[WalterBright]

I am still surprised that the Japanese and Germans did not figure out their codes had been broken. The disaster of the U-boot campaign was pretty good evidence of that, if nothing else.

Besides, expecting a widely used and deployed cryptosystem to be uncompromised for years is absurd. They should have assumed it would be broken, and developed regular replacements.

[Lagged2Death]

I am still surprised that the Japanese and Germans did not figure out their codes had been broken.

There must have been a lot of people who had suspicions.

But consider: for many years, US citizens who talked about ECHELON were considered crazies. Later, Bush's enormous surveillance expansion was mostly denied or dismissed. The 2016 Russian hacks of the DNC and the propaganda machine were brought up on national television during the debates. Yet there was denial, dismissal, and very little concern.

Without a plan for responding or reacting, denial is a very appealing way to deal with upsetting news. The Germans and the Japanese who were in a position to suspect that their communications had been compromised were also embedded in a totalitarian military chain of command, more focused on preserving the relative power of the people at the top than anything else. Questioning the efficacy of the system is easily cast as disloyalty. What could anyone do?

[antman]

They organized airplane flyovers that "saw" the U-boats. The Germans did not know how many aircrafts were patrolling and whether it was a high or low probability of being spotted.

If the British could not organize a parallel construction they simply let it go. They knew the plan for Crete invasion but they could not create a story on how they learned it so they preferred to lose naval control of the large part of the eastern Mediterranean sea. [0]

[0] https://www.amazon.com/Churchill-Secret-Service-David-Staffo...

[WalterBright]

The sub killers were waiting at meeting points for the U-boots and their "milk cows" so often that the obvious possibilities were:

1. the allies had enormous numbers of sub killers 2. the allies were incredibly lucky 3. Enigma was broken

Waiting for proof before acting is not a sensible decision.

(Even in WW1, the aviators regularly changed their codes used. They knew they were only good for a few days each.)

[empath75]

Let's imagine you've figured out that the codes were broken in Hitler's Germany. The only solution is replacing an expensive encryption system with another, equally expensive system, including all the training that goes along with it.

Who do you tell? And who is the guy that going to go to Hitler to tell him that their unbreakable system is broken?

[WalterBright]

You go to Admiral Doenitz, who already suspected it was broken, and was talked into not changing it by underlings, not Hitler.

BTW, my reading books about it suggests that one was not executed in the military for questioning orders. One reason the German military was so effective is much discretion was allowed by underlings, as well as listening to them.

[leoc]

I'm not well versed on the subject, but I assume it was just another of those large-scale intelligence failures, like the https://en.wikipedia.org/wiki/Englandspiel only with the boot on the other foot. Groupthink in action again. Also, given the large number of important ciphers which were broken during the war, I'd guess wildly that the pre-war crypto communities (such as they were) were generally much too complacent about the risks from cryptanalysis, likely because ciphers had never been subjected to state attack on a Manhattan Project scale before. Comparable to the long time it apparently took for people to become generally aware of C buffer overflows as a serious security problem, maybe.

[ISL]

5. There was a mole.

[Retric]

4. The US had some other means of tracking subs.

[WalterBright]

Not long range methods other than breaking Enigma messages which said where/when U-boots were to go. This is what made breaking Enigma so important.

[Retric]

That's what we actually did, however RADAR was a new thing allowing a small number of British aircraft to regularly intercept Bombers. Without any evidence it must have seemed probable for something similar to be locating subs.

[lostlogin]

Regularly intercept in daylight - it performed poorly roughy that at night interception rates were abysmal.

[lostlogin]

The codes were changed regularly but the system was compromised. Naval codes were harder to break and often the allies had long periods of being in the dark.

[dboreham]

4. Airborne Radar had been developed.

[adekok]

The British did significant amounts of data analysis and traffic analysis. e.g. estimating German tank production by looking at the serial numbers of captured / destroyed German tanks.

I don't recall anything about the Germans doing the same thing.

[funnyfacts365]

Ofcourse you don't. They lost. Winners write history as they want...

[mturmon]

Another factor (according to the excellent Battle of Wits by Budiansky) was that the Germans were overconfident that Enigma was unbreakable. Turned out their confidence in the hard computation that would need to be done to decode Enigma was wrong.

[rythie]

This was not a trivial system for it's time. Do you change your ssh keys and certificates every day?

The enigma had a new encryption code for everyday distributed on paper and torn off and destroyed once used. The were different codes and machines used in different branches of the army/navy and the system was updated through the war.

The British didn't get to see the machines or it's method for many years. There were 159 quintillion possible keys and even a 1 million guesses/second it would take 5 million years to guess a code - and don't forget they changed everyday. Also, remember there were no computers to do this, let alone one that that could even remotely approach 1 million operations a second.

So you ought to able to see at the time people were pretty confident it couldn't be broken, and if they hadn't made some mistake in it's use e.g. distributing weather reports, it might have not been.

We are arguably much more complacent than they were vs. their time. It was only recently that perfect forward security became a thing in HTTPS for example (i.e. different key for each connection).

[B1FF_PSUVM]

Bit unfair, dumping on people who had seventy or eighty years less experience, and profit from widely published literature and history on the topic.

I mean, it's not like they could even go read the Wikipedia piece on the German tank serial numbers info leak. Might have been a feature of a certain seminal strategy game - "you have defeated A[213 of 330]" ;-)

[WalterBright]

They did have extensive experience with spying in general, and compartmentalization of it. The compartmentalization was not applied to encryption. They also knew that losing an enigma machine to the enemy could compromise it (and did), but they just apparently assumed that no U-boot lost its enigma machine to the enemy.

[usrusr]

By the time statistical evidence could have grown strong enough to shine through the careful layers of deception, they were far to busy not noticing that they were losing the war to notice that they lost the encryption battle. In a world of believers, only traitors quantify bad news.

[WalterBright]

Oh, they noticed all right. From "U-Boat Ace" by Jordan Vause pg. 103:

"retrieved a working Enigma machine along with the documents and code keys for three months. Not surprisingly, U-Bootwaffe fortunes declined in the following months, and from that point on Doenitz remained in doubt about the Enigma cyphers his boats were using. But the experts reassured him over and over again that they were sound, and so he retained them until the end of the war."

[lostlogin]

I haven't found anything on the subject, but he would have been alive when Enigma become public. It would be great to know his thoughts (and those of people like Speer).