It's cheap, convenient, secure, and (if you have working Internet) Google spends billions on making it reliable.
It's also a major opsec error, if your threat model suggests Google is compromisable by the enemy. What we're observing here suggests either the Russian army doesn't think that's the case or the Russian boots-on-the-ground don't care what the brass thinks about opsec (remember, the Enigma machine was nearly uncrackable state-of-the-art cryptographic hardware in World War II... unless you set the encryption cylinders to HIT and the decryption to LER, of course...)
> unless you set the encryption cylinders to HIT and the decryption to LER, of course...
That doesn't align with my understanding of Enigma's operation or how it was broken.
Enigma is a substitution cipher. There are no "encryption" and "decryption" cylinders. There are just rotors. The rotors start in a known configuration according to a calendar distributed out-of-band. Decrypting a message is the same as encrypting it, but both the encrypting and decrypting machine have to start in the same state.
Enigma was broken in part using frequency analysis (captured machines and codebooks helped). Weather reports had a similar structure and (some?) messages ended with "HH". I don't believe operators in the field got lazy with rotor settings, since that would require coordinated laziness.
Enigma was state-of-the-art but still flawed. Substitution ciphers are fundamentally susceptible to frequency analysis. It would have been broken even without capturing machines and codebooks and even if the Germans had minimized structure in their messages.
I did that from memory, and you're right; I got a lot of the details wrong.
The story I was trying to relate was that hypothetically, the army should have been using a protocol for setting up the cylinders to minimize the breakability of sent messages. In practice in the field, they got sloppy; where radio operators had liberty to choose settings "at random," the randomness started to break down. If the Allied decoders determined, for example, that a message had been sent with initial cylinder config HIT, the next message was almost certainly sent with LER. Same for LON (DON), MAD (RID), BER (LIN), and TOM (MIX).
In contrast, the German navy (particularly the U-boats) worked from a code-book and were nearly unbreakable consistently because the code-book had been generated with pure physical random methods. The books were water-soluble and kept in the captain's quarters; in the event of capture, the captain was to destroy the book. The big break for the naval codes was that the Allies managed to successfully force a U-boat to the surface and during the fighting, the captain was injured and couldn't execute on the destruction protocol; the Allies retrieved the book. The navy was so impressed with itself regarding its code-book solution that when they discovered their codes were consistently broken, they were utterly incredulous that a book could have been acquired and began an internal espionage inquisition.
TIL. My understanding is based on the Navy procedures. I didn't realize the Army's procedures were so different. I thought the only difference between Navy and Army Enigma was the plugboard and number of available rotors but that procedures were the same.
Thanks for the great resource.
E: Reading this transcript I see:
> Since they knew the Enigma would never duplicate a letter in the original, if any pairs of letters did match, the phrase must be in the wrong position. They slid the crib along the message until they found a point where none of the letters were the same. This could be where the phrase was located. If successful, they could then work out the Enigma settings for the next 24 hours.
I wonder if Enigma could have been cracked based on this frequency analysis alone. Presumably the Navy replaced the codebooks after they were compromised, but AFAIK Bletchley Park was able to decipher messages through the end of the war.
In the case of the navy, the beauty of their randomized code book solution was the Achilles heel. Once the code book was compromised, there wasn't any easy way to replace it that didn't involve recalling every ship at sea. A one-time pad is completely worthless if the enemy has the pad, and the code book was essentially a sequence of one time pad entries (sort of; technically, just a sequence of random seeds for an algorithmic encryptor... Point is, if you're compromise would break a one-time pad it will break everything else too).
But hilariously, I'm pretty sure the main thing that dragged out the length of time that the navy codes were broken was the fact that the German admiralty spent more time executing high ranking officers suspected of espionage after the codes were broken than coming up with an actual solution ;)
For some reason I thought the codebooks had a limited life. Something like a month. And that there was a mechanism for distributing these books along with supplies like food and fuel. But I also thought the Army was using them.
The Friedmans in the US routinely decrypted Enigma messages (mostly from South America) without assistance from any bombes or Colossus. Just good old fashioned cryptanalysis.
It's also a major opsec error, if your threat model suggests Google is compromisable by the enemy. What we're observing here suggests either the Russian army doesn't think that's the case or the Russian boots-on-the-ground don't care what the brass thinks about opsec (remember, the Enigma machine was nearly uncrackable state-of-the-art cryptographic hardware in World War II... unless you set the encryption cylinders to HIT and the decryption to LER, of course...)