Who really broke Enigma? - lecture by Sir Dermot Turing in Dublin [2:39]

YouTube ^ | April 11, 2023 | Polish Embassy in Ireland

[SunkenCiv]

Sir Dermot Turing, renowned historian and nephew of Alan Turing, delivered a lecture based on his book "X Y & Z: The Real Story of How Enigma Was Broken" on 29 March, 2023, in Trinity College Dublin.
Drawing on recently declassified archives Sir Dermot Turing told in full the real story how Enigma was broken. He fully acknowledged the groundbreaking work of Polish mathematicians produced as early as 1930s which subsequently led to the joint efforts of the French, British and Polish secret services (X, Y and Z) during the Second World War.

Who really broke Enigma? - lecture by Sir Dermot Turing in Dublin | 2:39
Polish Embassy in Ireland | 265 subscribers | 32,579 views | April 11, 2023

[SunkenCiv]

Transcript
0:00	·	foreign
0:04	·	[Music]
0:11	·	Turing I've been invited here to Trinity
0:14	·	College Dublin by the polish Embassy to
0:17	·	give the wukashevich lecture this year
0:21	·	and this is on the subject of the Enigma
0:24	·	machine and the Polish contribution to
0:25	·	Breaking that machine and essentially
0:28	·	giving the British code breaking effort
0:31	·	a leg up in World War II
0:33	·	while the achievements the the British
0:36	·	code Breakers made at Bletchley Park
0:38	·	were very amazing and and fantastic and
0:41	·	contributed a great deal to the Allies
0:44	·	success in World War II that was all
0:46	·	founded on the groundwork that have been
0:50	·	done by a group of Polish mathematicians
0:53	·	hired by the Polish Military
0:55	·	Intelligence as early as 1930 and the
1:00	·	great thing that the Polish
1:00	·	mathematicians are able to do and so
1:03	·	they first of all reverse engineered the
1:05	·	machine so they were able to construct
1:07	·	their own fake Enigma machines that's
1:09	·	pretty astonishing and they've done that
1:10	·	by 1932
1:13	·	and then secondly they started working
1:15	·	on this problem about how you can
1:16	·	actually figure out what the settings
1:18	·	are that were being used every day and
1:20	·	they found solutions for that and they
1:21	·	built machines to help them do that it
1:24	·	was just an astonishing achievement and
1:25	·	they've done all that before World War
1:27	·	II began
1:29	·	and then I think the most remarkable
1:31	·	thing of all happened which is that they
1:33	·	decided to share this Priceless
1:35	·	intelligence with two very unreliable
1:38	·	allies the French and the British and
1:41	·	they just basically gifted this
1:43	·	information this product of six and a
1:46	·	half years of hard work and know-how to
1:48	·	their allies and if they had not done
1:51	·	that
1:52	·	I'm sure it would have delayed very
1:54	·	significantly the code breaking effort
1:56	·	at Bletchley Park and what consequences
1:59	·	that would have had for the history of
2:02	·	World War II are really quite unpleasant
2:05	·	to think about
2:07	·	[Music]
2:08	·	so it was lovely being here at uh
2:11	·	Trinity it's my first proper visit to
2:14	·	Trinity College Dublin so it's the first
2:15	·	time I've actually been inside lovely
2:18	·	audience the lecture theater was full we
2:20	·	had lots of people very enthusiastic
2:22	·	lots of questions lots of people who
2:25	·	were sort of interested in the subject
2:27	·	absolutely fantastic yeah really
2:28	·	friendly great place to be
2:35	·	foreign
2:37	·	[Music]

[SunkenCiv]

[SuperLuminal]

Putrid crap!

Rewriting history goes on and on and on...

No subject, person. or organization is sacrosanct...

[SunkenCiv]

No, actually this has been known for some time.

[linMcHlp]

bttt

[T.B. Yoits]

The Brits, with critical help from the Poles and an unidentified inventor who built them a copy of the three rotor machine, could decipher the three rotor code but knew they couldn't break the four rotor code.

American Joe Desch and a team hidden in the National Cash Register building in Dayton Ohio along with a team in the U.S. Naval Computing Machine Laboratory built electro-mechanical computers to decipher transmissions from the four rotor Enigma machines.

https://prc68.com/I/NCR.shtml

[SunkenCiv]

Thanks! The Germans added a rotor and ‘blinded’ the codebreakers for some months before a fix was figured out. Didn’t know the NCR people had that role.

https://en.wikipedia.org/wiki/Bombe

https://en.wikipedia.org/wiki/Colossus_computer

[Governor Dinwiddie]

Who made it possible? Tommy Brown, age 15.

[Rockingham]

The Polish contribution to breaking Enigma is well documented and beyond dispute. When the Polish government shared their work with the British, the first question the Brits asked was, “What is the layout of the Enigma keyboard?” The top Polish cryptographer struggled to keep a cool manner at what he thought was a trick question, and he replied “QWERTY, of course.” The Brits had not yet figuered that out.

[Bobalu]

Enigma was a simple XOR crypto system that required a truly random number generator and adherence to secure protocol to operate well... they had neither.

No programmed or mechanical system to generate random bits is possible, these are Pseudo-Random Number Generators (PRNG) it requires a quantum level source of randomness such as Brownian motion or something very simple like diode noise or a natural phenomenon like weather or cosmic background radiation sampling (TRNG)

When you are faced with breaking a crypto system that is well designed and implemented you must look to human failure to get into it...

Numbers stations that send out broadcasts to distant operatives are generally based on XOR principles and cannot be broken by any computational means, no matter how powerful... even a quantum qubit based system has zero chance of breaking a well executed XOR system... this is because ALL possible decryptions of the data are equally possible and the correct key cannot be determined by any computational means.

XOR methods are handicapped by the fact that the key MUST be generated by a quantum-level random bit sequence. The plaintext can be anything at all and matches the key in length. The system is unwieldly since you cannot possibly remember such a long key, thus it has to exist in the device that performs the encryption... but the introduction of cheap SD memory has mitigated this problem a great deal since it can hold an enormous number of bits that comprise XOR random keys and as the keys are used they can be instantly erased so the individual messages that are sent from such a device cannot EVER be recovered by technical means once the message is sent and received and the key is erased.

It is best to use XOR methods to transfer keys for Symmetric key algorithms such as AES instead of wasting your stored random data to transfer the actual plaintext. A device with just a few GB of random data can easily transfer a staggering amount of data with near absolute security... any security failure will be due to poor implementation and human factors.

The introduction of quantum computing will introduce weakness into public key crypto systems and we will have to resort to XOR methods for high-security applications even though such systems will require returning to the use of key exchanges to function... it is what it is :-( but large SD cards at least means the key exchange only need be done once since you can send an enormous number of symmetric keys with just a TB of random XOR key data... but the bank of XOR bits must remain secure!

Public key encryption is so handy! It will be difficult to abandon it for data requiring absolute security... it will still be suitable for everyday purposes that do not require a level of security that only a nation-state can break... i.e. the data can be decrypted by a major power but not by an individual or small group.. safe against crooks but not the government.

[Bobalu]

A major ENIGMA weakness was created when some fool decided it was a good idea to not allow any single encrypted character to be encrypted by the same character in the pseudo-randomly generated key... a character of the plaintext could not be encrypted by the same character in the key.. plaintext A would never correspond to A in the key sequence... a truly moronic mistake that gave Bletchley Park a great gift.

[poconopundit]

Hey Bobalu. Some interesting analysis. My bank sent me one of these key-chain style RSA SecurID devices to carry with me on international travels where if you don't have a roaming-capable US mobile phone, the bank can still verify my identity.

The bank gives you one minute to return the 6 digit code, and the code on the device changes every 60 seconds.

My question for you is: how secure is one of these devices?

Thanks.

[Bobalu]

If properly implemented it could be good... but that’s the thing, closed source crypto is not to be trusted. If they publish the source and details of the device so it can be verified then great... otherwise beware.

NEVER trust closed-source encryption code or hardware!

The small, stand-alone crypto device is a move in the right direction though.

Only a crypto device that is in your control at all times can be trusted... thus it needs to be quite small. Such a device that could also serve as a secure firewall/router via blue tooth would revolutionize the internet.

A personal crypto device should do the following.
-Utilize both public key and XOR encryption.
-Create a reputation based local/wide area crypto currency system that does NOT depend upon the internet.
-Enable a local network using something like Meshtastic.
-Enable a long distance network using NVIS rf propagation in the HF band (roughly 3-12mhz)
-The device must have chipsets for ALL available GPS systems.. this is to enable the NVIS networking which needs the precise time/location for weak signal work.
-Enable a system which uses the URL address to create a ban-proof backup to social networks. i.e. if www.twitter.com/whoever is banned from Twitter your personal device will detect that from the data received from Twitter and automatically route your request to another site where “whoever” could still have free speech. i.e. www.Truthsocial/whoever could be where your request might be sent... there is NO way to cut off a user from accessing “whoever” even if banned.. this is very simple and easily implemented.. it’s a mystery why it has not been!

The NVIS long-range comms is SLOW by modern standards.. best for text/compressed images/compressed audio. The system works by cooperating with other users devices in real-time to assist in RF transmissions... this works despite the problem of signal cancellation of multiple rf sources but only at low data rates.

[Texas Fossil]

Turing

I’ve been invited here to Trinity College Dublin by the polish Embassy to give the Wukashevich lecture this year and this is on the subject of the Enigma machine. And the Polish contribution to breaking that machine. And essentially giving the British code breaking effort a leg up in World War II.

While the achievements the the British code Breakers made at Bletchley Park were very amazing and fantastic and contributed a great deal to the Allies
success in World War II. That was all founded on the groundwork that have been done by a group of Polish mathematicians hired by the Polish Military Intelligence as early as 1930. And the great thing that the Polish mathematicians are able to do.

And so, they first of all reverse engineered the machine so they were able to construct their own fake Enigma machines. That’s pretty astonishing and they’ve done that by 1932.

And then secondly, they started working on this problem about how you can actually figure out what the settings are that were being used every day. And they found solutions for that. And they built machines to help them do that. It was just an astonishing achievement and they’ve done all that before World War II began.

And then, I think the most remarkable thing of all happened, which is that they decided to share this Priceless intelligence with two very unreliable allies, the French and the British. And they just basically gifted this information, this product of six and a half years of hard work and know-how to their allies. And if they had not done that, I’m sure it would have delayed very significantly the code breaking effort at Bletchley Park. And what consequences that would have had for the history of World War II, are really quite unpleasant to think about.

So, it was lovely being here at uh Trinity. It’s my first proper visit to Trinity College Dublin. So, it’s the first time I’ve actually been inside lovely audience. The lecture theater was full. We had lots of people very enthusiastic, lots of questions, lots of people who were sort of interested in the subject. Absolutely fantastic. Yeah really friendly great place to be foreign.

[Texas Fossil]

Yes. you are correct.

But they left out our capture of an operating Enigma from a German sub being scuttled. Complete with their code books and documents.

Cryptography is still a very interesting subject.

They often leave out the contributions of Herbert Yardley. He was the one that was blackballed by the Allies for exposing the American Black Chamber at the end of WWI.

He worked for Chang kai shek during WWII. Nobody else would touch him. Because of his book.

[SuperLuminal]

Actually you are quite correct...
My initial reaction, which I retract here, was a result of needing some sleep...

[poconopundit]

Hey Bobalu. Thanks for your analysis.

My understanding of security mechanisms is shallow, but you've opened my eyes to new layers of knowledge I need to explore.

In a sense, my question about the security of my SecurID device answers itself.  The fact that one of America's largest banks uses the SecurID system to identify someone living outside America's mobile-phone operator enabled security system is proof the bank finds value there.  It's also delivering value for me (the customer) because I can use banking services from outside the USA.

Moving overseas as my wife and I did two years ago automatically makes you aware of the "outer limits" of America's infotech security system.

For instance, another bank we use wants mobile phone authentication when I access their website through a Virtual Private Network.

Only when I shut off my VPN, does my bank let me go ahead and access their website to see my accounts.

We are getting social security payments sent directly to our Japanese bank.  Another 100,000 Americans living in Japan also enjoy this same convenient service offered by our federal government.

And yet we are being blocked and cannot access the my Social Security information site because we cannot receive mobile SMS messages to verify who we are.  Yes, we do have telephone numbers in Japan (and even an Internet based U.S. phone number) but those numbers lie outside the security blanket of US mobile phone connections.

So how does Social Security communicate with us?  Well, that's the role of the Federal Benefits Unit in Tokyo, operating out of the U.S. embassy, who maintains contact with all the Americans resident in Japan through postal letters, phone calls, and on-line-submitted exchange of info and questions.

[MikelTackNailer]

And here I was believing the code was broken by an autistic homosexual who apparently faked a suicide, as he later turned up solving crimes with a guy named Watson and eventually became a surgeon/wizard. This was long before Mr. Spock kicked his ass on a flying garbage truck.

I try to stay informed.

[linMcHlp]

NCR DAY

[SunkenCiv]

That was one heck of a post, kudos.