Seizing the Enigma
Book written by David Kahn
Book review by Adam Firestone
Bottom Line
I don't recommend this nonfiction book for the Cybersecurity Canon Hall of Fame, but if you are interested in the topic, this is a good one to read.
Review
The Battle of the Atlantic was the longest continuous campaign of World War Two, stretching from September 1939 through May 1945. At stake was the Allied ability to keep Britain and the Soviet Union supplied with food and war materiel produced in Canada and the United States, and to move troops from North America to Europe and North Africa. The combatants arrayed the U-boats (submarines) and surface combatants of the Kriegsmarine (German Navy) and aircraft of the Luftwaffe (German Air Force) against the combined forces of the British Royal Navy, the Royal Canadian Navy, the United States Navy, and the Allied merchant marines.
It's no exaggeration to say that the outcome of the war hinged on the Allied ability to counter the threat posed by the U-boats. Between May and October 1940, over 270 Allied ships were sunk, threatening to starve Britain out of the war. Similarly, between January and June 1942, nearly 400 were sent to the bottom by U-boats operating off the American Atlantic coast.
The Achilles’ heel of the U-boat campaign was the requirement to use wireless communications for command and control. Aware of this vulnerability, the Kriegsmarine encoded all transmissions to and from its submarines using a state-of-the-art encryption device, specially hardened for naval use, called the Enigma. As the Enigma used symmetric cryptography, derivation of its keys in a timely manner would enable the Allies to read German traffic in real time, allowing for the critical merchant convoys to be routed so as to avoid the U-boat wolf packs, and for Allied antisubmarine forces to hunt down and destroy the U-boats. But, in order to break the keys, the Allies needed an edge; they needed examples of recent German key material from which to work.
In Seizing the Enigma: The Race To Break The German U-boat Codes, 1939-1943, David Kahn tells the story of how the Royal Navy conducted daring cloak-and-dagger special operations to obtain Enigma materials (keys and devices) that the Government Code and Cipher School (the British wartime code-breaking establishment located at Bletchley Park) needed to crack Enigma. In an engaging, highly readable style, Kahn brings his readers along on commando raids on German weather ships in the North Atlantic and daring boarding operations that captured U-boats and their secure communications equipment intact. Perhaps more impressive are Kahn’s descriptions of the cryptanalytic efforts of the famous Polish cryptanalysts Marian Rejewski, Jerzy Różycki and Henryk Zygalski (who had, using manual methods, broken the pre-war versions of the Enigma), and the staff at Bletchley Park. Kahn’s deep technical knowledge of cryptography is mated with a singular ability to articulate complex concepts in a manner that makes them both accessible and interesting to the layperson.
Kahn also remains intellectually and historically honest throughout the book. He stresses that Ultra (the code name for the intelligence material generated from the Enigma decrypts), while enabling the Allies to save lives, materiel, and time, was not the decisive factor in the Battle of the Atlantic. Over the course of war, Kahn recognizes that Anglo-American forces gained a war-winning advantage in technology and firepower. Additionally, Allied shipyards produced replacement hulls at a pace faster than U-boats could sink them. Seizing the Enigma is an excellent work illustrating how brawn and brains combined to defeat the U-boats. At worst, it’s entertaining, well-written, and informative.
However, Seizing the Enigma is far more than an interesting war story or a fascinating piece of technical history. For the cybersecurity professional, it’s a cautionary tale about the criticality of key management. While the Enigma certainly had design flaws (e.g., a letter could never be encrypted as itself), it was a reasonably secure, successful device. It shared much in common with the British Typex and the American SIGABA encryption devices, neither of which was (as far as it is known) ever broken during the war. The core of the Enigma’s weakness was its nature as a symmetric cryptography device.
In symmetric cryptography, the same key is used to encrypt and decrypt a given plaintext. That works well when the number of correspondents is relatively small and/or when they are in a relatively confined geographic area. For example, if Alice and Bob need to exchange messages securely, and they work across the hall from each other, life is grand. Alice generates a key, waits until Bob is the only person in the office, and hands him the key. In this scenario, there is no possibility of interception and the act of exchanging, or transmitting, the key is simple, low effort, and low cost.
But what if Bob isn’t across the hall, but across the country? How does Alice get the key to Bob in a way that ensures it hasn’t been intercepted, copied, and/or tampered with? Conventional telephone lines are subject to eavesdropping, as are mechanisms like email, text messaging, and many messaging applications. In this case, the most secure thing to do would be to have Bob fly to the city where Alice is so that the two could meet and perform a face-to-face exchange. This, however, significantly raises the time and expense associated with key management.
Or, what if there are many people with whom Alice wants to exchange messages securely? In that case, assuming that only a single key is being transferred, Alice has to meet with and exchange the key with many correspondents. Even if all of Alice’s correspondents are in the same building, this could take many hours. In the event that Alice’s correspondents are geographically distributed, the effort required to exchange keys securely takes on a positively industrial scale, requiring the physical transportation of key media locally, regionally, or globally. The problem grows rapidly in magnitude as the number of participants in the communication network increases, with Alice, her participants, or, possibly, some trusted intermediary, physically moving the key to each participant.
And, if Alice wants things to be even more secure, she might have a unique key for each of her correspondents, and require each of them to have a unique key to communicate with all the other correspondents in the network. In that case, the number of keys that Alice has to manage and distribute is determined by the formula:
Number of keys = N(N-1)2 , where N represents the total number of participants in the network.
So, in a case where Alice has ten (10) correspondents, the total number of participants is eleven (11) (including Alice) and therefore there are a total of 55 keys to manage.
This is a microcosm of what the German naval Enigma operation required with respect to key management. The Enigma key material consisted of a set of operating instructions that were changed out every month, as well as a code book containing four letter groups representing many kinds of sentences regarding tactical information such as course, enemy reports, position grids or weather reports. All of this had to be provided securely, on a recurrent basis to each U-boat, support vessel, and headquarters organization.
As a result of this broad dissemination, the British were able to perform effective side channel attacks against Enigma that didn’t require them to break the device’s native security mechanisms. Instead, as Kahn recounts in Seizing the Enigma, they went after flaws in the implementation of the overall cryptosystem. That is to say, they stole keys from isolated weather observation vessels and captured U-boats. While the Enigma itself may have been secure enough, the dissemination of key material to many, relatively insecure endpoints, across inherently insecure channels, on a recurrent basis, created a systemic vulnerability subject to exploitation. As a result of these side channel attacks on systemic vulnerabilities, it can reasonably be argued that the Germans lost the Second World War.
And this is where Seizing the Enigma offers valuable insight for today’s cybersecurity professional: It’s not your crypto that you have to worry about. It’s the constellation of mechanisms that enable the overall cryptosystem to effectively secure your information assets. The American philosopher George Santayana once said “Those who cannot remember the past are condemned to repeat it.” As Kahn so ably points out, good people died so that the Allies, and by extension, modern security professionals, could learn lessons about ensuring that the totality of a cryptosystem is secure. We would do well to remember that bit of the past.