Cryptology Home Page

Secret decoder rings, pig Latin, writing with lemon juice, messages in code to a buddy, WW2 espionage films -- ah the fun of being young and having time to play.

But concealing the meaning of a message from others can also be a very serious business. From medieval times when diplomats had to communicate with their rulers by courier, through wartime when orders from headquarters had to be broadcast to the line officers to the present where corporate deals must be kept secret until completed, confidentiality of messages remains a very high priority.

This site is an exploration into the fundamentals of cryptology. It will not delve too deep into mathematical proofs but is more for those who wish to be aware of some of the basic techniques and strategies of code making and code breaking. Comments are always welcome.

Steganography

Steganography is the art of hiding the existence of a message rather than its meaning. It is currently a very HOT topic as one subdivision of steganography is digital watermarking, a technique used to copyright and to protect digital images, music and software. Although steganography is a very interesting topic in itself, the following short sections will be all that I say on it. Sorry!

Low Tech Steganography

A scytale (rhymes with Italy) was a cloth wound around a staff or baton with a message written vertically on the cloth. When unwound, the characters appeared as random decorations. A servant wearing the cloth as a sash or belt would then deliver the message as required. The receiver of the message would read it by wrapping the cloth around a staff of similar diameter.

Another ancient form of message hiding was to carve the message into the base of a wax slate, then prepare the slate as usual. An apparently blank slate had a message if you knew enough to remove the wax. A variation on this is writing on a canvas, then painting a scene or portrait over it. A more extreme example was shaving a slave's head and tattooing a message into his scalp. Once the hair grew back the slave was sent on his not so time dependent mission.

In medieval times simple embossing such as needle pricks under letters indicated characters to be used to create the plaintext message.

Another low tech solution involves writing an 'innocent' message with the 'real' message hidden at specific locations such as the first letter of each sentence or line. Grills are cutout templates that reveal the characters to be used in reconstructing a 'hidden' message from text.

High Tech Steganography

Invisible inks are examples of developing sciences. A simple example is lemon juice but there are others that react to a single reagent.

Microdot photographic techniques exist where a simple period at the end of the sentence often contained more meaning than the sentence itself.

Cryptography

Cryptography is the science of concealing a message's meaning rather than its existence. It can be subdivided into codes and ciphers. Codes are based on linguistic entities of variable character length such as syllables, words and phrases. Ciphers are based on fixed length elements (most often characters or letters) without regard to meaning. The original message is known as plaintext and can be either encoded to codetext or enciphered to ciphertext. To read the message afterwards it must be either decoded or deciphered.

Codes normally involve external resources such as one-time pads which are random lists of letters that are meshed with the 'plaintext' or code books which are lists of words or phrases and their replacement codes. If the replacement codes are in the same alphabetic order so that the same list can be used for decoding, it is known as a one-part code. If a second list is needed to sort the codes alphabetically, then the encoding scheme is known as a two-part code. The difficulty of codes is that the code itself must be distributed to all readers and if the code book gets into insecure hands, the code is compromised and a new code needs to be distributed.

Ciphers on the other hand rely on a systematic algorithm or procedure without the need of a 'code book'. Sometimes this system also uses a keyword. This allows the cipher to continue in use even when its system is known and even when a single keyword is known. Changing the keyword in current use once again conceals the meaning.

The most interesting aspects of cryptology for me are the methods of enciphering and those of deciphering or 'cracking' the messages. This site will focus on ciphers rather than codes.

Ciphers

Ciphers are based on algorithms that transform the plaintext into ciphertext. These algorithms may also require the application of a keyword that introduces another level of security and flexibility to the overall system. All systems of ciphers can be classified as transposition, substitution or a combination of both.

Transposition methods involve moving the plaintext characters into new positions in the ciphertext based on an algorithm or procedure. For example, each pair of characters (known as digraphs) can be swapped so that 'AN' becomes 'NA'. Obviously, the algorithm can become much more involved if needed.

One example of a transposition method is the Caesar square or rail-fence cipher. To encode for a four rail cipher, the first four letters are written on separate lines, the next four reuses the four lines (rails), and so on until the text is complete. This is the same as swapping rows and columns. Other examples of transposition methods are magic squares, knights tour and text inversion. Magic squares have each row or column summing to the same number. The numbers are the order in which the plaintext is repositioned in the ciphertext.

Substitution methods use mapping techniques that replace characters (or sometimes sets of characters) by other characters (or sets of characters). The mapping technique can be very simple such as replacing 'A' with 'Z', 'B' with 'Y' etc. (inversion) or 'A' with 'D' and 'B' with 'E' etc. (displacement or shift). But it can also be much more complex. With the introduction of teletypes and computers, characters can now be encoded using a binary technique. These binary representations are then manipulated with boolean operations for encipherment.

Monoalphabet Substitution Algorithms

Monoalphabet substitution algorithms retain the same character (or character set) mapping throughout the message. This leads to a relative ease of cryptanalysis or 'cracking' based on statistical analysis of the source language. However, studying the methods of encryption and analysis for monoalphabets will lead to a better understanding of the entire field of cryptology.

Atbash is one of the oldest ciphers known and appears in the Hebrew Scriptures of the Bible. It is a cipher where occurrences of the first letter of the alphabet are replaced by the last, occurrences of the second by the second to last, etc. This is not very secure as a single test will indicate if it was used but it was sufficient enough when literacy was not widespread. Atbash is a specific example of the general technique called inversion.

Caesar is also a very old cipher. Letters are replaced by letters three steps further along in the alphabet. That is 'A' becomes 'D', 'B' becomes 'E' etc. In fact a Caesar cipher can use any size shift. Caesar ciphers can easily be 'cracked' as there is a finite number of mappings that can exist. Caesar cipher is a specific example of the general technique called displacement.

Keyword ciphers add a level of security in that even if the algorithm or technique is known, deciphering still requires a knowledge of a password or phrase. The most common form of use is to take the keyword (or phrase), discard any repetitions, and then add any missing characters to the end of the string. This would form the replacement alphabet. As a example if the key phrase was 'GIVE ME LIBERTY OR GIVE ME DEATH' then the replacement phrase is 'GIVEMLBRTYODAHCFJKNPQSUWXZ'. 'A' is then mapped to 'G', 'B' is mapped to 'I' etc. The replacement phrase should be displaced or inverted to prevent problems with short key phrases leaving no mapping for latter part of alphabet. Passwords could be changed on a regular basis or even on a use once basis. Coupled with short texts to make frequency analysis difficult this is a fairly good enciphering technique as little skill is required to create the map on the fly.

Polybius checkerboards create 5x5 grids of letters (with 'I' and 'J' in the same cell). By numbering the columns and rows, any letter can be represented by a 2 digit number or digraph. For example 'K' would be column 5, row 2. This is an example of a fractional substitution code. Another example is the ADGFX code used in the First World War.

Playfair is a polygram cipher that modifies the Polybius checkerboard by introducing a key. The key phrase is used to fill in the cells of the table, but any letter already used is dropped. Once the key phrase has been used up, the remaining letters of the alphabet are inserted in strict alpha order till all cells are complete. Once again i and j are assumed equivalent for building the table. To encipher plaintext one uses digraphs (ie. two characters at a time) as input.

Reciprocal alphabets are those where if 'A' maps to 'N', then 'N' maps to 'A' for all characters. Atbash is one example of a reciprocal alphabet.

Folding is a technique where the alphabet is split at a certain point. For example a simple fold might occur at the midpoint of the alphabet. This would map 'A' to 'N', 'B' to 'O' etc. Note that this would also be a reciprocal alphabet.

The techniques of inversion, displacement, and folding could be intermixed to provide a more complex encipherment - decipherment technique. However this complexity does not change the method of analysis of a monoalphabet cipher!

Polyalphabet Substitution Algorithms

Polyalphabet algorithms change the mapping schemes for letters (ie. 'A' does not always map to the same letter). The change can be periodic or random (rare as this makes deciphering difficult). The alternate maps can be generated in a variety of ways. The selection of the next alphabet is: sequential, keyword encoded, or autoencoded. Manual encyphering methods use tableaus or cipher disks.

Polyalphabet algorithms makes frequency count analysis much more difficult as the word 'the' will not reoccur as the same sequence. But techniques do exist to spot any periodicity in alphabet reuse and hence a clue as to keyword length.

Porta (1563) generates its tableau using first a folded map and then repeats with the second half shifted. This generates 13 unique maps. One is used for A|B in the keyword etc.

Vigenère (1586) generates its tableau of alpha-ordered maps with a simple displacement (Caesar shift of 1) for each line. A related keyword is used to select the line for the next letter's mapping. For example, if MILEY was the keyword, the first letter of plaintext would be coded by the M (13th) line, the second by the I (9th) line. After five letters the alphabets would be reused (ie the periodic order is 5).

Beauford (1857) generates its tableau by adding a 27th column and a 27th row. The last column and row are identical to the first. To Encipher a plaintext P with the key letter K, start at any row/column whose outside letter is P, follow that line to the letter K, then move along the perpendicular column/row to the outside letter.