[rainloft]

It took 33 years before it was publicly announced that GCHQ succeeded in deciphering Enigma codes.

Every single time they used intercepted intelligence to their benefit, they made sure to leave false trails of other ways they could've known so the Germans wouldn't suspect.

I would expect the NSA could hide it well.

[mirimir]

Well, from what I've read, that's why they didn't share information about the 9-11 team. And during WWII, they let some convoys go down to protect their methods. It's a tough call. One thread of Stephenson's Cryptonomicon covers this.

[schoen]

The best-known case about this is partly a myth or misconception:

https://en.wikipedia.org/wiki/Coventry_Blitz#Coventry_and_Ul...

[agumonkey]

Perfect timing, I'm currently at page 2.

[usrusr]

But how then can you post here instead of going on to page n+1? Something does not quite add up ;)

[agumonkey]

I'm not an english native speaker, and 40s war zone literature is not as smooth as one can imagine.

[chiph]

His writing is pretty dense, so even native English speakers have to take it slow in order not to miss something.

[mirimir]

Yes, he is one of those authors. Every block of every thread ends with a cliff-hanger, and you need to read two more blocks before you get resolution. But then, you've encountered three more cliff-hangers ;) So after the first read, I bookmark heavily, and read each thread independently. And sometimes I just reread my favorite threads. Such as Bobby's thread in this book. Also his ancestor in Baroque Cycle, "King of the Vagabonds".

[mirimir]

:)

So I've read everything of his at least three times. And I'm waiting. Anyone know if something's immanent?

[waterphone]

Neal Stephenson's next book is The Rise and Fall of D.O.D.O., co-written with Nicole Galland, currently to be released June 13, 2017. It seems to be something in a little different vein than his other works, but I'll read it as I do all his books.

https://www.amazon.com/Rise-Fall-D-O-D-O-Novel/dp/0062409166...

[mirimir]

Thanks! I don't know Ms. Galland's work, but it's not much of a stretch from Anathem ;) And consider that collaboration in Mongoliad. So hey, I know what I'll be reading in June.

[agumonkey]

I can't answer that at all, I'm just saying that if I ever get to the end of that 1100+ paper brick.. I sohuld probably travel to his town to express how good a storyteller he is.

[ihaveajob]

So worth the time investment. I read it in college and it was mind blowing. Now... I have a kid to feed! But I yearn for books like that one.

[waterphone]

If you haven't yet, read The Baroque Cycle too. It's set in the same universe, approximately 300 years earlier, with an ensemble cast of historical and fictional characters. Very long, very dense at times, and yet a masterful and very rewarding work in my opinion. The audiobooks read by Simon Prebble are also quite good if you don't have the time to read it in print but do have time where you could listen to it.

[Ar-Curunir]

ENIGMA is easy compared to modern crypto; it did not have a sound mathematical analysis. Hell there was no such thing as proper cryptanalysis back then.

Academia is much more advanced now; all the tools we have for reasoning about our cryptography were developed in academia, with no evidence that the NSA has shown any interest in that kind of stuff. (In fact the NSA has expressed disdain for academic cryptography).

[sah2ed]

"There are hundreds of mathematicians in the NSA, far more than in academic settings, so readership for a typical paper is wider than in the world at large ..." [1]

[1] http://www.nature.com/naturejobs/science/articles/10.1038/35...

[Ar-Curunir]

That is 15 years old; cryptography as a field has seen tremendous growth in that time frame.

[ooqr]

Don't they hire loads of mathematicians? What else would that be for?

[gech]

How much do they pay

[WalterBright]

I am still surprised that the Japanese and Germans did not figure out their codes had been broken. The disaster of the U-boot campaign was pretty good evidence of that, if nothing else.

Besides, expecting a widely used and deployed cryptosystem to be uncompromised for years is absurd. They should have assumed it would be broken, and developed regular replacements.

[Lagged2Death]

I am still surprised that the Japanese and Germans did not figure out their codes had been broken.

There must have been a lot of people who had suspicions.

But consider: for many years, US citizens who talked about ECHELON were considered crazies. Later, Bush's enormous surveillance expansion was mostly denied or dismissed. The 2016 Russian hacks of the DNC and the propaganda machine were brought up on national television during the debates. Yet there was denial, dismissal, and very little concern.

Without a plan for responding or reacting, denial is a very appealing way to deal with upsetting news. The Germans and the Japanese who were in a position to suspect that their communications had been compromised were also embedded in a totalitarian military chain of command, more focused on preserving the relative power of the people at the top than anything else. Questioning the efficacy of the system is easily cast as disloyalty. What could anyone do?

[antman]

They organized airplane flyovers that "saw" the U-boats. The Germans did not know how many aircrafts were patrolling and whether it was a high or low probability of being spotted.

If the British could not organize a parallel construction they simply let it go. They knew the plan for Crete invasion but they could not create a story on how they learned it so they preferred to lose naval control of the large part of the eastern Mediterranean sea. [0]

[0] https://www.amazon.com/Churchill-Secret-Service-David-Staffo...

[WalterBright]

The sub killers were waiting at meeting points for the U-boots and their "milk cows" so often that the obvious possibilities were:

1. the allies had enormous numbers of sub killers 2. the allies were incredibly lucky 3. Enigma was broken

Waiting for proof before acting is not a sensible decision.

(Even in WW1, the aviators regularly changed their codes used. They knew they were only good for a few days each.)

[empath75]

Let's imagine you've figured out that the codes were broken in Hitler's Germany. The only solution is replacing an expensive encryption system with another, equally expensive system, including all the training that goes along with it.

Who do you tell? And who is the guy that going to go to Hitler to tell him that their unbreakable system is broken?

[WalterBright]

You go to Admiral Doenitz, who already suspected it was broken, and was talked into not changing it by underlings, not Hitler.

BTW, my reading books about it suggests that one was not executed in the military for questioning orders. One reason the German military was so effective is much discretion was allowed by underlings, as well as listening to them.

[leoc]

I'm not well versed on the subject, but I assume it was just another of those large-scale intelligence failures, like the https://en.wikipedia.org/wiki/Englandspiel only with the boot on the other foot. Groupthink in action again. Also, given the large number of important ciphers which were broken during the war, I'd guess wildly that the pre-war crypto communities (such as they were) were generally much too complacent about the risks from cryptanalysis, likely because ciphers had never been subjected to state attack on a Manhattan Project scale before. Comparable to the long time it apparently took for people to become generally aware of C buffer overflows as a serious security problem, maybe.

[ISL]

5. There was a mole.

[Retric]

4. The US had some other means of tracking subs.

[WalterBright]

Not long range methods other than breaking Enigma messages which said where/when U-boots were to go. This is what made breaking Enigma so important.

[Retric]

That's what we actually did, however RADAR was a new thing allowing a small number of British aircraft to regularly intercept Bombers. Without any evidence it must have seemed probable for something similar to be locating subs.

[lostlogin]

The codes were changed regularly but the system was compromised. Naval codes were harder to break and often the allies had long periods of being in the dark.

[dboreham]

4. Airborne Radar had been developed.

[adekok]

The British did significant amounts of data analysis and traffic analysis. e.g. estimating German tank production by looking at the serial numbers of captured / destroyed German tanks.

I don't recall anything about the Germans doing the same thing.

[funnyfacts365]

Ofcourse you don't. They lost. Winners write history as they want...

[mturmon]

Another factor (according to the excellent Battle of Wits by Budiansky) was that the Germans were overconfident that Enigma was unbreakable. Turned out their confidence in the hard computation that would need to be done to decode Enigma was wrong.

[rythie]

This was not a trivial system for it's time. Do you change your ssh keys and certificates every day?

The enigma had a new encryption code for everyday distributed on paper and torn off and destroyed once used. The were different codes and machines used in different branches of the army/navy and the system was updated through the war.

The British didn't get to see the machines or it's method for many years. There were 159 quintillion possible keys and even a 1 million guesses/second it would take 5 million years to guess a code - and don't forget they changed everyday. Also, remember there were no computers to do this, let alone one that that could even remotely approach 1 million operations a second.

So you ought to able to see at the time people were pretty confident it couldn't be broken, and if they hadn't made some mistake in it's use e.g. distributing weather reports, it might have not been.

We are arguably much more complacent than they were vs. their time. It was only recently that perfect forward security became a thing in HTTPS for example (i.e. different key for each connection).

[B1FF_PSUVM]

Bit unfair, dumping on people who had seventy or eighty years less experience, and profit from widely published literature and history on the topic.

I mean, it's not like they could even go read the Wikipedia piece on the German tank serial numbers info leak. Might have been a feature of a certain seminal strategy game - "you have defeated A[213 of 330]" ;-)

[WalterBright]

They did have extensive experience with spying in general, and compartmentalization of it. The compartmentalization was not applied to encryption. They also knew that losing an enigma machine to the enemy could compromise it (and did), but they just apparently assumed that no U-boot lost its enigma machine to the enemy.

[usrusr]

By the time statistical evidence could have grown strong enough to shine through the careful layers of deception, they were far to busy not noticing that they were losing the war to notice that they lost the encryption battle. In a world of believers, only traitors quantify bad news.

[WalterBright]

Oh, they noticed all right. From "U-Boat Ace" by Jordan Vause pg. 103:

"retrieved a working Enigma machine along with the documents and code keys for three months. Not surprisingly, U-Bootwaffe fortunes declined in the following months, and from that point on Doenitz remained in doubt about the Enigma cyphers his boats were using. But the experts reassured him over and over again that they were sound, and so he retained them until the end of the war."

[lostlogin]

I haven't found anything on the subject, but he would have been alive when Enigma become public. It would be great to know his thoughts (and those of people like Speer).