Score:8

Is possible to a implement AES in a electromechanical machine in the 1900?

us flag

Can AES be implemented in a electromechanical machine in early 20th century?

Specifically does any machine from that era

  • have the capability to implement byte-oriented S-Box, or to implement the optimized word-based S-Box that computes SubBytes and MixColumn in less steps?

  • Have the capability to carry out ShiftRows in the memory (or storage) that's available to the machine?

  • Have enough memory to load the entire program to perform key schedule expansion, forward cipher, and optionally inverse cipher?

And, what's the estimated throughput of such implementation?

kelalaka avatar
in flag
Why not but why?. A little fun, If Lego can do it, every electro-mechanic can do it. See [Lego logics](https://www.randomwraith.com/logic.html). Note that AES has at most 41 multiplicative degree to build with FHE system...
kelalaka avatar
in flag
I think this is more suit to [retrocomputing](https://retrocomputing.stackexchange.com/help/on-topic)
Maarten Bodewes avatar
in flag
Retrocomputing said that they were interested in the question, but that it would require more details (the likely answer is yes, but without indicating any boundaries I guess it is hard to tell).
DannyNiu avatar
vu flag
I was thinking about suggesting @Wilhelm to add some description on the limit, capability, and physical/logical constraints on such machine so that this question can be more specific.
fgrieu avatar
ng flag
The ciphers of electromechanical cipher machines of the first half of the 20th century are designed around what a mechanical machine can easily do _without_ relays, à la Enigma. AES is not, and would I think lead to complex no-relay implementation, especially for SubBytes. MixColumns seems easier. ShiftRows reduces to moving things to right place. Using relays (à la [OMI Cryptograph-CR Mk II](https://www.cryptomuseum.com/crypto/omi/cr2/index.htm), see [illustration](https://www.cryptomuseum.com/crypto/omi/cr2/img/302152/042/full.jpg)) would ease things.
wizzwizz4 avatar
in flag
@MaartenBodewes The updated question looks like it'd be fine on [Retrocomputing.se]. _Maybe_ it'd help to explain some stuff about AES, but it looks migration-worthy now (if it's still off-topic here).
Maarten Bodewes avatar
in flag
@wizzwizz4 Uh, I'm a bit in doubt... there are no off topic votes and 3 upvotes. As such the question can remain here, but I wonder which site has the most experts; it's a bit of a split between AES and the electromechanics at the time I suppose. Let's offer to migrate it if it doesn't get an answer here...
kelalaka avatar
in flag
I’m voting to close this question because This is rather off-topic in Cryptography and suite more in retrocomputin.SE. And I would like to hear the voices of the expert from there.
Score:3
ca flag

yes, I believe that you could but you really wouldn't want to do so. I will say that one could create a SPN machine based just on mechanical stepping, but it'd be huge. Someone finally created Babbage's difference engine, so it's not a big step to assume you could do something similar. Of course, there's also that hexadecimal is not too inconvenient for this discussion.

The believe that the most difficult part of this machine would actually be the S-box because the mix columns and shift rows are fixed, so you'd need to just have a method to increment the S-BOX based result on the data presented to it. You'd need a crank, where you'd put in the data, key and then crank it until you've satisfied all of the rounds. This is the fundamental difference from the Enigma where the force of pushing the key stepped to the next value. In the AES-Enigma, you'd have to set the key, the data, and then crank a handle 2560 times (assuming the 10 rounds for AES 128, the 256 times you'd have to have to mechanically go through the S-box ).

The cool thing is that you'd see the output, much like do you for these: https://www.nayuki.io/page/aes-cipher-internals-in-excel

Paul Uszak avatar
cn flag
What exactly is your answer: yes or no? Wilhelm's question is binary. I'm having difficulty telling which way you're leaning (it may be Christmas Eve wine though). Happy Christmas.
Score:2
cn flag

Answer = No.

Ref. early < 1950. I'm excluding all Lego, Meccano, Mega Bloks and cam based machines for obvious reasons.

This is the Lorenz rotor stream cipher machine (very Steampunk):-

enter image description here

Colossus and ENIAC were built to aid decrypting this keystream. Those computers were at the bleeding edge of cryptographic analysis, and millions of people's lives were in the balance.

12 metal wheels went round and around to create the key stream. How could a electromechanical device of the Colussus and ENIAC era manage to execute 14 rounds of 256 bit keys? And create a key schedule? And perform substitution/transposition to instil confusion/diffusion? The machines could do frequency analysis and some Monte Carlo simulations.

An Arduino board can do AES but has 48,000 transistors for it's core and then extra for the memory and GPIO. It generates little heat, consumes ~ 25mA and nothing moves. Mine are 100% reliable if I don't stroke the cat before hand. Colossus had a reliability of 50%.

Plus and most obviously, they didn't have the cryptographic knowledge to design a machine for a cipher that wouldn't be invented till almost the 21st century. Also consider that the famous Difference Engine was built in the 1980's ( not designed, but materialised). It calculates logarithmic and trigonometric coefficients. Today, not in the early 20th century. It's still can't encrypt a tweet.

It's nice and romantic to think that they could do that so long ago (and I guess that's what the anachronistic Steampunk genre targets), but my answer is no.

forest avatar
vn flag
You're referencing the fact that historical mechanical cipher machines tended to be insecure and simple, and the fact that machines built to _break_ ciphers were significantly more complicated. How do you conclude from this that one couldn't make a mechanical cipher machine which performed AES encryption? It would only need to operate in chunks of 8 bits. In fact, I'd argue that such a device would be significantly easier to produce than Colossus or ENIAC, assuming it was purpose-built.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.