Recently I have begun coding a simple library that can encrypt/decrypt files based on the old enigma machines (and type-x etc).
But what fun is it to just digitize a known breakable piece of hardware?Technology has come far enough for us to hold way more computing power in the palm of our hands than a soldier was able to carry around on his back a few decades ago.
The first big improvement step is to switch the alphabet for bytes, which gives us a few distinct advantages:
- Ability to process any file we want to
- Still easily represented in a human readable form [0-255]
- Bigger “rotors”, which means more possibilities
- Easier comparisons programmatically
Also the following steps have been implemented to improve the strength based on the type-x and other ideas:
- A byte can become itself!
- A second switching board after the rotors
- Configurable rotors (including stronger random generator)
- Configurable number of rotors
- Filler bytes which can only be removed when successfully decrypted
- Random filler data before and after payload
- Configurable hashing algorithm combined with length indicator
- Ability to rotate more than one rotor after each character
As well as a few basic functions:
- Import and export keys (XML and binary)
- Proper file handling
- Basic DLL calls
This should be more than enough to stop the attacks on the old enigma and should prevent most modern day crypt analysis.
The implementation is written in C# but should be easy to convert to other languages as well, keep in mind that given the large number of bytes a simple document has become and the amount of array operations required this will not be a great solution for large files (AMD X4 965 scores about 5MB/min). Which will obviously decrease as more steps are implemented, though I think there still are some optimizations that be done to simplify some operations.
The following points are on the bucket list:
- Plugboards
- Fully functional UI
- Implement a configurable stepping maze (hard work, but should increase the entropy big time)
- Better file deletion (first overwrite with random data, then delete the inode)
- Release the source if there is some interest
- Ability to encrypt/decrypt a continues stream