The Secrets of the Chaocipher Finally Revealed

nickpelling2 writes "In 1918, John F. Byrne invented a truly amazing cipher system, called 'The Chaocipher,' that fit inside a small cigar box, could be operated by a ten-year-old, yet produced practically unbreakable ciphertext (arguably even stronger than the Nazi Enigma machine). But now, thanks to the efforts of Chaocipher fan Moshe Rubin and the generous gift of Byrne's cryptographic effects by his daughter-in-law Pat Byrne to the National Cryptologic Museum, the secrets of the Chaocipher are finally starting to be revealed — it's a great story. To accompany Moshe Rubin's excellent textual description of the Chaocipher, I've posted a 30-second animation of the Chaocipher in action to YouTube, just in case anyone wants to see the most devious cipher of the 20th century in action (sort of)."

Re:Wow

[omglolbah]

While a polyalphabetic substitution cipher can be broken I would not call breaking this particular one "simple".
Compared to many other such ciphers it is quite good in that there is a shifting alphabet which has a very large range of values.

Considering it was made in 1918 I suspect it would be a pain in the ass to actually break it.
You cant do much with frequency analysis as the alphabet and thus the substitutions change on every letter.

Much like with Enigma I suspect that this cipher's biggest weakness is in the application. In other words following a set pattern which makes it possible to find "cribs".

Video link

[Nieriko]

http://www.youtube.com/watch?v=BPI3P-ikWCk

Allow me to spare you the googling :D

Probably weaker than Enigma

[Animats]

It's not a particularly strong cypher. It's basically a monoalphabetic substitution with some feedback, but not much. For each letter encyphered, the wheels change, but they don't change by much, and the number of change possibilities is small. So if you have known plaintext anywhere in the message, you can look for it with the usual techniques for monoalphabetic substitution, while considering all of the small number of possible changes to the two alphabets on each cycle. The "permuting" step just consists of shifting half the alphabet by one place left or right.

Once you have an entry into the cypher from some stretch of known text, you can work backwards and forwards until you've recovered the wheels.

There are better pre-computer cyphers. Jefferson's wheel cypher is much stronger, and was used by the US as late as the Vietnam War.

Re:Probably weaker than Enigma

[CAIMLAS]

Yet, this thing was around in 1918. It was some time before computers, and still reasonably capable. Arguably, I'm not quite sure how it's an inferior cipher compared to the Jefferson cipher - this one appears to allow for slightly more "randomness", as well as creating templates which could arguably be used for single-time pads without the additional transmission of information for an effective cipher. (the Jefferson wheel cipher wasn't used past WWII, from what I can tell).

At any rate, it just goes to show you how effective a relatively simple machine can be, compared to modern electronic and/or computational methods to do the same basic thing (in this case, the enigma). Another good example would be drive/steer-by-wire vs. hydraulic or mechanical steering and acceleration/breaking. I'm sure there are more, but I'm not creative enough to think of any of them in my current alcohol-addled state.

Sometimes, the conceptually simpler method is the better one. This thing apparently still works; how many cryptographic engines of later years no longer do due to the copious mantainance required? Same can be said for more modern vehicle electronics vs. the older and more reliable (despite what the automotive industry says) mechanical means of doing the same: instead of outright replacement its often relatively easy to fix the broken systems on an older car.

Of course, when it comes to things depending on complex mathematics and the ability to be generalized, nothing beats generalized computing. :)

Re:Wow

[Randle_Revar]

>(still, where is the AES equivalent of a secure hash?)
here:
http://csrc.nist.gov/groups/ST/hash/timeline.html

Re:The 20th Century?

[the_enigma_1983]

According to your link, some countries use terms like "the 1900s" to refer to anything between 1900 and 1999. As it says, this is equivalent to English-speakers using the term the "nineteen hundreds". It doesn't mention in any way how someone could refer to the year "1999" as being in the "19th century".

Re:Starker! Zis is die CHAOCIPHER!

An interesting update to Mark Twain's "A Plan for the Improvement of English Spelling". Authorship of that piece is up for debate, of course, but still funny and worth the read.

Posted anonymously because I have modded this discussion.

Re:The 20th Century?

[Kr3m3Puff]

So when is this year 0 again? There is no year 0 in the Gregorian Calendar.

The problem is the one-time key (base setting)

[Kupfernigk]

This is exactly the same as with Enigma. What matters is the initial setting, which is a key. If the base setting is always the same, then the decoding of one message works for all. The difficulty is to find a way of distributing the initial key securely, given that it needs to be changed very frequently. Any system which can be compromised if a station is captured becomes useless until all stations have new key sets - difficult for a spy network in wartime, or even a submarine fleet.

Given the Enigma architecture, it was the capture of a German weathership and later a submarine by the Royal Navy that did most for German Enigma decryption.