Electronic Cipher Machine (ECM) Mark IIBy Rich Pekelney
WHAT IS THE ECM MARK II AND WHY IT WAS IMPORTANT:The ECM Mark II (also known in the Navy as CSP-888/889 or SIGABA by the Army) is a cipher machine. It was used aboard USS Pampanito to encipher messages from ordinary, or what cryptologist (people who study secret communications) call plain text, into secret language, which is called cipher text, under the control of a key (encipherment). A cryptographic system consists of the combination of cipher machine, operating procedures and management of keys. If the system is well designed and implemented correctly, cipher text can only be converted back to plain text (deciphered) by someone with all three elements of the system.
In early September 1944 U.S.Fleet Radio Unit Pacific (FRUPAC) in Hawaii recorded a Japanese cipher radio message that originated from Singapore. Unknown to the Japanese, U.S. forces had analyzed many Japanese messages and as a result of much brilliant and hard work were able to reproduce their enemy's inadequately designed and implemented cryptographic system. This is called cryptanalysis or "breaking the system". FRUPAC deciphered (and decoded) the message that announced the route of an important Japanese convoy from Singapore to Japan. The timing and expected path of the convoy from the message was enciphered on an ECM in Hawaii and sent to Pampanito where it was deciphered on an ECM. Although Pampanito's crew did not know how FRUPAC got its information, they were able to go directly to the convoy's path and attack with great efficiency. Pampanito's attack was kept secret by the superior U.S. cryptographic system that revolved around the ECM Mark II.
The ECM Mark II based cryptographic system is not known to have ever been broken by an enemy and was secure throughout WW II. The system was retired by the U.S. Navy in 1959 because it was too slow to meet the demands of modern naval communications. Axis powers (primarily Germany) did however periodically break the lower grade systems used by Allied forces. Early in the war (notably during the convoy battle of the Atlantic and the North Africa campaign) the breaking of Allied systems contributed to Axis success.
In contrast, the Allies were able to break Axis communications for most of the war supplying many of the targets attacked by Pampanito. Intercepted messages provided not only the location of potential targets, but often insight into the thinking of enemy commanders. In the Pacific, this information was critical to success in the battles of Midway and the Coral Sea in 1942. However, intelligence, including cryptanalysis, can be a double-edged sword. The intercepted message that directed Pampanito to attack the convoy during September 1944 did not indicate that 2000 Australian and British P.O.W.s were aboard the Japanese ships. The full story of this attack and Pampanito's rescue of 73 P.O.W.s is in the Third War Patrol Report. The combination of secure U.S. cryptographic systems and vulnerable Axis systems directly contributed the success of the Allied powers during WW II thereby shortening the war by years and saving countless human lives.
More Information On The ECM Mark II:
The joint Army-Navy ECM Mark II cryptographic system became effective on 1 Aug 1941, and the two services had the common high-security cryptographic system in place and in use prior to the attack on Pearl Harbor. The use of a common system was of great military value, particularly during the early stages of the war when the distribution of machines and codewheels was incomplete. By 1943, over 10,000 machines were in use. The "Stepping Maze" and use of electronic control were a generation ahead of the systems employed by other countries before and after WW II. No other country is known to have ever broken the ECM Mark II cryptographic system.National Cryptologic Museum (a part of the National Security Agency) has 3 machines (they may have more in storage), one of which is on display in their Fort George Meade, MD museum and the other is on display at the Smithsonian Museum of American History. The U.S. Naval Security Group has 2 machines. One is on display in Pensocola, FL. When contacted US Army historians did not believe they had any machines.
From July of 1996 until November of 2004 one of the NSG machines was on loan aboard Pampanito. After cleaning, lubrication and minor repair it was put on display. At the time it was returned to the Navy, it was the only fully operable ECM Mark II in existence. This machine was built in June of 1943 as a CSP-889, and sometime ca. 1950 it was modified into a CSP-889-2900. The minor modifications added one switch and a knob that allow operation compatible with CSP-889 machines, or enhanced security when operated as a CSP-2900. After reading the information about ECM Mark IIs on this page, those seeking to know even more about the CSP-2900 that was displayed onboard Pampanito can read the ECM Mark II Curatorial Report.
Cryptologic history researchers can operate an ECM Mark II Computer Program. This program and its JAVA language source code are provided for the benefit of researchers, it is not recommended that this algorthm be used for modern cryptography.
Pampanito is seeking the other cryptosystems that were used during the war. The Pampanito Wish List contains a list of equipment we are seeking.
A Channel is the combination of all the equipment, instructions, key lists, etc. that are needed for two parties to communicate in a cipher system.
Note that CSP stands for Code and Signal Publication, its usage started during WW I. We would appreciate your help in gathering information on any of the systems that are not well described here. Researchers may find our list of cryptographic designators useful.
The ECM has fifteen rotors arranged in three rotor banks. The five rotors in the rear are the cipher rotors that convert a plain-text letter into a cipher-text letter as they are irregularly stepped. Electrical currents passing first through the control (middle) rotor bank and then through the index (front) rotor bank determine which cipher rotor(s) step. The center three of five control rotors step in a metered fashion. Control rotor 3 is the fast rotor and steps once for each character typed. Control rotor 4 is the medium rotor and steps once each time control rotor 3 completes a full rotation. Control rotor 2 is the slow rotor and steps once each time control rotor 4 completes a full rotation. Control rotors 1 and 5 do not step. The index rotors are positioned once each day and do not move while operating. The 10 cipher and control rotors are large 26 contact rotors that may be used interchangeably in the cipher or control bank and are reversible. The five smaller, 10 contact, index rotors are only used in the index bank. Four contacts are energized on the first rotor of the control rotor bank. The connections between the last rotor of the 26 contact control bank and the first rotor of the 10 contact index bank are in 9 groups of between 1 and 6 wire(s) each. One of the index bank contacts is not used. The 10 outputs of the last index rotor are attached in pairs to 5 magnets that step cipher rotors when energized. Between 1 and 4 cipher rotors are stepped for each character enchiphered.
To properly encipher a message, the three banks of rotors must be arranged and aligned in such a way that they can be reproduced by the deciphering operator. The particular arrangement and alignment of the rotors selected by the enciphering operator and transmitted to the deciphering operator in disguised form constitutes the keying instructions.
The design of the ECM limited the erratic stepping so that at least 1, and not more than 4 cipher rotors step at a time. Even so, a crude, exhaustive search would require an enemy to check around 10 to the 14th permutations of code, index and control rotor starting positions. The combination of modern algorithms and the availability of high speed computers mean this system is no longer secure, but during its term of service it provided an unprecedented level of security.Navy operating manual from 1944 and a sample Army operating manual from 1949 are available online.
Although the index rotors were reassembled (changing the order of the rotors) once a day during most of the war (SIGQZF), starting with SIGQZF-2 they were kept in a fixed order not requiring daily reassembly. The operator consults the secret daily keylist and aligns (rotates) the index rotor wheels differently for secret, confidential and restricted messages. The index rotor alignment is only changed when either the day ends, or the classification of message to be encrypted changes.
Control and cipher rotors are also reassembled once a day from the secret daily keylist, their alignment however, was changed with each message. After the daily assembly of all rotors and the alignment of the index rotors, a check group is used to verify the initialization and operation of the machine before any real messages are encrypted. The rotors are zeroized, (cipher and control rotors positioned on "O") and the letter A is repeatedly encrypted until 30 cipher text characters are printed. Then the 26th-30th letters are matched with the check group supplied in the secret daily keys.
For each message, the secret daily keylist is consulted, and the control and cipher rotors are aligned to an initial position depending on the classification of the message. Now the operator selects a group of any five letters, except Z, at random to be the internal message indicator. This internal message indicator is then enciphered and the external message indicator (enciphered internal message indicator) is printed on the tape and transmitted with the message. The control and cipher rotors are then aligned without printing to the internal message indicator. The rotors are never aligned to the external message indicator (the letters printed on the tape), but always to the internal message indicator. Now the body of the message may be enciphered and transmitted with the external message indicator. If the plain text exceeds 350 5-letter groups, the plain text must be divided into 2 or more equal parts so that no part exceeds 350 groups. For each part a new internal message indicator is selected.
CLASSIFICATION: CONFIDENTIAL Date: 27 Dec 1943
From: Director Naval Communications
The principles of communication security cannot be over stressed, for such security is vital to the success of operations. Errors which seem minor in themselves may, when accumulated, offer to the enemy an entering wedge for the eventual compromise of a system. The object of this memorandum is to enlist your cooperation in protecting our cipher systems and hence our national security.
THE PRICE OF SECURITY IS ETERNAL VIGILANCE.
A communication such as COM 112 222105 DECEMBER may endanger our interests because it appears to violate security principles in the following respect(s):
DRAFTING: Plain language reference to encrypted dispatches.
No reply to this memorandum is necessary, but your cooperation in supressing dangerous communication practices is earnestly solicited.
CARELESS COMMUNICATIONS COST LIVES
The following is a list of some of common violations of security principles:
Unnecessary word repetition
"XYX" or "X"'s for nulls
Enciphering indefinite call sign
Classified dispatch transmitted in plain language by wire or radio,
when not specifically authorized.
Output: Printed tape or electric via tandem plug.
Speed: 45 to 50 Words per minute.
Power Supply: 40/70 cycle, 105-125 VAC or 105-125 VDC or 24 VDC
2 amps at 120 volts AC or DC, 3 amps at 24 VDC.
Army Signal Security Agency (1946) History Of Converter M-134-C (Sigaba) Vol I, II And III This is available from the US National Archives and Records Administration (NARA); NSA Historical Collections 190/37/7/1, Box 799, F: 2292, pp 468.
Safford, L.F. (1943) History of Invention And Development of the Mark II ECM (Electric Cipher Machine) This available from NARA. SRH-360 in RG 0457: NSA/CSS Finding Aid A1, 9020 US Navy Records Relating to Cryptology 1918- 1950 Stack 190 Begin Loc 36/12/04 Location 1-19. In Feb 1996 the version at NARA was redacted, but the full document is now declassified.
Rowlett, F.B. (1998) The Story of Magic. Laguna Hills, CA: Agean Park Press. A first hand description of its invention.
Specifications for an ECM Mark II are from:
ECM Mark II Keying, Operating and Maintenance instructions are in:
General information including security of the ECM Mark II are in:
A list of cipher equipment carried by submarines in the Pacific is in:
Information on the overall history of Naval Communications during WW
II may be found in:
Compliance with Operating Instructions notes are from:
Descriptions of the the Authentication Systems may be found in:
Many of the primary sources cited are from documents declassified and made available in NARA at College Park, MD by the NSA.
The National Cryptologic Museum is part of the United States National Security Agency http://www.nsa.gov.
Bletchly Park, was the primary site of the successful British WW II cryptanalytic effort.
Cryptologia is a quarterly journal devoted to cryptology.
Jerry Proc's Crypto Pages describe the KL-7 and KWR-37 cipher systems that replaced the WW II systems during the late 1950s.
History of cryptology:
Background on the history of intelligence in the Pacific may be found
The story of Pampanito's third war patrol is in:
On the subject of Cryptanalysis of rotor systems: