Jefferson disk

Encyclopedia : J : JE : JEF : Jefferson disk

Jefferson's disk cipher

During 1795, Thomas Jefferson invented a cipher system, the Jefferson disk, using 26 wheels, each with the letters of the alphabet arranged randomly around them. The cipher system did not become well-known, and was reinvented by Commandant Etienne Bazeries, the conqueror of the Great Cipher, a century later. Following this second "invention" the system was used by the United States Army from 1923 until 1942 as the M-94. The second form of the invention has become known as Bazeries Cylinder.

A Bazeries cylinder consists of a set of roughly 20 to 30 numbered discs, with a different cipher alphabet on the edge of each disc, and a hole in the centre of the discs to allow them to be stacked on an axle. The discs are removable and can be mounted on the axle in any order desired. The order of the discs can be considered the cipher key for the Bazeries cylinder, with both Alice and Bob arranging the discs in the same predefined order.

Once the order of wheels along the axis has been devised, the user can rotate each wheel up and down until a desired message is spelled out in one row. Then the user can copy any row of text on the wheels other than the one that contains the message. The recipient simply has to put the discs in the agreed-upon order, spell out the encrypted message by rotating the wheels, and then look around the rows until he sees the plaintext message, i.e. the row that's not complete gibberish. There is an extremely small chance that there would be two readable messages, but that can be checked quickly by the person coding.

This system is considered quite secure against modern codebreaking if the message is short, and the ordering of letters and wheels is not known to the codebreaker. As messages get larger, it is easy to apply the statistics of English language letter frequency, find patterns, and break the code.

Contents

1 Operation
2 Basis for military ciphers
3 Cryptanalysis
4 See also
5 External links

Operation

To encrypt a message, Alice rotates the discs to produce the plaintext message along one "row" of the stack of discs, and then selects another row as the ciphertext. To decrypt the message, Bob rotates the discs on his cylinder to produce the ciphertext along a row. It is handy if both Alice and Bob know the offset of the row, but not really necessary since Bob can simply look around the cylinder to find a row that makes sense.

For example, a simplified "toy" Bazeries cylinder, using only ten discs, might be organised as shown below, with each disc "unwrapped" into a line and each marked with a designating number:

1: < ZWAXJGDLUBVIQHKYPNTCRMOSFE <
2: < KPBELNACZDTRXMJQOYHGVSFUWI <
3: < BDMAIZVRNSJUWFHTEQGYXPLOCK <
4: < RPLNDVHGFCUKTEBSXQYIZMJWAO <
5: < IHFRLABEUOTSGJVDKCPMNZQWXY <
6: < AMKGHIWPNYCJBFZDRUSLOQXVET <
7: < GWTHSPYBXIZULVKMRAFDCEONJQ <
8: < NOZUTWDCVRJLXKISEFAPMYGHBQ <
9: < XPLTDSRFHENYVUBMCQWAOIKZGJ <
10: < UDNAJFBOWTGVRSCZQKELMXYIHP <

Now suppose that the "key", the sequence of discs, for the Bazeries cylinder is:

7,9,5,10,1,6,3,8,2,4

-- and Alice wants to send the message "retreat now" to Bob. Then she rearranges the discs as per the key and rotates each disc to obtain the plaintext, which is shown at the left, with spacing added to highlight it:

7: < R AFDCE O NJQGWTHSPYBXIZULVKM <
9: < E NYVUB M CQWAOIKZGJXPLTDSRFH <
5: < T SGJVD K CPMNZQWXYIHFRLABEUO <
10: < R SCZQK E LMXYIHPUDNAJFBOWTGV <
1: < E ZWAXJ G DLUBVIQHKYPNTCRMOSF <
6: < A MKGHI W PNYCJBFZDRUSLOQXVET <
3: < T EQGYX P LOCKBDMAIZVRNSJUWFH <
8: < N OZUTW D CVRJLXKISEFAPMYGHBQ <
2: < O YHGVS F UWIKPBELNACZDTRXMJQ <
4: < W AORPL N DVHGFCUKTEBSXQYIZMJ <

She then selects the ciphertext from the sixth row of the cylinder up from the plaintext. This ciphertext is also highlighted above with spacing, and gives:

OMKEGWPDFN

When Bob gets the ciphertext, he rearranges the discs on his cylinder to the key arrangement, rotates the discs to give the ciphertext, and then reads the plaintext six rows down from the ciphertext, or simply looks over the cylinder for a row that makes sense.

Basis for military ciphers

The Bazeries cylinder was the basis for the US "M-94" cipher machine, which was introduced in 1922 and derived from work by Parker Hitt. In 1914, Hitt had experimented with the Bazeries device, building one prototype using slides on a wooden frame, with the cipher alphabets printed twice consecutively on the slides, and then another using discs of wood. He forwarded his experiments up the Signal Corps chain of command, and in 1917 Joseph Mauborgne refined the scheme, with the final result being the M-94.

The M-94 used 25 aluminium discs on a spindle. It was used by the Army, Coast Guard, and the Radio Intelligence Division of the Federal Communications Commission until early in World War II. The Army reverted back to Hitt's original slide scheme with the "M-138-A" cipher machine, which was introduced in the 1930s and was used by the US Navy and US State Department through World War II. The M-138-A featured 100 strips, with 30 selected for use in any one cipher session. It was a great improvement in security for the State Department, which during the interwar years had used laughably insecure codes, even in one case a standard commercial telegraph code, which were easily cracked.

Cryptanalysis

The Bazeries cylinder was a relatively strong system at the time, and Etienne Bazeries, a competent but very opinionated man, regarded it as indecipherable. In fact, it is hardly impregnable, and the "Pers z" code-breaking group of the German Foreign Office cracked the M-138-A in 1944. However, by that time the Americans had much more sophisticated cipher systems in operation, and it was too late for the Germans anyway. Many of the decrypts of Allied communications presented to the German high command were disregarded, because all they did was confirm bad news that nobody wanted to acknowledge in an environment where defeatism was potentially a capital crime.

de Viaris (aka Marquis Gaetan Henri Leon Viarizio di Lesegno) who is famous for one of the first printing cipher devices (1874),solved the Bazeries cylinder in 1893.

One major weakness of the Bazeries cylinder is that the offset from the plaintext letter to the ciphertext letter for the cipher alphabet on each disc will be exactly the same. In the example shown above, this offset is six letters.

Suppose a cryptanalyst — Holmes, say — has captured the simplified Bazeries cylinder described in the example above, with ten discs. This should not be enough to permit him to decipher messages with it, since he also has to know the key, or the arrangement of the discs on the cylinder. Even for this simplified Bazeries cylinder, the number of possible permutations of the discs are:

[10! = 3,628,800]

— which makes trial and error testing of the arrangement of the discs perfectly impractical to perform by hand, though a modern computer wouldn't be intimidated by such a search.

Now further suppose that Holmes has a crib. For example, suppose he knows that the first block of plaintext enciphered by the simplified Bazeries cylinder is the string:

heilhitler

This is conveniently exactly ten letters long, and can be enciphered in a single pass with the simplified Bazeries cylinder. The corresponding ciphertext is:

AZNCZEAPBH

The remainder of the message is of course a complete mystery for the moment. Fortunately, Holmes can use this crib to allow him to decipher all the following blocks of the message.

Holmes has no idea of which disc is used to encipher which letter, but he does know that the offset between the plaintext letter and the ciphertext letter must be the same for all ten characters. This gives him a way of penetrating the cipher by lining up the plaintext and ciphertext characters of the crib; forming them into pairs; determining the offsets for the plaintext letters and ciphertext letters for each disc; and then searching for a common offset in the matrix of offset.

Holmes knows that the correspondence between the two sets of letters is as follows:

h—A
e—Z
i—N
l—C
h—Z
i—E
t—A
l—P
e—B
r—H

Now Holmes takes disc 1, which has the cipher alphabet:

1: < ZWAXJGDLUBVIQHKYPNTCRMOSFE <

The first letter pair is "h:A", and Holmes counts along the disc to determine that the offset between the two letters is 15. The second letter pair is "e:Z", and he sees right away that the offset is 1. He continues this process for each letter pair for disc 1, and then goes through the same procedure for the nine other discs, producing the following table:

h:A  e:Z  i:N  l:C  h:Z  i:E  t:A  l:P  e:B  r:H
________________________________________________
1:    15    1    6   12   13   14   10    9   10   19
2:    14    5    6    3   16    4   22   23   25    7
3:    15   15    4    2   17   12   14   25   10    7
4:    18    7   10    7   14   20   12   25    1    6
5:     4   14   20   13   20    7   21   14   25   24
6:    22   16    3   17   10   19    1   14   14   14
7:    14   15   14    8    7   12   15   19   12   13
8:    21   12   12   22    5    2   14    8    8   14
9:    11   14   15   14   15   14   16   25    5    2
10:    5   23    5   21   17   21   20    6   14   12

As Holmes prepares the table, the value "14" quickly jumps out at him as a common element, and in completion of the table proves to be the only common element. This is obviously the row offset from the plaintext to the ciphertext. He strips the other values out for clarity:

h:A  e:Z  i:N  l:C  h:Z  i:E  t:A  l:P  e:B  r:H
________________________________________________
1:     -    -    -    -    -   14    -    -    -    -
2:    14    -    -    -    -    -    -    -    -    -
3:     -    -    -    -    -    -   14    -    -    -
4:     -    -    -    -   14    -    -    -    -    -
5:     -   14    -    -    -    -    -   14    -    -
6:     -    -    -    -    -    -    -   14   14   14
7:    14    -   14    -    -    -    -    -    -    -
8:     -    -    -    -    -    -   14    -    -   14
9:     -   14    -   14    -   14    -    -    -    -
10:    -    -    -    -    -    -    -    -   14    -

Now Holmes rearranges the discs to reflect the correct order of the letters on the cylinder. This is done by rearranging the rows of the table so that the value "14" appears in every cell along the table's main diagonal. In this case, there are no ambiguities in the arrangement of the discs; but if there had been, a little testing of subsequent blocks of the ciphertext would reveal the proper order.

h:A  e:Z  i:N  l:C  h:Z  i:E  t:A  l:P  e:B  r:H
________________________________________________
2:    14    -    -    -    -    -    -    -    -    -
5:     -   14    -    -    -    -    -   14    -    -
7:    14    -   14    -    -    -    -    -    -    -
9:     -   14    -   14    -   14    -    -    -    -
4:     -    -    -    -   14    -    -    -    -    -
1:     -    -    -    -    -   14    -    -    -    -
3:     -    -    -    -    -    -   14    -    -    -
6:     -    -    -    -    -    -    -   14   14   14
10:    -    -    -    -    -    -    -    -   14    -
8:     -    -    -    -    -    -   14    -    -   14

This gives the key:

2,5,7,9,4,1,3,6,10,8

In the real world, a Bazeries cylinder has 20 or 30 discs, not ten, and it is unlikely that there would be a single crib that would span the entire cylinder. The approach described above still works. Even if the cylinder had 30 discs and a crib only had five letters, Holmes could build up a table of the offsets for each of the 30 discs for the five letter pairs, and use it to greatly narrow down the possibilities for the offset and the discs used for the crib.

Holmes could repeat the procedure with several independent cribs in the same message, almost certainly pinning down the offset quickly and giving an improved knowledge of the order of the discs. Once the offset has been determined, then Holmes would have what amounted to a straight transposition of the letters not determined by tinkering with the cribs, and use methods such as multiple anagramming to crack it.

This article, or an earlier version of it, incorporates material from Greg Goebel's [Codes, Ciphers, & Codebreaking].

External links

Wikimedia Commons has media related to:

[Special]

[Thomas Jefferson's Wheel Cipher]

From Wikipedia, the Free Encyclopedia. Original article here. Support Wikipedia by contributing or donating.
All text is available under the terms of the GNU Free Documentation License See Wikipedia Copyrights for details.

1:	`< ZWAXJGDLUBVIQHKYPNTCRMOSFE <`
2:	`< KPBELNACZDTRXMJQOYHGVSFUWI <`
3:	`< BDMAIZVRNSJUWFHTEQGYXPLOCK <`
4:	`< RPLNDVHGFCUKTEBSXQYIZMJWAO <`
5:	`< IHFRLABEUOTSGJVDKCPMNZQWXY <`
6:	`< AMKGHIWPNYCJBFZDRUSLOQXVET <`
7:	`< GWTHSPYBXIZULVKMRAFDCEONJQ <`
8:	`< NOZUTWDCVRJLXKISEFAPMYGHBQ <`
9:	`< XPLTDSRFHENYVUBMCQWAOIKZGJ <`
10:	`< UDNAJFBOWTGVRSCZQKELMXYIHP <`

7:	`< R AFDCE O NJQGWTHSPYBXIZULVKM <`
9:	`< E NYVUB M CQWAOIKZGJXPLTDSRFH <`
5:	`< T SGJVD K CPMNZQWXYIHFRLABEUO <`
10:	`< R SCZQK E LMXYIHPUDNAJFBOWTGV <`
1:	`< E ZWAXJ G DLUBVIQHKYPNTCRMOSF <`
6:	`< A MKGHI W PNYCJBFZDRUSLOQXVET <`
3:	`< T EQGYX P LOCKBDMAIZVRNSJUWFH <`
8:	`< N OZUTW D CVRJLXKISEFAPMYGHBQ <`
2:	`< O YHGVS F UWIKPBELNACZDTRXMJQ <`
4:	`< W AORPL N DVHGFCUKTEBSXQYIZMJ <`

Jefferson disk

Operation

Basis for military ciphers

Cryptanalysis

See also

External links