Moshe Rubin’s Cryptologia Chaocipher article, now viewable online…

Moshe Rubin just emailed me to let me know that his extensive October 2011 Cryptologia article “John F. Byrne’s Chaocipher Revealed: An Historical and Technical Appraisal” (vol. 35 issue 4, pp.328-379 [!!!]) can currently be viewed and downloaded for free from Taylor & Francis (who publish Cryptologia), via the “Download full text” button there.

If (like me) you’re into both the social and technical aspects of historical cryptography, it’s a cracking old read, covering both Byrne’s life and his numerous attempts to get the US military to accept his “Chaocipher” invention. Yet Moshe’s article is far from all ra-ra-pro-Byrne stuff: it also makes clear…
* the system’s inherent fragility (because each step changed the state of the two rotors, it suffered from near-worst-case error propagation);
* Byrne’s cryptographic inexperience (the way that he proposed concealing the indicator settings was far from secure); and
* Byrne’s cryptologic naivety (he believed that the flat letter distribution of the ciphertext made it explicitly unbreakable).

If you’ve read Ratcliff’s “Delusions of Intelligence” (a book the GCHQ Historian recommended I read, thanks for that!), you’ll know that this last mindset was precisely what the various German agencies using the Enigma machine suffered from: and if Chaocipher had been extensively used by the Allies in WW2, who’s to say that Hitler’s fragmented array of codebreaking agencies wouldn’t have eventually found a way of breaking into it, just as they did with virtually all the Allies’ low-to-medium-echelon ciphers?

One thing that strikes me most about the whole saga is that even though Byrne (who sometimes wrote under the anagrammatic pseudonym “J. F. Renby”, I was amused to see) seems to have envisaged Chaocipher as an expensive-to-build set of mechanical rotors, I think it is actually very easy to use with two Scrabble alphabets arranged in horizontal rows. (OK, Scrabble wasn’t devised until the 1930s, but my basic point still stands regardless). All the sliding operations (zenith / nadir, etc) then become immediately straightforward, arguably far more so than if you were using a machine to do the same.

Regardless of whether or not Scrabble tiles are the best way to Chaocipherify your plaintext, I’d argue that what sets Byrne’s cryptographic ideas apart most is the way he conceptualized his crypto system in terms that mesh peculiarly well with modern computer science: in fact, it’s quite hard to describe it at all without lapsing into contemporary CompSciSpeak. It’s almost as if Byrne were projecting himself forward into a software world: but then again, one of the chapters of his autobiography was SciFi, so perhaps the future was where he felt most at home! icon smile Moshe Rubins Cryptologia Chaocipher article, now viewable online...


  1. avatar bdid1dr March 2, 2013 4:43 pm

    And here I thought I was long-winded when it came to composing written dialogue. Umpteen commas (though grammatically correct), a colon or two, and I could find only one period in your entire paragraph. (Maybe two periods; I’ll go back and check.)

    Heh! :)

  2. avatar SirHubert March 3, 2013 10:19 pm

    What an interesting article. I don’t understand computer-based ciphers very well, but the Chaocipher system certainly reminds me of the ‘mangler functions’ used to manipulate blocks of ASCII text and there are certainly similarities with dynamic substitution.

    Can a better mathematician than I (which is not difficult – a school report described me as ‘innumerate’) tell me how the number of potential combinations of alphabets on the two wheels compares with the number of potential combinations on a three-wheel Enigma (I assume 17576)? I should be able to work this out, but it’s been a very long day.

  3. avatar nickpelling March 4, 2013 7:42 am

    SirHubert: bear in mind that each letter emitted triggers a letter-dependent reorganization of both rotors, yielding the desired chaos. :-)

  4. avatar SirHubert March 4, 2013 10:04 am

    @Nick – I do understand how the ‘chaos’ is introduced and how this differs from a running-key cipher. But the choice of which cipher-alphabet is used for a given letter is not truly random or ‘chaotic’ – it’s determined by the algorithm. It isn’t really aleatoric in the way that generating random numbers using radioactive decay gives truly unpredictable results.

    I was thinking about the strengths and weaknesses of Chaocipher as opposed to Enigma, insofar as I understand either very well. Imagine that it’s World War 2, and you have intercepted a fairly long message sent in a cipher you’ve already broken, giving you a letter-by-letter crib. You then intercept what appears to be the same message in Chaocipher. Am I right that you only need to try out a maximum of 676 possible initial settings on Chaocipher in order to get a complete solution, as opposed to 17576 on Enigma (ignoring the plugboard settings temporarily)?

  5. avatar nickpelling March 4, 2013 10:28 am

    SirHubert: actually, I think that because each rotor is “soft-coded” rather than hard-coded, the number of possible settings is closer to (25!)^2, which is 2.4059764e+50 – somewhat bigger, let’s say. :-)

    Oh, and I was using “chaos” in the modern mathematical sense, of a simple system repeatedly iterating to yield unforeseeable results. The fact that Byrne thought “chaos” a good name for his system may well be another neat bit of future thinking on his part. ;-)

  6. avatar SirHubert March 4, 2013 10:42 am

    Thank you – even with a B in AO maths
    I should have worked that out. Final stupid question if you can face it – why (25!)^2 and not (26!)^2?

  7. avatar nickpelling March 4, 2013 10:54 am

    SirHubert: combinatorics isn’t really my field, but the idea here is that the position of the very first letter is immaterial to the overall state of the rotor. You only really have a genuine choice when placing the second letter on the (soft) rotor, where you have 25 options. And so forth, to (25!). And you have two rotors.

    However, thinking about it, because the rotors are a physically linked system, you do have a 26-way choice for where you place the first letter of the second rotor: so the answer is probably the slightly higher (25!) x (26!), i.e. 6.2555386e+51 or thereabouts. :-)

  8. avatar Diane March 5, 2013 7:24 am

    I have read this post four times.

    I am returning now to my blog, where I can enjoy an illusion of being not-too-stupid.


  9. avatar bdid1dr March 6, 2013 6:03 pm

    Diane, I think I might check in on your blog later. The “alpha-math” is beginning to resemble computer programming for an electronic “pin-ball” machine–rotors and all!


  10. avatar Moshe Rubin April 15, 2013 12:45 pm

    For a diagram demonstrating Nick’s idea of using two Scrabble alphabets for Chaocipher enciphering, see Gary J. Shannon’s (‘fiziwig’) excellent graphical rendition of just such an idea.

Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>