Within a few hours, blog reader Norbert Bierman solved the Reihenschieber challenge I introduced last Monday. His work shows that I used this device in a wrong way.
The Reihenschieber is a simple encryption tool developed by Western German crypto experts in the 1950s. Considering that it only consists of a few plastic parts, which could be produced very cheaply, it rendered a high degree of security.
The following Reihenschieber belongs to Austrian collector Günter Hütter (it has two stencils, I don’t know if both were used at the same time):
The Reihenschieber is used to generate a sequence of random letters or numbers that are added to a cleartext. In other words, it produces a key for a One Time Pad.
To get a better understanding of the Reihenschieber, I built a Lego model of it, which is a little simpler than the original.
The random sequence I took from the setting above is YSJVFHJTDVOCUXBIRAZG. With a different key (a key consists of the choice of the bars, the order of the bars, the upside of each bar, and the shift of each bar), I created an encrypted text that I introduced as challenge in my blog post from Monday:
As a comment, I wrote: “An obvious weakness is that the first part of the ciphertext only depends on the first bar, the second part only on the second bar, and so on.”
Only four hours after publication, blog reader Norbert Biermann posted the correct solution: IT’S A SMALL STEP FOR A MAN.
I was quite overwhelmed. This was incredibly fast. Here’s Norbert’s explanation:
As you pointed out, each bar only affects four continuous characters, leaving only 8 * 4 * 11 = 352 possibilities for these. Thus, a program may compute the 352 plaintext possibilities for characters 1-4, 5-8, and so on, try all combinations of adjacent quadgrams and keep the most promising in memory. My “quick and dirty” program code did not really reveal the solution at once, but when examining the output, I discovered “ITSASMALLSTE” among the best 50 candidates in the list for combined bars 1, 2 and 3. This was clear enough to do the rest by hand.
The weakness I had written about turned out to be so serious that Norbert’s program only needed to check 352 plaintext possibilities per step, which doesn’t take much time.
Concerning this problem, Fliegenschubser wrote: “How would it change the game if you read your random sequence not in rows but in columns?” Of course, he was right. I had made a mistake. The random letters need to be read out from top to bottom, not from left to right. In a Cryptologia publication about the Reihenschieber from 1996, it says the same. So let’s look at the Lego model again:
The correct random sequence is: YFURSXADJHVZOVJBGTCI. If we encrypt the sentence KLAUSIPLAYEDWITHLEGO, we get:
KLAUSIPLAYEDWITHLEGO YFURSXADJHVZOVJBGTCI -------------------- JRVMLGQPKGADLEDJSYJX
The resulting ciphertext is: JRVMLGQPKGADLEDJSYJX.
A new challenge
Based on this new knowlege, I created a new challenge. Again, I used my Reihenschieber model (with a different key, of course, but with the same stencil). Here it is:
Can a reader solve it? It might be a lot more difficult this time.
There’s one last question I want to address: How many keys does my Lego Reihenschieber have? I think the calculation goes as follows:
8×7×6×5×4×(4×11)^5 = 1,108,237,025,280
This is probably too much for an exhaustive key search. Maybe Hill Climbing will work.
Further reading: An Encryption Algorithm Created by Artificial Intelligence