The Chaocipher Clearing House
Progress Report #4
My current Chaocipher hypothesis
Based
on the case I made (in Progress Report #3) for a 13- or 26-letter
blocking factor (in Progress
Report #3) I'd like to list my current hypothesis about
Chaocipher (incorporating Greg Mellen's original hypothesis) based on
Exhibit 1:
- The system involves 13- or
26-letter blocks of plaintext
- There is a small
number of alphabets (e.g., 26) derived from the interaction between a
plaintext alphabet and a cipher component
- The
keying sequence determines the specific alphabet used
- The
keying sequence is such that no alphabet is ever reused until at least
nine letters later.
How is key
management handled for Chaocipher?
In "Silent Years" (page
283)
Byrne writes about Exhibit #4:
"This
encipherment is distinguished from the other three in that it bears
within itself full and complete instructions to an initiate for its
decipherment".
Byrne is apparently
referring to a key management question: upon receiving a message, how
does an initiate know what the machine settings should be to decipher
the message? This is a well-known term in cryptography
related to the generation, exchange, safeguarding, use, and replacement
of keys. The recipient of a message needs to know how to set
up the machine before commencing decipherment.
There
are two types of ciphers: symmetric- and asymmetric-key algorithms.
Symmetric-key algorithms use trivially related, often
identical, cryptographc keys for both decryption and encryption.
Asymmetric-key algorithms (i.e. public-key cryptography), on
the other hand, use a different key for enciphering and deciphering.
It
is safe to assume that Chaocipher is a symmetric-key algorithm.
In this case both the sender and the recipient must know the
identical key. So what did Byrne mean by "... it
bears within itself full and complete instructions to an initiate for
its decipherment"? Two possibilities come to mind:
- The
machine setting is enciphered using a base machine setting
- The
parties have an agreed-upon base machine setting (called BASE).
- When
sending a new message the sender defines a new machine setting (called
NEW).
- A textual form of NEW is enciphered using
BASE producing NEW-prime.
- The message being sent is
enciphered using NEW.
- NEW-prime is inserted at a
predetermined position in the final ciphertext.
- The
recipient extracts NEW-prime, uses BASE to get NEW, and sets up the
machine with NEW to decipher the message.
- The
key is placed in the ciphertext in-the-clear.
The
method of encoding the message's setting with a base machine setting is
not new -- this is how the Germans enciphered their
Enigma message settings. If this is what Byrne did
then it's a bit too much for me at this stage. Let's examine
the second possibility that the settings are embedded in the ciphertext.
I
assumed that part of the key would be the plaintext and cipher slide
component alphabets. To this end I wrote a script to
determine whether any non-encrypted alphabets were embedded in Exhibit
#4. An alphabet could be inserted in one of the following two
ways:
- An entire alphabet on N letters
(e.g., N=26) is mixed and then inserted into the ciphertext stream.
- N-1
letters of an alphabet are mixed and inserted. The Nth letter
of the alphabet can be left off since it is implictly known when the
other N-1 letters are extracted.
There was another
complication to consider. Suppose the sender wants to
transmit two or more mixed alphabets. He could send them
consecutively, or send the first letters of all the alphabets first,
followed by all the second letters, etc.
Here are
some examples to clarify the point. For the demonstration
let's assume the sender wants to transmit three mixed alphabets (e.g.,
corresponding to the plaintext, ciphertext, and keying alphabets):
pt:
XOHRWNGEVMFPTKDLZSJBUYQIAC
ct:
CAKWUBMXLDNYPFOZEGQHSITRJV
key:
AIQYEMUGOWCKSDLTFNVHPXBJRZ
(a)
Sending all three alphabets sequentially, all 26 letters
"...XOHRWNGEVMFPTKDLZSJBUYQIACCAKWUBMXLDNYPFOZEGQHSITRJVAIQYEMUGOWCKSDLTFNVHPXBJRZ..."
(b)
Sending all three alphabets sequentially, only 25 letters
"...XOHRWNGEVMFPTKDLZSJBUYQIACAKWUBMXLDNYPFOZEGQHSITRJAIQYEMUGOWCKSDLTFNVHPXBJR..."
(c)
Sending all i-th letters together, i=1...26
"...XCA OAI HKQ RWY WUE NBM
GMU EXG VLO MDW FNC PYK TPS KFD DOL LZT ZEF SGN JQV BHH USP YIX QTB IAC
RJV JRZ..."
The script has to handle
all of these cases. I wrote a Perl script, find_hidden_alphabet.pl, to
do the dirty work. You can download the script from here.
Conclusion: No
alphabets were embedded in this fashion within Exhibit #4.
Update (9 March 2009): Comment from Jeffrey Hill
On 9 March 2009 I received an e-mail from Jeffrey Hill with the following comment:
In PR #4, as far as what Byrne has to say about Exhibit 4, i.e. "... it
bears within itself full and complete instructions to an initiate for
its decipherment", I am more inclined to believe that he is referring
to the title of Exhibit 4, "A Glimpse of Chaos", which could
be transformed in various ways to produce key alphabets. Providing the
key in this way would likely be a one-time, special event to tantalize
any would-be solvers of Exhibit 4 rather than a standard procedure. An
Initiate would not only know the correct way to transform the Key
Phrase, "A Glimpse of Chaos", into one or more keys, he would also have
a Chaocipher Device on which to make the settings specified by the
keys. Byrne, therefore, did not risk anything by providing the Key
Phrase.
Jeff's idea regarding the title of Exhibit #4 being the key phrase for
generating the settings is perfectly logical. With so much unknown
about the cipher mechanism there seems little we can do to capitalize
on this hypothesis. It will have to wait as a different post-solution
project -- determining how Byrne communicated the key.
Copyright
(c) 2009 Moshe Rubin