|
|
|
|
Mixer OTT UK Noreen →
|
Rockex
BID/08/05 - BID/08/08
|
|
|
One-time Tape cipher machine
- wanted item
Rockex was a valve-based online/offline one-time tape (OTT)
cipher machine,
developed in the USA from 1940 onwards by Canadian communications expert
Benjamin deForest Bayly, at the request of British Intelligence.
Rockex entered service in 1943 and was built from 1944 onwards by
HMGCC at Hanslope Park (UK).
Later versions
of the machine were also known as BID/08/05, BID/08/06,
BID/08/07 and BID/08/08 1 .
The last machines were decommissioned in 1983 [1].
|
The design of Rockex was based on the earlier
Telekrypton, a machine
built in the US by the Western Union Telegraph Company
as a proof of concept of the so-called Vernam Cipher,
but which had not become a commercial success, because it
was too large and had security issues.
Bayly turned Telekrypton
into a One-Time Tape (OTT) cipher machine,
which was then used by the
British Security Coordination (BSC)
on a link between Washington and New York [1].
He also modified it, so that only the 26 letters of the
Latin alphabet would appear in the ciphertext.
|
|
|
Rockex first entered service in 1943 when it was used to pass messages
between Camp-X in Whitby 2 (Ontario, Canada) and Great Britain.
In 1944, production was moved to
HMGCC
at Hanslope Park (UK).
In total only 12 Rockex I machines were built before it was succeeded
by Rockex II.
After the war, the machine was modified several times because of
TEMPEST issues.
Rockex was used by the UK and Canada for TOP SECRET traffic.
From July 1955 onwards, it was also approved for passing NATO messages
of all classifications including COSMIC. Nevertheless the machine
was not used by other NATO countries, due to lack of sufficient
machines [5].
The later Rockex Mk. III, IV and V versions were built
at Borehamwood (UK) where also the secret keystream tapes were
manufactured.
In 1962, Rockex was succeeded by the compatible
Noreen (BID/590) cipher machine,
but remained in service for military and diplomatic traffic
alongside Noreen in the UK and Canada until 1983.
The machine was also used in the Commonwealth countries
Australia and New Zealand, but only for secure
diplomatic traffic with the UK [6].
|
|
-
The lower BID/08 designators (e.g. BID/08/02) were used for Typex.
-
During WWII, Camp X was the unofficial name of a paramilitary, clandestine
and commando training installation of the BSC,
located in Ontario (Canada) between Whitby and Oshawa. It is known today
as Intrepid Park.
-
The image above shows a Rockex cipher machine with a compatible
Noreen BID/590/2
on top. The photograph was taken in September 2013 in David White's
Diplomatic Wireless Service exhibition in Hut 1 at
Bletchley Park, on its
final opening day.
|
Rockex was a fairly large and heavy system mounted in a metal frame consisting
of four bended legs. At the top is the so-called 700 Unit which contains
all mechanical parts and the relays. At the centre, just below the wooden
'table top' is the 804 Unit (sometimes called the 800 Unit) which contains
the electronic valve-based circuits. At the bottom is the Keyer
(no designator).
Two paper tape readers are mounted in front of the 700 Unit at the top.
One is a 5-level tape reader, which is used to read the plaintext (when used
offline). The other one is a 6-level reader which is used to read the
keystream tape.
The signals of both readers are 'mixed' in the 804 unit by means of modulo-2
addition (XOR).
They keystream tape is fed to the 6-level tape reader from a circular
paper tape holder that is placed horizontally on the table top at the right.
Inside the 700 Unit is an electromotor which drives the main shaft
and eight GPO type 3000 telephone relays.
The unit is normally powered directly from the 220V/50Hz mains, but it was
also possible to power it from the 110V/60Hz mains. In such
cases a step-up transformer was mounted at the bottom, aside the Keyer,
and some mechanical gears were swapped to cope with the different mains
frequency (50/60Hz). In most situations Rockex was used in offline mode.
|
- Rockex Mk I
First version, developed in the US and (partly) built in the UK.
Only 12 units made.
- Rockex MK II - BID/08/05
Introduced late 1944 and built at Hanslope Park (UK).
- Rockex Mk III - BID/08/06
Post-war variant which suffered from TEMPEST issues.
- Rockex Mk IV - BID/08/07
First TEMPEST complient version.
- Rockex Mk V - BID/08/08
|
By convention, the 'ex' was added
at the end of the name of all British cipher machines at the time.
It is believed that the name Rockex was derived from a performance of the
Radio City Music Hall Rockets dancers.
Another possible
explanation is that it was named after the Rockefeller Center in New York
where the BSC had its headquarters in room 3603.
In some (historical) publications and on the internet, it is suggested
that Rockex and Telekrypton
were one and the same machine, but this is not the case.
Telekrypton was the predecessor of Rockex
and the two machines were not interoperable. However, as Rockex
replaced Telekrypton on a number of important wartime communication links,
users sometimes kept calling the new machine 'Telekrypton'.
|
Rockex has two tape readers at the top left.
One of these is used for the so-called keystream tape:
a punched paper tape that is filled with random characters A-Z. As the
international teleprinter alphabet (ITA2)
is based on 5-bit data, one would expect a 5-level tape reader in this position,
but this is not the case. The keytape reader of the Rockex expects a 7-bit
wide tape, with 6-bit data. This means that an uncommon tape width was
used for the keystream tape.
In the image above, the two tape formats are compared. At the right
is a common 5-level teleprinter tape (blue).
The one on the left is the Rockex/Noreen key tape (red)
which has an unusual width and was probably custom made.
It is seen from the front/top of the machine.
Note that the extra tape channel (6) was added before channel 1 and that
a margin was added at the side of channel 5, probably to prevent the
tape from being inserted the wrong way around.
The keystream tape contains a random A-Z character data stream in the usual
5-level teleprinter format. This 5-bit information is mixed with the data
from the other tape reader. Whenever the 6th hole is present in the key tape,
the data is not
enciphered but sent directly to the output.
This way a space can be inserted in the printed text after each 5th character,
while a double space was inserted after each 5th group. The 6th keytape channel
was also used to automatically insert the (unencrypted)
5-letter message indicator that marked the beginning of each 49-group section.
The key tapes are compatible with those of the later
Noreen cipher machine,
and were created by means of a pseudo-random generator that was codenamed
DONALD DUCK (probably because it produced gibberish) followed by
a so-called paragrapher device. This device
punched random data into the paper tape in blocks of 50 groups of 5 letters each.
The first 5-letter group was the message indicator which was not
encrypted.
This was done by punching the 6th hole in the key tape. The indicator
group was followed by 49 encoded 5-letter groups. Each group was separated
by a single space (again, using the 6th hole) with a double space after
each 5th group [1].
The image above shows an example of a keytape as it is guided through
the tape reader. This means that channel 5 of the tape is at the bottom
(at the edge with the wide margin)
and that the extra channel (6) is added before channel 1 and is now
at the top. Note that the random data on the key tape consists
only of the letters A-Z. This was done
to ensure – in combination with the so-called discriminator –
that only the letters A-Z would appear in the encrypted output.
The example above shows what the printed output of the Rockex ciphertext
may have looked like. The text is formatted into 5-letter groups.
Each block of 5 groups is separated by a double space. CR and LF are
automatically inserted after each 10th group and a double LF is inserted
after each 50-group segment. In the example, the first group of each segment
is highlighted to show that this is the message indicator which is
incremented in alphabetical order.
In reality the indicator was printed in black too.
Thanks to Richard Girling for providing the ciphertext [7].
Separate tapes were used for encoding and for decoding.
They were idendified by the colour of the tape and by the colour of their
spool core. In the UK, the encoding tape was generally green and was
wound on a blue marked core. The decoding tape was red and was wound on an
orange marked core. In Canada the tapes were coloured yellow and red
respectively. The core of the decoding spool was slightly
wider than the one that was used for encoding. A sensing switch in the
keytape supply mechanism sensed this and informed the machine of which
tape was present.
The key tapes were manufactured at a secret government facility in
Borehamwood (UK) [6].
|
For proper security it is important that the keystream tape contains
a sequence of evenly spread truely random characters. Producing such a
random keystream was a major challenge during WWII. In the early days
of the Telekrypton cipher machine,
such tapes were produced manually.
When the need for keystream tapes increased during the course of war,
the manual production was replaced by electromechanical methods.
The machine that was used for the production of Rockex key tapes
was codenamed DONALD DUCK, possibly because it speaks gibberish [3].
It wasn't before the application of a noise source however,
that truely random key streams were produced.
In the UK, a noise generator with five flip-flops
was developed at GCHQ just after WWII by former GPO-engineer
Don Horwood, who had also worked on
Colossus
at Bletchley Park.
|
The simplified block diagrams below show how Rockex works. At the left
are the two punched paper tape readers. The upper one is a 6-level reader
which is used for the keystream tape. The lower one is a normal 5-level
reader which is used for the plaintext tape. The signals from both
tape readers are combined (added) in a digital valve-based XOR circuit
(actually one XOR for each bit).
This operation is generally known as the Vernam Cipher
and the machines are called 'mixers'.
The data from each of the tape readers consists of 5 data-bits, but the
keystream tape reader has 6 channels. The extra channel controls the
operation of a bypass circuit.
Whenever the 6th hole is present, the remaining 5 data bits are
sent directly to the output. This was used for inserting spaces
automatically between the 5-letter groups, and for
non-printable characters (such as LF and CR). It was also
used for inserting the Message Indicator at the beginning of each section.
The keytape only contains the (random) letters A-Z, plus formatting data.
In order to ensure that the (printed) output also consists of only letters (A-Z)
and formatting data (SPACE, LF, CR), a discriminator is added to
check the output of the XOR for unwanted characters (the so-called stunt 1
characters).
If, during encoding, a stunt character is encountered,
the input is halted and the key character is output instead.
Next, the key tape is advanced and the next key character is tried, and so on,
until the desired output (A-Z) is yielded 2 . This is then sent to the
output.
At the receiving end, the bypassed character is mixed with the same character
from the key tape, which produces a NULL code. As a NULL code has no effect
in the 5-bit ITA2 code,
this code will be ignored and has no effect on the
decoded text. Furthermore, this method has no negative effect on the security
of the cipher. Although it causes some overhead, it has the advantage that
all characters present in the ciphertext (including numbers and stunt 1
characters) can be sent.
When deciphering as described above, the formatting data from the key
tape has to be ignored and any stunt characters on the ciphertext tape
will also have to be suppressed. For this reason it is necessary to switch
between enciphering (EN) and deciohering (DE). In deciphering mode,
the machine works as shown in the block diagram above.
|
|
-
In telegraph terminology, 'stunt characters' is a common expression for the
control codes: LF, CR, LTRS, FIGS and SPACE.
-
In May 2015, the exact operation of the Rockex/Noreen key tape has
been the subject of a discussion on the Crypto Collectors News Group
(now: ICCH),
in which the method described here was coined by Frode Weierud [3].
This has since been confirmed by Crypto Museum on a restored
Noreen cipher machine which uses
identical key tapes [8], and is corroborated by documents on Rockex
that were released by NSA.
|
The history of Rockex starts around 1940 when, during WWII, the
British Security Coordination (BSC)
was looking for a way to pass secure messages between the BSC offices
in New York and Washington. The BSC was established by British Prime
Minister Winston Churchill to protect the British interests in the
Americas, investigate enemy activities and mobilise pro-British
opinion in pre-war America. By some it is seen as a propaganda
instrument to bring America into the war.
Although Great Britain already had good cipher machines at their disposal,
such as the Typex,
they wanted the BSC traffic to remain secret indefinite.
Canadian communications expert Benjamin deForest Bayly was hired to find
a solution. He found two Telekrypton machines
lying around in the warehouse of the Western Union Telegraph Company
in the United States. The Telekrypton
was based on the so-called Vernam Cipher:
a fast method of mixing
a plaintext data stream with a secret key stream, invented by Gilbert
Sandford Vernam back in 1918. Western Union had built some machines based
on this principle, but they were not very successful.
Telekrypton
had two major drawbacks: it was way too large and difficult
to maintain, and the keystream tape was looped around after approx. 7 feet.
Nevertheless, Bayly bought the two remaining Telekrypton machines
and made them suitable for the British cause. He made the machine much smaller
and increased the length of the keystream tape
to at least the length of the message.
Furthermore, he allowed only two identical tapes and instructed
them to be both destroyed immediately after use.
This way the machine became a real One-Time Pad system.
Telekrypton
was first used on the link between the BSC offices in New York
and Washington in January 1942, soon followed by links to Ottawa (Canada)
and Camp X (Whitby, Ontario, Canada). In the following year, Bayly fixed
a number of weaknesses in the Telekrypton design and modified the
combining logic so that only the 26 letters of the Latin alphabet were
produced. All control codes (space, LF, CR, etc.)
were rejected and replaced by the key character. This way it
became possible to nicely arrange the output in groups of five letters
each, separated by spaces.
The modified machine became known as Rockex and was introduced in 1943.
Although the machines were initially built in the US, production was moved
to HMGCC at Hanslope Park (UK) in 1944. In total only 12 Rockex I
units were ever built before it was succeeded by Rockex Mk. II.
An early example of a Rockex II machine was supplied to
Bletchley Park
towards the end of WWII [1].
After the war, Rockex Mk. II was followed by the Mk. III but all three
versions appeared to have security issues
(TEMPEST).
These were fixed
in the later Mk. IV and Mk. V versions.
In July 1955, Rockex was even approved for passing NATO COSMIC and
NATO SECRET traffic [5].
In 1962, a smaller offline
variant called Noreen was introduced,
but most Rockex machines remained in service until the late 1960's.
The last Rockex machine was decommissioned as late as 1983 [1].
|
-
The exhibition in Hut 1 was closed down
in September 2013. Current whereabouts of the Rockex machine are unknown.
|
- Jerry Proc and contributors, Rockex
Website. Retrieved January 2015.
- Wikipedia, Rockex
Retrieved January 2015.
- Frode Weierud, Discussion on the operation of the XOR circuit
Crypto Collectors Newsgroup (now: ICCH). May 2015.
- Rufus L. Taylor, Disclosure of Details of ROCKEX to the French
Ref ID: A61029. USCIB: 39.2/10. 20 September 1954. SECRET.
Declassified by the NSA on 21 April 2014 (EO 13526).
- C.H. Sampson, Use of Cryptographic machine ROCKEX for All Classifications of Traffic
NATO, SGM-488-55. 25 July 1955. SECRET.
Declassified by NATO on 24 November 1999 (IMSM-431-99).
- David White, Personal correspondence
January 2015.
- Richard Girling (G4FCD), Example of a possible Rockex ciphertext output
Received May 2015.
- Crypto Museum, Restoration of a Noreen cipher machine
Netherlands, June 2015.
|
|
|
Any links shown in red are currently unavailable.
If you like the information on this website, why not make a donation?
© Crypto Museum. Created: Tuesday 13 January 2015. Last changed: Saturday, 30 April 2022 - 08:46 CET.
|
|
|
|
|