Tuesday, November 21, 2023

A Valuable New Book on Second World War Communications Security

 


Anybody who reads this blog will know of my interest in cryptography: the opposite side of the coin to cryptanalysis. How poor UK cryptography was until the middle of the Second World War, and why that should be the case is something I have written about several times.

Today, however, I want to introduce a new book about communications security, mainly from the German side. How secure did the Germans think Enigma really was? Did they really believe that the allies were not breaking their encryption?

Dermot Turing's lates book, Enigma Traitors: The Struggle to Lose the Cipher War addresses these questions. He has trawled through the reports of interrogations of German cryptographers in the postwar TICOM series as well as material in German, American and British archives to come up with a wealth of evidence to support the contention that the potential vulnerability of Enigma to a concerted machine-based attack was well known to German cryptographers. 

Why they continued to use the machine is explained by a number of factors: the inability to envisage the amount of technological resource the US and UK would be prepared to put into the attack; how difficult it was to accept that a system in whose security you have invested so much might in fact not be so secure; and the sheer impossibility of replacing over 30,000 Enigma machines in wartime by something better.

Some of this ground has been trodden previously, and R A Ratcliff's Delusions of Intelligence is still the leading work looking at a strategic level at the consequences of allied and German cryptologic policy during the Second World War. This book is very much bottom up, and focuses on the individuals who were involved, their doubts, their blind spots and their successes.

It isn't only about German cryptography either. It looks at the the insecurity of the codes used by the Royal Navy, and examines in more detail than I have seen elsewhere the claims that the Germans may have read Typex. However, a more detailed look at allied - British, at least - will have to wait until more material has been released.

This isn't so much a review as a recommendation. There really hasn't been enough  research into Second World War communications security and this books brings together so much that either has been lying unread in various archives, or which has been cited for a particular purpose, outside of the context of communications security policy, that it would be odd not to recommend it to anybody interested in the subject.

There is a tendency to think that cybersecurity is a completely new discipline, something which has nothing to learn from the past. While that might be true technologically, the way that humans think about security, and the way in which they persuade themselves that things are secure in spite of evidence that they might not be, suggests that research into the history of security might shed as much light on today's circumstances as the history of  intelligence has. This book illuminates the present as well as the past.

2 comments:

  1. Your recommendation is good enough for me! Ordered.

    ReplyDelete
  2. Aaah how true! Human beings make it humans beings break it. The ultimate folly of belief in the infallibility of technology.

    ReplyDelete