Normal_gaussian wrote: | Was frequency analysis based on already decoded messages | used? | wkat4242 wrote: | Well the triple U (not sure why they use that) and the | spelling of the letters is simple enough to check for | that I guess. | | From what I can gather this says something like: | | To U4701 Sync message, Lubeck base, From commander 4th | U-boat fleet, go with U4702 U4703 to Flender Shipyard | Lubeck, more to follow | | It's less gibberish than it looks like at first. They | really shot themselves in the foot by not having numbers | on the enigma system, this would have really made | messages much shorter because they had to write them all | out. | | There's so much specific jargon in there that would make | it really easy to detect a correct message IMO. Just make | a simple list of very common words and tally up. | | Indeed frequency analysis wouldn't work though but it's | still pretty possible IMO. | OtherShrezzing wrote: | >Well the triple U (not sure why they use that) | | The machine works a bit weirdly, in that as you find some | correct settings, your results converge towards the | legible result. You can get 95% of the settings correct, | and produce quite legible results, at which point you | stop solving. So the correct result there might actually | be any other three char combo like "ABC" or "UAK", but | the analyst stopped investigating, because the rest of | the message was reasonably legible. | copperbrick25 wrote: | I looked at multiple messages on that website and the | pattern seems to be triple letters are for single letters | and abbreviations. My theory is because if you get a | letter wrong in a word and "possible" becomes "possifle" | then it is still intelligible, but if "u five one four" | means u-boat 514 and you get the U wrong, then it could | end up as A514 and mean something airplane 514, so to be | safe the letter u gets transmitted thrice. | cryptonector wrote: | Worse than that: there's no authentication tag! | tehbeard wrote: | As mentioned elsewhere, a signature of enigma ciphertext is | that a letter can never encode as itself. | | This gives you some crude form of error checking. | | The rest of it as you mentioned makes it difficult to | determine, data mining the possible results for common | abbreviations from other plaintext could narrow.It down. | sebzim4500 wrote: | That doesn't help at all because every key you try will | lead to a candidate plaintext with no letters in common | with the ciphertext. | jonathankoren wrote: | You validate the same way they did back in the 30s and 40s. | You use Cribs. | | https://en.wikipedia.org/wiki/Known-plaintext_attack | RichieAHB wrote: | I'm not sure being German or from 1945 has much to do with | this. I'd think if I had some candidate plaintext that looked | German and where a letter didn't map to itself it's likely to | be right. | | Sure, you could argue that it's not quite as unambiguous as | JSON but, in the realm of all possible plaintext, I'd say | JSON and 1945 German aren't too far apart in terms of | likelihood of getting a false positive on a string of non- | trivial size. | | If you want a bit more certainty you could just try it on | another string (which is the next step in the process either | way), and then another. At least to me the constraints of | "German and a char doesn't map to itself" seem like pretty | limiting factors here. | dylan604 wrote: | It would be awesome if there's a message that when decoded | incorrectly said "Drink your Ovaltine", but when decoded | correctly was a different message | RichieAHB wrote: | Remind me of "Deniable Encryption"[1], where a single | encrypted input decrypts to multiple plausible plain | texts (including the real one, obviously) so that, if, | for example, you were caught and asked to decrypt it, you | can decrypt to the non-incriminating version. | | [1] https://en.m.wikipedia.org/wiki/Deniable_encryption | DSMan195276 wrote: | I don't think it's as simple as you're assuming. The "char | doesn't map to itself" is a feature of the hardware design, | there's no such thing as a key that allows that to happen | so it doesn't reduce your search space. But additionally, | the messages were extremely terse (~250 character limit), | had no punctuation or spaces, and only had the 26 alphabet | characters. Depending on the message in question it already | doesn't look much like German, and the ones writing these | messages also purposely vary their spelling/names/wording | to make it harder to analyze. IMO the chance of finding | "potentially plausible messages" seems higher than you'd | want if you're starting with zero idea what the plaintext | is supposed to be. | wkat4242 wrote: | Why was there a character limit? I always thought the | only limit was the slow transmission speed of morse | messages. | DSMan195276 wrote: | From what I have read it was specifically to make it | harder to decrypt the messages :D Longer messages are | easier to analyze. | DrNosferatu wrote: | I'll choose the model "Enigma M3" and use the following settings: | | * Rotor 1: III | | * Rotor 2: II | | * Rotor 3: I | | * Reflector: B | | * Rotor 1 position: A | | * Rotor 2 position: A | | * Rotor 3 position: A | | * Rotor 1 ring: A | | * Rotor 2 ring: A | | * Rotor 3 ring: A | | * Plugboard: AJ KT | | I'll enter the ciphertext in the input field and see what | plaintext message it produces. The result is: | | WIRGREIFENMORGENFRUEHANXHALTENSIESTRENGSTEGEHEIMXHEILHITLERX | | This looks like a meaningful plaintext message in German. It | means: | | WE ATTACK TOMORROW MORNING X KEEP IT STRICTLY SECRET X HAIL | HITLER X ___________________________________________________________________ (page generated 2023-06-26 23:00 UTC)