How SIGABA’s Encryption Stayed Secure As Enigma Fell

SIGABA’s keyboard and printer. Photo by the author at the National Cryptology Museum

The story of America’s SIGABA cipher machine, which resisted the efforts of the best Axis cryptographers and provided secure communications throughout the war, is not nearly as well known as that of the German Enigma. Though it used very similar technology to the Enigma, it employed a key difference which was primarily the invention of two men, and remained unbroken during its operational lifetime. Without a doubt, it played an important role in the Allied victory in the war, and its story is a fascinating one.

Cipher Machines Before World War 2

Edward Hebern began sketching designs for the first encryption machine using rotors in 1917, and built beautiful working machines from brass over the next several years. He was issued a patent for a rotor machine in 1924.

An example of Hebern’s rotor machine. Photo by the author at the National Cryptologic Museum.

The simplest ciphers, known as monoalphabetic ciphers, replace all instances of a single letter with another. For example:

These codes are simple to implement, but are trivial to break. Hobbyists routinely break them for fun as “Cryptogram” puzzles. Since some letters occur more frequently than others in written language, if you have an encrypted message of any significant length, it’s easy to make good guesses as to what the cipher scheme is. This is referred to frequency analysis, and a monoalphabetic cipher will rapidly fall to it once enough encrypted text has been captured.

A much better code is one which doesn’t use the same letter to encode a given character each time. The first time you encounter it, an A might be encoded as M, but the next time it occurs, it could be encoded as J, and later a T. This is called a polyalphabetic cipher and it is much harder to break.

Hebern’s rotor machines, and the other secure machines for the next few decades, all automated the process of encoding a message with a polyalphabetic cipher. This was accomplished with one or motor rotors with electrical pathways built around the edges. When a key was pressed, the encoded letter was output, and at least one rotor would advance, changing the encoding for the next letter.

Rotor detail in Hebern’s patent.

By cascading multiple rotors, so that they advanced at different rates, very complex polyalphabetic ciphers could be built into the machines. To most, they looked invulnerable to a hostile party.

Weaknesses in Heburn’s Rotor Machine

Soon after the introduction of Hebern’s machines, the U.S. Navy procured some and set about evaluating them. In 1924 they quietly requested the help of William Friedman, an Army cryptanalyst with the Signal Intelligence Service, to determine how secure the encrypted messages really were. Friedman was given a set of 10 messages encrypted with the machine, and he was able to devise a way to break them.

Excerpt from “Contributions Of The Signal Corps; Rowlett-Friedman Contributions to the HCM Cipher Machine” by William Friedman

Friedman’s insight was that the regular advancement of the rotors could be exploited by an attacker. The Heburn machine’s rotors advanced much like the numbers on a car’s odometer — when the right-most rotor completed a full 360-degree turn, the rotor to its left clicked over one position, and so forth for each rotor. The rotor farthest to the right advanced the most quickly, with each to the left rotating more slowly than the one preceding it.

Coupled with statistical methods, this information allowed a successful attack to be mounted against the Hebern machines, and later against Enigma.

The Secret — Randomizing the Rotor Motion

Friedman realized that the way to improve security of the rotor machines was to reduce the regularity of the rotor motion.

William Friedman

Friedman hit on the idea of introducing randomness into the motion of the rotor by way of a paper tape punched with holes at irregular intervals along its length. This was known as the “key tape”. The hole pattern was read by a set of electrical probes that only completed a circuit when a hole passed under it. When this occurred, a rotor was advanced, and the regular, predictable odometer motion of previous machines was eliminated. He and his team built a series of working prototypes, culminating in the production M-134 encryption machine. It used five rotors, with their motion subject to the randomly placed holes on the paper tape. If the receiving station had the same key tape, it could decode the transmitted message.

The Breakthrough — Making It Work In The Real World

Friedman’s assistant, Frank Rowlett, was given the task of producing the required tape in 1934. Friedman had designed a machine to produce the tape, which Rowlett struggled to make work reliably. As a mathematician, he was concerned with the feasibility of generating truly random tape. As he worked on the problem, he was increasingly convinced that the logistics of making and distributing copies of the paper tape to everyone who would be sending and receiving messages would be difficult to manage. It needed to be stored, secured, handled carefully, and never used more than once. It was too fragile to use in a stressful environment. Rowlett was convinced it wouldn’t work in the real world.

Frank Rowlett

As he worked through the problem, Rowlett hit upon a new idea for introducing randomness into the motion of the rotors. He came up with a way to use another set of rotors to generate nearly random outputs to drive the motion of the main cipher rotors. In this way, fragile tape was eliminated. Because it was generated by purely mechanical means, it was not truly random in the same way that many coin tosses are — the sequence relied on initial settings, and was pseudorandom. Getting random numbers from a machine is difficult without some external truly random event- this challenge persists with modern computers, and is well known to programmers.

Friedman was adamant that the additional rotors could not produce sufficiently random motion to be cryptologically secure, and he refused to listen to Rowlett’s proposal in full. After becoming frustrated after months of attempts, Rowlett eventually threatened to take the matter to Friedman’s superiors, or to resign.

Friedman relented, and was won over with Rowlett’s presentation. The pair completed specifications for a new machine, the M-134-C, using a combination of Friedmann and Rowlett’s ideas for a secure, practical machine.

Collaboration With The US Navy

In late 1935, Friedman and Rowlett showed the ideas for the new machine to an officer of the Navy, Lieutenant Joseph Wenger. Little communication happened on the idea between the Army and Navy for four years, but a later conversation between Rowlett and a different Navy officer made it clear that Wenger had been actively pursuing the construction of a machine based on Rowlett’s ideas by the Navy. The lack of credit given Rowlett concerned him, and he voiced his concerns to his superiors — as an olive branch, he was allowed to work on testing the Navy’s machine.

A Superior Machine Is Born

In an unusual show of cooperation, the Army and Navy agreed to standardize on the new design. The Army designated it the SIGABA — at that time, cipher machines began with “SIG-” for signals intelligence, appended with random characters. The name was not an acronym. The Navy named the same machine the Electric Cipher Machine Mark 2 (ECM Mk II). It was also referred to by its original development designation, the M-134-C.

The SIGABA machine, from a patent illustration

The new machine had a total of fifteen rotors. This contrasted significantly with the German Enigma machine, which had three to four, depending on version.

Five rotors, with twenty six contacts each, served to encipher the input characters, just as the Enigma and Heburn machine’s rotors did. These were called the cipher rotors. The remaining ten rotors were devoted to generating the pseudorandom pattern that caused the cipher rotors to advance in an unpredictable fashion.

Of the ten remaining rotors, five were built the same as the cipher rotors, and were interchangeable with them. These were the control rotors. The remaining five were smaller, with only ten sets of contacts each. These were the index rotors.

Patent drawing showing the cipher rotors (left), control rotors (middle) and index rotors (right)

Each rotor had a set of contacts wired to a corresponding contact on the other side. This mapping was random for a given rotor and each rotor type varied. They could be installed in different orders, and even reversed to increase the number of permutations available.

Closeup of SIGABA control rotor. Photo by the author at the National Crytologic Museum.

The exact mapping of the rotor contacts from one side to the other was a closely guarded secret. Great effort was expended to prevent a set of rotors from falling into enemy hands — personnel were instructed to throw them overboard in deep water, or destroy them with a torch if capture appeared imminent. The Army version of the SIGABA even included a 40 lb (18 kg) thermite bomb which could be used to destroy the entire unit. Armed guards were stationed with the machines when they were in areas of risk, and it was not permitted to fly the rotors in an aircraft where it might be recoverable by the enemy.

Excerpt from “History Of Converter M-134-C Volume 3" by William Friedman

A schedule of daily keys containing rotor positions and initial settings for various clearance levels was distributed and used for encryption and decryption of messages. Like the daily keys used by the Germans for the Enigma machines, a key that changed daily made it harder to break the encrypted messages.

The SIGABA had a small printer attachment that would print the message being encrypted or decrypted. This was in contrast to the Enigma, which only lit up characters, and required transcription of the message.

Usage During The War

The SIGABA was too big, heavy, and fragile for use during operations in ground combat. Encryption for that sort of tactical communication was performed by lighter, simpler machines like the M-209. The M-209’s encryption was broken with some regularity by the Germans, so it could only be used where it was sufficient to keep the communications secret for a fairly short time. For more strategic communication that relied on long term security, the SIGABA was used. It was heavily used by the Navy aboard ships, where the weight and size was not an issue.

The fragility did cause issues for the users of the machine in the field. This was especially problematic because production was rushed to meet war demand, and no formal training for maintaining it or repairing it existed. An excerpt from the history of the M-134-C states that “…SIGABA maintenance became a problem chiefly solved by ingenious emergency expediency in the overseas theaters.”

Maintenance was a significant challenge.

Impact

There is no publicly available evidence that SIGABA messages were ever compromised by the Axis cryptanalysts. Captured German cryptanalysts were extensively questioned to look for signs that it had been successfully broken, and analysis of decrypted Japanese traffic showed no success by their teams either. While the German Enigma and Japanese Purple codes were being regularly decrypted by the Allies, the United States enjoyed the advantage of secure strategic communication.

For this, we owe Friedman and Rowlett a great debt. The operational discipline of thousands of people kept the communications secure against attack, but the combination of their insights made it possible for the United States to maintain this edge throughout the war.

The SIGABA was used until 1959, and declassified in 1996.