Ciphertext-only cryptanalysis of short Hagelin M-209 ciphertexts

The Hagelin M-209 was a mechanical encryption device used by the U.S. Army during World War 2 (WWII) and the Korean War, as well as by other armies and diplomatic services. The Hagelin M-209 has been the focus of extensive research by codebreaking agencies. Several ciphertext-only attacks have been published, but, those attacks are applicable only to the case of long cryptograms. In this article, the authors present a nested hill-climbing and simulated annealing algorithm for recovering the full key settings from ciphertext only, with ciphertexts as short as 500 letters, compared to a minimum of 750 to 1,250 letters with prior methods. With this method, the authors have solved the last problem of a public Hagelin M-209 challenge contest.     

Automated Known-Plaintext Cryptanalysis of Short Hagelin M-209 Messages

The Hagelin M-209 portable encryption device was used by the U.S. Army in World War II and the Korean War, as well as by other armies and in embassy settings. In this article, a fully automated, computerized known-plaintext attack is presented. It is based on hillclimbing and a novel fitness function: the aggregate displacement error. Performance evaluation shows that this attack is able to recover key settings for messages as short as 50 characters. To validate these results, several publicly available challenge messages were solved with this method, including a message with only 40 letters.     

CRYPTANALYSIS OF HAGELIN MACHINE PIN WHEELS

A ciphertext-only attack on the pin wheel patterns of the Hagelin CD-57 Cryptographer is described. The method is also applicable to some earlier Hagelin machines of the pin wheel and lug variety, for example the M-209. The only prior knowledge required is the setting of the lugs and the plain text frequency for the language of the message. The method is extended to finding the lug and pin settings of the M-209 using a longer message.     

Genuine French WWII M-209 cryptograms

Abstract

In the French Army archives three cryptograms encrypted by the M-209 were found. They date from 1944 and come from the 1st French Army. Since the security rules in the military require them to be destroyed, it is extremely rare to have access to this type of document.

This article aims to show the use of the M-209 in the French Army. It will first briefly describe the operation of the M-209 encryption machine and describe the cryptographic means used by the French Army during the Second World War, including the M-209 provided by the Americans. The three cryptograms found in the archives will then be studied. The various components of these messages are described, starting with the key groups (which provide the message key) and continuing to the main abbreviations as well as some codenames. The plaintexts will then become understandable. This article ends with the reconstruction of the keys (internal and external) of the first two messages. This reconstruction could not be completed for the third message: it is given as a challenge to the readers of Cryptologia. This is also the opportunity to balance the security of the M-209 with that of the Enigma.     

THE TYPEX CRYPTOGRAPH

An extension of the Morris Known Plaintext Attack is shown to permit complete cryptanalysis of a generalized Hagelin (M-209) cipher machine implemented electronically. We then suggest modifications of the encrypting algorithm to defeat the attack.     

18TH CENTURY SHORTHAND EXPERT NEEDED (RE-RUN)

Abstract

Fialka M-125 (sometimes called the “Russian Enigma”) is an electro-mechanical rotor cipher machine used during the Cold War. The designers of this cipher eliminated the known weaknesses of Enigma. In this article, the authors summarize the main principle of the Fialka algorithm from public sources. Moreover, they introduce a mathematical model of the Fialka cipher, and they analyse the effect of blocking pin settings on the cipher's period.     

THE HAGELIN CIPHER MACHINE (M-209) Reconstruction of the Internal Settings

It is an Interesting and useful cryptanalytic problem to try to reconstruct the internal settings of the M-209 cipher machine, given the text of a message which has been obtained both in clear and enciphered form. Then it is considerably easier to decipher any further messages encrypted with the same internal settings. It turns out to be possible to do this reconstruction for rather short messages, of the order of 75 characters or so. Partial or incomplete solutions are generally possible with as few as 50 characters.     

Cryptanalysis of Chaocipher and solution of Exhibit 6

Chaocipher is a manual encryption method designed by John F. Byrne in 1918. Until he passed away in 1960, Byrne fervently believed that his cipher system was unbreakable, regardless of the amount of material available to a cryptanalyst. For several decades, he tried (unsuccessfully), to propose the Chaocipher to government agencies. In 1953, he exposed his Chaocipher in his autobiography, Silent Years, providing several examples of texts encrypted with Chaocipher as challenges, but without divulging the inner workings of the cipher. Those were made public only in 2010, when Byrne’s family donated the entire corpus of Chaocipher papers to the National Cryptologic Museum (NCM) in Fort Meade.

A known-plaintext method for recovering the key settings, given sufficient matching plaintext and ciphertext, was published in 2010. However, to date, no method for the cryptanalysis of a single ciphertext-only Chaocipher message has been proposed, nor for the cryptanalysis of short messages “in-depth,” i.e., multiple messages generated with the same initial key settings.

In this article, the authors present a new hillclimbing algorithm for a ciphertext-only cryptanalysis of Chaocipher in-depth messages. This algorithm is based on a “divide-and-conquer” approach and the use of the Index of Coincidence. It takes advantage of a major weakness in the design of the cipher. This previously unknown weakness may have been the reason why William F. Friedman, the inventor of the Index of Coincidence, rejected Byrne’s offer for the use of Chaocipher by the U.S. government. Additionally, the authors present a known-plaintext attack for short in-depth messages, as well as the solution for Lou Kruh’s and Cipher Deavours’s alternate Exhibit 5, also known as “Exhibit 6.” Finally, the authors reevaluate the security of the Chaocipher in view of those findings, with the conclusion that in its classic form, as designed by Byrne, the Chaocipher was a relatively weak cipher, despite Byrne’s rather strong assertions to the contrary.     

CNN多位置穿戴式传感器人体活动识别

随着人工智能的发展和可穿戴传感器设备的普及,基于传感器数据的人体活动识别（human activity recognition,简称HAR）得到了广泛关注,且具有巨大的应用价值.抽取良好判别力的特征,是提高HAR准确率的关键因素.利用卷积神经网络（convolutional neural networks,简称CNN）无需领域知识抽取原始数据良好特征的特点,针对现有基于传感器的HAR忽略三轴向传感器单一轴向多位置数据空间依赖性的不足,提出了两种动作图片构建方法T-2D和M-2D,构建多位置单轴传感器动作图片和非三轴传感器动作图片;进而提出了卷积网络模型T-2DCNN和M-2DCNN,抽取三组单一轴向动作图片的时空依赖性和非三轴传感器的时间依赖性,并将卷积得到的特征拼接为高层次特征用于分类;为了优化网络结构,减少卷积层训练参数数量,进一步提出了基于参数共享的卷积网络模型.在公开数据集上与现有的工作进行对比实验,默认参数情况下,该方法在公开数据集OPPORTUNITY和SKODA中F₁最大提升值分别为6.68%和1.09%;从传感器数量变化和单类识别准确性角度验证了模型的有效性;且基于共享参数模型,在保持识别效果的同时减少了训练参数.     

Expert systems for mechanical design: Examples of symbolic representations of design geometries

A major issue in the development of computer-integrated manufacturing systems is the creation and maintenance of a suitable data base that will serveall the various functions in the design through manufacturing sequence. These functions include the designer interface, graphics output, evaluation of manufacturability, functional evaluation (including possibly finite element analyses), process design, process planning, process control, and quality control. Since design is the beginning of this design manufacturing spectrum, it is incumbent on the design process to produce the required data structure that will allow input and access by the other functions. A key element in such a multipurpose data base is the method by which the design geometry is represented, and an essential ingredient of this representation is information about the geometricfeatures of the design that are relevant to the various parts of the sequence. We are exploring design with features as a design method to obtain the needed feature information and experimenting with different data structures for symbolic representation of the resulting designs. In this paper, we describe three examples of different types of features for use as design primitives and four data structures (in LISP) that result from their use. The domains of the examples are extrusion, injection molding, and casting.A preliminary version of this paper appeared, In: Dym CL (ed) Applications of Knowledge-Based Systems to Engineering Analysis and Design. American Society of Mechanical Engineers, New York, 1985, pp. 29–46.     

A STATISTICAL ATTACK ON THE RUNNING KEY CIPHER

The frequencies of n-graphs, groups of n letters, for n as large as 6 are compiled and used to launch a statistical attack on a running key cipher. Programs written in C++ make the calculations possible. The results of the attack for various values of n are analyzed.     

Analyzing the Spanish strip cipher by combining combinatorial and statistical methods

According to historical reports, many telegrams that date from the Spanish Civil War (1936–1939) still remain undisclosed. It is believed that these telegrams were encrypted with a cryptosystem called the “Spanish Strip Cipher” (SSC).

During this civil war, SSC was the most used cryptographic algorithm. This method corresponds to a homophonic substitution cipher in which a plaintext letter can map to between three and five ciphertext symbols.

By means of cryptanalysis, the authors detect a weakness in the encryption process of the SSC. In this article, they describe how this vulnerability is exploited to efficiently reconstruct a plaintext from a relatively short ciphertext. The attack is based on combinatorial and statistical methods, and it is divided into three phases: homophones-table analysis, letter-frequency analysis, and dictionary search.

The attack was implemented in Java and tested on a laptop with an i7 processor and 4 GB of RAM. The tests were carried out with several real telegrams from the Spanish Civil War. In this article, the authors provide the results of one test that was successfully performed only using the first 201 ciphertext symbols of a Spanish telegram.     

Slide attacks and LC-weak keys in T-310

T-310 is an important Cold War cipher (Cryptologia 2006). In a recent article (Cryptologia 2018), researchers show that, in spite of specifying numerous very technical requirements, the designers do not protect the cipher against linear cryptanalysis and some 3% of the keys are very weak. However, such a weakness does not necessarily allow breaking the cipher because it is extremely complex and extremely few bits from the internal state are used for the actual encryption. In this article, we finally show a method that allows recovering a part of the secret key for about half of such weak keys in a quasi-realistic setting. For this purpose, we revisit another recent article from Cryptologia from 2018 and introduce a new peculiar variant of the decryption oracle slide attack with d?=?0.     

汉语全拼码中26个英文字母出现概率研究

针对当前汉字输入法以全拼音输入法为主,而目前键盘布局没有考虑到全拼音码中26个英文字母出现的概率的现实,利用VisualFoxPro6.0作基本工具,针对多方面的汉字内容进行统计,得出了汉字全拼音码中26个英文字母出现的概率分布,为全拼码输入法26个英文字母的键盘分布提供了依据。     

Supporting Social Interaction in Care Environments: Exploring Stakeholder Perspectives on the Potential of Interactive Technology

This article explores care stakeholders’ perspectives on how interactive technology can help form socially active environments in residential care settings. Based on participatory workshops, involving representatives from multiple stakeholder groups, the authors identify a set of considerations relevant for design of social inclusion technology for care settings. The design considerations relate to the following topics: users, places, themes, value, and role. The authors also present three mock-ups emanating from the workshops, representing the participants’ visions as to how technology can contribute to social interaction by accommodating considerations related to the above topics. The results from this study highlight the importance of social inclusion technology being firmly anchored in the local and collaboratively produced care environment. In particular, their findings illustrate how the local—i.e., the wider social context in which the care residents live, and in which activities and things gain social meaning and value—can offer a rich design space and valuable source of inspiration for social inclusion technology. Potential negative implications of social inclusion technology are also briefly discussed.

The main contribution of this article is an increased understanding of the intimate relationship between designs for social inclusion and the wider social context in which care residents live.     

FROM THE DEPTHS TO THE HEIGHTS: BOOK REVIEWS

The Enigma cipher machine had the confidence of German forces who depended upon its security. This misplaced confidence was due in part to the large key space the machine provided. This paper derives for the first time the exact number of theoretical cryptographic key settings and machine configurations for the Enigma cipher machine. It also calculates the number of practical key settings Allied cryptanalysts were faced with on a daily basis throughout World War II. Finally, it shows the relative contribution each component of the Enigma added to the overall strength of the machine.     

Confocal Stereo

We present confocal stereo, a new method for computing 3D shape by controlling the focus and aperture of a lens. The method is specifically designed for reconstructing scenes with high geometric complexity or fine-scale texture. To achieve this, we introduce the confocal constancy property, which states that as the lens aperture varies, the pixel intensity of a visible in-focus scene point will vary in a scene-independent way, that can be predicted by prior radiometric lens calibration. The only requirement is that incoming radiance within the cone subtended by the largest aperture is nearly constant. First, we develop a detailed lens model that factors out the distortions in high resolution SLR cameras (12MP or more) with large-aperture lenses (e.g., f1.2). This allows us to assemble an A×F aperture-focus image (AFI) for each pixel, that collects the undistorted measurements over all A apertures and F focus settings. In the AFI representation, confocal constancy reduces to color comparisons within regions of the AFI, and leads to focus metrics that can be evaluated separately for each pixel. We propose two such metrics and present initial reconstruction results for complex scenes, as well as for a scene with known ground-truth shape. Part of this work was done while the authors were visiting Microsoft Research Asia, in the roles of research intern and Visiting Scholar respectively.     

Classifying the typefaces of the Gutenberg 42-line bible

We have measured the dissimilarities among several printed characters of a single page in the Gutenberg 42-line bible, and we prove statistically the existence of several different matrices from which the metal types were constructed. This is in contrast with the prevailing theory, which states that only one matrix per character was used in the printing process of Gutenberg’s greatest work. The main mathematical tool for this purpose is cluster analysis, combined with a statistical test for outliers. We carry out the research with two letters, i{\texttt{i}} and a{\texttt{a}}. In the first case, an exact clustering method is employed; in the second, with more specimens to be classified, we resort to an approximate agglomerative clustering method. The results show that the letters form clusters according to their shape, with significant shape differences among clusters, and allow to conclude, with a very small probability of error, that indeed the metal types used to print them were cast from several different matrices.     

The mailbox problem

We propose and solve a synchronization problem called the mailbox problem, motivated by a particular type of interaction between a processor and an external device or between two threads. In this problem, a postman delivers letters to the mailbox of a home owner and uses a flag to signal a non-empty mailbox. The owner must remove all letters delivered to the mailbox and should not walk to the mailbox if it is empty. We present algorithms and an impossibility result for this problem.