Lorenz cipher
The Lorenz SZ40, SZ42a and SZ42b were German rotor stream cipher machines used by the German Army during World War II. They were developed by C. Lorenz AG in Berlin. The model name SZ is derived from Schlüssel-Zusatz, meaning cipher attachment. The instruments implemented a Vernam stream cipher.
British cryptanalysts, who referred to encrypted German teleprinter traffic as Fish, dubbed the machine and its traffic Tunny and deduced its logical structure three years before they saw such a machine.
The SZ machines were in-line attachments to standard teleprinters. An experimental link using SZ40 machines was started in June 1941. The enhanced SZ42 machines were brought into substantial use from mid-1942 onwards for high-level communications between the German High Command in Wünsdorf close to Berlin, and Army Commands throughout occupied Europe. The more advanced SZ42A came into routine use in February 1943 and the SZ42B in June 1944.
Radioteletype rather than land-line circuits was used for this traffic. These audio frequency shift keying non-Morse messages were picked up by Britain's Y-stations at Knockholt in Kent, its outstation at Higher Wincombe in Wiltshire, and at Denmark Hill in south London, and forwarded to the Government Code and Cypher School at Bletchley Park. Some were deciphered using hand methods before the process was partially automated, first with Robinson machines and then with the Colossus computers. The deciphered Lorenz messages made one of the most significant contributions to British Ultra military intelligence and to Allied victory in Europe, due to the high-level strategic nature of the information that was gained from Lorenz decrypts.
History
After the Second World War, a group of British and US cryptanalysts entered Germany with the front-line troops to capture the documents, technology and personnel of the various German signal intelligence organizations before these secrets could be destroyed, looted, or captured by the Soviets. They were called the Target Intelligence Committee: TICOM.From captured German cryptographers Drs Huttenhain and Fricke they learnt of the development of the SZ40 and SZ42 a/b. The design was for a machine that could be attached to any teleprinter. The first machine was referred to as the SZ40 which had ten rotors with fixed cams. It was recognised that the security of this machine was not great. The definitive SZ40 had twelve rotors with movable cams. The rightmost five rotors were called Spaltencäsar but named the Chi wheels by Bill Tutte. The leftmost five were named Springcäsar, Psi wheels to Tutte. The middle two Vorgeleger rotors were called Mu or motor wheels by Tutte.
The five data bits of each ITA2-coded telegraph character were processed first by the five chi wheels and then further processed by the five psi wheels. The cams on the wheels reversed the value of a bit if in the raised position, but left it unchanged if in the lowered position.
Vernam cipher
was an AT&T Bell Labs research engineer who, in 1917, invented a cipher system in which the plaintext bitstream is enciphered by combining it with a random or pseudorandom bitstream to generate the ciphertext. This combination is done using the Boolean "exclusive or" function, symbolised by ⊕. This is represented by the following "truth table", where 1 represents "true" and 0 represents "false".Other names for this function are: Not equal, modulo 2 addition and modulo 2 subtraction.
Vernam's cipher is a symmetric-key algorithm, i.e. the same key is used both to encipher plaintext to produce the ciphertext and to decipher ciphertext to yield the original plaintext:
and:
This produces the essential reciprocity that allows the same machine with the same settings to be used for both encryption and decryption.
Vernam's idea was to use conventional telegraphy practice with a paper tape of the plaintext combined with a paper tape of the key. Each key tape would have been unique, but generating and distributing such tapes presented considerable practical difficulties. In the 1920s four men in different countries invented rotor cipher machines to produce a key stream to act instead of a tape. The 1940 Lorenz SZ40/42 was one of these.
Operating Principle
The logical functioning of the Tunny system was worked out well before the Bletchley Park cryptanalysts saw one of the machines—which only happened in 1945, as Germany was surrendering to the Allies.Image:SZ42-6-wheels-lightened.jpg|right|400px|thumbnail|The Lorenz SZ machines had 12 wheels each with a different number of cams.
| OKW/Chi wheel name | A | B | C | D | E | F | G | H | I | K | L | M |
| BP wheel name | ψ1 | ψ2 | ψ3 | ψ4 | ψ5 | μ37 | μ61 | χ1 | χ2 | χ3 | χ4 | χ5 |
| Number of cams | 43 | 47 | 51 | 53 | 59 | 37 | 61 | 41 | 31 | 29 | 26 | 23 |
The SZ machine served as an in-line attachment to a standard Lorenz teleprinter. It had a metal base and was high. The teleprinter characters consisted of five data bits, encoded in the International Telegraphy Alphabet No. 2. The SZ machine generated a stream of pseudorandom characters as the key that was combined with the plaintext input characters to form the ciphertext output characters. The combination was by means of the XOR process.
The key stream consisted of two component parts that were XOR-ed together. These were generated by two sets of five wheels which rotated together. The Bletchley Park cryptanalyst Bill Tutte called these the χ wheels, and the ψ wheels. Each wheel had a series of cams around their circumference. These cams could be set in a raised or lowered position. In the raised position they generated a '1' which reversed the value of a bit, in the lowered position they generated a '0' which left the bit unchanged. The number of cams on each wheel equalled the number of impulses needed to cause them to complete a full rotation. These numbers are all co-prime with each other, giving the longest possible time before the pattern repeated. This is the product of the number of positions of the wheels. For the set of χ wheels it was 41 × 31 × 29 × 26 × 23 = 22,041,682 and for the ψ wheels it was 43 × 47 × 51 × 53 × 59 = 322,303,017. The number of different ways that all twelve wheels could be set was i.e. 16 billion billion.
The set of five χ wheels all moved on one position after each character had been enciphered. The five ψ wheels, however, advanced intermittently. Their movement was controlled by the two μ or "motor" wheels in series. The SZ40 μ61 motor wheel stepped every time but the μ37 motor wheel stepped only if the first motor wheel was a '1'. The ψ wheels then stepped only if the second motor wheel was a '1'. The SZ42A and SZ42B models added additional complexity to this mechanism, known at Bletchley Park as Limitations. Two of the four different limitations involved characteristics of the plaintext and so were autoclaves.
The key stream generated by the SZ machines thus had a χ component and a ψ component. Symbolically, the key that was combined with the plaintext for enciphering and with the ciphertext for deciphering, can be represented as follows.
However to indicate that the ψ component often did not change from character to character, the term extended psi was used, symbolised as: Ψ'. So enciphering can be shown symbolically as:
and deciphering as:
Operation
Each "Tunny" link had four SZ machines with a transmitting and a receiving teleprinter at each end. For enciphering and deciphering to work, the transmitting and receiving machines had to be set up identically. There were two components to this; setting the patterns of cams on the wheels and rotating the wheels for the start of enciphering a message. The cam settings were changed less frequently before summer 1944. The ψ wheel cams were initially only changed quarterly, but later monthly, the χ wheels were changed monthly but the motor wheel patterns were changed daily. From 1 August 1944, all wheel patterns were changed daily.Initially the wheel settings for a message were sent to the receiving end by means of a 12-letter indicator sent un-enciphered, the letters being associated with wheel positions in a book. In October 1942, this was changed to the use of a book of single-use settings in what was known as the QEP book. The last two digits of the QEP book entry were sent for the receiving operator to look up in his copy of the QEP book and set his machine's wheels. Each book contained one hundred or more combinations. Once all the combinations in a QEP book had been used it was replaced by a new one. The message settings should never have been re-used, but on occasion they were, providing a "depth", which could be utilised by a cryptanalyst.
As was normal telegraphy practice, messages of any length were keyed into a teleprinter with a paper tape perforator. The typical sequence of operations would be that the sending operator would punch up the message, make contact with the receiving operator, use the EIN / AUS switch on the SZ machine to connect it into the circuit, and then run the tape through the reader. At the receiving end, the operator would similarly connect his SZ machine into the circuit and the output would be printed up on a continuous sticky tape. Because this was the practice, the plaintext did not contain the characters for "carriage return", "line feed" or the null character.