Editing Rotor machine

{{Short description|Class of electromechanical encryption devices, used widely from the 1920s to the 1970s}}
{{Distinguish|Rotary system}}
{{more footnotes needed|date=March 2009}}
[[Image:Enigma rotor set.png|thumbnail|right|A series of three rotors from an Enigma machine, used by Germany during World War II]]
[[Image:Enigma rotor exploded view.png|thumb|Exploded view of an Enigma machine rotor:1-Notched ring, 2-Dot marking the position of the "A" contact, 3-Alphabet "tyre" or ring, 4-Electrical plate contacts, 5-Wire connections, 6-Spring-loaded pin contacts, 7-Spring-loaded ring adjustment pin, 8-Hub, through which fits the central axle, 9-Finger wheel, 10-Ratchet mechanism]]

In [[cryptography]], a '''rotor machine''' is an electro-mechanical [[stream cipher]] device used for [[encryption|encrypting]] and decrypting messages. Rotor machines were the cryptographic state-of-the-art for much of the 20th century; they were in widespread use from the 1920s to the 1970s. The most famous example is the German [[Enigma machine]], the output of which was deciphered by the Allies during World War II,  producing intelligence code-named ''[[Ultra (cryptography)|Ultra]]''.

==Description==
The primary component of a rotor machine is a set of ''rotors'', also termed ''wheels'' or ''drums'', which are rotating disks with an array of [[electrical contact]]s on either side. The wiring between the contacts implements a fixed [[substitution alphabet|substitution]] of letters, replacing them in some complex fashion. On its own, this would offer little security; however, before or after encrypting each letter, the rotors advance positions, changing the substitution. By this means, a rotor machine produces a complex [[polyalphabetic substitution]] cipher, which changes with every key press.

==Background==
[[Image:Tatjavanvark-rotors.jpg|thumbnail|40-point rotors from a machine made by Tatjana van Vark]]

In [[classical cryptography]], one of the earliest encryption methods was the simple [[substitution cipher]], where letters in a message were systematically replaced using some secret scheme. ''Monoalphabetic'' substitution ciphers used only a single replacement scheme &mdash; sometimes termed an "alphabet"; this could be easily broken, for example, by using [[frequency analysis]]. Somewhat more secure were schemes involving multiple alphabets, [[polyalphabetic cipher]]s. Because such schemes were implemented by hand, only a handful of different alphabets could be used; anything more complex would be impractical. However, using only a few alphabets left the ciphers vulnerable to attack. The invention of rotor machines mechanised polyalphabetic encryption, providing a practical way to use a much larger number of alphabets.

The earliest cryptanalytic technique was [[frequency analysis]], in which letter patterns unique to every language could be used to discover information about the substitution alphabet(s) in use in a mono-alphabetic [[substitution cipher]]. For instance, in English, the plaintext letters E, T, A, O, I, N and S, are usually easy to identify in ciphertext on the basis that since they are very frequent, their corresponding ciphertext letters will also be as frequent. In addition, [[bigram]] combinations like NG, ST and others are also very frequent, while others are rare indeed (Q followed by anything other than U for instance). The simplest frequency analysis relies on one [[ciphertext]] letter always being substituted for a [[plaintext]] letter in the cipher: if this is not the case, deciphering the message is more difficult. For many years, cryptographers attempted to hide the telltale frequencies by using several different substitutions for common letters, but this technique was unable to fully hide patterns in the substitutions for plaintext letters. Such schemes were being widely broken by the 16th century.

In the mid-15th century, a new technique was invented by [[Leone Battista Alberti|Alberti]], now known generally as [[polyalphabetic cipher]]s, which recognised the virtue of using more than a single substitution alphabet; he also invented a simple technique for "creating" a multitude of substitution patterns for use in a message. Two parties exchanged a small amount of information (referred to as the ''[[Cryptographic key|key]]'') and used it to create many substitution alphabets, and so many different substitutions for each plaintext letter over the course of a single plaintext. The idea is simple and effective, but proved more difficult to use than might have been expected. Many ciphers were only partial implementations of Alberti's, and so were easier to break than they might have been (e.g. the [[Vigenère cipher]]).

Not until the 1840s (Babbage) was any technique known which could reliably break any of the polyalphabetic ciphers. His technique also looked for repeating patterns in the [[ciphertext]], which provide clues about the length of the key. Once this is known, the message essentially becomes a series of messages, each as long as the length of the key, to which normal frequency analysis can be applied. [[Charles Babbage]], [[Friedrich Kasiski]], and [[William F. Friedman]] are among those who did most to develop these techniques.

Cipher designers tried to get users to use a different substitution for every letter, but this usually meant a very long key, which was a problem in several ways. A long key takes longer to convey (securely) to the parties who need it, and so mistakes are more likely in key distribution. Also, many users do not have the patience to carry out lengthy, letter-perfect evolutions, and certainly not under time pressure or battlefield stress. The 'ultimate' cipher of this type would be one in which such a 'long' key could be generated from a simple pattern (ideally automatically), producing a cipher in which there are so many substitution [[alphabet]]s that frequency counting and statistical attacks would be effectively impossible. Enigma, and the rotor machines generally, were just what was needed since they were seriously polyalphabetic, using a different substitution alphabet for each letter of plaintext, and automatic, requiring no extraordinary abilities from their users. Their messages were, generally, much harder to break than any previous ciphers.

==Mechanization==
It is straightforward to create a machine for performing simple substitution. In an electrical system with 26 switches attached to 26 light bulbs, any one of the switches will illuminate one of the bulbs.
If each switch is operated by a key on a [[typewriter]], and the bulbs are labelled with letters, then such a system can be used for encryption by choosing the wiring between the keys and the bulb: for example, typing the letter {{mono|A}} would make the bulb labelled {{mono|Q}} light up. However, the wiring is fixed, providing little security.

Rotor machines change the interconnecting wiring with each key stroke. The wiring is placed inside a rotor, and then rotated with a gear every time a letter is pressed. 
So while pressing {{mono|A}} the first time might generate a {{mono|Q}}, the next time it might generate a {{mono|J}}. Every letter pressed on the keyboard increments the rotor position and get a new substitution, implementing a polyalphabetic substitution cipher.

Depending on the size of the rotor, this may, or may not, be more secure than hand ciphers. If the rotor has only 26 positions on it, one for each letter, then all messages will have a (repeating) key 26 letters long. Although the key itself (mostly hidden in the wiring of the rotor) might not be known, the methods for attacking these types of ciphers don't need that information. So while such a ''single rotor'' machine is certainly easy to use, it is no more secure than any other partial polyalphabetic cipher system.

But this is easy to correct. Simply stack more rotors next to each other, and gear them together. After the first rotor spins "all the way", make the rotor beside it spin one position. Now you would have to type 26 × 26 = 676 letters (for the [[Latin alphabet]]) before the key repeats, and yet it still only requires you to communicate a key of two letters/numbers to set things up. If a key of 676 length is not long enough, another rotor can be added, resulting in a period 17,576 letters long.

In order to be as easy to decipher as encipher, some rotor machines, most notably the [[Enigma machine]], embodied a [[symmetric-key algorithm]], i.e., encrypting twice with the same settings recovers the original message (see [[involution (mathematics)|involution]]).

==History==

===Invention===
{{citation needed|reason=section|date=February 2017}}
The concept of a rotor machine occurred to a number of inventors independently at a similar time.

In 2003, it emerged that the first inventors were two [[Royal Netherlands Navy|Dutch naval officers]], Theo A. van Hengel (1875–1939) and R. P. C. Spengler (1875–1955) in 1915 (De Leeuw, 2003). Previously, the invention had been ascribed to four inventors working independently and at much the same time: [[Edward Hebern]], [[Arvid Damm]], [[Hugo Koch]] and [[Arthur Scherbius]].

In the [[United States]] [[Edward Hugh Hebern]] built a rotor machine using a single rotor in 1917. He became convinced he would get rich selling such a system to the military, the [[Hebern Rotor Machine]], and produced a series of different machines with one to five rotors. His success was limited, however, and he went [[bankrupt]] in the 1920s. He sold a small number of machines to the [[US Navy]] in 1931.

In Hebern's machines the rotors could be opened up and the wiring changed in a few minutes, so a single mass-produced system could be sold to a number of users who would then produce their own rotor keying. Decryption consisted of taking out the rotor(s) and turning them around to reverse the circuitry. Unknown to Hebern, [[William F. Friedman]] of the [[United States Army|US Army]]'s [[Signals Intelligence Service|SIS]] promptly demonstrated a flaw in the system that allowed the ciphers from it, and from any machine with similar design features, to be cracked with enough work.

Another early rotor machine inventor was Dutchman [[Hugo Koch]], who filed a [[patent]] on a rotor machine in 1919. At about the same time in [[Sweden]], [[Arvid Gerhard Damm]] invented and patented another rotor design. However, the rotor machine was ultimately made famous by [[Arthur Scherbius]], who filed a rotor machine patent in 1918. Scherbius later went on to design and market the [[Enigma machine]].

===The Enigma machine===
{{main article|Enigma machine}}
[[File:EnigmaMachineLabeled.jpg|thumbnail|right|A German Enigma machine]]
The most widely known rotor cipher device is the German [[Enigma machine]] used during World War II, of which there were a number of variants.

The standard Enigma model, Enigma I, used three rotors. At the end of the stack of rotors was an additional, non-rotating disk, the "reflector," wired such that the input was connected electrically back out to another contact on the same side and thus was "reflected" back through the three-rotor stack to produce the [[ciphertext]].

When current was sent into most other rotor cipher machines, it would travel through the rotors and out the other side to the lamps. In the Enigma, however, it was "reflected" back through the disks before going to the lamps.  The advantage of this was that there was nothing that had to be done to the setup in order to decipher a message; the machine was "symmetrical".

The Enigma's reflector guaranteed that no letter could be enciphered as itself, so an ''A'' could never turn back into an ''A''. This helped Polish and, later, British efforts to break the cipher. (''See'' [[Cryptanalysis of the Enigma]].)

Scherbius joined forces with a mechanical engineer named Ritter and formed Chiffriermaschinen AG in [[Berlin]] before demonstrating Enigma to the public in [[Bern]] in 1923, and then in 1924 at the World Postal Congress in [[Stockholm]]. In 1927 Scherbius bought Koch's patents, and in 1928 they added a ''plugboard'', essentially a non-rotating manually rewireable fourth rotor, on the front of the machine. After the death of Scherbius in 1929, [[Willi Korn]] was in charge of further technical development of Enigma.

As with other early rotor machine efforts, Scherbius had limited commercial success. However, the German armed forces, responding in part to revelations that their codes had been broken during World War I, adopted the Enigma to secure their communications. The ''[[Reichsmarine]]'' adopted Enigma in 1926, and the [[Reichswehr|German Army]] began to use a different variant around 1928.

The Enigma (in several variants) was the rotor machine that Scherbius's company and its successor, Heimsoth & Reinke, supplied to the German military and to such agencies as the Nazi party security organization, the ''[[Sicherheitsdienst|SD]]''.

The [[Poland|Poles]] broke the German Army Enigma beginning in December 1932, not long after it had been put into service. On July 25, 1939, just five weeks before Hitler's invasion of Poland, the [[Polish General Staff]]'s [[Polish Cipher Bureau|Cipher Bureau]] shared its Enigma-decryption methods and equipment with the French and British as the Poles' contribution to the common defense against Nazi Germany. [[Dilly Knox]] had already broken Spanish Nationalist messages on a commercial Enigma machine in 1937 during the [[Spanish Civil War]].

A few months later, using the Polish techniques, the British began reading Enigma ciphers in collaboration with [[Polish Cipher Bureau]] cryptologists who had escaped Poland, overrun by the Germans, to reach [[Paris]]. The Poles  continued breaking German Army Enigma—along with [[Luftwaffe]] Enigma traffic—until work at Station ''[[PC Bruno]]'' in France was shut down by the German invasion of May–June 1940.

The British continued breaking Enigma and, assisted eventually by the United States, extended the work to German Naval Enigma traffic (which the Poles had been reading before the war), most especially to and from [[U-boat]]s during the [[Battle of the Atlantic]].

===Various machines===
[[File:Enigma rotor.jpg|thumb|right|The rotor stack from an Enigma rotor machine. The rotors of this machine contain 26 contacts.]]
During [[World War II]] (WWII), both the Germans and Allies developed additional rotor machines. The Germans used the [[Lorenz SZ 40/42]] and [[Siemens and Halske T52]] machines to encipher teleprinter traffic which used the [[Baudot code]]; this traffic was known as [[Fish (cryptography)|Fish]] to the Allies. The Allies developed the [[Typex]] (British) and the [[SIGABA]] (American). During the War the [[Switzerland|Swiss]] began development on an Enigma improvement which became the [[NEMA machine]] which was put into service after World War II. There was even a Japanese developed variant of the Enigma in which the rotors sat horizontally; it was apparently never put into service. The Japanese [[PURPLE]] machine was not a rotor machine, being built around electrical [[stepping switch]]es, but was conceptually similar.

Rotor machines continued to be used even in the computer age. The [[KL-7]] (ADONIS), an encryption machine with 8 rotors, was widely used by the U.S. and its allies from the 1950s until the 1980s. The last [[Canada|Canadian]] message encrypted with a KL-7 was sent on June 30, 1983. The Soviet Union and its allies used a 10-rotor machine called [[Fialka]] well into the 1970s.

[[Image:Typex nocase.jpg|thumbnail|right|Typex was a printing rotor machine used by the United Kingdom and its Commonwealth, and was based on the Enigma patents.]]
[[File:SIGCUM.jpg|thumb|The U.S. SIGCUM was a  five rotor system used to encrypt teletype traffic.]]
A unique rotor machine called the Cryptograph was constructed in 2002 by [[Netherlands]]-based Tatjana van Vark. This unusual device is inspired by Enigma, but makes use of 40-point rotors, allowing letters, numbers and some punctuation; each rotor contains 509 parts.

A software implementation of a rotor machine was used in the [[crypt (Unix)|crypt]] command that was part of early [[Unix|UNIX]] operating systems. It was among the first software programs to run afoul of [[Export of cryptography#Cold War era|U.S. export regulations]] which classified [[cryptographic]] implementations as munitions.

==List of rotor machines==
* [[BID/60]] (Singlet)
* [[Combined Cipher Machine]]
* [[Enigma machine]]
* [[Fialka]]
* [[Boris Hagelin|Hagelin's]] machines including 
** [[C-36 (cipher machine)|C-36]], 
** [[C-52 (cipher machine)|C-52]] 
** [[CD-57]] 
** [[M-209]]
* [[Hebern rotor machine]]
* [[HX-63]]
* [[KL-7]]
* [[Lacida]]
* [[Lorenz cipher|Lorenz SZ 40/42]]
* [[M-325]]
* [[Mercury (cipher machine)|Mercury]]
* [[NEMA (machine)|NEMA]]
* [[OMI cryptograph]]
* [[RED (cipher machine)|RED]]
* [[Siemens and Halske T52]]
* [[SIGABA]]
* [[SIGCUM]]
* [[Typex]]

==References==
* [[Friedrich L. Bauer]], "An error in the history of rotor encryption devices", Cryptologia 23(3),  July 1999, page 206.
* Cipher A. Deavours, Louis Kruh, "Machine Cryptography and Modern Cryptanalysis", Artech House, 1985. {{ISBN|0-89006-161-0}}.
* Karl de Leeuw, "The Dutch invention of the rotor machine, 1915 - 1923." Cryptologia 27(1), January 2003, pp73&ndash;94.

==External links==
* [http://www.jproc.ca/crypto/ Site with cipher machine images, many of rotor machines]
* [http://home.ca.inter.net/~hagelin/crypto.html Rotor machine photographs]
* [http://users.telenet.be/d.rijmenants/en/timeline.htm Timeline of Cipher Machines] {{Webarchive|url=https://web.archive.org/web/20211006070626/http://users.telenet.be/d.rijmenants/en/timeline.htm |date=2021-10-06 }}

{{Cryptography navbox | machines}}

{{DEFAULTSORT:Rotor Machine}}
[[Category:Rotor machines|*]]