Jefferson disk
Encyclopedia
Axle
An axle is a central shaft for a rotating wheel or gear. On wheeled vehicles, the axle may be fixed to the wheels, rotating with them, or fixed to its surroundings, with the wheels rotating around the axle. In the former case, bearings or bushings are provided at the mounting points where the axle...
. The disks are removable and can be mounted on the axle in any order desired. The order of the disks is the cipher key
Key (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
, and both sender and receiver must arrange the disks in the same predefined order. Jefferson's device had 36 disks. [Kahn, p. 194]
Once the disks have been placed on the axle in the agreed order, the sender rotates each disk up and down until a desired message is spelled out in one row. Then the sender can copy down any row of text on the disks other than the one that contains the plaintext message. The recipient simply has to arrange the disks in the agreed-upon order, rotate the disks so they spell out the encrypted message on one row, and then look around the rows until he sees the plaintext message, i.e. the row that's not complete gibberish. There is an extremely small chance that there would be two readable messages, but that can be checked quickly by the person coding.
First invented by Thomas Jefferson
Thomas Jefferson
Thomas Jefferson was the principal author of the United States Declaration of Independence and the Statute of Virginia for Religious Freedom , the third President of the United States and founder of the University of Virginia...
in 1795, this cipher did not become well-known and was independently invented by Commandant Etienne Bazeries
Étienne Bazeries
Étienne Bazeries was a French military cryptanalyst active between 1890 and the First World War. He is best known for developing the "Bazeries Cylinder", an improved version of Thomas Jefferson's cipher cylinder. It was later refined into the US Army M-94 cipher device. Historian David Kahn...
, the conqueror of the Great Cipher
Great Cipher
In the history of cryptography, the Great Cipher or Grand Chiffre was a nomenclator cipher developed by the Rossignols, several generations of whom served the French Crown as cryptographers. The Great Cipher was excellent of its class and so was given this name; it was reputed to be unbreakable...
, a century later. The system was used by the United States
United States
The United States of America is a federal constitutional republic comprising fifty states and a federal district...
Army
Army
An army An army An army (from Latin arma "arms, weapons" via Old French armée, "armed" (feminine), in the broadest sense, is the land-based military of a nation or state. It may also include other branches of the military such as the air force via means of aviation corps...
from 1923 until 1942 as the M-94
M-94
The M-94 was a piece of cryptographic equipment used by the United States army, consisting of several lettered discs arranged as a cylinder. The idea for the device was conceived by Colonel Parker Hitt and then developed by Major Joseph Mauborgne in 1917...
.
This system is not considered secure against modern codebreaking if it is used to encrypt more than one row of text with the same ordering of disks (i.e. using the same key). See #Cryptanalysis.
Operation
To encrypt a message, AliceAlice and Bob
The names Alice and Bob are commonly used placeholder names for archetypal characters in fields such as cryptography and physics. The names are used for convenience; for example, "Alice sends a message to Bob encrypted with his public key" is easier to follow than "Party A sends a message to Party...
rotates the disks to produce the plaintext
Plaintext
In cryptography, plaintext is information a sender wishes to transmit to a receiver. Cleartext is often used as a synonym. Before the computer era, plaintext most commonly meant message text in the language of the communicating parties....
message along one "row" of the stack of disks, and then selects another row as the ciphertext
Ciphertext
In cryptography, ciphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Ciphertext is also known as encrypted or encoded information because it contains a form of the original plaintext that is unreadable by a human or computer without the proper cipher...
. To decrypt the message, Bob rotates the disks on his cylinder to produce the ciphertext along a row. It is handy if both Alice and Bob know the offset of the row, but not really necessary since Bob can simply look around the cylinder to find a row that makes sense.
For example, a simplified "toy" Bazeries cylinder using only ten disks might be organised as shown below, with each disk "unwrapped" into a line and each marked with a designating number:
| 1: | < ZWAXJGDLUBVIQHKYPNTCRMOSFE < |
| 2: | < KPBELNACZDTRXMJQOYHGVSFUWI < |
| 3: | < BDMAIZVRNSJUWFHTEQGYXPLOCK < |
| 4: | < RPLNDVHGFCUKTEBSXQYIZMJWAO < |
| 5: | < IHFRLABEUOTSGJVDKCPMNZQWXY < |
| 6: | < AMKGHIWPNYCJBFZDRUSLOQXVET < |
| 7: | < GWTHSPYBXIZULVKMRAFDCEONJQ < |
| 8: | < NOZUTWDCVRJLXKISEFAPMYGHBQ < |
| 9: | < XPLTDSRFHENYVUBMCQWAOIKZGJ < |
| 10: | < UDNAJFBOWTGVRSCZQKELMXYIHP < |
If the "key", the sequence of disks, for this Bazeries cylinder is
- 7,9,5,10,1,6,3,8,2,4
and Alice wants to send the message "retreat now" to Bob, she rearranges the disks as per the key and rotates each disk to obtain the plaintext
Plaintext
In cryptography, plaintext is information a sender wishes to transmit to a receiver. Cleartext is often used as a synonym. Before the computer era, plaintext most commonly meant message text in the language of the communicating parties....
, which is shown at the left, with spacing added for clarity:
| 7: | < R AFDCE O NJQGWTHSPYBXIZULVKM < |
| 9: | < E NYVUB M CQWAOIKZGJXPLTDSRFH < |
| 5: | < T SGJVD K CPMNZQWXYIHFRLABEUO < |
| 10: | < R SCZQK E LMXYIHPUDNAJFBOWTGV < |
| 1: | < E ZWAXJ G DLUBVIQHKYPNTCRMOSF < |
| 6: | < A MKGHI W PNYCJBFZDRUSLOQXVET < |
| 3: | < T EQGYX P LOCKBDMAIZVRNSJUWFH < |
| 8: | < N OZUTW D CVRJLXKISEFAPMYGHBQ < |
| 2: | < O YHGVS F UWIKPBELNACZDTRXMJQ < |
| 4: | < W AORPL N DVHGFCUKTEBSXQYIZMJ < |
She then selects the ciphertext from the sixth row of the cylinder up from the plaintext. This ciphertext is also highlighted above with spacing, and gives:
- OMKEGWPDFN
When Bob gets the ciphertext, he rearranges the disks on his cylinder to the key arrangement, rotates the disks to give the ciphertext, and then reads the plaintext six rows down from the ciphertext, or simply looks over the cylinder for a row that makes sense.
Basis for military ciphers
The Bazeries cylinder was the basis for the US "M-94M-94
The M-94 was a piece of cryptographic equipment used by the United States army, consisting of several lettered discs arranged as a cylinder. The idea for the device was conceived by Colonel Parker Hitt and then developed by Major Joseph Mauborgne in 1917...
" cipher machine, which was introduced in 1922 and derived from work by Parker Hitt. In 1914, Hitt had experimented with the Bazeries device, building one prototype using slides on a wooden frame, with the cipher alphabets printed twice consecutively on the slides, and then another using disks of wood. He forwarded his experiments up the Signal Corps chain of command, and in 1917 Joseph Mauborgne
Joseph Mauborgne
In the history of cryptography, Joseph Oswald Mauborgne co-invented the one-time pad with Gilbert Vernam of Bell Labs. In 1914 he published the first recorded solution of the Playfair cipher...
refined the scheme, with the final result being the M-94.
The M-94 used 25 aluminium disks on a spindle. It was used by the Army
Army
An army An army An army (from Latin arma "arms, weapons" via Old French armée, "armed" (feminine), in the broadest sense, is the land-based military of a nation or state. It may also include other branches of the military such as the air force via means of aviation corps...
, Coast Guard
Coast guard
A coast guard or coastguard is a national organization responsible for various services at sea. However the term implies widely different responsibilities in different countries, from being a heavily armed military force with customs and security duties to being a volunteer organization tasked with...
, and the Radio Intelligence Division of the Federal Communications Commission
Federal Communications Commission
The Federal Communications Commission is an independent agency of the United States government, created, Congressional statute , and with the majority of its commissioners appointed by the current President. The FCC works towards six goals in the areas of broadband, competition, the spectrum, the...
until early in World War II
World War II
World War II, or the Second World War , was a global conflict lasting from 1939 to 1945, involving most of the world's nations—including all of the great powers—eventually forming two opposing military alliances: the Allies and the Axis...
. The Army changed back to Hitt's original slide scheme with the "M-138-A" cipher machine, which was introduced in the 1930s and was used by the US Navy and US State Department through World War II. The M-138-A featured 100 strips, with 30 selected for use in any one cipher session. It was a considerable improvement in security for the State Department, which during the interwar years had used laughably insecure codes, even in one case a standard commercial telegraph code. They were much more easily broken.
Cryptanalysis
The Bazeries cylinder was a relatively strong system at the time (compared to many other systems in use), and Etienne Bazeries, a competent but very opinionated man, is said to have regarded it as indecipherable. In fact, it is hardly impregnable, and the "Pers z" code-breaking group of the German Foreign Office cracked the M-138-A in 1944. However, by that time the Americans had much more sophisticated cipher systems in operation. Many of the decrypts of Allied communications presented to the German high command were disregarded, because all they did was confirm bad news that nobody wanted to acknowledge in an environment where defeatism was potentially a capital crime.de Viaris (aka Marquis Gaetan Henri Leon Viarizio di Lesegno) who is famous for one of the first printing cipher devices (1874), solved the Bazeries cylinder in 1893, so Bazieries alleged confidence in the system was ill-placed.
One major weakness of the Bazeries cylinder is that the offset from the plaintext letter to the ciphertext letter for the cipher alphabet on each disk will be exactly the same. In the example shown above, this offset is six letters.
Suppose a cryptanalyst — Holmes
Sherlock Holmes
Sherlock Holmes is a fictional detective created by Scottish author and physician Sir Arthur Conan Doyle. The fantastic London-based "consulting detective", Holmes is famous for his astute logical reasoning, his ability to take almost any disguise, and his use of forensic science skills to solve...
, say — has captured the simplified Bazeries cylinder described in the example above, with ten disks. This should not be enough to permit him to decipher messages with it, since he also has to know the key, or the arrangement of the disks on the cylinder. Even for this simplified Bazeries cylinder, the number of possible permutations of the disks are:
— which makes trial and error
Brute force attack
In cryptography, a brute-force attack, or exhaustive key search, is a strategy that can, in theory, be used against any encrypted data. Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system that would make the task easier...
testing of the arrangement of the disks perfectly impractical to perform by hand; computer
Computer
A computer is a programmable machine designed to sequentially and automatically carry out a sequence of arithmetic or logical operations. The particular sequence of operations can be changed readily, allowing the computer to solve more than one kind of problem...
s would make such a break near trivial, however.
Now, further suppose that Holmes has a crib. For example, suppose he knows that the first block of plaintext enciphered by the simplified Bazeries cylinder is the string:
- heilhitler
Conveniently, this is exactly ten letters long, and can be enciphered in a single pass with the simplified Bazeries cylinder. The corresponding ciphertext is:
- AZNCZEAPBH
The remainder of the message is of course a complete mystery for the moment. Fortunately, Holmes can use this crib to allow him to decipher all the following blocks of the message.
Holmes has no idea of which disk is used to encipher which letter, but he does know that the offset between the plaintext letter and the ciphertext letter must be the same for all ten characters. This gives him a way of penetrating the cipher by lining up the plaintext and ciphertext characters of the crib; forming them into pairs; determining the offsets for the plaintext letters and ciphertext letters for each disk; and then searching for a common offset in the matrix of offset.
Holmes knows that the correspondence between the two sets of letters is as follows:
- h—A
- e—Z
- i—N
- l—C
- h—Z
- i—E
- t—A
- l—P
- e—B
- r—H
Now Holmes takes disk 1, which has the cipher alphabet:
- 1: < ZWAXJGDLUBVIQHKYPNTCRMOSFE <
The first letter pair is "h:A", and Holmes counts along the disk to determine that the offset between the two letters is 15. The second letter pair is "e:Z", and he sees right away that the offset is 1. He continues this process for each letter pair for disk 1, and then goes through the same procedure for the nine other disks, producing the following table:
h:A e:Z i:N l:C h:Z i:E t:A l:P e:B r:H
________________________________________________
1: 15 1 6 12 13 14 10 9 10 19
2: 14 5 6 3 16 4 22 23 25 7
3: 15 15 4 2 17 12 14 25 10 7
4: 18 7 10 7 14 20 12 25 1 6
5: 4 14 20 13 20 7 21 14 25 24
6: 22 16 3 17 10 19 1 14 14 14
7: 14 15 14 8 7 12 15 19 12 13
8: 21 12 12 22 5 2 14 8 8 14
9: 11 14 15 14 15 14 16 25 5 2
10: 5 23 5 21 17 21 20 6 14 12
As Holmes prepares the table, the value "14" quickly jumps out at him as a common element, and in completion of the table proves to be the only common element. This is obviously the row offset from the plaintext to the ciphertext. He strips the other values out for clarity:
h:A e:Z i:N l:C h:Z i:E t:A l:P e:B r:H
________________________________________________
1: - - - - - 14 - - - -
2: 14 - - - - - - - - -
3: - - - - - - 14 - - -
4: - - - - 14 - - - - -
5: - 14 - - - - - 14 - -
6: - - - - - - - 14 14 14
7: 14 - 14 - - - - - - -
8: - - - - - - 14 - - 14
9: - 14 - 14 - 14 - - - -
10: - - - - - - - - 14 -
Now Holmes rearranges the disks to reflect the correct order of the letters on the cylinder. This is done by rearranging the rows of the table so that the value "14" appears in every cell along the table's main diagonal. In this case, there are no ambiguities in the arrangement of the disks; but if there had been, a little testing of subsequent blocks of the ciphertext would reveal the proper order.
h:A e:Z i:N l:C h:Z i:E t:A l:P e:B r:H
________________________________________________
2: 14 - - - - - - - - -
5: - 14 - - - - - 14 - -
7: 14 - 14 - - - - - - -
9: - 14 - 14 - 14 - - - -
4: - - - - 14 - - - - -
1: - - - - - 14 - - - -
3: - - - - - - 14 - - -
6: - - - - - - - 14 14 14
10: - - - - - - - - 14 -
8: - - - - - - 14 - - 14
This gives the key:
- 2,5,7,9,4,1,3,6,10,8
In the real world, a Bazeries cylinder has more disks (commonly, 20 or 30 rather than 10), and it less likely there would be a single crib that would span the entire cylinder. Nevertheless, the approach described above still works. Even if the cylinder had 30 disks and a crib only had five letters, Holmes could build up a table of the offsets for each of the 30 disks for the five letter pairs, and use it to narrow down the possibilities for the offset and the disks used for the crib.
Holmes could repeat the procedure with several independent cribs in the same message, almost certainly pinning down the offset quickly and giving an improved knowledge of the order of the disks. Once the offset has been determined, then Holmes would have what amounted to a straight transposition of the letters not determined by tinkering with the cribs, and use methods such as multiple anagramming to crack it.
Sources
- The Codebreakers, David Kahn, 1967, pp. 192-195