[HN Gopher] P1030680: Unbroken Enigma message (U534, 01 May 1945)
___________________________________________________________________
P1030680: Unbroken Enigma message (U534, 01 May 1945)
Author : petecooper
Score : 179 points
Date : 2023-06-26 18:10 UTC (4 hours ago)
(HTM) web link (enigma.hoerenberg.com)
(TXT) w3m dump (enigma.hoerenberg.com)
| petecooper wrote:
| https://archive.is/JE6MR
|
| https://web.archive.org/web/20230626181049/https://enigma.ho...
|
| (I wasn't expecting this to hit #1)
| mewse-hn wrote:
| Was this never broken because the enigma@home community lost
| interest? It looks like their last forums posts were from 2019
| mechatrocity wrote:
| Ive been apart of that project but it's been dead for years,
| seems like it's unmaintained now :(
| nwallin wrote:
| Impossible to say. The German commo who was tasked with
| decrypting this message couldn't/didn't decrypt it, and he had
| the keys.
|
| For all we know, some bored German submariner sent garbage over
| the radio as protest; this message was sent two days after
| Hitler committed suicide, 7 days before VE day. (8 days if
| you're of the Soviet persuasion) Morale and discipline has a
| tendency to break down under those circumstances.
|
| Or it could be a transcription error. Modern cryptanalysis
| tends to be more resilient to transcription errors; one
| character wrong is gonna be ok, one character inserted/deleted
| will tend to produce two messages, one with garbage after the
| insertion/deletion and another with garbage before it. But
| Enigma messages were...terse, so a half-successful decrypt that
| gets half garbage and half plaintext might still be recognized
| by the cryptanalysis algorithm as the wrong key. I expect there
| would have to be at least two transcription errors to cause
| both the original German commo to be unable to decrypt it and
| modern attempts to fail.
| hinkley wrote:
| Garbled message, or garbled key? I wonder how often mis-keyed
| messages were sent out. Not typos in the message, but setting
| the initial state to the wrong value. Transposition, for
| instance.
| adastra22 wrote:
| Or it's a garbled message.
| fifilura wrote:
| Or a message from an allied conscript who was just doodling
| after he found this weird typewriter
| jameshart wrote:
| Amusing image though this is, Enigma machines were, in case
| you weren't aware, not actually radio
| transmitter/receivers.
|
| An enigma message would be typed in to the machine and the
| output characters written down on a piece of paper, then
| the message would be transmitted over Morse by hand,
| transcribed to paper at the other end, then typed through
| the correspondingly configured Enigma machine to obtain
| plaintext.
| hinkley wrote:
| I have enough trouble typing things I mean to say without
| trying to transcribe line noise. That sounds like a
| terrible job.
| gnu8 wrote:
| In absolute terms, pre-digital cryptographic equipment
| operator isn't the worst wartime job I can think of.
| However, on a U-boat, all of the jobs were equally worse
| (due to life expectancy).
| jameshart wrote:
| Actually makes me wonder - given the way encrypted messages
| were transmitted in the era, wasn't it possible for an
| adversary to flood the channel with bogus messages? Transmit
| messages with valid addressing and header data but fake
| content, forcing radio operators to transcribe and attempt to
| decrypt garbage?
| bonestamp2 wrote:
| Also, what if the machine was broken? Or if there was an
| error in transcription? There are so many possible reasons
| why this message may never be decrypted.
| bragr wrote:
| I think this is the most likely answer. Everything in Germany
| was collapsing at the time, so a garbled message being sent,
| or incorrectly received seems likely. Consider the
| circumstances:
|
| - 6 days after US and Soviet forces linked up bisecting
| Germany
|
| - 1 day after Hitler's suicide
|
| - 5 days before the unconditional surrender of the Flensburg
| Government
| kristopolous wrote:
| That's a pretty good set up for some wild fiction. You
| could go to the fabled moon / arctic bases, time travel,
| aliens ... it's a nice foundation. Problem is these days
| people would start believing in whatever fiction you write.
| The internet is broken like that.
| danielvaughn wrote:
| A company I used to work for was partly comprised of
| hackers, and one of the books they always raved about was
| called Cryptonomicon. I know that it involves the nazis
| and encoded secrets, though I never read it (still on my
| to-read list). I'd recommend checking it out if that kind
| of thing sounds interesting to you.
| andyjohnson0 wrote:
| I read it back in the day. I can't remember much of the
| plot, but i do remember that it seemed about twice as
| long as it needed to be. Which I find ro be typical of
| Stephenson's fiction. Plenty of people seem to like it
| though.
| buildbot wrote:
| Less so than his later books in my opinion. It's a lot of
| great plot throughout with good explanations of the math
| concepts it refers to.
|
| I may be biased, After reading wheel of time, nothing
| seems too long anymore!
| sleepybrett wrote:
| He does like regressions into historical causes and
| effect chains... hell the whole system of the world
| trilogy is almost nothing BUT that (and contains some
| character/family crossovers with cryptonomicon)
| wkat4242 wrote:
| I liked it but I thought it was overly dramatic in a
| "survival of the fittest" way and indeed way too long.
| But I'm not a fan of the guy anyway.
|
| It is a decent book to read once though.
| buildbot wrote:
| Cryptonomicon is almost exactly this premise :) It's an
| amazing book, one that any aspiring hacker should read!
| RajT88 wrote:
| Not just the internet.
|
| Animal Planet made a fake documentary about Mermaids (a
| somewhat hokey one at that), with a disclaimer that it
| was a work of fiction.
|
| Despite that, it's convinced a generation of fools that
| mermaids are real.
|
| https://www.snopes.com/fact-check/mermaids-the-body-
| found/
|
| But back to the internet. Plenty of youtube clips from
| this program where commenters are insistent that it's
| evidence that Mermaids are real. And comments linking to
| the footage of the disclaimer, and resulting dumb
| arguments. Still! In 2023!
| bemusedthrow75 wrote:
| It is only _somewhat_ hokey.
|
| I love a bad/earnest low-budget movie. I think they are
| often much more revealing about the nature of culture,
| cinema and art than -- to pick a single counterpoint --
| really anything in the MCU except _Age of Ultron_ [0].
|
| There were plenty of things in that to like. I watched it
| only recently, I'm glad they made it, and I hope the
| people who make it continue to reject the big bucks.
|
| [0] This is a hill I will die on. Almost everything in
| the MCU is pointless dross except James Spader as Ultron.
| canjobear wrote:
| This is basically the setting of Gravity's Rainbow.
| kristopolous wrote:
| You could claim that about nearly anything and nobody
| would/could really challenge you for Gravity's Rainbow!
|
| See also, Finnegan's Wake. For instance, here's a
| nonsense claim that sounds plausible: Finnegan's Wake is
| the best book about the Irish Civil War. You feel the
| frenzy and delirium of the lucid somnambulism that comes
| with insomnia on the battlefield. As foggy and vivid as
| war, the words carefully balance the interregnum between
| the forbidden, forgotten and forsaken laid bare as
| poetry. Nothing is clear and there is no closure. It
| shows how hard narratives are to cobble together using
| shattered pieces. The deconstruction of the language is
| married with the deconstruction of life as belligerents
| fight over conflicting dreams.
| netsharc wrote:
| I can picture it: a German soldier feeling defeated just
| set the keys to something random and typed his message,
| sending a message without expecting anyone to hear...
|
| "In the old days, if someone had a secret they didn't want
| to share, they went up a mountain, found a tree, carved a
| hole in it, and whispered the secret into the hole. Then
| they covered it with mud and leave the secret there
| forever." - Wong Kar Wai/In The Mood for Love
| bredren wrote:
| Maybe solving this would be determining a set of likely
| encrypted messages.
|
| They could be scored by decrypted content matching
| structure of priors and context. Along with char difference
| from the encrypted message on record.
| somedude895 wrote:
| [flagged]
| lucideer wrote:
| > _I still thought it interesting_
|
| I don't know why you've been downvoted to oblivion but I DO
| find this thoroughly uninteresting. I am however interested in
| why anyone WOULD find it interesting.
| lionkor wrote:
| Did you expect ChatGPT to generate a meaningful response?
| CrazyStat wrote:
| I have a friend--a software engineer--who was convinced when
| ChatGPT came out that it would be able to do things like invert
| sha1 hashes, if only you found the right prompt.
|
| There's a lot of magical thinking around LLMs, but in the end
| they're "just" fancy Markov chains.
| RajT88 wrote:
| I'm sure it's possible for some SHA1 hashes along the lines
| of "password1234".
|
| A shockingly high number of SHA1 hashes with their cleartext
| was available on Google Code back in the day. I assume you
| can crawl github for the same now.
| kens wrote:
| The page doesn't make it very clear, but the analysis at the
| bottom says that is a message that the German recipient tried to
| decode in several different ways and then gave up. Apparently the
| message indicates the key (indicator group?) twice, but was VA in
| one place and VR in another, so the message was clearly received
| corrupted. Neither indicator worked so the recipient tried other
| things that also didn't work.
|
| Given that the message is corrupted and the recipient with the
| key couldn't decode it, it's not surprising that the message
| remains unbroken. Even brute force isn't going to work if you
| start with garbage.
| 29athrowaway wrote:
| Probably an input error. They set the machine wrong.
| 1970-01-01 wrote:
| Google Bard tried to find a pattern and was quickly confused:
| Sure, I can help you with that. The string "JCRSAJT
| GSJEYEXYKKZZSHVUOCTRFRCRPFVYPLKPPLGRHVVBBTBRSXSWXGGTYTVKQNGSCHVGF
| " contains the following patterns: Three
| consecutive uppercase letters: JCR Three consecutive
| lowercase letters: eye Three consecutive digits: 000
| One uppercase letter followed by two lowercase letters: RC, SR,
| VY, VV, GR, TF, BB, SX, GG, NG One lowercase letter
| followed by two uppercase letters: EY, ZZ, SH, VU, OC, PF, PL,
| GR, HF, VF Three consecutive letters, one uppercase and
| two lowercase: JCR, EYE, ZZSH, VUOC, PFVY, PLGR, GRHV, VBBT,
| BRSX, GGTY, TVKQ, NGSC Three consecutive letters, one
| lowercase and two uppercase: RCSH, SRVY, VVGR, TFBB, SXGG, NGSC
| wizzwizz4 wrote:
| Why did this seem worth trying, to you?
| 1970-01-01 wrote:
| It's a great way to verify the machine knows nothing.
| stubybubs wrote:
| [flagged]
| FredPret wrote:
| Time to dust off Cryptonomicon again!
| edent wrote:
| My favourite Enigma message - as told to me by a tour guide at
| Bletchley Park - was thought to be a stream of indecipherable
| gibberish.
|
| Until a WREN noticed that the message never contained the letter
| Z.
|
| One weakness of that generation of Enigma was that it could not
| self-encode a letter. That is, A was never encrypted to A.
|
| This had no letter Zs. A statistical improbability. Unless, so
| she reckoned, the _entire_ message consisted of _only_ the letter
| Z repeated.
|
| Apparently, their best guess was that a bored soldier sent a
| stream of Zzzzzz to a friend. That was enough to crack that day's
| key.
|
| Of course, every guide at Bletchley has a range of stories they
| tell credulous geeks. But it is a delightful tale of how OpSec is
| everything.
| soperj wrote:
| Pretty sure Germans use Chrrrr.
| awesomelvin wrote:
| [dead]
| jonathankoren wrote:
| Doesn't matter. You're interpreting it as some stupid
| message, when it's literally a bored 19 year old pressing
| which ever key is most convenient again and again and again
| and again... simply to create bogus radio traffic.
|
| There were tons of bogus messages where the wheels were set
| to whatever German teenager's favorite four letter swear word
| was.
| bragr wrote:
| IIRC there was one German operator who used his
| sweetheart's initials over and over as the combination
| allowing for decryption.
| andrepd wrote:
| >One weakness of that generation of Enigma was that it could
| not self-encode a letter. That is, A was never encrypted to A.
|
| That's not just "a weakness", that is afaik _the_ central
| weakness that allowed the breaking of the enigma in the 30s by
| Polish codebreakers.
| jfengel wrote:
| At this point, how long would it take to brute-force an Enigma
| message on a modern home computer? Is it on the order of hours,
| or millennia?
|
| I found this:
|
| https://crypto.stackexchange.com/questions/33628/how-many-po...
|
| which says the key space is something like 10^20 or 10^23.
|
| A modern supercomputer does something like 10^18 FLOPS. I assume
| that an enigma decryption is considerably more than a single
| floating point operation, but presumably just a few orders of
| magnitude.
|
| So... if I'm reading that right, we're talking about months,
| perhaps?
| aquova wrote:
| An episode of Computerphile attempted to answer the question -
| https://www.youtube.com/watch?v=RzWB5jL5RX0.
|
| TL;DW: With some clever tricks, and the advantage of hindsight,
| it can be done reasonably quickly on a modern computer.
| DSMan195276 wrote:
| I'm not sure I'd count that as brute-force because his method
| can't decrypt every possible message. He's using a
| statistical test to determine whether a given configuration
| is better or worse and then uses that to narrow down the
| search space, but he clarifies it's not generic - it can't
| decrypt all possible messages (ones which trip up his tests)
| and also requires a minimum message length for the
| statistical tests to be effective.
|
| It's still extremely cool, don't get me wrong, but I don't
| think it's really what OPs asking. Given what's mentioned in
| the video (~12:50) and what some other commenters have
| mentioned I get the impression an actual brute-force is not
| really practical.
| louwhopley wrote:
| Also curious!
| captaincrunch wrote:
| It would still take many orders of magnitude longer than the
| current age of the universe to brute-force decrypt an Enigma
| message on todays fastest desktop.
| [deleted]
| DavidSJ wrote:
| Hmm, the universe is over 10^17 seconds old and the key space
| is apparently only a few orders of magnitude larger, so this
| seems wrong.
| WirelessGigabit wrote:
| But how do you know that the outcome you have is the right one?
|
| It's text. It's not something formatted.
|
| If I encrypted a JSON string, gave it to you, you can brute-
| force all day trying to parse the output as a JSON string. If
| it works, you probably have it right.
|
| But here? Because of how the Engima machine works you still get
| an output. And since we don't need to decode this output (like
| JSON to an actual JavaScript Object) we don't have that many
| ways of validating the output.
|
| It's German from 1945. Abbreviations, different (older)
| spelling, spelling mistakes, ... all make it really hard to
| distinguish real output from incorrect output.
| tasty_freeze wrote:
| Although all keys generate _some_ string of letters and
| numbers, the right key will produce a message with reasonable
| letter frequencies and of course with legible words.
|
| For English, about 13% of letters are "e", so if the
| frequency is too far off that it is probably not the right
| key; likewise, if 13% of the letters are "z" it is also not
| likely to be the right key. By applying frequency checks to
| the most and least common letters it should be a fairly
| strong filter for plausible keys.
| jcranmer wrote:
| This is what the successful decrypt of another Enigma
| message looks like:
|
| UUUVIRSIBENNULEINSYNACHRXUUUSTUETZPUNKTLUEBECKVVVCHEFVIERXU
| UUFLOTTXXMITUUUVIERSIBENNULZWOUNDUUUVIERSIBENNULDREIZURFLEN
| DERWERFTLUEBECKGEHENXFONDORTFOLGTWEITERESX
|
| There's enough code language being used in these messages
| that frequency analysis is not going to a major help
| (especially since it doesn't work well on very short texts
| anyways).
| Normal_gaussian wrote:
| Was frequency analysis based on already decoded messages
| used?
| wkat4242 wrote:
| Well the triple U (not sure why they use that) and the
| spelling of the letters is simple enough to check for
| that I guess.
|
| From what I can gather this says something like:
|
| To U4701 Sync message, Lubeck base, From commander 4th
| U-boat fleet, go with U4702 U4703 to Flender Shipyard
| Lubeck, more to follow
|
| It's less gibberish than it looks like at first. They
| really shot themselves in the foot by not having numbers
| on the enigma system, this would have really made
| messages much shorter because they had to write them all
| out.
|
| There's so much specific jargon in there that would make
| it really easy to detect a correct message IMO. Just make
| a simple list of very common words and tally up.
|
| Indeed frequency analysis wouldn't work though but it's
| still pretty possible IMO.
| OtherShrezzing wrote:
| >Well the triple U (not sure why they use that)
|
| The machine works a bit weirdly, in that as you find some
| correct settings, your results converge towards the
| legible result. You can get 95% of the settings correct,
| and produce quite legible results, at which point you
| stop solving. So the correct result there might actually
| be any other three char combo like "ABC" or "UAK", but
| the analyst stopped investigating, because the rest of
| the message was reasonably legible.
| copperbrick25 wrote:
| I looked at multiple messages on that website and the
| pattern seems to be triple letters are for single letters
| and abbreviations. My theory is because if you get a
| letter wrong in a word and "possible" becomes "possifle"
| then it is still intelligible, but if "u five one four"
| means u-boat 514 and you get the U wrong, then it could
| end up as A514 and mean something airplane 514, so to be
| safe the letter u gets transmitted thrice.
| cryptonector wrote:
| Worse than that: there's no authentication tag!
| tehbeard wrote:
| As mentioned elsewhere, a signature of enigma ciphertext is
| that a letter can never encode as itself.
|
| This gives you some crude form of error checking.
|
| The rest of it as you mentioned makes it difficult to
| determine, data mining the possible results for common
| abbreviations from other plaintext could narrow.It down.
| sebzim4500 wrote:
| That doesn't help at all because every key you try will
| lead to a candidate plaintext with no letters in common
| with the ciphertext.
| jonathankoren wrote:
| You validate the same way they did back in the 30s and 40s.
| You use Cribs.
|
| https://en.wikipedia.org/wiki/Known-plaintext_attack
| RichieAHB wrote:
| I'm not sure being German or from 1945 has much to do with
| this. I'd think if I had some candidate plaintext that looked
| German and where a letter didn't map to itself it's likely to
| be right.
|
| Sure, you could argue that it's not quite as unambiguous as
| JSON but, in the realm of all possible plaintext, I'd say
| JSON and 1945 German aren't too far apart in terms of
| likelihood of getting a false positive on a string of non-
| trivial size.
|
| If you want a bit more certainty you could just try it on
| another string (which is the next step in the process either
| way), and then another. At least to me the constraints of
| "German and a char doesn't map to itself" seem like pretty
| limiting factors here.
| dylan604 wrote:
| It would be awesome if there's a message that when decoded
| incorrectly said "Drink your Ovaltine", but when decoded
| correctly was a different message
| RichieAHB wrote:
| Remind me of "Deniable Encryption"[1], where a single
| encrypted input decrypts to multiple plausible plain
| texts (including the real one, obviously) so that, if,
| for example, you were caught and asked to decrypt it, you
| can decrypt to the non-incriminating version.
|
| [1] https://en.m.wikipedia.org/wiki/Deniable_encryption
| DSMan195276 wrote:
| I don't think it's as simple as you're assuming. The "char
| doesn't map to itself" is a feature of the hardware design,
| there's no such thing as a key that allows that to happen
| so it doesn't reduce your search space. But additionally,
| the messages were extremely terse (~250 character limit),
| had no punctuation or spaces, and only had the 26 alphabet
| characters. Depending on the message in question it already
| doesn't look much like German, and the ones writing these
| messages also purposely vary their spelling/names/wording
| to make it harder to analyze. IMO the chance of finding
| "potentially plausible messages" seems higher than you'd
| want if you're starting with zero idea what the plaintext
| is supposed to be.
| wkat4242 wrote:
| Why was there a character limit? I always thought the
| only limit was the slow transmission speed of morse
| messages.
| DSMan195276 wrote:
| From what I have read it was specifically to make it
| harder to decrypt the messages :D Longer messages are
| easier to analyze.
| DrNosferatu wrote:
| I'll choose the model "Enigma M3" and use the following settings:
|
| * Rotor 1: III
|
| * Rotor 2: II
|
| * Rotor 3: I
|
| * Reflector: B
|
| * Rotor 1 position: A
|
| * Rotor 2 position: A
|
| * Rotor 3 position: A
|
| * Rotor 1 ring: A
|
| * Rotor 2 ring: A
|
| * Rotor 3 ring: A
|
| * Plugboard: AJ KT
|
| I'll enter the ciphertext in the input field and see what
| plaintext message it produces. The result is:
|
| WIRGREIFENMORGENFRUEHANXHALTENSIESTRENGSTEGEHEIMXHEILHITLERX
|
| This looks like a meaningful plaintext message in German. It
| means:
|
| WE ATTACK TOMORROW MORNING X KEEP IT STRICTLY SECRET X HAIL
| HITLER X
___________________________________________________________________
(page generated 2023-06-26 23:00 UTC)