The Cryptographic Mathematics of

ⒺⓃⒾⒼⓂⒶ
This publication presents a historical perspective for informational
and educational purposes, is the result of independent research, and
does not necessarily reflect a position of NSA/CSS or any other US
government entity.
This publication is distributed free by the National Security
Agency. If you would like additional copies, please email your request
to [email protected] or write to:
Center for Cryptologic History
National Security Agency
9800 Savage Road, Suite 6886
Fort George G. Meade, MD 20755

Color photographs, David S. Reynolds, NSA/CSS photographer

Cover: General Heinz Guderian in armored command

vehicle with an Engima machine in use, May/June 1940.
German Federal Archive
The Cryptographic
Mathematics of
Enigma

Dr. A. Ray Miller

Center for Cryptologic History

National Security Agency

Revised edition
2019
Dedicated to the
Memory of the
Allied Polish
Cryptanalysts


Marian Rejewski

Jerzy Rozycki

Henryk Zygalski
T
he Enigma cipher machine had the confidence of German
forces who depended upon its security. This misplaced con-
fidence was due in part to the large key space the machine
provided. This brochure derives for the first time the exact number
of theoretical cryptographic key settings and machine configura-
tions for the Enigma cipher machine. It also calculates the number
of practical key settings Allied cryptanalysts were faced with daily
throughout World War II. Finally, it shows the relative contribution
each component of the Enigma added to the overall strength of the
machine.
ULTRA [decrypted Enigma messages] was the great-
est secret of World War II after the atom bomb. With the
exception of knowledge about that weapon and the prob-
able exception of the time and place of major operations,
such as the Normandy invasion, no information was held
more tightly…. The security implies ULTRA’s significance.
ULTRA furnished intelligence better than any in the whole
long history of humankind. It was more precise, more trust-
worthy, more voluminous, more continuous, longer lasting,
and available faster, at a higher level, and from more com-
mands than any other form of intelligence—spies or scouts
or aerial reconnaissance or prisoner interrogations…. It may
be concluded that ULTRA saved the world two years of war,
billions of dollars, and millions of lives.
—David Kahn, Seizing the Enigma

1
 The Enigma cipher machine is one of the best known cipher
machines in the world. Initially broken by Polish cryptanalysts, Enig-
ma decrypts from British and later American efforts were given the
covername ULTRA to reflect the value of the information. Today,
the Enigma stands as a silent sentinel to the folly of those who placed
their absolute confidence in its security. But it also stands in renowned
tribute to the cryptanalysts who pitted their minds against a problem
of seemingly invincible odds and who scaled its lofty heights.

Internal wiring of Enigma showing one connection

2
 Exterior view of Enigma showing the
front plugboard with cables

Just how difficult was the Enigma cipher machine to solve? Much
has been written in recent years about the attacks against Enigma or
the intelligence value of the ULTRA decrypts. However, little has
been said about the defenses of the machine itself and why it was so
trusted by its German designers. This publication sheds some light
on that topic by calculating the incredible number of possible key
settings and machine configurations, a number which led German
forces to place undeserved confidence in Enigma’s security.1
This is the first time the exact numerical value in all significant
digits has been published. Both the theoretical and the practical
strengths of the machine are calculated, and Enigma’s construction is
discussed in depth.

3
 Close-up of plugboard

A
n Enigma cipher machine consisted of five variable
components:2
1. A plugboard, which could contain from zero to thir-
teen dual-wired cables
2. Three ordered (left to right) rotors, which wired twenty-six
input contact points to twenty-six output contact points positioned
on alternate faces of a disc
3. Twenty-six serrations around the periphery of the rotors,
which allowed the operator to specify an initial rotational position
for the rotors
4. A moveable ring on each of the rotors, which controlled the
rotational behavior of the rotor immediately to the left by means of
a notch3
5. A reflector half-rotor (which did not in fact rotate) to fold
inputs and outputs back onto the same face of contact points.

4
Disassembled rotor, twenty-six input contact points wired to
twenty-six output contact points on alternate faces of disc

Nothing else on the machine that could be used to set the ini-
tial state of the cryptologic was variable. Additional necessary equip-
ment included a mechanical system (stepping levers and ratchets) for
forcing rotor rotation, a twenty-six-letter keyboard, twenty-six light-
bulbs for the output letters, and a battery for powering the lightbulbs.
What we wish to determine is the number of different ways of con-
figuring the variable components in the system that contributed to
the cryptographic strength of the machine. Although in practice the
Germans did not use Enigma to its fullest potential, Allied cryptana-
lysts could not a priori rule out any valid theoretical configuration.
The first variable component was the plugboard. Twenty-six (for
A–Z) dual-holed sockets were on the front panel of Enigma. A dual-
wired plugboard cable could be inserted, making a connection between
any pair of letters. Enigma cryptographers had a choice of how many
different cables could be inserted (from zero to thirteen) and which let-
ters were connected. The plugboard functioned like an easily modifiable
stationary rotor positioned to the right of the three rotating rotors.4

There were three elements that must be considered when cal-

culating the number of possible plugboard connections: the num-
ber of cables used, which group of sockets was selected to receive

5
 Close-up of rotor, twenty-six contact points, notch,
and serrations

those cables, and the interconnections within that group of sock-

ets (i.e., the specific letter-pairs created by each cable). We will
consider socket selection first. There were twenty-six sockets on
the plugboard. Each individual cable consumed two sockets (one
for each end of the cable). Given the choice of p plugboard cables
(0 ≤ p ≤ 13) inserted into the plugboard, there were therefore
26
( )2p different combinations of sockets that could have
been selected.

6
 Close-up of rotors inside machine. Reflector is to the left.

Having calculated the number of different groups of sockets, we

will now determine how many ways in which those p cables could
have been inserted into the 2p selected sockets. After the first end of
cable #1 was inserted into a socket, the second end of the first cable
had 2p – 1 free sockets from which to choose (within that group).
After the first end of cable #2 was inserted into a socket, the second
end of the second cable had 2p – 3 free sockets from which to choose.
This pattern continues down to cable #p; when its second end need-
ed to be inserted into the plugboard, only one free socket was left
open. It should be clear at this point that the total number of ways in
which p cables5 could have been inserted into 2p open sockets (with
each cable consuming two sockets) is given by the equation
(2p – 1) × (2p – 3) × (2p – 5) × ... × 1.
Therefore, given p cables inserted into the plugboard, the number
of different connections which could have been made by an Enigma
operator is given by the combination of the above two elements or

(262p) × (2p – 1) × (2p – 3) × (2p – 5) ×…× 1 = 26! .

p
(26 – 2p)! × p! × 2
The third and final element, which must be factored in, is the
number of cables used, or p. Using the equation just calculated, the

7
 External view of rotors showing contact points, ratchets,
and serrations

number of plugboard combinations for all possible values of p is given

in the following table. One interesting characteristic of the machine
is that the maximum number of combinations did not occur at thir-
teen as might be expected, but rather when the operators used eleven
plugboard cables.6

8
 Reflector with rotors removed

p Combinations p Combinations
0 1 7 1,305,093,289,500
1 325 8 10,767,019,638,375
2 44,850 9 53,835,098,191,875
3 3,453,450 10 150,738,274,937,250
4 164,038,875 11 205,552,193,096,250
5 5,019,589,575 12 102,776,096,548,125
6 100,391,791,500 13 7,905,853,580,625

Since the combinations possible for each value of p were mutu-

ally exclusive, the total number of possible plugboard combinations
is given by the sum of the above numbers, or
13

∑ 26! = 532,985,208,200,576.
p=0
(26 – 2p)! × p! × 2 p

The second variable component was the three ordered (left to

right) rotors, which wired twenty-six input contact points to twenty-

9
 Initial rotational position of a three-rotor Enigma

six output contact points positioned on alternate faces of a disc. This

equation is straightforward. There are of course 26! unique discs that
could have been constructed.7 Of those 26! any one of them could
have been selected by the cryptographers to occupy the leftmost
position. The middle position could have been occupied by one
of the 26! – 1 discs which were left. And the rightmost disc could
have been selected from any one of the 26! – 2 discs still remain-
ing. The total number of ways of ordering all possible disc combi-
nations in the machine is therefore 26! × (26! – 1) × (26! – 2) or8
65,592,937,459,144,468,297,405,473,480,371,753,615,896,841,
298,988,710,328,553,805,190,043,271,168,000,000.
The third variable component of Enigma was the initial rota-
tional position of the three rotors containing the wired discs. This
was specified by the cryptographers and set by the machine operators
by means of twenty-six serrations around the rotor periphery. Since
each of the three rotors could be initially set into one of twenty-six

10
different positions, the total number of combinations of rotor key
settings was 263 or 17,576.
The fourth variable component of the machine was a moveable
ring on each of the rotors; each ring contained a notch in a specific
location.9 The purpose of the notch was to force a rotation of the
rotor immediately to the left when the notch was in a particular posi-
tion. The rightmost rotor rotated every time a key was pressed. The
rightmost rotor’s notch forced a rotation of the middle rotor once
every 26 keystrokes. The middle rotor’s notch forced a rotation of
the leftmost rotor once every 26 × 26 keystrokes. Since there were
no more rotors, the leftmost rotor’s notch had absolutely no effect
whatsoever. (The reflector, positioned to the left of all rotors, did not
move.)
Therefore, only two notches contributed to the cryptographic
strength of the machine. Since each of them could have been posi-
tioned in any one of twenty-six possible locations, 262 or 676 combi-
nations were possible.
The fifth and final variable component of Enigma was the reflec-
tor. The reflector had twenty-six contact points like a rotor, but only
on one face. Thirteen wires internally connected the twenty-six con-
tact points together in a series of pairs so that a connection coming
in to the reflector from the rotors was sent back through the rotors a
second time by a different route. The internal wiring could be con-
structed in the following fashion. When one end of the first wire was
connected to contact point #1, the other end of the wire had twenty-
five different contact points to which it could be connected. Thus, the
first wire consumed two contact points and had twenty-five different
possibilities. The second wire also consumed two contact points and
only had twenty-three different connection possibilities remaining
from the unconsumed contact points. The third wire consumed two
more contact points and had twenty-one possibilities for connec-
tion. The pattern should be apparent by now: the number of distinct
reflectors that could have been placed into Enigma was10
25 × 23 × 21 × … × 1 = 26! = 7,905,853,580,625.
13! × 213

11
 (It is interesting to notice that the number of different reflector
combinations is also the same as the number of possible plugboard
combinations when p = 13 cables were used. This should not be sur-
prising: in both cases the value represents the number of possible
pair-wise combinations, which can be made given twenty-six choices
and thirteen connecting wires.)

We now have everything we need in order to calculate the theo-

retical number of possible Enigma configurations. It is simply the
product of all five values calculated above. That astounding number is

3,283,883,513,796,974,198,700,882,069,882,752,878,379,955,
261,095,623,685,444,055,315,226,006,433,615,627,409,666,933,
182,371,154,802,769,920,000,000,000

which is approximately 3 × 10114. To see just how large that number

is, consider that it is estimated that there are only about 1080 atoms
in the entire observable universe. No wonder the German cryptogra-
phers had confidence in their machine!

12
T
he three-rotor, single-notched Enigma was by far the most
common model in use by German forces. Later in the war,
however, the German Navy adopted a variant version of the
Enigma cipher machine that used four rotors, and rings which con-
tained either a single or a dual notch. Let’s recalculate the theoreti-
cal number of key settings and machine configurations for a naval
Enigma to see how those modifications increased the strength of the
machine.
Step 1 is the number of plugboard combinations. Obviously the
fourth rotor and the extra notches had absolutely no effect on this
value; it is unchanged at 532,985,208,200,576.
Step 2 is the selection and the ordering, left to right, of the wired
rotor discs. The previous value calculated was 26! × (26! – 1) × (26!
– 2). It is tempting to simply add in the factor (26! – 3). However,
the new fourth rotor was not interchangeable with the other rotors;
it could be placed in only one location.11 This meant that selection
of the fourth rotor was independent, and since there were 26! ways
that the rotor’s disc wiring could have been constructed,12 the new
equation is given by 26! × (26! – 1) × (26! – 2) × 26! or 26,453,
071,587,484,435,966,565,383,350,966,637,647,029,992,367,895,
564,609,744,699,959,788,953,452,189,042,702,687,102,042,112,
000,000,000,000.
Step 3 is the initial rotational positions of the wired discs. Because
all four could have been in any one of twenty-six possible positions,
the number of combinations is 264 or 456,976.
Step 4 is the initial positions of the moveable notched rings.
The German Navy added a second notch to some rings in order to
increase the irregularity of the rotational behavior of the rotors. We
will therefore calculate all possible combinations of single or dual
notched rings in each of the rotor positions. For a ring containing
a single notch, we’ve already seen that the notch could have been
placed in one of twenty-six possible orientations. A ring containing
two notches, on the other hand, had 26 × 25 possible orientations.
Since these two cases were mutually exclusive, the total number of
combinations is expressed as the sum of the two values or 26 + (26

13
× 25) = 262. Now on the three-rotor Enigmas, as previously stat-
ed, the notch locations mattered only for the rotors placed into the
rightmost and middle positions. As it turns out, that is also true for
the four-rotor naval Enigmas as well. Since the fourth rotor had no
ratchets and the Enigma had no fourth stepping lever, the fourth
rotor did not move; once the Enigma operator had set the initial
rotational position by hand, it remained constant for the duration
of the message.13 So then the total number of possible single or dual
notched ring positions on the rightmost and middle two rotors is
given by 264 or 456,976.
Step 5 is the reflector wiring. Because of cramped conditions
onboard ship, the Germans did not want to add the extra space
required for the fourth rotor, thereby making the Enigma wider than
it was before. Instead, they made a special half-width reflector so
that the machine could continue to fit into the same sized space.
However, the total number of possible wiring configurations does
not change from what we calculated above, or 7,905,853,580,625.14
We are now ready to determine the theoretical number of pos-
sible naval Enigma configurations assuming four rotors and single or
dual notches in the rings. It is the product of all five values calculated
above or
23,276,989,683,567,292,244,023,724,793,447,227,628,130,289,
261,173,376,992,586,381,072,041,865,764,882,821,864,156,
921,211,571,619,366,980,734,115,647,633,344,328,661,729,
280,000,000,000,000,000
which is approximately 2 × 10145.

14
 German troops using an Enigma in the field

T
he numbers derived thus far are only theoretical values that
reflect how many initial cryptographic machine states were
possible. In practice, once the war started, Allied crypt-
analysts had a much easier job. As a final exercise, we’ll calculate
the number of possible cryptovariables cryptanalysts were likely to
encounter when trying to determine the daily keys. Some informa-
tion was known by the Allies to be effectively constant.
In step 1, the plugboard, the most common value of p used was
10. Since the number of cables was known, all that needed to be
determined daily was which twenty letters had a cable patch inserted
and the ten pairs created by those twenty letters. This is already given
in the table under p = 10 as the value 150,738,274,937,250.
In step 2, the selection and ordering of the rotor discs, things
changed over time. Initially, only three rotor discs were created for

15
general-purpose use. (Special-purpose machines, as previously stated,
had their own set of wirings.) Later, two additional rotor discs were
introduced, making a total of five. The German Navy added an addi-
tional three rotor discs, bringing their total to eight. And finally, one
and then two extra fourth rotor discs (without rotation ratchets) were
added by the navy, giving them ten possible discs.
We will assume the general-purpose case of five discs and fur-
ther assume the wiring of each disc is known. We will also assume
this is an Enigma machine with three rotors. What Allied crypt-
analysts had to determine was which three of the five possible discs
were chosen, and in which order they were placed into the machine.
This is simply

(53) or 5 × 4 × 3 = 60
possible combinations that needed to be checked.
In step 3, the initial rotational position of the rotors was an
unknown key setting for which there were 263 or 17,576 possible
values.
In step 4, the position of the notched rings, we will assume
single notches on all of the rings. (Dual notched rings were not
introduced until the navy added their extra three rotor discs.) This
is 262 or 676.15
In step 5, we will assume the operators are using a single reflector
in which the wiring is already known so the number of combinations
here is simply 1.
Thus, the possible cryptovariable space Allied cryptanalysts
were typically faced with during World War II when attempting
to read Enigma traffic is the product of the above five values, or
107,458,687,327,250,619,360,000, which is approximately 1 × 1023
or, stated another way, about one hundred thousand billion
billion.16 Although that value is much smaller than the total num-
ber of atoms in the entire observable universe, it is still quite an
impressive number! This is all the more true considering Allied
cryptanalysts were faced with continually changing message keys

16
at least daily—for every different radio network the Germans
constructed.
With such daunting odds facing any cryptanalyst, it is not sur-
prising that German cryptographers felt secure using the Enigma.
The strength of the large numbers, numbers so vast they are really
beyond true comprehension, led the Germans to have absolute and
complete confidence in the integrity of the Enigma cipher machine.
And in that misplaced confidence, the Germans were absolutely,
completely, and fatally wrong.

Notes
1. For example, after analysis of this very topic one German cryptog-
rapher wrote, “From a mathematical standpoint we cannot speak
of a theoretically absolute unsolvability of a cryptogram, but due to
the special procedures performed by the Enigma machine, the solv-
ability is so far removed from practical possibility that the cipher
system of the machine, when the distribution of keys is correctly
handled, must be regarded as virtually incapable of solution.”
2. Additional detailed descriptions on Enigma internals can be found
in some of the references below. See also the diagram and photos.
3. Subsequent naval Enigmas contained four rotors and up to two
notches per ring.
4. If a letter’s plugboard socket was left unconnected, e.g., the letter
A, then A on the keyboard was wired directly to the A input posi-
tion feeding the rotors. On output a wire coming from the rotors’
output A position was wired directly to the lightbulb A. If, on
the other hand, A was plugged to X, then on input the A key was
fed to the rotors as X, the X key was fed to the rotors as A, and
on output what would have normally illuminated the A lightbulb
now connected to the X lightbulb, and what before would have
gone to X instead lit up as A.
5. The boundary condition of p = 0 has one interconnection possibility.
6. The Germans used a variety of connections. In 1940, keys were
recovered that used from six to eleven plugboard cables. In 1941,
they standardized on ten plugboard cables for all traffic.

17
7. 26! = 403,291,461,126,605,635,584,000,000. Since the rotor discs
were hardwired, such a vast number would have been impossi-
ble to construct in practice. Indeed, only a very small handful of
rotor discs was ever constructed since they were limited to what
troops could physically carry with them. Also the Germans nev-
er changed the disc wirings during the war. They did, however,
create several different groups of rotor disc wirings for special-
purpose machines. (For example, the High Command had spe-
cially wired Enigmas to communicate with Hitler’s headquar-
ters.) Additionally, even if the practical rotor disc wirings were
compromised, the rotor ordering was still an unknown, although
of course the equation is much smaller under those conditions.
Furthermore, German cryptographers knew attacking cryptana-
lysts would have to initially sift through all possible combinations.
Finally, they could have deployed “pluggable rotor discs” which
could have been changed by the operators in the field and thus
would have restored the number of practical combinations back
to the number of theoretical combinations. (“Pluggable reflectors”
were in fact deployed later in the war.) See the final section of the
brochure for a practical and not a theoretical example.
8. It was known that the German troops carried individually num-
bered and unique sets of rotors. Hence selecting a rotor reduced
the number of possibilities by one. So 26!3 is not the correct value.
9. The ring also held the A–Z indicators specified by the cryptog-
raphers as part of the key setting. The operators used this as a
guide when setting the rotor in step 3. Moving the notched ring
against the wired disc also had the secondary effect of moving
the A–Z indicators against the disc as well. This technically
linked the rotational position in step 3 with the notch position in
step 4. However, since it was possible to place the internal wired
disc in any one of the twenty-six positions and the notched ring
separately in any one of the twenty-six positions, these were, in
fact, independent variables when counting initial cryptographic
machine states.
10. In practice the operators did not frequently change the reflector
in the Enigma. Only a handful of hardwired reflectors ever saw
service. Additionally, reflectors were created that also had differ-
ent internal wiring for the special-purpose Enigmas. However,

18
 just as with the rotors, German cryptographers knew that ini-
tially Allied cryptanalysts would have to sift through all possible
combinations. It was not until later that some four-rotor naval
machines gained easily selectable interchangeable reflectors. Even
later, German cryptographers developed and deployed pluggable
reflectors that could be rewired by the operators in the field. This
restored the number of practical reflector combinations to the
theoretical value.
11. The Germans did not want to retool their equipment and change
the internal mechanics of the Enigma. Hence, there was no fourth
stepping lever to cause rotation of that rotor during a message.
Since no stepping lever was present, the ratchets the lever inter-
acted with were not added to the fourth rotor. This meant the
fourth rotor (positioned on the extreme left next to the reflector)
was incompatible and could not be used in the other three rotor
locations. An additional reason for disallowing fourth rotor rota-
tion was for backward compatability. In one specific position, the
naval fourth rotor and reflector combined had the same effective
wiring as a three-rotor Enigma’s reflector acting alone. Movement
of that fourth rotor would prevent a four-rotor naval Enigma from
communicating with a three-rotor army Enigma, for example.
12. In practice, the navy initially deployed only one new fourth rotor
disc. Later they added a second disc. But as before, Allied crypt-
analysts were initially faced with determining which wiring con-
figuration was used from all possible combinations.
13. This had a nice side effect, however. In practice, the fourth rotor
and its new reflector had wiring chosen such that in one particular
orientation the combination had exactly the same effective wiring
as reflectors built for three-rotor Enigmas. This gave the four-
rotor machines the ability to still communicate with the older
three-rotor machines.
14. In practice, the navy introduced just one half-width reflector at
the same time they introduced their first fourth rotor. A second
half-width interchangeable reflector was released at the same time
their second fourth rotor was released. Pluggable reflectors fol-
lowed all of these events.

19
15. Some may choose to add another factor of 26 at this point, since
the daily key was formally given by three positions for the rings
(step 4) followed by rotational orientation of the three rotors (step
3). As previously stated, moving the rings containing the notches
had the side effect of moving the indicators used as a guide by the
operators used in step 3. Although the notch was unimportant in
the leftmost rotor due to the reflector, the ring position was very
important to ensure the disc wiring was oriented correctly given
an indicator for step 3. However, since there are twenty-six ways
to specify the combination of ring position and indicator selection
that will yield the exact same disc wiring orientation in the left-
most rotor, we can factor the twenty-six back out of the equation
again.
16. Billion is to be understood in the American and not in the Euro-
pean sense (i.e., short scale not long scale).

References
Erskine, Ralph, and Frode Weierud. 1987. “Naval Enigma: M4 and
its Rotors.” Cryptologia, XI (4): 235–44.
Hinsley, F. H. 1979, 1981. British Intelligence in the Second World War.
2 vols. London: Her Majesty’s Stationery Office.
Kahn, David. 1991. Seizing the Enigma. Boston: Houghton Mifflin.
Kozaczuk, Wladyslaw. 1984. Enigma: How the German Machine
Cipher Was Broken, and How It Was Read by the Allies in World War
Two. Ed. and translated by Christopher Kasparek. Frederick, MD:
University Publications of America.
Office of the Chief of Naval Operations CNC-OP-20. Enigma
Series: Volume 1. Click Process. Washington, DC: National Muse-
um of American History. RIP 603, Reg. No. 9, Communications
Intelligence Technical Paper TS-10/E-1, filed 2 December 1980.
Woytak, Richard. 1982. A Conversation with Marian Rejewski.
Transcribed and translated by Christopher Kasparek. Cryptologia
6(1): 50–60.

20
 Dr. Miller at the National Cryptologic Museum,
Ft. Meade, MD, 2018

Dr. A. Ray Miller is a senior technical expert at the

National Security Agency. He received his Ph.D. in com-
puter science from the University of Illinois in 1987 while
working at the Center for Supercomputing Research and

21
Development. Within NSA, Miller was the Technology
Directorate’s first integree to the Institute for Defense
Analyses/Center for Computing Sciences. He has partici-
pated in many critical mission efforts, including support-
ing NSA’s cryptanalytic computational assets in various
ways; creating a sensitive, high-bandwidth, near-real-
time processing system to support active military opera-
tions; serving as program manager for NSA’s first Mission
Assurance capabilities; and working cross-organizationally
to plan for extensive and robust widely distributed (mul-
tistate) power/space/cooling solutions for NSA’s mission
processing and storage requirements. He also served as ini-
tiative lead for Active Cyber Defense for the Comprehen-
sive National CyberSecurity Initiative, lead for integration
of sensitive mission capabilities into the National Threat
Operations Center, and lead for strategy and requirements
of emerging information technology components within
NSA’s Signals Intelligence Directorate. Currently he leads
a team of physicists, engineers, computer scientists, and
other technical staff on research of critical importance to
NSA’s future computing.
Miller has received more than ninety awards and com-
mendations, including two Meritorious Presidential Rank
Awards, an Exceptional Civilian Service Award, a Merito-
rious Civilian Service Award, the Computer and Informa-
tion Sciences Institute’s Award for Excellence, two awards
from foreign governments, and, as part of a team, the
Director of the National Security Agency’s Team Excel-
lence Award. He is the co-author of three IEEE interna-
tional standards in the area of computer science and oper-
ating systems.

22