|
|
|
|
|
|
Key production unit
- under construction
Due to the way in which the human brain works, cryptographic message keys
generated by human operators are never truely random. In many cases they
are even predictable, e.g. when the name of a girl-friend is used. For this
reason, Gretag
develop the Schlüsselproduktionsgerät (SPG), an
electro-mechnical device that produced random keys for the
TC-53
and the TC-58.
|
The SPG is a rather small circular device, with a diameter of 12 cm,
that is constructed in such a way that it could be built inside an existing
TC-53 cipher machine.
It was also suitable for the later
TC-58 crypto extension for the KFF-58.
The TC-53
had a circular hole at the center of the front panel that was
normally closed with a blank panel. After removing the black panel, the
SPG could be mounted. Mounting it to the
TC-58 was more cumbersome, as it
needed a front panel with a suitable hole at the left. This hole is missing
from most of the surviving TC-58 units.
|
|
|
Contrary to what its name suggests, the SPG is not a (pseudo) random
number generator but merely a display unit. The actual key is generated
by the crypto logic inside the cipher machine itself. In the TC-53
and TC-58 cipher machines this is called the Cryptogram Generator.
|
The pseudo-random data stream generated by the cipher machine consists
of 14-bit data words. Five of these bits are used to feed the SPG [1].
Inside the SPG are 6 discs mounted on top of each other. Each disc has
a series of notches and gaps around its circumference.
Five discs are driven by the 5 data bits from the cryptogram generator.
The gaps on each of the discs are positioned in such a way that they
represent the binary form of that bit.
The SPG simply converts this 5-bit code into one of 32 positions
(see below). The 6th disc is a shutter.
|
|
|
The SPG was considered a highly classified device and was only supplied
to the Swiss Army. TC-53 and TC-58 devices that were used by other countries,
such as Austria, did not have an SPG.
Please note that, although the SPG is part of a TC-53 or TC-58
and is controlled from these devices, it is not part of the encryption
algorithm. It is just used to generate random message keys before encrypting
a text. TC-53 and TC-58 machines are perfectly usable without the SPG.
|
|
|
|
|
|
|
When encrypting, each new message should be encoded with a different key.
On the Enigma machine,
this key consisted of the daily key (Grundstellung)
and a message key that was randomly picked by the operator. The operator
then sent the message key, entrypted with the daily key, to the other end.
Both parties then set their machine to the message key, after which the rest
of the message was sent. Altough in theory this method works relatively well,
in practice it appeared to be difficult to persuade operators to pick truely
random message keys.
|
For the Gretag machines, a similar system was used, but in order to ensure
that the message key was not, say, the operator's girl-friend's name,
a time-consuming procedure involving the SPG was developed.
For the generation of the message key, the internal key generator (also
known as the cryptogramm generator) of the TC-53
(or TC-58) was used.
In order to generate a message key, we need 12 letters, each of which
represents the start position of a wheel.
First, the operator of the initiating station produced a 12-digit number
consisting of randomly picked digits 1-9 (0 was not allowed), for example
235684166719. This number was then sent to the station at the other end
in clear.
Both stations then switched to Key Production Mode and the wheels
were set to the daily key.
The image on the right shows the Gretag TC-53 cipher machine with the
(optional) SPG mounted at the center of the lower half of the front panel.
|
|
|
Next, the individual digits of the number that was transmitted in clear,
were used to determine the number of steps that the internal key generator
had to make before producing a letter for the message key.
So, from the basic position,
the key generator was stepped twice (the first digit) and the operator
wrote down the letter that was shown on the SPG (e.g. 'B').
The key generator was then stepped three times (the second digit) before
the next letter was written down (e.g. 'L'), and so on, until all twelve
letters of the message key had been written down, e.g.:
BLCHQIOXATKZ
Both ends would now set their wheels to the new starting positions,
as indicated by the message key, and the initiating party was able to
type the actual message. If the key at the other end was set correctly,
the clear text would appear automatically at the receiving end.
According to former users of the SPG in the Swiss Army, the generation
of a message key by means of the SPG could take up to 10 minutes
(!) which is why pre-generated key lists were often used instead.
|
As the operational procedure described above was too cumbersome for
some customers, Gretag developed an external SPG that could be connected
to the expansion connector of the TC-53 (Zusatz).
It was released in 1957 and was offered to customers as a field upgrade.
The advantage of the external SPG unit, was that it would automatically
make the required number of steps.
The upgrade required the existing SPG to be removed from the TC-53 and mounted
inside the new device that was called Zusatzgerät für halbautomatische
Schlüsselproduktion (add-on device for semi-automatic key production).
The hole in the TC-53 was then closed with a circular black panel; the same
one as used on the TC-53 machines that were exported (e.g. to Austria) [2].
|
The SPG could also be added to the later
TC-58 (KFF-58) cipher machine.
It was mounted at the left side of the front panel of the cipher unit
and required a special front panel (with a large hole). On machines that
were sold outside Switzerland, this large hole was not present.
Operation of the SPG was identical to the external SPG for the TC-53, as
described above. The machine would automatically make the required number
of steps.
|
The SPG is a self-contained unit that is connected to the host machine by
means of a rather stiff grey cable with an 8-way socket at the end. This
socket mates with a plug that is present inside the host device. Inside the
SPG are six electromagnets (solenoids) that are mounted in a circle.
|
Each of the solenoids controls a disc with teeth and gaps.
On five discs the teeth and gaps are spaced differently, in such a way
that each one represents one bit of a 5-bit digital counter.
Each disc has 32 teeth and 32 gaps and has two positions: 0 (solenoid
OFF) and 1 (solenoid ON). When in position 1, the disc is
rotated 1/64th of a circle.
The discs are all spaced in such a way that the teeth represent the
binary value of the corresponding bit. By stacking the five discs
on top of each other, there will always be exactly one position where the
gaps coincide.
|
|
|
As a result, one of the white indicator lines on the alphabet disc
at the bottom will be visible, acting like a pointer to one of the letters.
As each disc can be in two positions, we have 25 or 32 possibilities.
So the mechanism can be seen as a so-called 5-to-32 decoder.
The image below explains how it is constructed.
The upper drawing shows how the various discs are stacked.
|
|
|
|
|
|
|
The second drawing above shows an exploded view of the counter.
For clarity, each disc has been given its own colour. To ensure that
the white lines are not visible when the counter is not in use,
an extra shutter disc is mounted on top of the stack.
It is controlled by the 6th electromagnet.
The tables above and below show how the teeth and gaps are spaced and
what the purpose of the mask and the shutter is. In the above table,
all five electromagnets are disengaged (binary code 00000), representing
position 0. As the shutter is closed, nothing is visible in this state.
If the shutter is now opened (i.e. the 6th electromagnet is activated),
the gap at position 0 becomes visible, revealing part of the white
circle on the alphabet disc at the bottom. This white spot acts as an
indicator to the corresponding letter on the alphabet ring: in this
case the 'A'.
Now assume that the key generated by the number generator inside
the TC-53 is 11, which is represented by the binary code 01011.
When the corresponding electromagnets are activated, the position
of the discs will be as shown in the table above and the gaps at
position 11 will coincide. As a result the letter 'L', will be indicated.
The function of the mask (i.e. the bottom line of each table)
is to indicate the active positions of the discs
(the 0s represent the white lines).
|
From the above it has become clear that the SPG is only a display
device and not a (random) key generator. The actual key is derived
from the internal key generator (also known as cryptogramm generator)
of the host cipher machine (the TC-53 or the TC-58). That generator
is based on a 12-wheel driven mechanism that produces 26 digital bits.
12 of these bits control the stepping of the 12 wheels, whilst the
remaining 14 bits are used for the encryption and decryption of text. 1
Of these 14 key-bits, five are used to drive the SPG.
|
-
On the TC-53 and TC-58, each letter is represented by a 14-bit digital
code as used with the ETK teleprinters,
rather than the more common
5-bit baudot code
that is used by most other teleprinters.
|
|
|
|
Any links shown in red are currently unavailable.
If you like this website, why not make a donation?
© Copyright 2009-2013, Paul Reuvers & Marc Simons. Last changed: Saturday, 13 July 2013 - 10:28 CET
|
 |
|
|
