https://github.com/systemslibrarian/crypto-lab-enigma-forge
Browser-based Enigma machine demo — full mechanical simulation of rotors, stepping with double-step, plugboard, and reflector, plus the crib-based Bombe break exploiting the no-letter-maps-to-itself flaw. Real wiring tables. No backends. No simulated math.
https://github.com/systemslibrarian/crypto-lab-enigma-forge
bombe cipher classical-cipher codebreaking cryptanalysis crypto-lab cryptography enigma enigma-machine historical-cryptography rotor-machine turing wwii
Last synced: 6 days ago
JSON representation
Browser-based Enigma machine demo — full mechanical simulation of rotors, stepping with double-step, plugboard, and reflector, plus the crib-based Bombe break exploiting the no-letter-maps-to-itself flaw. Real wiring tables. No backends. No simulated math.
- Host: GitHub
- URL: https://github.com/systemslibrarian/crypto-lab-enigma-forge
- Owner: systemslibrarian
- Created: 2026-06-27T12:49:23.000Z (20 days ago)
- Default Branch: main
- Last Pushed: 2026-06-27T19:22:44.000Z (20 days ago)
- Last Synced: 2026-06-27T21:08:53.911Z (20 days ago)
- Topics: bombe, cipher, classical-cipher, codebreaking, cryptanalysis, crypto-lab, cryptography, enigma, enigma-machine, historical-cryptography, rotor-machine, turing, wwii
- Language: TypeScript
- Homepage: https://systemslibrarian.github.io/crypto-lab-enigma-forge/
- Size: 133 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# crypto-lab-enigma-forge
## What It Is
Enigma Forge is a faithful, in-browser simulation of the **Wehrmacht Enigma I**
(3-rotor) cipher machine, paired with the **crib + simulated-Bombe** attack that
broke it. The cipher is a symmetric, electromechanical polyalphabetic
substitution: a signal passes through the plugboard (Steckerbrett), three rotors
(chosen from I–V, with ring settings and start positions), a reflector (UKW-B or
UKW-C), back through the rotors, and out the plugboard — stepping the rotors
every keystroke. It solves the problem of a constantly-changing substitution
alphabet, and it is its own inverse (the same settings decrypt). It is **not**
secure by any modern standard: a structural flaw (no letter ever encrypts to
itself) plus predictable cribs let the demo recover settings by elimination.
## When to Use It
- **Teaching how rotor machines actually work** — the path visualizer traces a
keystroke contact-by-contact, because the mechanism, not a formula, is the point.
- **Demonstrating the no-self-encryption flaw** — the empty diagonal is shown
interactively and then exploited, making an abstract weakness concrete.
- **Explaining real cryptanalysis** — crib placement, menu construction, and the
Bombe's deduction-by-contradiction mirror the historical break, not a hand-wave.
- **Showing that keyspace size isn't security** — Enigma's ~10²³ keys still fell
because exploitable structure leaked; a vivid lesson for modern designers.
- **Do NOT use Enigma for real security.** It is broken: it has no forward
secrecy, no authentication, a fixed-point-free reflector that leaks structure,
and is trivially recoverable from cribbed ciphertext. This is a teaching tool only.
## Live Demo
**[systemslibrarian.github.io/crypto-lab-enigma-forge](https://systemslibrarian.github.io/crypto-lab-enigma-forge/)**
Type a message to encrypt it live (and, with identical settings, decrypt it — the
machine is its own inverse) while the lampboard, rotor windows, and signal-path
diagram update per keystroke. Controls include rotor selection and order (I–V),
ring settings (Ringstellung), initial positions (Grundstellung), reflector (B/C),
and plugboard pairs (Steckerbrett). The break workflow then takes a crib and
ciphertext through placement (self-map rejection), menu construction, and a
simulated Bombe that recovers candidate settings you can load back to read the message.
## What Can Go Wrong
- The reflector is fixed-point-free, so no letter ever encrypts to itself — a structural leak that crib placement exploits to reject impossible alignments.
- Predictable plaintext (stereotyped openings, weather reports) gives cribs that a Bombe-style search uses to eliminate rotor and plugboard settings.
- Operator procedure failures — reused message keys, lazy rotor choices, repeated indicators — historically shrank the effective keyspace far below its theoretical size.
- The large keyspace (~10²³) creates a false sense of security; exploitable structure, not brute force, is what broke it.
- It provides no authentication or integrity and no forward secrecy, so ciphertext can be altered undetectably.
## Real-World Usage
- Historically the primary German military cipher of World War II; breaking it (the Polish Biuro Szyfrów, then Bletchley Park) materially affected the war.
- A foundational case study in cryptanalysis teaching — known-plaintext attacks, search-space reduction, and why keyspace size alone is not security.
- The origin point for mechanized codebreaking (the Bombe), a precursor to modern computing.
- Today purely a teaching and museum artifact, not used for any real protection.
## How to Run Locally
```bash
git clone https://github.com/systemslibrarian/crypto-lab-enigma-forge
cd crypto-lab-enigma-forge
npm install
npm run dev
```
## Related Demos
- [crypto-lab-vigenere-break](https://systemslibrarian.github.io/crypto-lab-vigenere-break/) — breaking a classical polyalphabetic cipher with Kasiski and frequency analysis.
- [crypto-lab-dead-sea-cipher](https://systemslibrarian.github.io/crypto-lab-dead-sea-cipher/) — substitution, Vigenère, and Atbash, the historical ciphers Enigma descends from.
- [crypto-lab-otp-vault](https://systemslibrarian.github.io/crypto-lab-otp-vault/) — the one cipher with provable secrecy, and the key-reuse mistake that breaks it.
- [crypto-lab-biham-lens](https://systemslibrarian.github.io/crypto-lab-biham-lens/) — modern differential cryptanalysis of a substitution-permutation network.
---
*One of 120+ browser demos in the [Crypto Lab](https://crypto-lab.systemslibrarian.dev/) suite.*
*"So whether you eat or drink or whatever you do, do it all for the glory of God." — 1 Corinthians 10:31*