The Enigma of Absolute Security

I’m not sure what I expected the Enigma machine to smell like, but when I opened the box I was instantly carried to my grandfather’s woodworking garage. This Enigma smelled like old metal, machine oil, and the ghost of the wood that encased it. It was heavy with a shadow future-that-might-have-been, and I couldn’t help wanting to take it apart.

Though the four-rotor Enigma machines were originally designed for the German Navy, this four-wheel Enigma had served duty on a railway car. It bore none of the scars of its battle-worn cousins I’d seen; in fact, the last one I had encountered was a three-rotor that had been in the trenches, less pristine in condition but possibly more interesting because of its wartime tattoos. On the three-rotor, you could see the warpath etched in the case like lines on a palm, a map scarred deep in the surface in brown stains and gouges.

The battered ones, in truth, seemed less ominous than the one in my hands below. This one was almost perfect, barely nicked, and all the more frightening for it. It whispered of an alternate future much more loudly because it looked so new.

At first glance, you would have thought it was an old typewriter in a wooden case. It was incredibly sturdy, built to survive bombing, and this one was without a speck of rust. The hinge opened noiselessly; its keys were almost like my grandmother’s old Royal, but entirely flat. When I pressed a key, each encoded letter lit up, lambent, from the bottom, so I could see the coded letter at the same moment as the pressed key. Altering the rotors of course swapped the encryption key. Originally patented in 1918 by engineer Arthur Scherbius, he named it the Enigma after Edward Elgar’s musical piece “The Enigma Variations.” If you listen to Elgar, you get it.

Here's how it worked:

• ‍Keyboard – The typist input a message using the keys, depressing them like a typewriter. Each key, when tapped, sent an electrical signal through the internal wiring.‍
• Plugboard – The board swapped pairs of letters before entering the rotors, adding an extra layer of complexity to the encryption. The plugboard connections were also configurable.‍
• Rotors – The heart of the encryption. Passing a current through these spinning wheels in a varying route substituted each tapped letter into a different encrypted letter.‍
• Reflector – Located at the end of the rotor assembly, this reflected the signal back to produce a reciprocal cipher. Encryption and decryption used the same machine configuration.‍
• Lamp panel – The lit letters produced on this board displayed the encoded message output.

Here's a peek inside the four-rotor Enigma machine so you can see some of the parts outlined above. I found this particularly interesting because most of the time in movies and museums you only get to see the outside:

Despite the complexity of the machine itself, the operators only needed to know three things: the starting position, the order of the four rotors, and then the positions of the plugs in the board. From there, decoding was simply performed by typing the cyphertext back into the Enigma machine. The design of the reflector meant that decoding was the same as encoding the text, but in reverse.

But that reflector proved to be the Achilles heel for the Enigma machine, and served as the back door for codebreaking efforts: no letter would ever be encoded as itself. Knowing that (as well as guessing at standard text that was typically included in some of the messages) allowed people to break the code box the Nazis had built.

During the first part of the Second World War, this machine worked so well that you needed the key to decode any German messages, at least until a group of Poles and Alan Turing came along. But breaking that code shortened the war by two to four years, saving millions of lives in the process. It’s part of why Turing and the Bletchley gang are my eternal heroes: for sheer dedication to the art and science of cryptography and the totalitarian government we dodged because of their work.

Though I’ve been fascinated by the Enigma (and by extension, cryptography) since high school, studying it as an adult working in the cybersecurity industry is an excellent reminder of the endless nature of our work. Each tool we build has a way to be exploited, from networks to firmware to mobile phones. When many zero-days are flaws built into the product, the lesson of the enigma machine is particularly poignant: that a system’s undoing is often created during initial design.

It’s also a lesson in the fallacy of absolute security. In World War II, the Germans believed their code and their tools to be impregnable. Some historians argue this belief fostered a sense of strategic complacency that led to the loss of the war. Believing their code to be so strong, they ignored evidence suggesting otherwise. There’s absolutely a parallel here when creating a new product at a cybersecurity start-up: you can’t build something that does it all, you can’t assume your tool is perfect, and you can’t think that someone else isn’t trying to solve the same problem. Believing any of these things means building with blinders in an industry that can’t afford absolutes.