The Enigma machine gave Nazi Germany what looked like unbreakable communications - a cipher with more possible settings than there are atoms in the observable universe, reset every night across thirty or forty separate networks. Trying every combination in turn would have outlasted the war many times over.
Mark Baldwin, better known as Dr Enigma, explains how the machine actually worked, from its rotors and plugboard to the staggering scale of its key space, and why brute force was never an option. The breakthrough came from mathematics - the Polish codebreakers who first cracked Enigma in 1932, then Alan Turing's bombe at Bletchley Park - and, again and again, from the human mistakes like predictable settings and repeated phrases that proved the operator was always the weakest link.
1 / 21Use ← → to navigate
Auto-generated transcript - may contain errors. Tap a timestamp to jump the video.
Thank you. Thank you very much. Thank you, and welcome ladies and gentlemen to what we can call perhaps the greatest hack in history. The way in which the Nazi ciphers created by the Enigma machine were tackled, and tackled successfully at Bletchley Park. We need first of all to have a quick look at the Enigma machine, and explain why it was adopted at the time that it was.
I'm sure all of you will recognize that machine if you have any difficulty, and if you're not very familiar with it, come to the Cromdale Hall afterwards and have a look at and a play with the machines, the genuine wartime machines we've got there.
So, there it is. That's a standard machine. Although it comes to prominence in World War II, it was actually being used actively by the German forces for something like ten years before the war started. But why did they take it on at that time?
Well, it's really the guy up in the top left hand corner there who is to blame, because Marconi argued that he could make things happen at a distance by sending electromagnetic radiation through the air, and he proved that to a skeptical world in nineteen oh one.
He had difficulty getting his idea accepted very widely during the years between nineteen oh one and the First World War, but once we got into the First World War, the military men realized what a wonderful thing wireless was going to prove to be, because by using that, even though sender and receiver were both moving around, it was possible to remain in real time communication without the need to be seeing each other, without the need to be able to hear each other, without the need to be connected together by a wire,
or without the need to write down a message and send it by a man or a pigeon or a dog from one to the other. Wireless allowed them to escape from all those limitations, but it has one feature that of course they did not ignore, and that is that it provides in itself zero security.
So, the mere fact that wireless was adopted very widely during World War I demonstrated the need for another bit of equipment, a piece of equipment which could provide a way of disguising the message before it's sent. Because the thing about wireless is not only can you not stop your enemy listening in, you can't tell whether the enemy has listened in or not.
So, if wireless is to be the basis of a secure communication system, you need to disguise the message before it goes to encipher it, encode it, scramble it in some way. Various people realized that in different countries during the war, but the first man to take out a patent on a machine specifically designed to provide security by scrambling for messages before they were sent by wireless was a German by the name of Arthur Scherbius, and you may not be able to read that, you probably can.
The date of that application for a patent is the twenty third of February nineteen eighteen. So, we can trace the origins of the Enigma machine right back to World War I, and right back to this patent which was applied for before the end of the war.
It's a rotor cipher machine. It does nothing more than create a substitution cipher by changing one letter into another. To input something into the machine, you just press one of those rows of keys along the bottom there. Twenty six keys, no space bar, no numerals, no punctuation.
It's a very stripped down kind of machine, a very stripped down device. Only twenty six things are possible to put into the machine, but any time you press any one of those keys along those bottom row there, the bottom rows of three, any time you press one of those keys, you will light up one of the little bulbs.
The bulbs are your output section. Quite a sophisticated thing so far, but quite simple from this moment onwards, because the operator, or perhaps not simple, perhaps unrefined, because the operator himself has to write down the output. The machine does not record, or remember or transmit or print out what it's doing.
So you press a key, the operator presses a key, it lights up a lamp bulb. That will be the cipher version of the key you have pressed, and that has to be put actually written down by the operator. Pencil and paper job. It's a rotor cipher machine.
It creates a substitution cipher, and the way it creates that largely is because there are rotors up at the top there, and those rotors are called rotors because they go round during operation, and they house the wiring which links the keys to the bulbs.
They're called rotors because they go round. Every time you press a key, not only does one of the bulbs light up, but at least one of the rotors goes round, and that's creating a different cipher alphabet for the next keystroke. So, it's a continually changing cipher pattern.
If you press the same key repeatedly, you're welcome to come along to Cromdale and have a go at this afterwards. Some of you have already done it, I know. If you press a key repeatedly, you will get if you press it six times, you'll almost certainly get six different letters out.
A continually changing cipher pattern, and the greater part of the complexity is provided by those rotors. Obviously, if the rotors are going round, the rotational position of the rotors is important. So, for the operator to check what rotational position they're in, there are three little windows.
Those things that look like three little white squares next to the flanges sticking out from the machine, those are three little windows through which the operator can see a letter or a number engraved on a ring attached to the rotor. So, that tells the operator what rotational position the rotors are in, and that's particularly important because before he starts to encrypt a message, he must turn those rotors around to a particular position, and he must inform by one means or another, he must inform the man to whom he is sending the message of
the starting position of the rotors. If we look underneath that inner metal cover, we can see there the three rotors side by side. We can see the three notched flanges, one attached to each rotor. We can see the three lettered index rings, and they're sandwiched between two non rotating devices.
Over on one side, you can see the entry rotor on the right hand side. On the left hand side, you can see the reflector rotor. And every time you press a key, the current flows from the right to the left. It's turned around by the reflector rotor, goes from left to right and down to the body of the machine.
The whole system is a wee bit more complicated because by the time the war started, this is the Second World War of course, by the time the Second World War started, the Luftwaffe and the German Army have five rotors which they can use, but they can only put three in the machine at any one time of course, and the Navy were always more careful users.
They have eight rotors to choose from even though they only have a three rotor machine to use them in. But if you have eight rotors wired differently, you have a stronger cryptographic system than if you have five, and five of course is stronger than three.
There is at the bottom, there is a rotor. You can see it looking nice like a rotor. It didn't look very rotus like before, but there it is. If you look at the left hand side, you can see the notched flange, and then if you let your eye come in towards the center, you can see twenty six little brass contact studs flush with the face of the rotor.
If you flip the rotor over and look on the other side, you can see twenty six little sprung brass pins sticking out of the face of the rotor, and at the top of the screen, you can see a dissected rotor which shows that there is wiring inside.
It looks complicated, but it is conceptually very simple. Twenty six contacts on one side, twenty six contacts on the other. Inside, twenty six bits of wire, and each piece of wire merely joins a stud on one face to a pin on the other.
And when all wires are installed, every pin has one wire and one wire only, every stud has one wire and one wire only, and every wire connects a pin to a stud. And I'm sure you're already realizing that there are twenty six factorial ways in which the wires could be installed in the rotor.
So, that gives us a sort of crypto value for a single rotor of something like four times ten to the twenty six. And remember, given that we are dealing with a three rotor machine, the effect of having three rotors together is cubing that number.
In other words, sixty four times ten to the seventy eight. So, you begin to see where the big cryptographic power of the machine comes from. If we look down the bottom machine, we have an extra feature, the plug board, a vertical board. If we open the rather old fashioned oak case, we can see this vertical plug board at the front of the machine, and that carries twenty six pairs of sockets and a number of plugs and cables.
If you were to take the one plug and put it into the socket labeled V, and then the other end of the wire put the plug into the socket labeled T, then every time the machine would have given you a V as part of the output, it will now give you a T, and every time it would have given you a T, it will instead give you a V.
So, plugging V to T, for example, will interchange those two letters. An extra stage of scrambling in addition to what is happening inside the rotors, And the machine will work equally well with anything from no plugs at all to thirteen pairs of plugs on the face of the board, each one giving you a different cipher pattern, a different twist to the cipher pattern that the machine is creating.
And there are roundly five hundred million million ways in which you can arrange anything from no plugs to thirteen pairs of plugs on the face of the board. You might think, compare that to a single rotor. A single rotor is worth, as you've seen, four times ten to the twenty six.
Why bother with something that's only five hundred million million? Well, it's a useful multiplier, so it does increase the power, but also it provides easy changeability. This is a field machine. Germans could not hope that people in the field could re solder the connections inside the rotors and change the pattern of wiring by that means, but they could move the plugs around, and indeed the instructions which are brought down from on high to every single Enigma operator is that he changes the position of the plugs every day at midnight to new specified positions.
The operator does the change, but he does not decide to which plugs or which sockets these plugs are attached. So, the rules are laid down from on high every night at midnight. The basic wiring in every single Enigma machine changes, and that of course has immense repercussions at Bletchley Park, the British code breaking center.
It has immense repercussions because it is not a question of breaking Enigma once, and then sitting back and saying, right, we can read all the messages from now because we've done it. In fact, it's not like that at all. Every night for the whole of the war, you have to start afresh.
You have roughly twenty four hours to try to break the fresh crop of ciphers. If you can't do it, they've got to be put on one side because there's more pressing stuff coming in from the following day. So, the use of this plug board makes the problem at Bletchley Park very much more significant.
And if you think it's bad or hard work trying to break one Enigma cipher per day, it's far worse than that because the German communications were divided into something like thirty or forty different networks, and each one would have a different setup every day.
It's not a question of breaking Enigma once, and then sitting back and just being rewarded by being able to read all the messages. It's a question of trying to break thirty or forty Enigma ciphers every single day, every single night of the war.
And we did not break them all. If we look at the possible ways that a three rotor Enigma machine could be set up, it is that number there. I know you're accustomed to having big numbers, but this really is a big one because if you ask the astronomers how many atoms are there estimated to be in the observable universe, the answer is ten to the eighty.
So, we've got ten to the one hundred and fourteen here. That's for the basic three rotor machine, and that gave the Germans every confidence in the fact that nobody would be able to break the ciphers. They argued quite rightly that if you were to try one of these steps, one of these setups one after the other, work through them all three times ten to one hundred and fourteen, the war would have finished long before the first test was run.
Are they right? They certainly are right. If you give everybody in the world now one possible setting, give them a machine on which they can test one possible setting every ten seconds, in one year, they'd only test two point five times ten to the fifteen, and the target is three point two eight times ten to the one hundred and fourteen.
You cannot break enigma by trying one setting after the other, going trying to go through this whole range. What the Germans seemed to have failed to realize was that it might be mathematicians who would be the undoing. Imaginative mathematics was what was applied by these three Polish code breakers. Poland had the need.
Poland had the geniuses. Poland had a neighbor which was belligerent, and Poland therefore tackled enigma before anybody else did, and by nineteen thirty two, these three Polish mathematicians became the first people ever to break enigma, and we must admire them for having done that, and we must be grateful to them for doing it, because they handed on what they knew about enigma, so that it could live on in the hands of their allies, Britain and France.
They handed that information on before the start of World War II, and had they not done so, then the work at Bletchley Park, the British code breaking center, would not have got off to the flying start that it did. There it is. Some of you will have been.
I hope those who haven't been may go. It is a very informative museum, as it were, a museum site, containing now a lot of exhibitions which relate to the work that was done there during the war. Quite a modest sized house would have housed just a had about one hundred and something people there at the start of the war, but it grew hugely.
The place grew hugely. By the end of the war, there are over nine and a half thousand people working there. Of those people, the one you are most likely to have heard of course is Alan Turing. This is a good link with the Turing Fest that's brought us all here in this last couple of days.
There he is. That's the photograph of him taken when he was elected as a fellow of the Royal Society, and the most obvious thing that he did for Bletchley, it's not the only thing he did, but the most obvious thing, was to create this device, the bomb.
Confusingly named, but very powerful. It's not electronic. It's not a computer. It does not break Enigma, but it helps a codebreaker search for the settings of the Enigma machine. That is the problem. We knew what the machine was like, but there are so many settings that the machine could be set to, and that indeed were invoked day after day after day.
So many settings that could be used for a particular message. The problem is to find what they are. So, the code breakers have to look in the early hours of the morning when the fresh crop of intercepts is flowing down to Bletchley. They have to look at these and have to try to guess, to hypothesize that a particular part of a particular intercept lying on the desk in front of them actually represents a particular German word or phrase.
If they guess it sorry, if they make their guess, they can effectively plug that guess into the back of the machine. And you can see the front of the machine is covered in dozens of circular disks. Those are not captured Enigma rotors. Those are purpose made rotors, each one of which has two sets of twenty six terminals wired together in exactly the same pattern that we knew was inside the German Enigma machines, and we knew that because the Poles had worked it out and told us what it was before the war started.
So, each vertical group of three is a trial Enigma machine, and you set the machine running, and it runs a current through from top to bottom, and then it turns each rotor around sorry, it turns each one of three around one hundred twenty six of a revolution runs a current through again.
And what it's doing is searching a limited number of possibilities. It cannot search three times ten to the one hundred and fourteen. It's running through a limited number of possibilities to see whether any arrangement of the rotors which we knew were inside the German Enigma machines could have produced the intercept which is lying on the desk in front of you from your hypothesized or guessed word or phrase.
If it does, it might find a setting in which case you have then perhaps broken enigma for that network for that day, and you have to go on to the next thing. It may run through all the possibilities it can offer and say, no, you are wrong.
There is no match there possible. The work they did at Bletchley was significantly eased in certain areas if there were bad practice detected, bad practice at various levels on the German side. The operators themselves, the guys in the field actually pressing the keys, sometimes they took a non random choice of rotor settings.
They're meant to set the rotors before each message in a completely random way. They're meant to twiddle them around, and then use that as a random part of the start of the encryption procedure. Sometimes they didn't do that. Sometimes they would choose three letters, like three A's, or something like that, something predictable like that, something simple, something non random.
They then had to choose a second group of three letters and type those in to create a keyword which was going to inform the intended recipient of the setting of the machine being used by the sender. Sometimes they did not do that non randomly.
Sometimes they chose to choose, say, let's say HIT for the first group of three, and LER for the second. If they were patriotic, if they were romantic, they might choose a six letter version of the girlfriend's name, and if they were just generally bolshie like Squadies often are, they would choose a six letter swear word.
But all of these are non random. It's no problem if you use swear words provided you use a different swear word every single day. But of course that doesn't happen. If we could recognize that kind of procedure, then that would shorten the number of searchings that had to be carried out.
And sometimes, at the end of encrypting one message, it would look to the operator as though the rotors were in a totally random position. It does look the brain is not good at recognizing random and non random, and some operators would start a next message which was just based on the settings from the previous one.
If that were picked up at Bletchley, it would shorten the task that the code breakers had. The officers themselves were also quite often guilty of making mistakes. Very loyal officers, of which are a few, might choose to end every message by the words Heil Hitler.
If we knew that Luftwaffe Group sixty three always ended their messages with Heil Hitler, it meant we knew the identity of the last ten letters in an intercept, and that of course is a great gift to working out what the setting of that machine had to be.
Before the operator actually encrypted a message, he had to do this little setting on the machine. I've shown one or two people in Cromdale Hall. If anyone wants to come and see it afterwards, please do. There's a little red V there opposite seven.
If you pull over on the stud just below that, you can disengage the indicator ring from the wiring of the rotor and rotate the indicator ring to a different position relative to the rotor. That was done after they were put into the machine.
And there's a group of three. The setting there is seven twenty three one. Now, again, to the untutored eye, that looks random. So, often the guy would set those, and then slam the lid, and not realize that he defectively left it showing what the ring settings for the machine was for that day.
It might be just a one letter either side, or one number either side. So, it might be six, seven, or eight on one side, twenty two, twenty three, twenty four, or twenty six, one, and two. But if we plotted those coming into Bletchley Park, and saw a cluster on the plotting diagram, it meant that perhaps the ring settings were very close to the value there, seven, twenty three, zero, one, and you'd only tested three times three times three is twenty seven settings, instead of having to test twenty six times twenty six
times twenty six. The guy who thought of that was a guy called John Heravelle, who was scooped up and taken off to Bletchley as an undergraduate. Even though he was freshly there, people actually listened to him, because anyone who had an idea, a good idea, was listened to irrespective of rank or age.
There were other mistakes made higher up the chain in the departments that were deciding that the Enigma machine should be used throughout the armed forces. Few rotor wiring patterns were used. You've seen that there are four times ten to twenty six possible. They only used the Luftwaffe, and the army only used five throughout the whole of the war.
In the early days, they didn't change the rotors. They didn't shuffle the rotor around frequently. This was very helpful to the Poles who were doing that initial code breaking. Sometimes, there were repetitions in the instructions of what you were meant to do. You were told to actually encrypt something twice, a fatal mistake because any repetition in encryption is a potential gift to the enemy, and the enemy took advantage of it.
The Polish techniques were based on identifying this repetition. That was canceled in May nineteen forty, but the harm had been done by then. And finally, some of the settings books, these little books that were issued throughout the armed forces to tell the operators what their daily settings should be.
Sometimes these were not correctly compiled because of a misunderstanding of what random actually meant, and these sorts of things could be detected at Bletchley Park. If they were, they made a significant difference to reducing the number of tests that had to be carried out.
So, that's some of the features that were taken advantage of at Bletchley Park, and it is of course a reminder of the way in which, however sophisticated the system, it's often the human being who actually provides the weakest possible link in the whole thing.