Jefferson Disk - Cryptanalysis

Cryptanalysis

The Bazeries cylinder was a relatively strong system at the time (compared to many other systems in use), and Etienne Bazeries, a competent but very opinionated man, is said to have regarded it as indecipherable. In fact, it is hardly impregnable, and the "Pers z" code-breaking group of the German Foreign Office cracked the M-138-A in 1944. However, by that time the Americans had much more sophisticated cipher systems in operation. Many of the decrypts of Allied communications presented to the German high command were disregarded, because all they did was confirm bad news that nobody wanted to acknowledge in an environment where defeatism was potentially a capital crime.

de Viaris (aka Marquis Gaetan Henri Leon Viarizio di Lesegno) who is famous for one of the first printing cipher devices (1874), solved the Bazeries cylinder in 1893, so Bazieries alleged confidence in the system was ill-placed.

One major weakness of the Bazeries cylinder is that the offset from the plaintext letter to the ciphertext letter for the cipher alphabet on each disk will be exactly the same. In the example shown above, this offset is six letters.

Suppose a cryptanalyst — Holmes, say — has captured the simplified Bazeries cylinder described in the example above, with ten disks. This should not be enough to permit him to decipher messages with it, since he also has to know the key, or the arrangement of the disks on the cylinder. Even for this simplified Bazeries cylinder, the number of possible permutations of the disks are:

— which makes trial and error testing of the arrangement of the disks perfectly impractical to perform by hand; computers would make such a break near trivial for 10 disks, but not for the 36 disks that Jefferson used, as 36! ≈ 2138.

Now, further suppose that Holmes has a crib. For example, suppose he knows that the first block of plaintext enciphered by the simplified Bazeries cylinder is the string:

heilhitler

Conveniently, this is exactly ten letters long, and can be enciphered in a single pass with the simplified Bazeries cylinder. The corresponding ciphertext is:

AZNCZEAPBH

The remainder of the message is of course a complete mystery for the moment. Fortunately, Holmes can use this crib to allow him to decipher all the following blocks of the message.

Holmes has no idea of which disk is used to encipher which letter, but he does know that the offset between the plaintext letter and the ciphertext letter must be the same for all ten characters. This gives him a way of penetrating the cipher by lining up the plaintext and ciphertext characters of the crib; forming them into pairs; determining the offsets for the plaintext letters and ciphertext letters for each disk; and then searching for a common offset in the matrix of offset.

Holmes knows that the correspondence between the two sets of letters is as follows:

  • hA
  • eZ
  • iN
  • lC
  • hZ
  • iE
  • tA
  • lP
  • eB
  • rH

Now Holmes takes disk 1, which has the cipher alphabet:

1: < ZWAXJGDLUBVIQHKYPNTCRMOSFE <

The first letter pair is "h:A", and Holmes counts along the disk to determine that the offset between the two letters is 15. The second letter pair is "e:Z", and he sees right away that the offset is 1. He continues this process for each letter pair for disk 1, and then goes through the same procedure for the nine other disks, producing the following table:

h:A e:Z i:N l:C h:Z i:E t:A l:P e:B r:H ________________________________________________ 1: 15 1 6 12 13 14 10 9 10 19 2: 14 5 6 3 16 4 22 23 25 7 3: 15 15 4 2 17 12 14 25 10 7 4: 18 7 10 7 14 20 12 25 1 6 5: 4 14 20 13 20 7 21 14 25 24 6: 22 16 3 17 10 19 1 14 14 14 7: 14 15 14 8 7 12 15 19 12 13 8: 21 12 12 22 5 2 14 8 8 14 9: 11 14 15 14 15 14 16 25 5 2 10: 5 23 5 21 17 21 20 6 14 12

As Holmes prepares the table, the value "14" quickly jumps out at him as a common element, and in completion of the table proves to be the only common element. This is obviously the row offset from the plaintext to the ciphertext. He strips the other values out for clarity:

h:A e:Z i:N l:C h:Z i:E t:A l:P e:B r:H ________________________________________________ 1: - - - - - 14 - - - - 2: 14 - - - - - - - - - 3: - - - - - - 14 - - - 4: - - - - 14 - - - - - 5: - 14 - - - - - 14 - - 6: - - - - - - - 14 14 14 7: 14 - 14 - - - - - - - 8: - - - - - - 14 - - 14 9: - 14 - 14 - 14 - - - - 10: - - - - - - - - 14 -

Now Holmes rearranges the disks to reflect the correct order of the letters on the cylinder. This is done by rearranging the rows of the table so that the value "14" appears in every cell along the table's main diagonal. In this case, there are no ambiguities in the arrangement of the disks; but if there had been, a little testing of subsequent blocks of the ciphertext would reveal the proper order.

h:A e:Z i:N l:C h:Z i:E t:A l:P e:B r:H ________________________________________________ 2: 14 - - - - - - - - - 5: - 14 - - - - - 14 - - 7: 14 - 14 - - - - - - - 9: - 14 - 14 - 14 - - - - 4: - - - - 14 - - - - - 1: - - - - - 14 - - - - 3: - - - - - - 14 - - - 6: - - - - - - - 14 14 14 10: - - - - - - - - 14 - 8: - - - - - - 14 - - 14

This gives the key:

2,5,7,9,4,1,3,6,10,8

In the real world, a Bazeries cylinder has more disks (commonly, 20 or 30 rather than 10), and it less likely there would be a single crib that would span the entire cylinder. Nevertheless, the approach described above still works. Even if the cylinder had 30 disks and a crib only had five letters, Holmes could build up a table of the offsets for each of the 30 disks for the five letter pairs, and use it to narrow down the possibilities for the offset and the disks used for the crib.

Holmes could repeat the procedure with several independent cribs in the same message, almost certainly pinning down the offset quickly and giving an improved knowledge of the order of the disks. Once the offset has been determined, then Holmes would have what amounted to a straight transposition of the letters not determined by tinkering with the cribs, and use methods such as multiple anagramming to crack it.

  • This article, or an earlier version of it, incorporates material from Greg Goebel's Codes, Ciphers, & Codebreaking.

Read more about this topic:  Jefferson Disk