Re: Rotor crypto devices: if you don't have a UKW (reflector) then you need to double the number of rotors (+1 extra)...



Rotor crypto devices: if you don't have a UKW (reflector) then you need to
double the number of rotors (+1 extra)...

I don't think it's that simple. It's doubtful that an N-rotor machine
with a reflector (UKW) would be as strong as a corresponding
(2N+1)-rotor machine without a reflector. Here's a vague argument as to
why: many attacks on rotor machines search through all possible
combinations of rotor orderings and start positions, performing a test
at each one (e.g. the Turing-Welchman bombe, the distributed M4 Enigma
project etc). Doubling the number of rotors greatly increases the size
of this search space. As an example:

For a 3-rotor machine with a reflector, there's some 26^3 possible
start positions of the rotor cores, and (if we assume that there are
only 3 rotors to choose from) 6 permutations for the rotor order:
105,456 possibilities in total.

For a 7-rotor machine without a reflector, you'd have 26^7 start
positions and 7! permutations for the rotor order: 40,480,323,287,040
possibilities.

It's not all about number of possibilities, of course, but this is a
rough argument.

-- Matt

.