It is possible to break even the complicated cipher produced by a rotor machine. Especially when only one rotor moves with every letter enciphered, that rotor is at either the input or output end of the rotor machine, and no other rotor moves more often than once every 26 letters.
Of course, having some cribs, that is, plaintext for a number of cipher messages, will be helpful. As will cracking the 'indicator system', that is, the method by which the sender notifies the recipient of the starting positions of the rotors for each message.
When only one rotor moves, and the rest of the machine stands still, and the moving rotor is on the outside, then the only difference between the cipher applied for one such period of 26 letters and any other is a monalphabetic substitution.
With enough overlapping cribs, one may be able to reconstruct little pieces of the fast rotor relative to more than one of the monalphabetic substitutions produced by the others, and it may even be possible to link these pieces together. As soon as it becomes possible to nullify the effect of the fast rotor, messages become almost trivial to solve.
If you know the wiring of all the rotors, and you have some known plaintext, and the fast rotor is on the outside, the procedure is to try each rotor, in all 26 rotational positions as the fast rotor (this amounts to 130 trials for a machine with five rotors) until you find one that produces a monalphabetic result. If the fast rotor is on the output side, you use it to decipher the ciphertext. If it is on the input side, you use it to encipher the plaintext. Either way, if the plaintext and ciphertext are made to match, so that repeated letters in both match up, you have found an isomorph.
Note that while frequent or complicated rotor movement can make it impossible to mount an isomorph attack, having the fast rotor in the middle of the rotor stack makes such an attack more difficult, since one has mixed alphabets to deal with, and these will not be the same in all messages, it does not make attacks based on this principle completely impossible.
Next
Chapter Start
Skip to Next Section
Table of Contents
Return to Home Page