codes and ciphers - droppdf.com3.droppdf.com/files/cf5jw/codes-and-ciphers-collins.pdf · codes and...
TRANSCRIPT
Contents
Cover
TitlePage
Introduction
1 Opencommunication
2 Secretcommunication
3Simplecodes
4 Polyalphabetic
ciphers
5Codewars
6 Codes incyberspace
Codechronology
Code-breakingchecklist
Glossary
Furtherreading
Index
KeepReading
Copyright
AboutthePublisher
Introduction
Alice isdriving towork.Shehardly registers the roadsigns that guide her journeyto the train station. Oncethere,sheselectsanewspaperand a book of su dokupuzzles, pausing while thebarcodesarescannedbeforeshe hands over her creditcard.ShekeysinherPINand
pauses while the scannersecurely completes thetransaction. On the train shesitsnexttoBob,whoselaptopwhirrs into action after hetypes in his password. Shedecides to have a go at thecrosswordinherpaper...
AWORLDSHAPEDBYCODES
We could follow Alice andBob through their day,continuing, as you will havenoticed, tohighlightinitalicsevery occasion on whichcodesentertheir lives.Codesare part of our world and ofour history, too. Indeed, theyhave helped to shape it:Greek generals in ancienttimesusedthemtogivesecretorders;Wellington’sdefeatofNapoleon in the Peninsular
Wars was partly due to hisstaff’s ability to read codedmessages sent by the Frencharmy; and, of course, manypeoplearenowawarethatthecourse ofWorldWar II waschangedby theachievementsof Allied cryptographers inbreaking German andJapaneseciphers.
CODEORCIPHER?
• A code usescharacters orsymbols torepresent words orphrases, andrequires a codebook for encryptionanddecryption.
• In ciphers,individuallettersaremoved or changedto conceal themeaning of themessage.
Since the emergence ofwriting, people have at timesfelt a need to conceal ormystify themeaningofsome
of their communications,tryingtokeepcontrolofwhogainsaccesstotheknowledgeheld.
The story of code making isalso the story of codebreaking. This book beginsby looking at ancientwritingsuch as Egyptianhieroglyphics, which, overtime, became a code, as theknowledge of how to read
themwas washed awaywiththesands.Italsoincludesthephone texting codes sobeloved of many teenagerstoday.
The book also studies codesdevisednot to concealbut toallowefficient,fastandoftencheaper communication suchas Morse code. From there,we take a tour through theworld of codes and ciphers
(learning the differencesbetween them on the way)starting with fairly simplemethods, such as the CaesarshiftusedinRomantimes.
Where relevant, each code isput into historical contextand, although this is not ahistorybook, thereisa‘codechronology’ showing keyevents in the story of codesandcodebreaking.
CREATINGMESSAGES
This book explains how tocreatemessages using codes,andhow theycanbebroken.People tend to assume that acode they have created willbe very hard to break,when,in fact,most basic codes canbe cracked in a very shorttime. Codes and Ciphersstudies just how this is done,
including the use ofcryptanalysts’ tools such asfrequency analysis – usingknowledge about howcommon some letters are incomparison to others (seepages). A code-breakingchecklist is also provided onpages171–8.
The vast majority of codesdescribedinthisbookcanbere-created(andbroken)using
no more than pencil, paperand perseverance.Undertaking such tasks willtake you back in time to thecode-breaking ‘blackchambers’ (see pages). Asexplorers and conquerorstravelled greater distances insearch of power and wealth,their need for secretcommunication increased,and messengers would walkand ride with encrypted
communications hidden intheir clothing, bodies orequipment.
Naturally, this fostered amini-industry of codebreakersworking in secret tobreak the code of anyintercepted messages. In anageinwhichcommunicationsarebouncedaroundtheglobeviasatellites,interceptionhasnever been easier, and
governments (and others)continue to try to keepsensitive communicationsecret, and to peep into theinbox of other states andgroups, such as terrorists,whentheopportunityarises.
LOOKINGTOTHEFUTURE
The age of pencil and paper
has passed, for since themiddle of the 20th century,machines have beenemployed increasingly tocreate and to break codes.The demands of codebreakers have led directly tothe development of themodern computer. The toolsof today’s cryptographersread like a code themselves:symmetric encryption,messageauthenticationcodes,
public key encryption, one-way hash functions, digitalsignature schemes andrandom number generators.Their uses are legion, fromallowingyoutobuythingsonthe internet knowing that noonewill(orshould)beabletosteal your financial detailsandyourmoney,toprotectingusfromamaverickpushingabutton and launching anuclearmissile.
Cryptography has become abig business. There is heateddebate about themost securemethods of sending sensitivediplomatic, scientific andbusiness information, and agrowing controversy aboutwhether and whengovernmentshavetherighttoreadprivatecommunications.The subject has entered thecurriculumofuniversitiesandcolleges, and data security is
an industry in itself. Thesubjectcontinuestofascinate,for its history, for theintellectual challenge ofcreating and breaking codes,and as a leisure activity inpuzzles, such as wordsearches, crosswords and thecraze for su doku numberconundrums.
CODE
CONVENTIONS
Throughout this book, as isthe convention for codewriting, the term ‘plaintext’referstotheoriginalmessage,which is altered by encodingor encipherment. Plaintext iswritten in upper and lowercase writing; all codes andciphersappearincapitals.
Anotherconventionistheuse
of the names of Alice andBob (as seen in thisintroduction) because it hasbecome a convention in thefield of cryptography to usethese monikers. Thiscommunicative couple onlyexist in the world of codesandciphers.Thereismoreonthis (and their foe, Eve) onpages150–1.
1
OPENCOMMUNICATION
Codesfromthepast
Anythingthatwecannotreadis, in effect, a code that weneed to break. If it is alanguage, we can learn it orfind someone to translate themessage. But what if thelanguage itself hasdisappeared?
HIEROGLYPHS
• The word‘hieroglyphs’ comesfrom the Greeklanguage and means‘sacredcarvings’.
• They were cut intothe stone ofsignificantbuildings,such as temples andtombs, or paintedonto the interiorwalls.
• The earliest dateback at least 3,000years.
FROMTHESANDSOFTIME
The story that Egyptianhieroglyphics tell is of ahighlyorganizedandcapable
civilizationthatcollapsedandwas forgotten for thousandsof years. Much of what wenow know about it has beenlearned from reading itswritings on walls andpapyrus, and the process ofdiscoveringhowtoreadtheseis similar to the code-breakingmethods thathelpedto shortenWorldWar II.So,in a sense, hieroglyphicsbecame the earliest code,
even though their meaningwas not originally disguised.The structures on whichhieroglyphicswere carved ordrawn collapsed, or wereburied by the desert sand,whileothersweredefacedbyChristians intent ondestroying remnants of apaganpast.
Hieroglyphics are pictorialwriting: brightly coloured
images that are both simpleand complex. Variousattempts were made to readthe images, but it tookmanyyears for people to realizethat the pictures stood forsounds (as we might draw abee to represent the sound‘b’) of a language that hadsincedied.
The key to unlocking thisancient mystery was the
translation of the Rosettastone. This is a man-sizedblack granite rock, inscribedin three different languages,unearthed by French soldiersknocking down awall in theEgyptian town of Rosetta in1799.Thethree-quarter-tonnestone was (reluctantly, afteran attempt to sneak it awayon a boat) handed over toBritish occupying forces andtaken to the BritishMuseum
in London, where it stillstands.
Egyptianhieroglyphswereintricateandcolourfulandwereusedtotellstoriesanddemonstratethepowerofthepharaohs.
Its value is that the threescripts carry the samemessage in a trio oflanguages: Greek,hieroglyphics and demotic(which is a later Egyptianlanguage derived fromhieroglyphics). Historians
were able to translate theGreek text and establish thatit announced a decree issuedbyKingPtolemyVin196BC.It begins: ‘The new king,having received the kingshipfrom his father . . .’. For acode breaker, knowing themeaning of the message youwishtounravelisgolddust.
The stone features 1,410hieroglyphs compared with
486 Greek words, whichsuggests that individualhieroglyphs do notnecessarily represent wholewords, and must thereforerepresent sounds.After somevaluable groundbreakingwork by ThomasYoung, thestone was finally translatedby Frenchman Jean FrançoisChampollion in 1823.Knowing that royal nameswerecontainedinovalshapes
known as cartouches, hemade the key discovery thatPtolemy’s name was writtenbit by bit as p-t-o-l-m-y-s,provingitbyfindingthesamesymbols used for the sharedsounds ‘p’, ‘t’, ‘o’ and ‘l’ inwritings about the famousqueenCleopatra.
Thiswonderfuldiscoverywasthe key that opened the doortounderstandingthelanguage
of hieroglyphics and allowedarchaeologiststolearntoreadother ancient Egyptianwritings, shedding fresh lighton the world of pharaohs,such as Rameses, and themany gods, such as the sungodRa.
MOREPASTSECRETS
Among the early forms ofwritten communication iscuneiform writing, in whichlettersarecarvedontotablets(cuneiform means ‘wedgewriting’). There is plenty ofevidence that meanings wereconcealed even in such earlywritings, and the practicecontinued through thecenturies.
ANANCIENTTRADESECRET
An early instance ofcuneiform writingbeingenciphereddatesfrom around 1500 BC.Asmalltabletgivingarecipe for a potteryglaze (which must
have been a tradesecretat thetime)wasfound on the banks ofthe River Tigris. Thescribe had mixed updifferent soundsymbols to make thetextconfusingtothoseoutsidehisprofession.
• There are records of secret
writings that were beingused for politicalcommunication in India inthe 4th centuryBC, and theerotic textbook the KamaSutra lists it as one of theskillswomenshouldlearn.
• Early antecedents of theKurds in northern Iraqemployed cryptic script inholy books to keep theirreligion secret from theirMuslimneighbours.
• A mixed-up alphabetcarvedontoawoodentabletand thought to date from7th-century Egypt isbelieved to be the world’soldestcipherkey.
• Medieval monastic scribesentertained themselves byadding messages in simpleciphers to the margins oftextstheywerecopyingout.
• An extraordinary 12th-
century nun calledHildegard of Bingenconstructed an alternativealphabetandcreatedanewcryptic language, calledLinguaIgnota,claimingtheinspiration for it camethroughvisions.
• Franciscan Friar RogerBacon wrote aboutcryptography in his SecretWorksofArtandtheNullityof Magic in the 13th
century, listing sevendifferent kinds of secretwriting.
• Medieval builders carvedmasonic symbols into thestoneofstructuresonwhichthey were working, partlyas a sort of signature andpossiblytohelpdecidehowmucheachshouldbepaid.
• The alchemists of theMiddle Ages concealed
theiridentitiesandformulaewithcodemarks.
ATRIOOFAMERICANCODES
Native American tribes usedsmokesignals tosendsimplemessagesoverlongdistances,working to a prearrangedcode. The practice wascommon in ancient China,
andisstillcarriedoutbyboyscoutstoday.
Many such puffs of smokewere most likely signallingthe activities of the cowboysraising cattle on the land.Toprove ownership of theirbeasts, these men also hadtheir own branding alphabetbased on three elements:lettersornumbers,geometricshapes,andpictorialsymbols.
Originating in the 18thcentury, they were designedto identify cows over longdistances and partly tocombat cattle rustling (seebox, below and illustrationoverleaf).
Hobos,who travelled aroundthe US in the 19th century,developed a code of markschalked outside houses toinformfellowtrampsofwhat
kind of reception they couldexpect. The signs hadmeaningssuchas:
• Doctor
• Danger
• Safecamp
• Ifsick,willcareforyou
• You can sleep in thehayloft.
OLDBRANDS
Cattle branding hasbeentracedback6,000years to the AncientEgyptians – tombpaintings show ittaking place. There isalso biblical evidencethat Jacobbrandedhislivestock.
Someexamplesofthecowboybrandingalphabet.
VisualsystemsNumerous codes have beendevised to aidcommunication, reflectingchangesintheworldoverthelast fewhundredyears: thesesignal codes enable thepassing on of information
overlongdistances.
SEMAPHORE
Semaphore is the commonterm for a system ofsignalling using a pair offlags. Itwas devised in 1817by Captain Marryat of theBritish Royal Navy, whoadapted it from thatorganization’s flag code of1799. Although clearly
developed for use at sea, theMarryat code, or theUniversalCodeofSignals,asit is also known, is just aseffectiveonland.
The flagsareusuallydivideddiagonally into red andyellow, and are moved likeindependenthandsonaclockface.Eachpositionrepresentsaletter,somessagesarespeltout.Therearealsosetsignals
for recurringcontent,suchas‘Error’ and ‘End’, while thedigits zero to nine arerepresentedbythefirstelevenlettersof the alphabet (J alsodoubles up as ‘Lettersfollow’) when preceded bythe message ‘Numbersfollow’.
It is said that the semaphoreflag system was the fastestmethod of visual
communication at sea –quicker than a flashing lightusingMorsecode(pages30–3)–andwasvaluableeveninmore modern times as itallowed ships to send eachother messages whilemaintainingradiosilence.
Semaphorecodeallowsforcommunicationacrosslongdistances.
INTERNATIONALSIGNALFLAGS
Another flagsignalling systemused at sea isInternational signalflags, in which each
flagrepresentsaletteror number, and alsocarries a message forcommon situations atsea: two-letter signalsforemergencies,threeletters for generalinformation. This isparticularly usefulwhen ships are tryingto communicatewithout a commonlanguage.
Theseflagsenablecommunicationacrossdifferentlanguages.
Theopticaltelegraphrevolutionizedcommunication.
THEOPTICALTELEGRAPH
Copper pans, a clock face, aset of pulleys and thetelescope all made acontribution to thedevelopment of a codedcommunication system that
had amajor impact on 19th-century Europe, though it isnowalmostforgotten.
Developed by Frenchbrothers Claude and RenéChappe in the late 18thcentury, the optical telegraphevolved from the materialslisted above into a signallingsystemofmovableblack-and-white panels mounted on abeam with angled arms that
mimickedapersonholdingapair of flags in differentpositions. It allowed rapidcommunication as far as youcould see. Soon there werechains of optical telegraphscovering much of westernEurope. This wasrevolutionary at a timewhenthefastestmessages travelledat the speed of a gallopinghorse. The optical telegraphwas a key pan-European
communication system untilit was superseded by theelectrictelegraph,whichusedMorsecode(seepages).
SIGNLANGUAGE
Signlanguageusestheoldestcoding method of all: handsignals. Although usedinformally since the birth ofhumankind, the first booksdescribing sign language
appeared in the17thcentury,aiming to communicate withthe deaf by using handgestures as an exaggerated‘mouth’. There are hundredsof sign languages in usearound the world, the twomost common beingAmerican Sign Language(ASL, see illustration, left)and Signed English. Inaddition, many sportsofficials use standardized
hand signals for somecommunication.
Americansignlanguageusesanalphabetforspellingoutwords.
Thefeelingcode:Braille
Braille is a non-secret codethat allows the blind to read.Like many codes, its originslieintheneedforthemilitaryto communicate without
beingdetectedorunderstood.
DARKSECRET
The story begins withArtillery Captain CharlesBarbierofNapoleon’sFrenchArmy in the early 1800s.Frustratedbythedifficultyinreading messages safely onthe front line (where smokeand the chaos of battlehinderedcommunication,and
lighting a lamp created aneasytargetfortheenemy),hedevised a code using 12raised dots on paper, callednight writing. Unfortunately,his fellow soldiers found ittoo difficult to learn and itwasnotadopted.
Thinkingthat itmighthavearole in helping the blind toread, Barbier started to visitschoolsfortheblind.In1821
hedemonstratedhiscodetoagroupofchildrenattheRoyalInstitutionforBlindYouthinParis. The audience includedthe12-year-oldLouisBraille,who had been blinded byaccident nine yearspreviously. Braille quicklymastered the system butfoundhe could simplify it tousejustsixdots.Althoughhepublished the first Braillebookin1837,itdidnotcatch
on around the world foranother30years.
Braille has since beenadapted to nearly everylanguage on earth andremainsthemajormediumofliteracy for blind peopleeverywhere.
THEBRAILLE
ALPHABET
TheBraillealphabetofraised dots includesnumbers andpunctuationmarks.
• Each Braillecharacterismadeupof six dot positions,arranged in arectangle.
• Adotmayberaised
at any of the sixpositions,andatotalof 64 combinationsispossible,includingthe spaces (seeopposite).
• There are Braillecodes forrepresentingshorthand,mathematics andmusic.
Braillecharactersuseasystemofraiseddots.
Theworld’smostfamouscode:Morse
Morse code is the mostfamous code in the world. Itallows rapid communicationover long distances along
wires or radio waves, or viasound or light in an easy-to-learn system of dots anddashes.
CODEONTAP
TheAmericanSamuelMorsehad attempted variousinventions and money-making schemes before hechanced across theopportunitytosendmessages
along wires. He enlisted thehelpofexpertsinthefieldofsendinganelectricpulseoverlong distances, and in 1838designedacodethatcouldbetappedoutbyhand.Showingadmirable understanding ofthe practicalities ofcommunicating language, heensured that the mostfrequently used letters couldbe entered with the leasteffort,thusthecodefor‘e’is
adot,andfor‘t’,itisadash.
Thiscombinationslowlywonover a sceptical public andthe first telegraph line,followingthe40-milerailwaytrack between Baltimore andWashington, launched in1844 with the message:‘WhathathGodwrought’.
Morse code was treatedoriginallyasanovelty(public
chess matches were playedvia it) and struggled toovertake the alreadyestablished optical telegraph(see pages), but gradually itsadvantagesofcheapandveryfast communication wererecognized. In England, itenabled the arrest of themurderer John Tawell on 3January 1845 when hisdescriptionwassentaheadofthe train on which he had
fled, leading to his arrest onhis arrival at PaddingtonStation.
Morsecodeisdesignedsothatthemostfrequentlyusedlettersrequiretheleasteffort.
BEYONDTHETELEGRAPH
In addition to its usein the telegraphsystem,Morsecodeis
alsoused:
• when armies andnavies use aheliograph (whichreflects the sun’srays);
• when messages aresent with the Aldislamp (a powerfullightusedatsea);
• inradiomessages.
Airline pilots stillhave toknowit,eventoday.
The telegraph system grewrapidly. Skilled operatorssoon learned to ignore thepaper printouts of messagesand instead listened to theclicking of the receivingapparatus to understand the
message. They began usingabbreviations for longcommon words or phrasesand many variations of codewords were introduced. Thiswas encouraged by a thriftypublickeentokeepthelengthofmessagestoaminimumaspaymentwasbytheword.Inthe American Civil War(1861–5), the telegraph wasusedwidelyfor thefirst timein warfare, and it was
imperative to encryptimportant messages becauseoftheeaseofinterception.
Banks, in particular, werekeen todevelopsecurecodesasitallowedthemtotransfermoney electronically. By1877,nearly$2.5millionwasbeing telegraphed every yearin nearly 40,000 separatetransactions. Because themessages were legally
binding contracts, evenmarriage ceremonies wereknowntobeconductedusingtheequipment,withthebrideandgroomclickingout‘Ido’while a congregation oftelegraph operators down thelinelistenedin.
Morsecodeunderwenta fewrefinementsasitcontinuedtoserve as a code in radiocommunication. It remained
inuseontheseasuntilitwasreplaced by a satellite-basedcommunication system in2000.
SOS
The dit-dit-dit-dah-dah-dah-dit-dit-ditSOSdistress call doesnot stand for ‘Save
Our Souls’, as manypeople believe. It is acode indicating thatthe operator will nolonger be able to sendmessages. The lack ofgapsshowsthatitdoesnot representindividualletters.
NewglobalcodesCommunications technology,suchascomputersandmobilephones, has spawned a newset of codes aiming to savecosts and time by makingcommunication as brief aspossible. These are simplymodern forms of shorthand,but they also carry greatsocialkudosfortheyoung.
LEET
Aroundtheworld,peoplearecreatinganewcodelanguageat their keyboards, which isthe digital equivalent of PigLatin (see pages) with a fewhieroglyphs thrown in forgood measure. Widely usedinchatrooms,amonghackersandcomputergamers,leet,orleetspeak(leetisacorruptionof ‘elite’), enables rapid
communication to take placeby using keyboard charactersas short cuts for sounds,wordsandphrases.
Somebasicrulesforleetare:
• Numbers can replace theletters they resemble, so‘leet’ is ‘1337’, ‘B’ (hence‘be’) is represented by ‘8’,‘9’ replaces ‘G’, ‘5’ or ‘$’standsfor‘S’and‘4’is‘A’.Thus ‘leetspeak’ is
‘13375p34k’.
• Letters substitute forsounds,sowordsending inCorKnowendinX,andZsupplies ‘S’ and ‘ES’endings.
However, there are manyvariations. For example, thefirst three letters of thealphabetcanbeshownas:
A:4,Λ,@,/-\,
B:8,6,|3,|:,P>C:[,<,(
Oneoftherulesofleetisthatthere aren’t really any rules:spelling and grammarconventions are largelyignored and the idiom isconstantly evolving. It isparticularly popular incommunication betweencomputer gamers andhackers.
Hereareafewleetwordsandphrases:
• k3wL=‘cool’
• m4dsk1llz=‘madskills’–atalent
• n00b = ‘newbie’ – anewcomer
• y0= ‘yo’, an alternative to‘hi’.
TXTTLK
Txt tlk, or txt lingo, is thelanguage of the mobilephone, so it has similar aimsto leet but has been adaptedto suit use on a handset.However, it is also used ininternet chat rooms alongwith leet. It developedthrough the introduction ofthe Short Messaging Service(SMS), which allows thesending of text messages ofup to about 150 characters
and isused forconversationsand news and financialinformation services. Thefirst message was sent in1992, and just over a decadelater textswere being sent atarateof500billionperyear.
Some basic rules for txt tlkare:
• Vowelsareomitted.
• Whole words can be left
out if the sense is notaffected.
• SpacesAreMarkedByCapitals.
Txtwordsandphrases:
2=‘to’or‘too’4=‘for’asin‘b4’C=‘see’R=‘are’Y=‘why’8 = the syllable ‘ate’ as in‘gr8’or‘m8’
bf or gf = ‘boyfriend’ or‘girlfriend’thx=‘thanks’np=‘noproblem’
Keyboard or handsetcharacters are also used tocreatepictorialmessagessuchastheseones(trytiltingyourhead if you don’t see how itworks):
O:-)=angel
:-!=bored%)=confused
2
SECRETCOMMUNICATION
HiddenmessagesThe best place to hide amessage is somewhere
completely innocuous. In thecourse of history, messageshave been concealed insideanimals and people, pencilsand even coins, and thathumble material wax hasbeenafriendtomanyaspy.
HARESANDHAIRS
The principal motive forsending secret messages wasfor military or diplomatic
confidentiality. Generals andsenior officials wanted toknow that even if theirmessage carriers wereintercepted, no one wouldunderstand what informationtheyhadwiththem.
The early Greek historianHerodotus, writing in about440 BC, tells a trio of talesinvolving concealedmessages. In the 6th century
BC, Harpagus, a Mediansoldier, was plotting againstAstyages, his own king. Hewroteamessagetotheking’senemy, Cyrus, promising tochangesides,andhiditinthebelly of a hare, which wascarriedbyamessengerintheguise of an innocent hunter.Its delivery prompted aPersian revolt against theMedians, and Harpagus didindeed betray his king, who
was replaced by Cyrus. Theidea of hiding a message inananimalwas still around in16th-century Italy, whenGiavanni Porta records thepracticeoffeedingamessagetoadog,whichcouldthenbetaken on an apparentlyinnocent trip where it wouldbe killed to retrieve theinformation.
In another complicated plot,
this time by the Greeksagainst the Persians,Histiaeus earned a place inthe pantheon of secretmessages.WishingtopromptarebellionagainstDarius,butstrandedatcourtinhisroleasambassador, Histiaeussomehow had to encouragehis son-in-lawAristagoras toattack the city of Miletus.Clearly prepared to sacrificespeed for secrecy, Histiaeus
shaved a slave’s head,brandedhismessageontothepoor man’s scalp and onlysenthimonhiswaywhenthehair had grown over thewriting. It worked: the citywas takenby theGreeks andestablished as a democracy,prompting further rebellionsagainsttheirPersianrulers.
WAXFACTS
In 480 BC the Persianscompleted a five-yearmilitary build-up andlaunchedanattackonAthens,believing their plan to be asecret. However, a Greekcalled Demaratus hadwitnessed their preparationsandmanagedtogetawarningto his compatriots. Messageswere usually sent on waxtablets, but these wouldobviously not be kept secret.
SoDemaratus instead carvedhismessage into thewoodenbase of the tablet, which hethen covered with wax. Theblank tablets arrived withoutincident, but baffled theirrecipients until they scrapedawaythewaxanddiscoveredthe warning. This allowedthem to repel the attack,which was thought to becrucial in preserving theirindependence.
TheGreekswerenotaloneintheir need to communicatesecretly, or in their use ofwax. The ancient Chinesewrote messages onto silk,which was then scrunchedinto a little ball and coatedwith wax. The messengerwould hide or swallow theball to conceal it during hisjourney. Roman historianTacitus tells of woundedsoldiersconcealingwritingon
their bandages, of sewingmessages into the soles ofsandals, and even writingmessages on a thin sheet oflead and rolling it into anearring. More recently, ColdWar Russian spies hidmicrofilm in hollowed-outpencils,batteriesandcoins.
COVERTWRITING
• The term for hiddenwriting issteganography, from‘stega’, the Greekword for roof orcover, and ‘graphy’,meaningwriting.
• The practice
continues today: inelectricalcommunicationsitiscalled transmissionsecurity.
INVISIBLEWRITING
Whatbetterwaytoconceala
message than by rendering itinvisible? It saves all theeffortofdevisingandusingacode and allows open,apparently innocentcommunication betweenpeople who are beingobserved. The technical termforthisissteganography.
Steganography can also beused for secretcommunication, embedding
dataon the screen rather likeamicrodot hidden in a pieceof punctuation. Its advantageis that an interceptor isunlikely to detect thepresenceofthedata,allowingsecure communication, albeitoffairlyshortmessages.
HOODWINKINGINKS
Anumberofnaturalmaterialshave been used for invisible
writing for thousands ofyears. Both the Greeks andRomans extracted such inksfrom nuts and plants. Forexample,inaboutAD100 theRomanwriter Pliny recordedthat he could obtain a liquidfrom the tithymalus plant(which is part of theeuphorbia family). When hewrote with it, the messagevanishedastheinkdried,butit reappearedwhen the paper
wasgentlyheated.
Pliny could have chosen oneofmanyotherorganicliquidssuch as onion juice, vinegarand apple juice, and anycitrus juice. All turn brownwhen gently heated (a hotiron,hairdryerorlightbulbisbest – actual fire is too hot).Thisknowledgehasbenefitedsecret agents across thecenturies, some of whom
resorted to their own urinewhen other supplies ran out.Cola drinks also work withthismethod(use thenon-dietkind,assugarisrequired).
A largenumberofchemicalsalso function as invisible ink(also known as ‘sympatheticink’). They are activated byanother chemical called the‘reagent’. Examples includeiron sulphate solution,which
reacts to solutions ofpotassiumcyanate,orsodiumcarbonate and coppersulphate, which react toammoniafumes.
Some of these chemicals canbeharmful,sodonottrythisyourself unless you are achemist or a trained spy!However, one experimentyoucandoistowriteinmilkon thickpaper,usingabrush
ratherthanapensoyoudon’tleaveany indentationson thepaper. Watch as your wordsdisappear, then rub darkpowder such as ashes orcharcoalacross thepage,andyourmessagereturns.InNaziGermany, ballot forms weresecretly numbered inmilk toallowcheckingofhowpeoplevotedinplebiscites.
Banks and amusement parks
sometimes use invisible inksthat shine under ultravioletradiation known as‘blacklight’.Theinkscontaincolour-brightening chemicalssimilar to those found inlaundrywashingpowders.
INVISIBLEDIGITALWRITING
An intriguing by-product of
the internet age is the re-emergence of secret writingas a valuable tool. If you’veever been baffled by howsome seemingly unrelatedwebsitesappearwhenyouaresearching for something onthenet,theanswerechoesthemethods described above. Itispossibletohidetextonthescreeneitherby typingwhitetext on a white background,concealing it on a non-
printable areaof thepage,orin graphics or a music file.You can’t see it, but thesearch engines find it. Thisembedded text gets theirwebsite included in a widerrangeofsearchresults.Somecompanies go a step furtherand hide their competitors’namesontheirownwebsites,meaning that their site popsup on the screen wheneversomeonekeysinthenameof
theirrival.
INKYTRICKSSending sheets of ‘blank’paper is likely to arousesuspicion, so agents writingin invisible ink do so onpaper with an innocuousmessage,oruseshoppinglistsorpicturesasabackground.
HOTNEWS
Natural invisible inksare made fromorganic fluids, whichare rich in carbon.The liquid evaporatesbut some soaks intothe paper. Whenheated, the carbonchars and turnsbrown.
Theuseof invisibleinkswaswidespread in the MiddleAges, through theRenaissance and was still animportant skill for spiesduringWorldWarI.Germanagents were by thendisguisingpossessionofsuchinksbyimpregnatingitemsofclothing with the liquid and
then activating it by soakingthe garment in water. In thelater stages of the war, theAmerican MilitaryIntelligence Division MI-8was testing 2,000 suspiciousletters a week for secret ink.Itsworkledto thecaptureofGerman spy Maria deVictorica.
Spokencodes
Speakingdirectlytosomeoneelse is, of course, the mostefficient way ofcommunicating, but whenthere is danger of other earslistening in, a spokencode isrequired. Most of them arequite simple to break onceyouknowthekey.
IGPAYATINLAY
The simplest spoken code is
Pig Latin, a letterrearrangement code that isparticularly popular withchildren. There are threebasicrules:
• Words that start withvowels have ‘ay’ added tothe end, so ‘actually’becomes‘actuallyay’.
• For words starting with aconsonant, that letter ismovedtotheback,andthen
‘ay’ isaddedat theend,so‘can’becomes‘ancay’.
• Iftwoconsonantsareatthestart,theyaremovedtotheend,adding‘ay’,so‘speak’becomes‘eakspay’.
Thus, ‘Actually a child canspeak Pig Latin well’ isspoken as, ‘Actuallyay aayildchay ancay eakspay igpayAtinlay ellway’. Withpractice, Pig Latin can be
spoken and understood atquite a pace. In a variationknown as Tut Latin, thesound ‘tut’ is added betweeneachsyllable.
Another spoken codelanguage is Opish, in which‘op’ is added after eachconsonant. Thus ‘book’transforms into ‘bopookop’and ‘code’ is ‘copodop’.Wordsbecomeverylongand
it becomes very hard todeciphermeaning. Similar toOpish is Turkey Irish, inwhich ‘ab’ is added beforeeveryvowelsound,so‘book’becomes‘babook’and‘code’isnow‘cabode’.AswithPigLatin, this is a noveltylanguage rather than a codethat can be used formeaningfulcommunication.
Amore sophisticated spoken
code disguises information.Forexample,justpriortotheGerman occupation ofNorway in 1940, telephoneand radio calls from Naziagentswereintercepted.Theyappeared to be sending salesand tonnage informationabout fishing, but analysisshowed that they wereactually communicatingdetails of ships, using thenumbers with which vessels
are identified in the shippingbibleLloyd’sRegister.
Later in World War II,innocent-sounding callsdiscussing the flower marketwere also found to bedisguising information aboutwhich ships were in harbourand the nature of repairsbeingundertaken.
TAKEA
BUTCHER’SATTHIS
Cockney rhyming slang is aspokencodethathassurvivedfor about 200 years. Itsubstitutes (usually) twowords for one,withwhich itrhymes.So ‘butcher’s’ in theheading above is short for‘butcher’s hook’, meaning‘look’. Traditional examplesare:
• Applesandpears=stairs
• Barnet(fair)=hair
• Brownbread=dead
• Canoes=shoes
• DickieDirt=shirt
• Mahatma (Ghandi) =brandy
The slang continues todevelop.Herearesomemorerecentintroductions:
• Basil(Fawlty)=balti
• Billie (Piper) = sniper orwindscreenwiper
• MetalMickey=sickie
There are various theoriesabout howCockney rhymingslangstarted. Itwascertainlyin London’s East End, anddefinitely devised to preventother listeners from knowingwhat was being said. It may
haveoriginatedfrom:
• Villainous builders in theLondondocks.
• Market vendors talkingaboutcustomers.
• Prisoners who didn’t wanttheir guards to understandwhattheyweresaying.
• Thieves aware that RobertPeel’s newly launchedpolice force might be
around.
NATIVETONGUES
All of the spoken codesdescribed so far can bebroken relatively easily. Onespoken code that defiedanalysis, however, was usedby the US forces in the twoworld wars: a language thatnone of the opposing forcescouldunderstand.
In 1918, orders within DCompany, 141st Infantrywere openly transmitted byfield telephone in completesecurity because they werespoken by one of eightserving Choctaws, a nativeAmerican group fromOklahoma.
Other native tongues werealso used. The uniqueadvantage was that these
languages had developed,geographically andlinguistically, far away fromother peoples and conveyedmeanings with precisepronunciationandhesitations,which were unintelligible tooutsiders.
The practice was repeated inWorldWarII,whenasmanyas420Navajo speakerswereused by the Marines in the
Pacificcombatzone,bafflingJapanese intelligencepersonnel.Thestorywastoldinthe2002filmWindtalkers,starringNicolasCage.
Wordswithinwords
Hiding words within wordshas proved to be a popular
method of secretcommunication as it is veryhardtodetect,thecarriertextbeing an everyday innocuousmessage.
READINGBETWEENTHELINES
In 17th- and 18th-centuryBritain,itwasveryexpensive
to send letters by post, butsending newspapers wascheaper and even, at times,free. Thrifty communicatorsseizedonthisandadoptedthepuncture code that had beendescribed by Greek historianAeneas the Tactician 2,000yearsbefore.
They would make smallpinpricks, or mark tiny dots,over certain letters so that
they could spell out amessage,whichcouldthenbecheaply dispatched to theircorrespondent. The practicecontinueduntilpostagepriceswerealtered in themiddleofthe 19th century. However,Germanspiesused thisexactsystem during World War I,and again in World War II,usinginvisibleink.
The disadvantage of this
method is that a lot of thecarrier text is redundant: somany words are deliveredfrom which only fairly shortmessages can becommunicated. The nextlogical step is to write yourown‘carrier’message,whichcan be decoded with anagreedformula.
A simple example of this isan acrostic: a sentence in
which the initial letters ofwords spell out a message.These are called null ciphersand are often employed inpuzzles and crosswords. Forexample, cuddly attack tigerspells CAT. They are alsoused as memory aides, forexample BRASS is anacronym for how to fire arifle: Breathe, Relax, Aim,Sight, Squeeze, and thesentence Every Good Boy
Deserves Favour sets out theletters on the lines of sheetmusic when written in thetrebleclef.
Thismethod is thought tobethe inspiration for theChristian sign of the fish. IntheearlydaysofChristianity,when it was necessary attimes to keep your faithsecret, ancient Greek waswidely spoken. The phrase
‘Jesus Christ Son of God,Saviour’ rendered in ancientGreek is ‘Iesous ChristosTheou Uios Soter’. The firstletters spell ICHTHUS, theGreek word for ‘fish’. SofollowersofJesuscoulduseafish sign, or the wordICHTHUS, toshowthat theywereChristian.
ACODEDESCAPE
In general, devising aninnocent-sounding acrosticmessage that makes sense isvery tricky. However,choosing to send a messagevia, say, every third letter isfar easier to devise, andharder to spot. A famousexampleofthisistheEnglishCivil War story of Sir JohnTrevanion, a royalist lockedinColchesterCastle awaitingprobable execution by his
Cromwellian captors. Hereceived a letter that began:‘WorthieSirJohn:Hope,thatis ye beste comfort of yeafflicated,cannotmuch,Ifearme,helpyounow...’.
On the surface it was just arather verbose letter, and theguardschargedwithcheckinghis letters could find nothingsuspicious.Buttakeouteverythirdletterafterapunctuation
mark and the entire lettercreates the more usefulmessage: PANEL AT EASTENDOFCHAPEL SLIDES.SirJohnpromptlyaskedtobeallowedtoprayatthechapel,and made his escape. Somehistorians question details ofthis tale,but itdoes illustratethevalueofanacrosticcode.
A similar strategy was usedby a German spy in World
War II, whose message‘Apparently neutral’s protestis thoroughly discounted andignored. Isman hard hit.Blockadeissueaffectspretextfor embargo on by-products,ejecting suets and vegetableoils’, spells out ‘Pershingsails fromNYJune1’ ifyoureadonlythesecondletterofeachword.
A similar simple encoding
method is toconceal the truemessage with extra words,andincludeguidanceonhowto identify which words toread.For example, the1/4 atthe start of this messageinstructs the reader to ignorethe first and every fourthword: ‘Tom: 1/4 gifts do notarrive often father will bepleased here, Lucy’ so theplaintext reads ‘Tom do notarrive father will be here,
Lucy.’
WINDOWS1550
Anothermethodofsendingamessageconcealedonapageof writing is the stencilmethod, in which the hiddentext is read through‘windows’ cut into card orfabriclaidovertheletter.
THECARDANOGRILLEThiscodewasinventedbyanItalian doctor andmathematician calledGirolamo Cardano in 1550and isknownas theCardanogrille. Small holes werepunched in an irregularpattern in a piece of card,whichwasusedasanoverlayon top of a piece of writing.This method allows for
readingonlysinglelettersatatime,butitcanbeadaptedtouse larger holes so thatsyllables or whole wordsappear in the window,although this then makes itmore difficult to disguise themessage.
ThethreestagesofcreatingaCardanogrille
Provided the same card withcut-outsisnotusedmorethana few times, the method issafe, and it was certainlywidely used in diplomaticcorrespondence for hundredsof years after its invention.The system also requiresthere to be two identicalcopiesofthestencil,orthatitbe sent to the receiver insome guise. But over-use of
the card would allow a codebreaker to identifywhere the‘windows’ are, allowinginstant reading of the realmessage.There is also a riskthat the message created to‘camouflage’ the hiddenwords may be so clumsilywordedastocreatesuspicion.
THEROTATINGGRILLE
A refinement of themethodisthe‘turninggrille’ system, inwhich the grille isrotated through 180degrees or flippedevery, say, nine
letters. This isremarkably effective,providedthewindowsneveroverlap.
3
SIMPLECODES
Makingsimplecodesandciphers
Simplecodesandcipherscanbe createdwith pencil, paperand patience. This chapterdescribesvariousexamplesofsimple codes, which, whilebeing quite basic informulation,areinfactaveryeffective method ofconcealing meaning, andhave been used by secretagentsandspiesmanytimes.
SPACES,BOOKS
ANDDOTS
Perhaps the simplest way ofconcealingawrittenmessageisa spacecode, inwhich theplaintext is broken up intodifferent ‘words’. Forexample ‘This is an exampleof a space code’ could beencoded as THI SISANEXAM PLEO FAS PACECO DE. It wouldn’t foolanyone for long, though.
Neither will a backwardscode: EDOCSDRAWKCABA LLIW REHTIEN. Thismessagecanbemadeslightlylessrecognizablebybreakingup the word groups: EDOCSD RAWK CAB ALLIWREHTIEN.
CODESVS
CIPHERS
A‘code’isasysteminwhich words and/orphrases are changed,and therefore requiresa code book,which islike a dictionary. In a‘cipher’, thesubstitution is ofletters, so no codebook isnecessary,anddeciphering requires
knowledgeofhow theletters have beenchanged. Anadvantageofciphersisthatthesamelettercanbe changed to manydifferent letters ornumbers, making itmuch harder to detect(see page). Turning amessageintocodeandthen enciphering thattext is called
‘superencipherment’.
A history book written in14th-centuryEgyptnotesthattax and army officials usedthenamesofperfumes,fruits,birds and flowers to denotecertain letters or terms. Thiskind of code is pretty muchunbreakable, but there aredifficultiesinexecution:
• All correspondents need acopy of the code words inuse,andthisdocumentwillbe bulky and hard toconceal.
• Anyone able to see thiscode book can understandyourmessages.Youwouldalso probably need toexpand the code book toallow you to use a widevocabulary, so therewouldbesecurityissuesaboutthis
valuabledocument.
• If someone studies yourconversation or writing,they will be able to makeinformedguesses about thetypes of words in the gaps(verbs, nouns, numbers,etc.) and eventuallydecipherat leastpartsof it,simplyfromthecontext.
• However, it isveryeasy tocreate a code allowing you
to talk or write to a friendwith no chance of othersunderstanding yourcommunication. All youhave to do is agree tochange each importantword for another word,rendering the plaintextincomprehensible.
TRANSPOSITIONCIPHERS
• A cipher in whichletters arerearranged, as in thebackwardscipheronpage53,isknownasa transpositioncipher.
• Other examples in
this chapter are therail fence cipher onpages 64–5 and theGreek scytale (seepages).
• Transpositionciphers are easy tospot if you analyzethe letter frequency(seepages).
Codeswherewordsstandforother words or phrases areknown as sub rosa codes. Afamous story involving theirusecomesfromWorldWarI,when censors who weresuspicious of the cablemessage ‘Father is dead’amended it to ‘Father isdeceased’. This causedconfusion with the recipient,who cabled back, ‘Is fatherdeadordeceased?’
The practice was alsowidespread among spies inWorld War II. A series ofintercepted letters containeddetailed concerns apparentlyabout the correspondent’sdoll collection such as, ‘Abroken doll in a hula grassskirt will have all damagesrepaired by the first week ofFebruary.’ It was eventuallyestablishedthateachdollwascodeforadifferentAmerican
ship.
DICTIONARYCODE
One way to avoid having tocreateandupdateacodebookistouseadictionarycodeforall, or some,words.Thishasproved a popularmethod forsecretagentscountless times.Whenyouwish todisguisea
word, you quote the page,column and entry numberwhere it appears in yourdictionary: you just have tomake sure both parties areusing the sameeditionof thetome. For example, in thetenth edition of Webster’sCollegiate Dictionary, theword ‘dictionary’ is on page322, column 1, and is thethird entry, so its codenumber is 322,1,3. The
comma is required to avoidconfusion between the threepieces of information: forexample 32213 could meanpage 32, column2, entry 13,whichis‘allow’.Thenumberfor‘code’is221,2,17.
Thus the plaintext, ‘Thissentence is in dictionarycode’wouldbeencodedas:
‘THIS SENTENCE IS IN
322,1,3 221,2,17’ if you justchange two key words, or ifyouchangethemall:
1227,1,14 1067,1,13620,2,11 585,2,6322,1,3221,2,17
BREAKINGADICTIONARYCODEAnyone trying todecode this
message would immediatelyknow how many words itcontained by counting thespacesbetweennumbers.Theuseofthreenumbersforeachword also betrays the ‘page,column, entry’ format,especially as the middlenumber is always 1 or 2. Soyou would quickly discernthat it is a dictionary code,but would be unable toproceed further without
identifying which dictionarywasused.
REFININGTHECODEArmed with this knowledge,you might decide to concealthe page numbers bymakingevery page number fourdigits, leaving the columnnumber untouched, butmakingall theentrynumberstwodigits,fillingingapswith
zeroes. Now you can run allthe numbers together andremovethecommas:
122711410671130620211058520603221030221217
CODESINBOOKS
• Jules Verne’sVoyagetotheCentreof theEarth featuresa baffling code thatturnsouttobeLatinwritten in reversethat can be readthrough the back ofthepaper.
• William MakepeaceThackeray includedaCardanogrille(seepages) in The
History of HenryEsmond.
• H. Rider Haggardused a cipher inColonel Quaritch,QV.
• AgathaChristieusedaflower-namescodein The FourSuspects, solved bytheindomitableMissMarple.
• Mystery writerDorothy L. Sayersused a message inPlayfair cipher (seepages) as afundamental part ofthe plot in her LordPeterWimseynovel,Have His Carcass.He solves it byguessing that themessage starts withthe name of a city
and then a year,providinghimwithacrib.
Another refinement is to useanyoddnumberinsteadof‘1’to indicate the entry is in theleft-hand column, and anyeven number in place of ‘2’for the right-hand column.Thiswillconfusethedecoder.
Yetanothertrickistoaddthesamenumbertoeveryfigure.For example, adding five toeachfigureinthecodeabovewould produce thisciphertext:
123261910726180625716059071103276080226722
A determined decoder willstill be able to recognizenumber patterns, although
you can further confoundthem by changing theprocedure slightly andlocating the words in thesame position but four pagesin front of the word in theplaintext.Nowyourmessagereads:
THERAPEUTICSSEMESTERINVESTITURE
IMPATIENCEDEWARCLOVE
The ‘four pages back in thedictionary’codeisexactlythemethod unearthed in thescandal surrounding thedisputed 1876 AmericanPresidentialelectioninwhichboth Democrats andRepublicans were suspectedof malpractice. In one
Democrat message, thephrase, MINUTELYPREVIOUSLY READMITDOLTISH, translates as,‘Must purchase Republicanelector’, via the HouseholdEnglish Dictionary publishedin1876.
BOOKCODE
Any book can function as acode book inmuch the same
way as a dictionary, and thisagain, forcenturies,hasbeena very common encodingmethod. One problem,though, is in finding thewordsin thebookin thefirstplace. For example, amessage using this systemfrom Benedict Arnold, the18th-century Americangeneral who defected to theBritish, found him cullingwordsfrompagesasfarapart
as35,91and101.That’salotofsearchingforoneword–itwould be infinitely easiertodayusingthesearchfacilityon a word-processingprogram.
The disadvantage of using adictionary or book forcreating a code is that manywords, such as place names,simply won’t be in the textand will then need to be
laboriously spelled out letterby letter, with the codespecifying the page, line,wordandletternumbers.Thiswill create a very longmessage, which occupieshours for both encoder anddecoder. However, providedthe interceptor neveridentifies thebookused, it isa very secure method,especially if the book ischanged frequently, which
explains its popularity.Another benefit is that theshelves of secret agents willnot be stacked withincriminating code books orstencils, but merely hold astock of seemingly innocentbooks.
THEDOTCIPHER
Thisistotallydifferenttothepractice of dotting or
pinpricking newspapersfavouredbythriftyVictorians(see page). The alphabet iswrittenonsquaredpaperwithoneletteroneachlineandthereceiverneedsanexactcopy.The ciphertext is created byputtingadotundereachletterin your message, workingdown the page so that eachnewdotisonanewline.Theend result looks like pianoroll music for an automatic
piano.So themessage, ‘Dotslines and zigzags’ will looklike the illustration below.The alphabet can also bewritten vertically rather thanhorizontally, in which casethedotswillreadfromlefttoright.
Youcandisguisethemessageby connecting the dots tomakelines,agraphorevenacrazy picture, or go in
sequence to create a zigzagpattern as you can see in theillustrations below. The dotsfrom which these variationsare produced must bepositioned precisely to avoidconfusionindecoding.
Thedotcipher.
Arefinementofthissystemisto set the alphabet in adifferent, pre-arranged order,suchasbackwardsorwithallthevowelsfirst.
Thelineandzigzagciphers.
Transpositionciphers
In transposition ciphers,letters are rearranged in adifferent order, creating ananagram of the message.There are various systemsdetermining how to changethe position of the letters toformacipher.
THEGREEKSCYTALE
The scytale is the earliestknownpieceofcryptographicequipment, dating from 5th-century BC Greece. Probablyfirst used by the Spartans tocarry messages around thebattlefield, it is a simpletransposition machine. Apieceofparchmentratherlikearibbonwaswrappedaround
a cylinder, suchas awoodenstaff. The message was thenwritten unencrypted onto thecoiledpaper.
Once removed from the rod,thewritingwas justa jumbleof letters that would bemeaningless if the enemycaptured it. It ispossible thatmessengersworethefabricasabeltwith thewritingontheinside. When the message
wasdelivered,itwaswrappedaroundacylinderidentical indiameter to the first one, andcouldberead.
ACONETODECODE
A scytale messagecan be decoded by
simply wrapping thematerial around acone and sliding itaround until the textmakessense.
Part of the scytale’s valuewas the speed at whichcommunication took place,because no enciphering anddecipheringwasinvolved:the
message was written,transported with reasonablesecurity,andread.
THERAILFENCECIPHER
Inthe19thcentury,hundredsof miles of fencing was putup across the US as newterritories were taken over.Known as split-rail fences,
they form a zigzag patternwhen seen from above,similartothepatternmadebylettersintherailfencecipher.If you write the message,‘The rail fence ciphermakesazigzagpattern’inzigzags,itlookslikethis:
The enciphered message iscreated by writing each row,choosing, if youwish, to putthelettersintogroupsoffour,in which case you will needto fill in the gaps with‘padding letters’ or ‘nulls’,whichareusuallyXorZ.Thefirst null indicates where thenew line starts. In thisexample, the last two nullsensure the ciphertext endswithagroupoffourletters.
TEAL ECCP EMKSZGAP TENX HRIFNEIH RAEA IZGATRZZ
To decipher this message,count the letters (40) thendivide into two groups. Youcan now put the letters intoorder by writing the firstletter from each group, thenthe second, and so on,
ignoring the nulls, andreadingthewordscreated.
REFININGTHERAILFENCECIPHERThe cipher can be written inthree or more rows, eitherzigzaggingacrossthepageorstarting a new column everythree letters.This is the codewritten in zigzag pattern for‘A three row cipher would
looklikethis’:
ThiscreatesthecodemessageAEWHOLLTTREOCPEWUDOKIEHSHRIRLOKI
INTENSIVECARE
Transposition ciphersrequire a lot oflaborious work toprepare, and there isplenty of scope formistakes,so theyhavenot been used aswidely as some otherciphers in the past.
However, they areeffective and theconcept lies behindmany moderncomputer-drivencipheralgorithms.
ADDINGNULLS
When adding nulls topad out a grid, thenumber of lettersaddedcanbeindicatedby the final letter’sposition in thealphabet. So, a one-letternullwouldbeanA, and if four letterswere added, the lastonewouldbeD.
DECIPHERINGTHISRAILFENCECIPHERThemessagecanberevealedbywritingouttheeightlettersofthetoprow,the16inpairsof the middle row, and theeight of the bottom row,recreating the zigzag patternof the original. Then theletters are written out in thenew order reading down andup.
BREAKINGRAILFENCECIPHERSLike other transpositionciphers, the cipher featuresletter frequencies similar tothose of the language ineveryday use (see pages), soyou can identify them bycounting letter frequency.Nowyouneedtounscramblethelettersonthepage,whichis much easier than finding
substitutesforthem.
To decipher a transpositioncipher you need to identifythen ignore thepaddingnulls– frequency analysis (seepages) will help here – thentry reading every secondletter, and if that doesn’twork, every third letter, andso on. The longer themessage,thebiggerthejumpswillhavetobe.
TRANSPOSITIONWITHAKEY
Oncethelettersareputintoafour-columngrid,theydonothave to be enciphered in thestandardlefttoright,ortoptobottom order. For example,your key could be to start atthe bottom right corner andspiralclockwisetothecentre.This is called a route cipherand makes decryption much
more difficult. Theencryption of the same four-rowmessagealreadyused:
T I I N OH S T I WI W T N SS R E R A
would thenbeginat theA inthe bottom right corner andreadas:
ARERS IHTIINOWSNTWSTI
Other paths for encipheringinclude:
• Inaspiralfromthecentre.
• Diagonally (specifyingupwardsordownwards,lefttoright,orrighttoleft).
• Up one column, down thenext.
NUMBERORWORDKEYSAnotherway to scramble theletters from a grid is toidentify the columns with akeyword or number. This iscalledcolumnartransposition.If you have a four-columngrid with the message, Thismakes it more complicated’written across, it looks likethis:
T H I SM A K ES I T MO R E CO M P LI C A IE D T B
Two nulls have been added,the last being B to indicate‘twonulls’.MakingtheothernullaTratherthan,say,anXmakesthemharder tospotas
imposters.
THEKEY
The encipherer anddecipherer agree inadvance how manyrows the ‘fence’ willhave, and, ifnecessary, thedirection of writing
(e.g. forwards,backwards andwhether usingdiagonalsorcolumns).This information iscalled the key andallows the message toberapidlydeciphered.
Instead of writing theencryption out by following
the column order, you canchange it with the four-letterkeyword CODE (one letterfor each column). Inalphabetical order within theword, these letters are 1st,2nd,3rdand4th.Thiswouldre-arrangethegridtoread:
C 0 D E1st 4th 2nd 3rdT S H IM E A K
S M I T0 C R E0 L M PI T C AE B D T
Inblocksoffive(withathreeon the end, which could befilled with nulls if youchoose), the encipheredmessagenowreads:
TSHIM EAKSMITOCR EOLMPITCAEBDT
DECIPHERINGTHEMESSAGEThe decipherer now worksout the column lengths bydividingthekeylength(four,from the keyword CODE)into the message length (28
letters). This reveals thenumber of rows as seven, sothe content of each columncan be identified, then re-orderedaccordingtothecodeword, the nulls counted andremoved, and the messageread.
BOOKCODES
INTHEMOVIES
Book, and especiallyBible, codes arepopularinHollywoodmovies.
• In the 1996 filmMission: Impossiblethere are severalreferences to Job3:14: ‘with kings
and their advisorswhosepalaceslieinruins’.
• The 2002 thrillerRed Dragonfeatures numerousapparent Biblecitations,whichturnout to refer to adifferent book, TheJoy of Cooking.Thismaybe lessofasurprisewhenyou
consider the film isa sequel to thecannibalistic TheSilence of theLambs(1991).
• National Treasure(2004) has a plotbasedaroundacodehidden in the USConstitutionrevealing thewhereabouts of atreasure buried
duringthe1700s.
DOUBLETRANSPOSITION
A technique for breakingdown transposition ciphers istoguess thenumberof rows,group letters accordingly,then slide the letters around
looking for words oranagrams. Doubletransposition counteracts thisby repeating the scramblingof columns duringencryption, usually with asecond keyword. Bothkeywords can be changed atwilltoprotectthecipherfromattack.
Double transposition wasused by the German Army
during World War I, but itwas successfully broken bytheFrench.Theyweregreatlyaided by the fact that theGermans, confident of thesecurity of their cipher, usedthesamekeyformorethanaweekat a time– amajor sinin theworld of cryptography(see pages). DoubletranspositionwaswidelyusedinWorldWarIIaswell,asitwas regarded as the most
complex cipher an agentcoulduseasafieldcipher.
Substitutionciphers
Transposition ciphers createanagrams of the plaintext bymixing up the words orletters. Substitution ciphersleave the letters in the order
they should be read, butdisguisethem.
SHIFTCIPHERS
An early example of thiscomes from 2,000 years agoin amessage sent byRomanleader Julius Caesar toCicero, whose forces wereunder siege. The Romanletters were substituted withGreek letters, which Caesar
knew Cicero wouldunderstand.
MONOTOPOLY
• A Substitutioncipher that uses onealphabet forencryption so thateach plaintext letter
isrepresentedbythesame ciphertextletter throughout isdescribed as‘monoalphabetic’.
• Later ciphers thatused more than onealphabet are knownas polyalphabeticciphers(seepages).
Caesar had many reasons toencrypthismessagesanddidso in many ways. The mostfamous is the shift cipher, inwhich each letter is replacedbytheletterthreeplacesoninthe alphabet: ‘a’ becomesD,‘b’becomesE,‘c’isFandsoon. The message, ‘NamedafterJuliusCaesar’wouldbewrittenas:
QDPHG DIWHUMXOLXVFDHVDU
The Caesar shift was widelyused for centuries – it wasevenoneoftheciphersbeingused by Russian forces in1915.Abigadvantageof theshiftcipheristhatitdoesnotrequire a code book as themethod can be easilymemorized. It can also be
adaptedtoshiftthelettersanynumber of places from 1 to25 for a standard 26-letteralphabet through theuseofacode number. This is calledthe St Cyr cipher, after theFrench national militaryacademywhere itwas taughtinthe1880s.
However, it is alsoknownasthe slide rule cipher becauseitcanbecreatedbyslidingan
alphabet strip below anidentical strip to create theshifted letters. So the codenumber7wouldindicatea7-place shift, creating thisalphabet:
Plainalphabet: a b c d e f g h i j k
Cipheralphabet: HIJKLMNOPQRSTUVWXYZABCDEFG
BREAKINGTHESHIFTCIPHERHowever, the fact that thecipherisinalphabeticalordermakes this kind of shift keyvery easy to break. All youhavetodoistakeonewordorset of letters and try out allthe possible encryption keys.For example, if the ciphertext includes the lettersSIFBVE, the word can be
discovered through theprocessshowninthistable:
Shift Producesletters0 SIFBVE1 TJGCWF2 UKHDXG3 VLIEYH4 WMJFZI5 XNKGAJ6 YOLHBK7 ZPMICL8 AQNJDM9 BROKEN
So shifting the encryptedmessagenineplacesalongthealphabetsolvesthecipher.
THESHADOW
The Shadowmagazinepublished serializedstories for 18 years
from 1931, andremains a cultpublication. The talesof the mysterioussleuth, written bynewspaperman andmagician Walter B.Gibson under the penname Maxwell Grant,featured various codesin various ways. Onestory, ‘Chain ofDeath’, features an
inventivealphabet,andisillustratedbelow.
So far this is just agraphically pleasingsubstitution alphabet,but the cipher waslater refined with anadditional foursymbols:
Each symbol indicates
a degree of rotation,adding three levels oftransposition to thealphabet.Forexample,a quarter turn shownby symbol 2transforms thecharacter for ‘a’ intothat of B, and ‘c’becomesD.
The Shadow wasbrought to life in a
radio serial in the1930s, a period whenpublicinterestinsecretcodeswashigh.Secretdecoderswerepopulartoys and promotionalgifts from the 1930sonwards, especiallyfrommanufacturers ofchildren’s drinks andcereals. The ‘CaptainMidnight’ radio serialinthe1930sand1940s
included secret codesgiving clues about thenext episode andlisteners could send infor a working cipherdiscaspartofa ‘Spy-Detector Writer’ kit,whichcouldbeusedtodecrypt messagesbroadcastintheshow.
EARLYSUBSTITUTION
A10th-centuryPersiansubstitution alphabetused the names ofbirds for letters of thealphabet. Anothersubstituted them withnames for parts of thenightsky.
USINGKEYWORDS
Another approach is to startthealphabetwithakeyword,followed by the remainingletters in alphabetical order.This allows regular changingofthecipherbyreplacingthekeyword and enhances
security of the system.Repeated letters in a codewordareomitted (soomittedwouldbespeltwithone‘t’asomited).Here thekeyword is‘scramble’:
Plainalphabet:
a b c d e f g h i j k
Cipheralphabet: SCRAMBLEDFGHIJKNOPQTUVWXYZ
Notice that some letters staythe same in this cipher, afeature best avoided. Thereare a couple of ways ofgetting around this. Thecipher alphabet can followthe keyword in any agreedorder, so one with thekeyword ‘backwards’,followed by the rest of thealphabet in reverse, wouldlooklikethis:
Plainalphabet: a b c d e f g h i j k
Cipheralphabet: BACKWRDSZYXVUTQPONMLJIHGFE
Alternatively, the keywordneed not come at thebeginningofthealphabet.Soif the keyword is ‘thirteen’and happens to start on the13th letter of the alphabet,you would produce thiscipheralphabet:
Plainalphabet: a b c d e f g h i j k
Cipheralphabet: LMOPQSUVWXYZTHIRENABCDFGJK
Since one weakness of thesesubstitution ciphers is theiralphabeticalorder,thewaytoprotect them is to put thealphabet into a different,random order. Theoreticallythis creates403,291,461,126,605,635,584,000,000
different possible cipheralphabets – more thansomeone could test in alifetime, even if they wereequippedwithacomputer.
However, because the cipheralphabet is random, it wouldhavetobememorizedbytwopeople (which is unreliable)or written down (whichthreatens cipher security). Itis also, as we will see later,
easily broken by frequencyanalysis.
TYPEWRITERCIPHER
The typewriter ciphersubstitutes the alphabet forthe lettersof thekeyboard inorderfromtoptobottom(theqwertykeyboard isa randomorder for which there seems
to be no explanation – itcertainly doesn’t reflectfrequency of use for itsletters. However, have younoticed that the characters of‘typewriter’areallonthetoprowofletters?).
Plainalphabet: a b c d e f g h i j k
Cipheralphabet: QWERTYUIOPASDFGHJKLZXCVBNM
Alternatives are for each keyto represent, say, the one toits left, with the cipherwrapping round to thebeginning when the end ofthe row is reached, or to theleft and above, so that‘typewriter cipher’ would beencipheredas:
5603248534D80Y34
MORECOMPLEXSHIFTCIPHERS
Acipherwithanalphabeticalbasis can be attacked fairlyeasily by cryptanalystsbecause there will be apatterntoatleastpartsofthecipher for the letters not inthekeyword.Oneoptionistore-order the alphabet, forexample by writing itbackwards:
Plainalphabet: a b c d e f g h i j k
Cipheralphabet: ZYXWVUTSRQPONMLKJIHGFEDCBA
Thisproducesoneofthemostfamous(andsimplest)ciphersinhistory,Atbash,acipherinwhichthefirstletterbecomesthe last, the second becomesthe second last, reversing thealphabeticalorder.Thiswasadevice used by Hebrew
scribes to encipher parts oftheOldTestament.ATBASHis so-called because in thecipher the Hebrew letter Abecomes T, B becomes Sh,and so on, hence ATBSh,which is pronouncedATBASH. It is remarkablyeasytobreakbecausethereisonlyonesolution!
Anotheroption is towriteallthe vowels first, followed by
theconsonants:
Plainalphabet: a b c d e f g h i j k
Cipheralphabet: AEIOUBCDFGHJKLMNPQRSTVWXYZ
Again, to prevent lettersbeing encrypted asthemselves, do thisbackwards:
Plainalphabet: a b c d e f g h i j k
Cipheralphabet: ZYXWVTSRQPNMLKJHGFDCBUOIEA
If the cipher alphabet is notalphabeticalatall,itisharderto break. However, bothparties must remember, orkeeparecordof,theinventedalphabet, which can weakensecurity.
USINGNUMBERS
Encrypting a word messageinto a number cipher isanother way to disguisemeaning. The most obviouswayistonumberthealphabet(‘a’=1,‘b’=2,etc.),butthiswill be simple to detect (seefrequencyanalysis,pages89–95). All the variations inalphabet order described onpages 71–9 could be adapted
tocreateanumberratherthanaletteralphabet.
Anotherway,whichhasmorepossibilities for deception, isa five-by-fivegrid,giving25squares. As there are 26letters in the alphabet, thisrequires two tobecombined:‘i’ and ‘j’ will do. The gridlookslikethis:
1 2 3 4 5
1 A B C D E2 F G H I/J K3 L M N O P4 Q R S T U5 V W X Y Z
Letters can now have anumber created from theirgrid reference with thehorizontal row numberappearing first then theverticalcolumn,so‘b’wouldbe 12 and ‘s’ would be 43.
Thus the plaintext ‘numbercipher’ would be encryptedas:
33-45-32-12-15-42 13-24-35-23-15-42
The alphabet can be writtenin any agreed order in thegrid, perhaps using akeyword, anddecryption is asimple matter of matching
letters to their numbers. Onedisadvantageofthissystemisthattheciphertextistwicethelength of the plaintext, andwriting out the encipheredmessageisdoublethework.
NOROOMFORERROR
Whenever you areencoding, it is crucialto avoid making anymistakes,asthesewillconfuse the recipientof the message. Thisis especially truewhen using numbers.Inputting the wrongnumber or, worse,omitting a digit, willrender the messageincomprehensible.
THEGREEKSQUARE
The numbering method onsuch a grid is known as theGreeksquare,orthePolybiussquare, after its inventor.Dating back 2,200 years toancientGreece,itwasusedtosendmessages longdistances
by holding up torches, withthenumberheldineachhandindicating the grid reference.Therearerecordsofasimilarmethod being used in 16th-century Armenia to add asense ofmystery to religioustexts.
The system lends itself tocommunication with lamps,smoke signals, knots orstitchesinstringorquilts,and
sounds. Translated into asystem of knocks, it is amethod for messagingbetweenprisoncells.Itissaidtohavebeenusedinthiswayby captives of the RussianTsars, and by Americanprisoners of war during theVietnamWar.
BREAKINGTHEGREEKSQUARE
Since each letter is matchedby one number, this ciphercan be broken by frequencyanalysis (seepages), just likeany other monoalphabeticsubstitution cipher.However,there are possibilities formaking it more complex,which are explored on pages97–100.
USINGHANDWRITING
One cipher cunninglyconceals its use of thePolybius square in cursivehandwriting. The number ofcharacters between eachbreak where the pen isremoved creates a numericcode.Apparentlythismethodwasalsousedinlettershomefrom captured German U-boat officers during WorldWar II. Using the ciphertextgivenonpage80:
33-45-32-12-15-42 13-24-35-23-15-42
The message – in this case,‘Many secrets can be hiddenin seemingly innocuousmessages using this codingtrick’ – would be written asfollows:
USINGSYMBOLS
A different approach tosubstitution ciphers is to usean alternative alphabetconsistingwhollyorpartlyof
symbols. This has been donemany times in history. Theearliest record of it is anancient Greek practice ofusingdotsforvowels(oneforalpha,twoforepsilon,andsoon), with the consonants leftunchanged.
An example of this is theKing Charlemagne cipherdating from the 8th centuryandusedinhisbattlereports.
It was a 23-letter symbolicalphabet(therewasno‘j’,‘v’or ‘w’ at the time), whichrecipients of his messageswererequiredtolearn.
TheKingCharlemagnesymbolalphabetcode.
DIALCFORCIPHER
In the days whentelephones had dials,most people werefamiliarwith the three
letters that went withthe digits two to nine,creating an alphabetwithno‘q’or‘z’.Thisallowedthecreationofcipherswherenumbersreplaced letters.Adding dots or linesindicatedwhichof thepossibletrioshouldberead. For example, asthe alphabet beganwiththenumbertwo:
A=2B=2.C=2
So theword telephonewouldbeencryptedas83.53.7466.3.
PIGPENCIPHER
Thepigpencipher–seepageforanexampleofitinuse.
Thisisanalternativealphabetthat was widely used bymasonsinthe18thcentury(itis also known as theFreemason cipher), althoughsomeputitsoriginscenturiesearlier, during the Crusades.Thelettersofthealphabetarewritten inside a grid (whichlooks like an animal pen,
hence the name) (seediagramsabove).
Each letter is represented bythe graphic symbol from itspart of the grid, with dotsadded to allow each symbolto be used for two differentletters. So ‘This is pigpencipher’wouldlooklikethis:
Pigpen cipher was used by
ConfederateforcesduringtheAmericanCivilWar,possiblybecause, apparently,many ofthegeneralswereFreemasonsandsowerefamiliarwiththesystem. It was solved by aformer shop worker whorecognized the symbolsbecause thesamesystemhadbeen used tomark the pricesofgoodsintheshopinwhichhe had worked before thewar!
Avariantofthepigpencipher(also based on a grid), butwith the same shape nowrepresenting one of threeletters, which are identifiedby placing a dot on the left,centre or right, is known astheRosicruciancipher.
TheRosicruciancipherandanexampleofitinuse.
DEATHBYSUBSTITUTIONWhenMary, Queen of Scotswas being held at ChartleyHall inStaffordshirein1586,she knew that letters in andout would be studied forindicationsofanyplotagainsther half-sister Queen
Elizabeth I. Consequently,when she wanted tocorrespond with a Catholicsympathizer, she tookprecautions:
• Letters were smuggled inandouthidden in thebungholeofabeerkeg.
• She wrote using 23 lettersubstitutions and 36 codesigns for words andphrases.Thisblendofcode
words and cipher is knownasanomenclator.
• She avoided directreferences to plots to killthe queen and put her(Mary)onthethrone.
Marywasconfidentthattheseprecautions prevented herbeingaccusedoftreason.Shedidnotknowthat:
• Her correspondent, Gilbert
Clifford, was a doubleagent.
• Even the brewer whosupplied the beer kegswasin the pay of Englishspymaster FrancisWalsingham.
• Her letters were routinelyopened and copied foranalysis.
• Once Mary’s nomenclatorwas broken, Walsingham
was browsing through herpost even before herservants had sneakedincoming letters past theguardsatChartleyHall.
Such was Walsingham’sgrasp of the intricacies ofMary’s code system that heevenhadextrawritingforgedontooneofherownletterstotry to elicit incriminatinginformation. Although she
deniedallathertrial,Mary’sletters showed she knew andapproved of a plot againstElizabeth. It was enough forhertobeexecuted.
The queen’s spymaster hadset up a cipher school inLondon, where Mary’s codewas broken. The methodreliedonarevolutionarynewweapon in westerncryptanalysis: frequency
analysis.
Frequencyanalysis
Frequency analysis is thedeadly weapon that breakssubstitution and transpositionciphers.Itwasfirstdevelopedinthe9thcenturybyanArabreligious scholar called Al-
Kindi, who was studyingsacred texts of previouscivilizations.He realized thatin any language some lettersare used far more often thanothers, thatsomeonlyappearrarely, and that this patternremainsconsistent.
Therefore, in a substitutioncipher, the most commonlyoccurring ciphertext lettersare likely to represent the
most common letters in theplaintext language. Thisallows cryptanalysts to makeinformed guesses about theidentity of individual lettersfollowing statistical analysisofboththeplaintextlanguageandtheciphertext.
Furthermore,onceacommonletterisknown,itspositionina word helps identify itspartners. For example, once
‘e’ is identified, any three-letter words with which itends are very likely to be‘the’, so identifying ‘t’ and‘h’.
ELEMENTARY,MYDEARWATSON
Sir Arthur ConanDoyle’s famousfictional detectiveSherlock Holmesapplied his deductivepowers (usuallystudying letterfrequency) to severalcodes,including:
• A messageconcealed as everythird word in The‘GloriaScott’.
• AbookcodecreatedbyarchfoeMoriartyusing Whitaker’sAlmanac in TheValleyofFear.
• An unusual cipherusing stick mensymbols inAdventure of theDancingMen.Thereare 26 of them, soeach represents aletterofthealphabet
(see the illustrationbelow, which spellsout ‘Am here AbeSlaney’).
FROMETOZ• In the Englishlanguage, about oneineveryeight lettersislikelytobean‘e’.So, if about one-eighth of the lettersinaciphertextareY,it is likely to be an‘e’inplaintext.
• Thevowels,a,e,i,o
and u, and the part-time vowel ‘y’,make up about 40per cent of Englishtext.
• The least commonletters are k, j, q, xand z, which,between them,accountforjustoverone per cent ofEnglishlettersused.
COMMONLETTERS
In order of frequency, theEnglishalphabetreads:
• e,t,a,o,n,r,i,s,h,1,d,c,u,f,p,m,w,y,b,g,v,k,x,q,j,z.
• Counting the letters in the
plaintext, if the six mostcommonlettersarethefirstsixlistedhere,andthereareveryfewofthefinalletterslisted,thecipherislikelytobe a giant anagram createdbytransposition.
• Bysimilarlogic,ifthemostfrequently occurring lettersin the ciphertext are thosethat only appear rarely innatural text, the cipher islikely to be of the
substitutionvariety.
MORSESENSE
The dots and dashesused in Morse codewere decidedaccording tofrequency analysis,
with the mostcommonly usedletters requiring theleastefforttotransmit(seepages).
The next step is to look forshortwords.Only‘A’and‘I’areone-letterwords,buttherearemanymore of two, threeand four letters. If you can
identify word lengths, eitherbecause they are notdisguised or by identifyingthespacernullletter,youcanguess what they are mostlikelytobeaccordingtotheirnatural frequency of use andthe context (some words areunlikely to follow others, ortostartorendsentences).Itisworth bearing in mind,however, that codemessagesdonotalwaysfollowtherules
of sense and grammar.Ciphertext may be shortenedto save effort in translatingand transmission, and mayinclude code words that areshort for phrases or sensitiveinformation.
However, frequency tablesare gold dust for acryptanalyst. For example, itis much easier to makeinformed guesses about the
ends of words when armedwith the information thatmore than half of all wordsend with e, s, t or d.Similarly, if two letters in atransposition ciphertext arethesame,theyaremostlikelyto be (in order): ss, ee, tt, ff,ll, mm, oo. Two letters in asubstitutionciphertextmayormaynotbethesame.
The brain is a powerful tool
and is verygood at filling ingaps.Forexample:
-oua-e–roba-lyab-et-rea- t-is te— e-en tho—-a-ot—iti-m—si-g!
Thisshowshowfindingsomeletters, even in a shiftingsubstitution text, can allowyou to identify new
information.
DIGRAPHS
A digraph is two letters thattogethermakeasinglesound.These are common inEnglish, which helps incryptanalysis becauseidentifyingoneletterleadsustowardstheother.Inorderoffrequencytheyare:
• th,he,an,in,er,on,re,ed,
nd,ha,at,en,es,of,nt,ea,ti,to,io,le,is,ou,ar,as,de,rt,ve.
Trigraphs are parts of wordsformedbythreeletters.Theirorderoffrequencyis:
• the, and, tha, ent, ion, tio,for, nde, has, nce, tis, oft,men.
FREQUENCYFACTS
Doublevalue
Tripleknowledge
Four-letterwords
Themostcommontwo-letterwordsinEnglishare:
The mostcommonthree-letterwords inEnglishare:
Themostcommonfour-letterwordsinEnglishare:
1 of 1 the 1 that
2 to 2 and 2 with3 in 3 for 3 have4 it 4 are 4 this5 is 5 but 5 will6 be 6 not 6 your7 as 7 had 7 from8 at 8 her 8 they9 so 9 was 9 know10 we 10 one 10 want11 he 11 our 11 been12 by 12 out 12 good
13 or 13 you 13 much14 on 14 all 14 some15 do 15 any 15 time16 if 16 can 16 very
17 me 17 day 17 when18 my 18 get 18 come19 up 19 has 19 here20 an 20 him 20 just
LETTERKNOWLEDGE
Wordbreaksarevaluabletoacryptanalystbecausetheycangaincluesusingthefollowinginformation:
• Mostcommonfirstletterinaword,inorder:
t,o,a,w,b,c,d,s,f,m,r,h,i,y,e,g,1,n,o,u,j,k.
• Most common third letterinaword,inorder:
e,s,a,r,n,i.
• Most common last letter inaword,inorder:
e,s,t,d,n,r,y,f,1,o,g,h,a,
k,m,p,u,w.
• Letters most likely tofollowtheletter‘e’:
r,s,n,d.
WORDFREQUENCY
Zipf’slawidentifiesthemostcommon words and in whatproportion of text they willappear.Named afterHarvardlinguist George Kingsley
Zipf, it shows that seven percent of all words are ‘the’,followedby‘of’atabouthalfthat frequency, then ‘and’.Cryptanalysts can apply thislaw to make informedguesses about words incontext.
CODED
SCULPTURE
Just outside theCentral IntelligenceAgency’s (CIA’s)headquarters inLangley, Virginia, is‘Kryptos’, a 12-foot-high copper, graniteand petrified woodsculpture that hasbaffled staff and othercryptologists since its
installation in 1990.Sculptor JamesSanborn, an ex-CIAworker, inscribed itwith some 1,800letters forming fourmessages, each in adifferentcipher.
Three of the ciphershave been brokenusing frequencyanalysis and a
Vigènere square (seepages). They reveal aset of coordinates,possibly of a nearbylocation whereSanborn has buriedsomething. The fourthpassage retains itssecrets.
After ‘Kryptos’,Sanborn created othercoded sculptures,
including‘TheCyrillicProjector’, acylindrical installationat the University ofNorthCarolina,whichcontains text fromclassified RussianKGB documents inCyrillicalphabet.
4
POLYALPHABETICCIPHERS
Beatingfrequency
analysisThe spread in the use offrequencyanalysisstimulatedcryptographers to createciphersorcodesthatdefiedit.Therewasenormouspressureto do this as nationscontinued to fight, trade andnegotiatewitheachother,andthere was a clear need forsecure communicationwithingovernmentsandarmies.
ADDINGTOTHEGREEKSQUARE
Inanullcipher,amessageishidden inside the plaintext(seepage).However, anotherway to use nulls is to adaptthe Greek square systemoutlinedonpages81–2.Thisallocates each of 25 letters(withtwodoublingup)atwo-digit number, which isactuallyagridreference.
1 2 3 4 51 A B C D E2 F G H I/J K3 L M N O P4 Q R S T U5 V W X Y Z
Making the grid biggercreates more boxes to putletters in. This enables theencoder to have the sameletter represented by more
than one number, whichprotects it from frequencyanalysis.
POLYALPHABETICCIPHERS
Polyalphabetic ciphersuse more than onealphabet. ‘Poly’ is
Greekfor‘many’.
For example, increasing thegrid fromfive-by-five to six-by-six creates an extra 11boxes. These can berandomly filledwith the fivemost common letters used intheEnglishlanguage:e,t,a,oand n (each added twice),with the final gap filled by
another ‘e’ as it is by far thehighest frequency letter at12.7percentofalltext.Nowthere are four numbers for‘e’: 11, 12, 21 and 26, andthreenumberseachfort,a,oand n. Someone whointercepts the message andcounts repeated numberslookingfor‘e’willbetotallymisled.
1 2 3 4 5 6
1 E E T A O N2 E A B C D E3 T F G H I/J K4 A L M N O P5 O Q R S T U6 N V W X Y Z
Themessage‘Eventreeshidesecrets’hasseven‘e’s,whichstand out very clearly as thenumber 15 in this messageenciphered from the five-by-fivegrid:
15-51-15-33 44-42-15-15-43 23-24-14-15 43-15-13-42-15-44-43
A decoder wouldimmediately start to decipherthemessageas:
E-51-E-33 44-42-E-E-43 23-24-14-E 43-E-13-42-E-44-43
Four-letter words with E asthefirstandthirdlettersare:
eden, eked, ekes, epee,erev, even, ever, eves,ewer,ewes,exec,exes,eyed,eyer,eyes
whichgives thecodebreakersome idea of numbers forother letters, and thebeginnings of a context for
thewholemessage.
The samemessage encryptedfromthesix-by-sixgridreadsasfollows:
11-62-12-44 13-53-21-26-54 34-35-25-11 54-12-24-53-21-31-54
Here four numbers appeartwice:11,12,21and53,and
54 appears three times. Thisis helpful to a code breaker,butitdoesnotgiveanywherenear as much information asthe version encrypted on thefive-by-fivegrid.
NULLPROBLEM
The larger the grid,the more possibilitiesfortrickingtheenemythereare,suchas:
• Enciphering thesame letter twiceormore.
• Using somenumbers for codewords or phrases(turning the cipherintoanomenclator).
• Using somenumbers as spacemarkers so that theciphertext does notreveal the correctwordlengths.
• Perhapsmostusefulofall,creatingnullswith no meaningwhatsoever that thedecipherer cansafely ignore, butwhich will force
your opponent intohours of fruitlessinvestigation.
THEGREATPARISCIPHER
Numbers were the basis ofthegreatPariscipherusedbyNapoleon’s French Army
during the Peninsular Wars(1808–14). The French firstused the Army of Portugalcode,whichgrewfrom50 to150 numbers, each giving ashortinstruction.
Wellington’s self-trainedcryptanalyst George Scovellcrackedthis,butwasinitiallyconfounded by a new cipherintroduced in 1811. Thiseventually used 1,400
numbers,includingmorethan130 for ‘e’ alone to combatfrequency analysis. Othertricksusedwere:
• Addingmeaninglessfiguresto the ends of words(cryptanalysts studybeginnings and ends ofwords first, looking forpatterns).
• Disguisingstandardphrasesby adding meaningless
numbers (see cribs, pages131–3).
AVOID
One text that wouldperplex a frequencyanalyst is LaDisparition byGeorges Perec,translatedfromFrench
to English as A Voidby Gilbert Adair.There is not a singleletter ‘e’ in the entire300-page novel ineitherversion.
However,foreaseofuseandtosavespace,theFrenchonlyenciphered key words,leaving the rest as plaintext
(alsoknownasenclair).Soatypical message would read(in English): ‘In the letter of16 March 1207 announced607.73.432.1181.192.1077.600.530.497.701.711.700 that heconsidersappropriate.’
This allowed Scovell, a finelinguist,todiscernthecontextof the enciphered words andphrases, so that he couldmakemore informed guesses
and followup thesehunches.Additionally,aseachnumberrepresented one letter,Scovell could discount anyguesses with the wrongnumberofletters.Itremaineda formidable task, but afterabout a year he had crackedmost of the cipher and theinformation he passed on toWellington, when combinedwith other intelligence, wascrucial in the final victory
over the French atVitoria in1813 (although Wellingtonsubsequently barelyacknowledgedit).
FROMEASTTOWEST
Themancreditedwithbringing Arab
knowledge offrequency analysis tothe West was LeonBattistaAlberti(1404–72), the greatestcryptographer of hisday and the first manto suggestsuperencipherment(see page).Experiencedcryptographersequipped with
information onfrequency data cansolve codes inlanguages they cannotevenread.
ONEANDTWOMAKETWELVE
When using numbersfor a ciphertext thatmightbemergedorre-orderedintofalsewordblocks, it is importantto prefix single digitnumberswithzero (soone becomes 01) toavoid confusion indecoding–otherwise1followed by 2 wouldreadas12.
EXPANDINGTHEALPHABET
Expanding the cipheralphabet to conceal thefrequency of letters isparticularly effective if theciphertext is written asnumbers. If the alphabet iswritten out but the six mostfrequentletters(a,e,n,o,r,t)doubled-up and eachcharacter given a number, it
wouldlooklikethis:
Youcouldrepeatanyletterasmany times as you like,creating more ‘e’s, forexample, and the numberscan be adjusted so that
consecutive numbers do notdescribe the same letter –which would be a majorgiveawaytothecryptanalyst.
An expanded alphabet thataccurately reflects the letterfrequency pattern, withnumbers generated atrandom, would look like thetablebelow:
One hundred numbers havebeenusedinthistable,sothenumber of code numbersgiven to each letter matchesits percentage of usage ineveryday language. Forexample,asmorethan12percentofalllettersare‘e’s,soithas12numbers,whilej,k,q,v, x and z all score under 1percentsoonlygetoneletter.This method completely
nullifies attack by frequencyanalysis, but there are otherwaystoattacksuchciphers.
AGLIMMEROFHOPEFORDECODERSWhen trying to break thiscipher, the decoder knowsthat each number can onlyrepresent one letter. Onceidentified, that number willalwaysrevealthepresenceof
the same letter. This canprovideclues.Forexample,ifthe decipherer was fortunateenough to identify the cipherfor ‘q’, this would suggestthat the next letter must be‘u’. Similarly, a three-letterword beginning with ‘a’ isquite likely to be ‘and’.Common two-, three-andfour-letterwordsarelistedonpage 94. Other spelling-relatedfactsinclude:
• The high-frequency vowelsa, i and o are rarely seentogether.
• The most common voweldigraphis‘ea’.
• Themostcommonrepeatedlettersare:
ss,ee,tt,ff,ll,mmandoo.
• Thepairing‘th’iscommon,‘ht’isnot.
• Indeed, ‘th’ is the mostcommon letter pair,followed by: he, an, in, er,on and re (see also page93).
• Words are most likely tostart with (top five inorder):
t,o,a,w,b.
• Words are most likely toendwith(topfiveinorder):
e,s,t,d,n.
So the decodermay feel thatthe rules of spelling andgrammarareontheirside.
SWCHTHTLGTFF
The answer to this weaknessis not to follow the rules ofspelling and grammar. It’s afairbetthatyoucanreadthisheading, even though the
vowels and some consonantshave been removed, withoutleaving a gap. The humanbrain is remarkably good atreading text like this (justlook at phone texting codes,seepages),usingamixtureofword recognitionandcontextto make sense of it. Indeed,we are able to read wordswith jumbled letters quiteeasily, pivoredd the fsrit andlsat lttrees are in pclae. So a
plaintext that breaks spellingrules will be comprehensibleto the rightful decoder, butwill offer fewer clues to theinterceptor.
Usingmorethanonecipheralphabet
The breakthrough against
frequency analysis was firstsuggestedbyLeonAlberti,anarchetypal 15th-centuryItalian Renaissance man:painter, poet, linguist,philosopher, musician,architect . . . andcryptographer.
USINGTWOCIPHERS
Alberti realized thatfrequency analysis onlyworks against amonoalphabeticcipher,sohissuggestion was to use twociphers. It would work likethis:
Letters of the plaintextmessagewouldbeencipheredby using the two differentciphers alternately, so, forexample, from the tableabove an alphabet ciphertextwouldread:
HRJTLVNXPZRBTDVFXHZJBLDNFP
He refined this ideawith thecipher disc, a pair of copperwheels each inscribed withthe alphabet. When one discis turned, it creates a simplesubstitution cipher. Alberti’sbreakthrough was to suggestthatwitheveryfewwordsthewheel would be turned,changing thecipheralphabet.Thiswouldbesignalledtothedecoder with a capital letterin theciphertext, indicatinga
new position for the wheel.Thus the encrypter has achoice of 26 alphabets andcan switch between them,making unwanteddeciphering very difficult.Alberti’s thinking wascenturies ahead of its timeand his invention was notwidelyadopted.
USINGKEYWORDS
One of the many codingsystemsusedintheAmericanRevolutionaryWaremployeda keyword to create severalalphabets that were usedconcurrently. It was createdby James Lovell. The word‘key’providesthekeyhere(itcould, of course, be a longerword – names were popular,because they are somemorable) and from eachletterofthewordthealphabet
iscontinued.Thesenderthensimply works across thecolumns to encrypt themessage. So the plaintext‘Lovell’ would become theciphertext2,11,24,21,8,14.
1 K E Y
2 L F Z
3 M G A
4 N H B
5 O I C
6 P J D
7 Q K E
8 R L F
9 S M G
10 T N H
11 U O I
12 V P J
13 W Q K
14 X R L
15 Y S M
16 Z T N
17 A U O
18 B V P
19 C W Q
20 D X R
21 E Y S
22 F Z T
23 G A U
24 H B V
25 I C W
26 J D X
THEVIGENÈRESQUARE
The Vigenère square takesmulti-alphabets one stepfurther by setting out thealphabet 26 times, eachmovedbysuccessiveshiftsofone place, as shown below.This means that ‘t’, thesecond most common letter,atninepercent frequency, isciphered as W after three
shifts (like the Ceasaralphabet),Don10andOon20. The question for theencoder is how to showwhichrowwasusedforeachletter.Oneansweris thedateshiftcipher.
THEVIGENÈRESQUARE
DATESHIFTCIPHERS
In the date shift cipher, theencodermightusethedateofthe message, a birthday or afamous date in history todetermine how a message isto be enciphered. Forexample, take thedateof theGunpowder Plot – 5November 1605.Numerically, this is
represented as 5/11/1605,producingacodenumberthatis written repeatedly abovethe plaintext. Each letter isshifted by the number ofplaces indicated by thenumberaboveit.
DECIPHERINGPOLYALPHABETICCIPHERSUSINGWORDBREAKSThe ciphertext of thismessageshowsthenumberofwordsandtheirlength.Inthiscasethegapsrevealthatthereare six words: one of twoletters, two of three letters,twooffourletters,andoneofnine. There are a limited
number of words of two orthree letters in any language,and sometimes these can bededuced from their context.For example, the three-letterwordthatbeginsthemessageisverylikelytobe‘The’,asitsooftenstartssentences.Themost common two-letterword is ‘of’, and here thetwo-letter word is followedby a three-letter word.Guessing that we have
identified ‘of’, and studyingthe list of most commonthree-letter words (see page)in context, removing thosethat would not make sense,there are only five sensiblepossibilities: the, her, one,our, all. So by informedguesswork and without eveninvestigating the lettersthemselves, it already nowreads:
The EGTJ ofthe/her/one/our/allGZSQPXJEWUMPU.
HIDINGWORDBREAKS
The standard way to concealword breaks is to write theencrypted message in blocksof five letters. This practiceseems to have beenintroduced by the telegraphoperators of the 19th century
asitmadeiteasiertotransmitnonsensical messages (codewasusedalotintelegramstocutcosts).
Another way the encryptercan avoid the problem is bymergingall theletterssothattherearenospaces.However,thiscould,onoccasion,causeconfusion in the decipheredmessage, as there may bemore than one interpretation
of where new words begin.Instead, they could use oneletter as a space indicator.Using Z in this way, themessagereads:
YIFZEGTJZTGZUIKZGZSQPXJEWZUMPU
This disguises the wordbreaks (although the frequentoccurrence of the Z gives aclue as to its role). It also
requires the decipherer tomake informed guesses as towhenZisworkingasacipherletter and when it is a spaceindicator.
MOREWAYSTOUSETHEVIGENÈRESQUARE
Another way to use the
Vigenère square is to use akeyword such as, well,‘keyword’. Taking thenumberofeach letter’splacein the alphabet, this wouldgivefollowingvalues:
K E Y W O R D11 5 25 23 15 18 4
If this is written repeatedlyovertheplaintextitmeansthe
cipheringsystemisnowonacycleofsevendifferentshifts.So themessage, ‘Thiswouldbe very hard to decipher’ isprocessedlikethis:
In this example, the ‘e’ isenciphered asB,W, J and I.For the decipherer equippedwiththecorrectkeywordthisis no problem: they simplyshift each letter back by theindicatednumberofplaces.
But for anyone trying tobreak the cipher withoutknowledgeof thekey(whichcould be a date or keyword),they will not be able to
deduce an alphabeticalpattern and frequencyanalysis will yield no clues.The cipher’s main advantageis that the same letter ornumbers can represent morethanoneletterintheplaintextalphabet – a decoder’snightmare. The keywordsystem is the mechanism bywhich theVigenère cipher ismost used and it remains apopular code among
cryptologyenthusiasts.
HOWDOYOUBREAKVIGENÈRE?Thesimpleanswer,ofcourse,istofindthekeyword.
• If subterfuge does notprovide this, sometimesguesswork can (there is astory fromWorldWar I ofcryptologists trying to findakeywordused inacipher
created with a mechanicaldevice correctly guessingthat the word was‘machine’).
• However, if that fails, thenext option is to look forpatterns in sequences thatwill eventually reveal howmany different shifts areevident, and from this, thelength of the keyword. Forexample, common wordslike ‘the’ or ‘and’ and
common letter strings like‘ing’ or ‘ted’ will appearmany times in a message,so may have beenencrypted the sameway atsome stage in a longcommunication. Identifyinghow and when this occursallows the cryptanalyst toidentify how long thekeywordis.
• Once you know that thekeyword is, say, eight
letters long, you can usefrequency analysis foreveryeighthletter,knowingall are likely to come fromthe same row of theVigenèresquare.
• From thisyoucanbegin toidentify letters of thekeyworditself.
So breaking the Vigenèrecipheristime-consuming,butpossible, and is easier if
messages are long, providingmore ciphertext to study, orkeywords are short, reducingthe scrambling of letters andmaking patterns morediscernible.
THEUNCRACKABLECIPHER
Thekeywordistheweakspot
of a transposition cipherbecause once its length hasbeen guessed, it can bedecrypted using frequencyanalysis. The answer is tohaveakeythesamelengthasthe plaintext, known as therunning key because it runson rather than repeats. Therunning key can be any textof sufficient length and allthat needs to be agreedbetween the communicating
partiesisthestartingpoint.Arather neat development ofthisistheuseofan‘autokey’.Here,thestartofthemessageisencipheredwithakeyword,after which the revealedplaintext forms the runningkey to the remainder of themessage.
BREAKINGTHERUNNINGKEY
The disadvantage of using areadabletextasthekeyisthatitwillfollowtheconventionsof grammar, and therefore ofword and letter frequency.Since the most commonthree-letterword is ‘the’, theciphertextcanbeattackedbyassuming that the key isrepeated use of ‘the’, whichwill eventually yield clues tothemessage.
THEONE-TIMEPAD
Thesolutiontothisweaknessis the one-time pad: a set ofrandomly produced lettersthatreadsliketotalgibberish.The system was devised byGilbertS.VernamandJosephMauborgne in 1918 and isalso known as the Vernamcipher. Random letters areprinted onto a pad, used toencipher the message, then
the sheet is peeled away anddestroyed. This creates agenuinelyunbreakablecipher,becauseevery letterhasbeengenerated at random so therewillbenopattern to thekey.The drawback is that thedecrypterneedsacopyoftherandom key, so, as withcodes, anyone on thecommunicationnetworkhasacopy of it. Therefore,someoneneedstocreateaset
of ‘one-time pads’ (and it issurprisingly difficult forhumans to create randomletters), print and distributethemandkeep themsafe–alogistical problem thatprevents this uncrackableVigenère cipher from beingused on more than rareoccasions.
Checkerboard
ciphersCheckerboard ciphers is acollective term for ciphersproduced using the principleof the Polybius or Greeksquare (see pages), in whichlettersaresetoutonagridforencryption.
THEPLAYFAIRCIPHER
The Playfair cipher is ahighly efficient method fordigraphic substitution. Itrequiresa five-by-fivesquarecontaining a keywordfollowedbythealphabetwithoneletteromitted(usually‘j’but sometimes ‘q’). So usingthekeyword‘playfaircipher’,which with repeated lettersleft out becomesPLAYFIRCHE, the squarewouldlooklikethis:
P L A Y FI R C H EB D G K MN O Q S TU V W X Z
Messages are enciphered inpairs of letters followingtheserules:
• For letters not in the samerow or column, the first isreplacedbytheletterinthe
same row and column asthe second. The other issubstituted by the letter onthe same row and columnasthefirst.Thefour lettersthus form a rectangle,which makes the encodingprocessfastandeasy.Sointhe square shown, ‘ok’wouldbeSD.
• Lettersonthesamerowarereplaced by the letter totheir right, with the row
‘wrapping round’ to thestart.So‘pl’wouldbecomeLA.
• Letters in the samecolumnare substitutedby the letterthat lies immediatelybelow. So ‘lr’ wouldbecomeRD.
• If a pair is formed by thesame letter (i.e. ‘ee’) theletters are separated by adummy‘null’letter,suchas
XorZ,or,insomevariants,the second one is changedtoXorZ.
• Asingleletterattheendofthemessage ismade into apairusinganull suchasXorZ.
For example, the surname ofthe inventor of this cipher,Charles Wheatstone, wouldbecome firstWHEATSTONE,thenXCCFNTNQTI.
BREAKINGTHEPLAYFAIRCIPHERMessages created with thePlayfairciphercanbebrokenby a form of frequencyanalysis,sincecertainpairsofletters (digraphs) occur farmore often than others (forexample, ‘qu’ – seemore onthis on pages 93–5), andmany others never appearconsecutively. However, this
method takes far longer thananalyzingsingle-letterciphersasthereareanimpressive676possible letter combinationstocount.
THELOVECODE
In Victorian times,
when courtship wasregulated by socialetiquette, loverswould communicatethrough codedmessages innewspaper personalcolumns, especiallytheTimes.Thesewereregarded as titillatingpuzzles to be solvedby many readersincluding
cryptologists CharlesBabbage (who iscreditedwith creatingthe first computer),Sir CharlesWheatstone (whodevised the Playfaircipher) and BaronLyon Playfair (whoonly promoted it).They even placedmischievousrepliesoftheir own, using the
same ciphers, causingenormousconfusion.
THEBIFIDCIPHER
ThePlayfaircipheriseasytouse and can be adapted intonumber form, allowing afiendish twist in the form ofthebifidcipher.
1 2 3 4 51 P L A Y F2 I R C H E3 B D G K M4 N O Q S T5 U V W X Z
As an example, the name ofthis cipher’s 1901 creator,Felix Delastelle, isenciphered using the samealphabet grid as that on thelastpage(althoughitcanjust
be a mixed alphabet). Eachletter is given a gridreference, but these arewritten vertically, rather thanhorizontally.
f e l i x d e l a s t e l l e1 2 1 2 5 3 2 1 1 4 4 2 1 1 25 5 2 1 4 2 5 2 3 4 5 5 2 2 5
The numbers are then readgoing across the rows, rather
than down, and put intostandardfive-digitgroups:
12125 32114 42112552142523455225
This process is calledfractionation and in itselfcreatesa trickycipher,but tomake life for the unwelcomedecoder even harder, thenumbersarethenusedasgrid
references and the cipherreturnedtotext:
12 12 53 21 14 42 11 25 52 14 25L L W I Y O P E V Y E
So the ciphertext is finallybroken up into fixed lengths(calledperiods),resultingin:
LLWIY OPEVY
ECTVE
THETRIFIDCIPHER
The bifid cipher works, likeallpencilandpapermethods,in two dimensions, but it isthe father of an unusual‘three-dimensional’ systemcalled the trifid cipher.Imaginethreelayersofthree-
by-three Polybius squares ontopofeachother,whichformacubewithamixedalphabet.
Layerone 1 2 31 M J S2 Z Q H3 F O X
Layertwo 1 2 31 B T K
2 D Y G3 W V .
Layerthree 1 2 31 A L N2 E P C3 R U I
Noweachlettercanbegivena three-digit number from itslayer, row and column. Forexample:
T=212R=331I=333F=131D=221
Thenextstageis:
t r i f i d s y s t e m2 3 3 1 3 2 1 2 1 2 3 11 3 3 3 3 2 1 2 1 1 2 12 1 3 1 3 1 3 2 3 2 1 1
Thiscreates:
233 132 121 231 133 332 121 121. O Z W X U Z Z
Sothemessagesentis:
.OZWXUZZKFCB
which is decoded byreversingthewholeprocess.
MYSTERIOUSMONUMENT
In the grounds ofShugborough Hall, astately home inStaffordshire, is theso-called Shepherd’sMonument, whichbears someinscriptions that have
baffledpeople for250years.Datingfromthe1760s, themarbleslabfeatures the letters O,U,O, S,V,A,V andVwith aD and anMbelow, etched under amirror image of apainting by NicholasPoussin.Somesuggestthe painting indicatesthe letters aresupposedtobereadin
reverse.Solutions offeredinclude:
• It is a set ofinstructions on howto find the HolyGrail.
• The markings arelinkedtotheMasonsand African natureworship.
• It is an ancient love
note,andthecodeisa romantic Latinphrase.
THESTRADDLINGCHECKERBOARD
This is a code thatwas usedbyRussian spies in the earlypart of the 20th century,
although it was firstemployed 400 yearspreviouslyinpapalciphers.
0 9 8 7 6 5 4 3 2 1 E T A O N I S R 1 B C D F G H J K L M2 P Q U V W X Y Z . /
Eight letters (in this case themost common ones, but itcould be a keyword or a
random choice) are givensingle digit values (forexample‘e’is0).Therestarerepresented by two digits aswehaveseenbefore(so‘y’is24).Thedigits2and1cannotbe used individually as thiswouldconfusethedecoderasthey are the vertical axisnumbers as well as being inthe horizontal axis. Thecolumns and rows can benumbered differently in any
agreed way in othermessages. The ‘/’ symbolindicates a shift from wordstonumbersorback.
So the (quite true) plaintext,‘Used in 1937 by SpanishCommunists’, would beencipheredas:
In five-digit blocks (plus afinalblockoftwo),witheachplaintext number digitrepeated in case oftransmission errors, it nowappearsas:
28401 85621 1199337721 10244 2086541519711112865494
Themessagecouldbesentasit is, or transposed back intoletters using the bifid ciphermethod.
5
CODEWARS
Fieldcodesandciphers
The military has long been
the force that pushes forimproved cryptography, andphrases such as trench codeandfieldcipher indicatehowcodes were used in action,requiringsimple,fastsystemsthat relied onmemory ratherthanamanual.
CODEORCIPHER?
One of the first actions theBritish took inWorldWar I
was to cut the cables laidacross the North Sea by theGermans. This forced theirenemy to send signals oncables controlled by theAllies, or by radio, both ofwhich allowed them to beintercepted.Themoverevealsthe importance of encryptingand decryptingcommunication in wartime.The debate about whether toopt for codes or ciphers for
secret communication wasparticularly heated duringWorld War I. Each had itsmerits and drawbacks (seeoverleaf).
CODESAdvantages
• High level ofconfidentiality if codebooksaresecure.
• Allows use of a widevocabulary.
• Long phrases usedregularly can becommunicated conciselywithonewordornumber.
Disadvantages
• Large code books aredifficult to transport safelyandsecurely.
• Can be attacked bit by bit
as each code word revealsitssecret.
• If your enemy captures acode book without yourknowledge, they can readallyourmessagesasfastasyou.
• Capture of the code bookrequires the creation of anewone.
CIPHERS
Advantages
• No bulky code book totransport.
• Can be adjusted regularly,for example by changingkeywords, to maintainsecurity.
Disadvantages
• Can take longer todecipher, slowing downcommunication.
• Transmission errorspossible, very hard to spotand cause confusion indeciphering.
• Messages sometimes havetobesenttwice–golddusttoopposingcryptanalysts.
• Operatorsofthesystemgetlazy and take short cuts,which offers clues to theenemy.
FIELDCIPHERS
Field ciphers are ciphers thatrequire very little equipment,such as conversion tables orapparatus, and are reliant onan easily remembered andchanged keyword. They areideally suited tocommunication by an armyon a fast-moving battlefield.The ideal field cipher is onethat iseasilyoperatedbyone
personwhocarriesthesystemmostlyintheirhead.
Themostfamousfieldcipherwas used by German forcesduring World War I, and iscalled the ABFGX cipher, acunning blend of substitutionand transposition that createdmessages using only fiveletters.Themethodrequiredamixed alphabet grid and akeyword,bothofwhichwere
changeddaily.
First, a mixed alphabet wascreated, with ‘i’ and ‘j’combined:
A D F G XA k r z v lD f t s x i/jF g m o h wG b e q p cX d a y n u
The plaintext, ‘Just fiveletters’,wasfractionated:
Then the resultantmonoalphabetic substitutionciphertext was written incolumns under the keyword‘ZEBRA’:
Z E B R AD X X X DF D D D AD X A G GD A X G DD D D D GD A D D F
Finally, the transposedmessagewasreadincolumns,following the alphabeticalorder of the letters in thekeyword(A=1,B=2,E=3,
R=4, Z = 5): DAGDGFXDAXDD XDXADAXDGGDD DFDDDD. Itwould be transmitted inbatchesoffiveletters:
DAGDG FXDAXDDXDX ADAXDGGDDDFDDDD
WHYFIVE?
The letters chosen forthe ABFGX cipherwere the ones leastlike each other inMorse code, makingmistakes less likely intransmission anddecrypting.
ThismethodevolvedintotheADFGVX cipher, whichcreated a 36-strong alphabet,allowing the introduction ofnumbers.Amajorbenefit foritsuserswasthatencipheringonly required two simplesteps, and only six (andearlier,five)letterswereusedintransmission,soitcouldbesent rapidly. The Alliedforces made huge efforts tosolve itand itwasbrokenby
French army lieutenantGeorgesPainvin.Hissolutionbegan with finding twomessages that started orfinished in the same way.This is called a ‘crib’. Fromthis, the Allies were able todecipher first the ciphertextas it would be prior totransposition and then usefrequency analysis on theciphertext. On quiet, lowtraffic days, they were less
likely to find a pair ofmessages with identicalbeginningsorendings.
CRIBS
Weareall creaturesofhabit,and so are manyorganizations with theiragreed practices andprocedures.As a result, evenencryptedcommunicationcanfollow patterns and become
predictable.Oncethisoccurs,thecodebreakerhasacrib:aword or a piece of text thattheyalreadyknowisrepeatedsomewhere in an encryptedmessage. This is extremelyvaluable as the code breakercan then search for patternsthat relate to it, rather thanjustfishingforclues.Genuineexamplesofcribsfromoneorother of the world warsinclude:
• Stereotyped messages suchas‘Nothingtoreport’.
• Weather reports that weresent at the same time eachdayandinthesameformat.
• Messages beginning, ‘It ismy honour to inform yourExcellency’.
• Sending well-knownproverbsastestmessages.
• Using patriotic words such
as ‘Kaiser’ or‘Deutschland’askeywords.
GARDENINGFORCRIBS
Suchisthevalueofcribsthatcodebreakers tookactions totry to prompt messages withcertain words that thenbecame a crib, a practiceknown as ‘gardening’. Forexample:
• InWorldWar I, theAllies
bombarded certain trenchesknowingitwouldmaketheGermans send messagesabout those parts of thebattlefield.
• In World War II, theAmericanssentanuncodedmessage that a shipneededfresh water, knowing theJapanese would interceptandreportit,thusrevealingtheir code name for theship.
MAKINGTHEMOSTOFMISTAKESLazy operators not changingtheir keywords or their styleof transmission is anotherhabit that leaves the doorsopenforcodebreakers.Evenbetter, operators who makemistakes are invaluablebecause they are often askedtorepeatthemessage.Iftheydo thiswith a new cipher or
keyword, the code breakercan create a crib bydecrypting the firsttransmission.
ThemachineageAfter centuries of usingpencilandpapermethodsforencryption and decryption,the impact of cryptographyon World War I encouraged
governments and themilitaryto create stronger codes andciphers. Inventions such asthe telegraph, calculator,typewriter and cash registerhighlighted the new role oftechnology,andthepushwasontoinventautomatedciphermachines.
THEJEFFERSONWHEEL
In fact, the first encryptingmachine had been invented,and largely forgotten, in the1790s, by Thomas Jefferson,anincrediblygiftedmanwhowas to become the thirdPresident of the UnitedStates. The machine is asimple device: a set ofbetween 20 and 40 discs, orwheels, each with thealphabet written on them inrandom order. The discs are
mounted in a row to form acylinder.Jeffersonwasawarethat the more wheels therewere, the better, andsuggested having 36, whichgave a huge number ofpossible settings (nearly 372followed by 39 zeros!,calculated from1x2x3gx...x35x36).
To operate the Jeffersonwheel,youwouldcreateyour
message in plaintext alongone row, reading across thediscs,thencopyoutanyotherrow of letters, which wouldbe gibberish. The recipientsimply re-creates the line ofnonsense,thenscanstheotherrowsuntilhefindsareadablemessage.Theciphercouldbechanged by removing thediscsandreplacingtheminadifferentagreedorder. Itwasa brilliant invention, years
ahead of its time, yet it wasquickly forgotten and wasreinvented over a centurylater.
RE-INVENTINGTHEWHEELFrom 1922 to 1943 the USArmysentcipheredmessagesusing a cylindrical devicemade up of letteredaluminium wheels, and
known as M-94. It wasalmost the same as theJeffersonwheel,andhadbeendeveloped by two officers in1917.Theyhadbeeninspiredin turn by the Bazièrescylinder,an1891reinventionofJefferson’scipherdevice.
ENIGMA
The breaking of the Enigmacipher was one of the great
achievements of World WarII, and in the history ofcryptography. Somehistorians believe that itshortened the war by a yearandsavedmillionsoflives.
THEENIGMAMACHINE
TheEnigmamachinewasbyfar the most complicatedencipheringsystemcreatedatthe time. It looked like a
typewriterwithpartsstuckonthesides,whichhadbeenputinawoodenbox.Thereweremany different versions,commercialandmilitary,andits workings were improvedseveraltimesduringthewar.
Inessence,Enigmawasasetof rotating wheels wired inseveral ways so that amessage whose letters hadalready been substituted was
repeatedly scrambled tocreate amonumental numberof variations that defied anyknownanalysisbecauseitleftno glimmer of a pattern.Depending on the version ofthe machine used, Enigmamade between nine andelevenchangestoeveryletteroftheplaintextonitsroutetotheciphertext.
Its main letter-scrambling
device was a set of threeelectromagneticwheelscalledrotors, each marked with analphabet, similar to theconcept of the Jeffersonwheel (see pages 133–4).With single-notched rotors,the ‘period’ of the machine(thepossiblenumberofshiftsbefore returning to theoriginal setting) was 17,576(26 x 26 x 26), helping toprotect against overlapping
alphabets.This, in itself, is arelatively simple substitutioncipher, vulnerable tofrequencyanalysis.However:
• Eachtimeakeywasstruck,the first rotor changedposition, altering thesubstituting pattern so thateach letter was encryptedwith a new encryptingalphabet.
• The rotors were connected
so thatwhen the first rotorhad shifted 26 times, thenext rotor then advancedoneplace.Withthreerotorsthismeantthatthemachineonlyreturnedtoitsoriginalsettingafter676 lettershadbeentypedin.
• The rotors could be re-ordered (so instead of 123they could be in 132, 213,231, 312 or 321 order).This allowed six more
permutations, vastlyincreasing the number ofalphabet combinations (6 x17,576=105,456).
• Further internal wiringlinked the rotors to aplugboard, whichexchangeduptosixletters,for example swappingaround D and F, to makeencryption even morecomplex.
• The third rotor wasconnected toanon-rotatingrubber device (confusinglycalled a reflector), whichconnectedback to the thirdrotor.
The extra wiring and thereflector also made themachine ‘reciprocal’: thismeans it was able to bothencipher and deciphermessages – a huge
convenience. Enigma wasalso relatively simple to setupandoperate,requiringonlya key that detailed the rotorstobeused,therotororderandstarting positions and theplugboardconnections.Everyday a new key was takenfrom a code book thatcontained 28 new settings,and which was issued everyfour weeks. A capturedEnigmamachinewas useless
withoutthiscodebook.
CHINKSINTHEENIGMAARMOURHowever, Enigma wasbroken through the dedicatedwork of hundreds ofcryptanalysts based atBletchley Park in England,the most famous of whomwasAlanTuring.
There were a number ofcharacteristicsofEnigmaandthe way it was operated thatreduced the number ofpossibilities requiringinvestigation of each day’scropofmessages:
• No letter could beencrypted as itself, so aciphertext A was never aplaintext‘a’.
• Letters could not be
encrypted as theirneighbours in the alphabet,so ‘b’ could never beA orC.
• Enigma was reciprocal, soif ‘f’was enciphered asK,then ‘k’ would betransformedintoF.
• The rotors were notallowed to be in the sameplace twodaysrunning.Soif the order one day was
123,itcouldnotbe213thenext day because the thirdrotorhadn’tmoved.
• Therewasapatterninhowtherotorwheelsturned.
Whileallthesewerevaluablein reducing the number ofpossibilities requiringinvestigation, the crucialattack weapon was a crib –somepartoftheplaintextthatwas already known or
guessable. For example,weather reports were sent inatthesametime,inthesameformat, each day, sodecrypters learned to guesswhere words such as‘weather’ were likely to be,giving them a massive headstart.
Finally,andsomearguemostimportantly, a powerfulweaponforthedecrypterwas
quitesimplyoperatorerror:
• In choosing the settings,cipher operators develophabits, such as choosinglettersfromthesamerowofthe keyboard, or agirlfriend’s initials, whenselecting the message key.Code breakers learnt torecognize these and to trypopularoptionsfirst.
• Any mistake by German
communications staffhelped the code breakers:the necessity to re-send amessage created a valuablecriballowingcomparisonoftwo ciphertexts, or aprocedural flaw (forexample, a sloppy operatorsending a second messageusingthesamekeysettings)weakened the security oftheencryption.
SILVERSCREENCIPHERS
Robert Harris’ 1996novel Enigma, aboutthe code-breakingheroics at BletchleyPark inWorldWar II,was made into a filmin 2001. There are
otherfilmsthatfeaturecodes:
• Cryptonomicon(1999) by NealStephenson featurescryptography fromWorld War II,includingEnigma.
• Marlene Dietrichsends a messagethrough the notes ofthe piano music she
performsinthe1931film Dishonored, are-telling of theMata Hari spy storyfromWorldWarI.
• The James Bondbook (1957) andfilm (1963) FromRussia with Lovefeatures a decodingmachine that waschristenedSpektorinthe book and then
Lektorinthemovie.
• The 1983 film AChristmas Storyincludes a retellingof a myth that theLittle Orphan Annieradioshowbroadcastasecretmessagethatdeciphered as ‘Besure to drink yourOvaltine’,promotingtheshow’ssponsor.
• The 2001 film U-571tellsthefictionalstory of someAmericansubmarinersobtaininganEnigmamachine byhijacking a Germansubmarine.
OtherWorldWarIIcodebreaking
PURPLECODE
American code breakers,known as the SIS (SignalsIntelligenceService),brokeaJapanese code in the 1930s,dubbing it ‘RED’. Its far
more complicated successor,introduced in 1939, wasknownintheUSasPURPLE.
Since Japanese is toocomplex to encipher, theJapanese opted to writeJapanese sounds phoneticallyusing a Roman alphabet,whichtheycalled‘Romanji’.
The plaintext was fed into amachine that encrypted in a
similar pattern to Enigma,except instead of rotors itused switches like that of atelephone exchange,combined with an extremelycomplicatedwiringsystem.
BREAKINGTHEPURPLECIPHERThe SIS broke PURPLEmainly thanks to a brilliantcryptanalyst, William
Friedman. He got hold of atabulating machine that usedpunched cards to monitoraccounts information andused it to analyze Japanesecommunication. PURPLEwasbrokenby:
• Statistical analysis usingthetabulatingmachine.
• Friedman and his staffworking out how theJapanesewerechoosingthe
messagekeys.
• Someofthesamemessagesbeing sent in both ciphersduring the transition fromRED to PURPLE,providingacrib.
• The Japanese sendingmessages in a uniformformat with predictablebeginningsandendings.
• The amount ofcommunications traffic
between Japan and itsembassies increasinghugely in 1940 because ofnegotiationswiththeNazis,providing a large flow ofencrypteddatatoanalyze.
JN-25
PURPLE code was used fordiplomatic communication.Japanese naval messages,however, were sent in a
completely unrelated(genuine) code, dubbed JN-25 because it was the 25thknown system used by theJapanesenavy.
Onlyanavycouldusesuchacode, because it comprisedmore than 30,000 phrases,wordsand letters, eachgivenafive-digitnumber–securelystorableonaship,butnotbya mobile army. The bulky
encrypting and decryptingcode books were changedeveryfewmonths.
A weakness in large-scalecode systems is that sincedictionaries are alphabetical,the numerical codes canprovide clues to the startingletter. For example, if‘Attack’has thenumber200,itislikelythatlowernumberswill be for words appearing
before that word in adictionaryandviceversa.
The JN-25codecounteractedthis by altering the numberswith a complicated additionsystem.
Again, the code was solvedpartlybecauseofblundersbyits operators, who continuedtouseoutdatedcodesthathadbeen broken by staff at
Bletchley Park, who haddiscerned a recognizablepattern in the numbers beingbased on multiples of three.Reading JN-25 codemessages gave the US amajoradvantageintheBattleof Midway on 5 June 1942.TheAmerican victory in thisbattlemarkeda turningpointinthewarinthePacific.
6
CODESINCYBERSPACE
Computerencryption
The binary number systemwas first used as a codingmethod in the 19th centuryand then became thecomputer language of the21st century. Today’splethora of electronicencryption systems are basedon the simple idea that ‘1’standsfor‘on’and‘0’means‘off’.
ONANDOFF
Computer language is inbinarycode.Thisisanumbersystemwithabaseoftwo,sotheonlydigitsusedare0and1. In our base-ten decimalnumbersystem,‘1234’isonethousand,twohundreds,threetens and four units. In basetwo, the first seven columnshavethefollowingvalues:
6432168421
So‘2’isexpressedas10,‘3’as 11, ‘4’ as 100, ‘5’ as 101and ‘6’ as 110.Each digit inbinary code is known as a‘bit’, and each ‘bit’ is either‘on’ or ‘off’,with a value of‘true’or‘false’.
In 1874, Emile Baudotpatented a five-bit code,which allowed representationof characters, numbers andsome punctuation using
binary code. This wasintended for use in thepulsing‘on’,‘off’telegraphiccommunication system, andreplaced Morse code in themid 20th century. Baudot’scode had 32 five-digit‘words’ allowing it torepresent every character inthe alphabet plus some othersymbols, but special signalsdoubled its capacity byindicating if the subsequent
‘words’ represented letters(11111, also expressed as+++++) or numbers (11011,alsoexpressedas++–++).
Baudot’scodedevelopedintothe seven-bit AmericanStandard Code forInformation Interchange(ASCII) code that continuesto be used by computerstoday.
Capitallettersarerepresentedby ASCII binary numbers(see chart on page 146).Numbersareexpressedas1=0110001, 2 = 0110010, 3 =0110011andsoon.
BLOCKSROCK
British rock bandColdplay used EmileBaudot’s 1870 binarycode to create the setofcolouredblocksonthe artwork of their2005 X&Y. Theshapes are looserepresentations of theletters of the CD’stitle achieved byusing binary code todecide whether to
haveablockoragap.The colours areirrelevant.
BILATERALCIPHER
In 1563, FrancisBacon published his
bilateral cipher inwhich all letters arerepresentedby ‘a’ and‘b’. It bears anuncanny resemblanceto five-bitbinarycode(seeopposite).
TheBaconianalphabetis:A = aaaaaB = aaaabC = aaabaD = aaabb
E = aabaaF = aababG = aabbaH = aabbbIJ = abaaaK = abaabL = ababaM = ababbN = abbaaO = abbabP = abbbaQ = abbbbR = baaaaS = baaabT = baaba
UV = baabbW = babaaX = bababY = babbaZ = babbb
So ‘Bacon’ isencipheredas
aaaabaaaaaaaabaabbababbaa.
This, of course, creates a
simple code. The message‘Binary’iswrittenas:
1000010 10010011001110 100000110100101011001
whichcanalsobewrittenasasingle string or broken intoblocksof five.Thefollowingare two kinds of computerencryption that can still be
done (at an infinitely slowerpace than a computer!) byhand, and so could still beusedasasimplecipher.
ASCII binarynumbersA 1000001B 1000010C 1000011D 1000100E 1000101
F 1000110G 1000111H 1001000I 1001001J 1001010K 1001011L 1001100M 1001101N 1001110O 1001111P 1010000Q 1010001R 1010010S 1010011T 1010100
U 1010101V 1010110W 1010111X 1011000Y 1011001Z 10110101 01100012 01100103 01100114 01101005 01101016 01101107 01101118 01110009 0111001
STREAMCIPHER
In a binary code, changingeverybitwouldbeveryeasyto decipher, but creating arepeatingstringofbitsoutofa keyword (known as a keystream sequence) means that‘0’ can be interpreted as‘leave’ and ‘1’ as ‘change’.This concept was introducedin1919byGilbertVernamas
away of encipheringBaudotmessages.Itisbestexpressedin a simple table and isknownastheXORoperation:
Binary code can betransmitted in ‘on’ or ‘off’pulses where a timingmechanism checks the line,say, every tenth of a second,toseeifapulsecanbesensedor not. Binary code can alsobe transferred to paper tapebypunching,ornotpunching,holesatregularintervals.
Vernam devised a system inwhichtwopunchedtapes,one
holding the plaintext, theother a key of randomnumbers, were fed togetherinto an adaptedteletypewriter. If two holesmatched up, a hole, or pulsewas transmitted. If twoholesdid not match up, it left aspace.
This allowed instanttransmission of messagestyped in plaintext,
automatically encrypted, andautomatically decrypted by areceiver using an identicalkey tape. This was a hugeadvance in cryptography,partly because no one had tositandencryptordecryptthemessage,whichwas typed inas normal, transmitted incode,yet fedoutat theotherend as plaintext – you didn’tneeda skilledcryptanalyst ateither end of the process
(although you neededsomeone who could run themachineproperly).
UsingVernam’smethod, butemploying today’s seven-bitASCIIlanguage,theplaintext‘computers’canbeencryptedusing thekeywordBAUDOTas follows (the keyword isrepeated as often as isneeded):
The ciphertext is created byaddingthedigitsoftheASCIImessageandASCIIkeyword,i.e.1+1=0;1+0=1;0+1
= 1. This is called a streamcipher.
Themessage is decrypted byreversingthisprocess.
BLOCKCIPHERAnotherencryptionmethodistheblockcipher,inwhichthebits are grouped into threes,which can then be convertedinto digits, using the ASCII
binary numbers (see page).For example, the same‘computers’messagecannowbeencryptedasfollows:
Block 100 001 110 011 111 001Number 4 1 6 3 7 1
Block 011 010 100 100 010 110Number 3 2 4 4 2 6
This shorter ciphertext of416371550253244264523can still easily be convertedback to binary numbers andthenintocharacters.
KeydistributionWith the coming of theinternet and email electroniccommunications, messagesare bounced off satellites
aroundtheglobe.Thisisfast,butofcoursesuchsignalscanbepickedupbyanyone,soitis easy for someonewith therightknowledgeandsoftwaretointerceptmessages.Streamand block ciphers areefficient methods ofencryption but suffer theproblem of every key-basedencryption method:distributingthekey.
ALICEANDBOB
By tradition, mostexplanations aboutmessage verificationand the use of keysutilizethenamesAliceand Bob – involvingboth sexes andoffering human-
sounding substitutesforA andB. The evilinterceptor is usuallyreferred to as Eve,which is either abiblical reference orshort for‘eavesdropper’.
PUBLICKEY
ENCIPHERINGAcademics andmathematicians struggled tofind a way to keep codedcommunication secure fordecades. There is a simpletheory of how to achievemessagesecurity:
Alice wants to send a secretmessagetoBob.
• She puts it in a box,
padlocks it and sends it toBobwithoutthekey.
• Bob attaches his ownpadlock to the box andreturnsit,againwithoutthekey.
• Alice now removes herpadlock and returns thebox.
• Bobcannowopen theboxwithhisownkey.
This is known as anasymmetric key system, inwhich a different key (or, ifyou prefer, combination) isrequired to decrypt ratherthan encrypt. In a symmetrickey system, Bob wouldsimply use a copyofAlice’skey to open the box – re-introducing the keydistribution problem. Theasymmetric system is fine ifphysical keys are used,
because two different keyscan(separately)lockonebox.However,ifthekeyisacode,the process won’t workbecause Bob has to putAlice’s box inside anotherbox,whichhethenlocksanddispatches.Nowshecan’tgetinsidetoheroriginalbox.
PRIMENUMBERS
Prime numbers havenofactorsapartfrom1and themselves. So 3,5and7areprime,but2,4,6,8and9arenotas theycanbedividedbyothernumbers.Theprimenumbersusedin
public key encryptionusually have five ormoredigits.
MODULARARITHMETIC
In modular arithmetic,numbers change after theyreach a certain value. Theclearest simple example is aclock face.Addon six hours
from9o’clockandyoureach15 o’clock, known as 3o’clock.
In 1976, Martin Hellman hituponawayofusingmodulararithmetic toallowAliceandBob to exchange informationin a similar way to theexample above, using theresultsoftheircalculationsastheir key, knowing that noonelisteningincouldfindthe
key.ThemethodiscalledtheDiffie–Hellman–Merkle keyexchange scheme, namedafter Hellman and his twocolleagues. However, itneeded to be made moreefficient,with lessexchangesof information, to be usable.This was achieved by theRSA and ElGamal systems,which employ the Diffie–Hellman–Merkle methodwith multi-digit prime
numbers. Detailedexplanations of the mathsinvolvedintheschemecanbefound at these websites:http://en.wikipedia.org/wiki/Diffie-Hellman andwww.vectorsite.net/ttcode_10.html
PRETTYGOODPRIVACY
Computer encryptionbecame
agenuinelypublictoolintheearly 1990s with the adventof Pretty Good Privacy(PGP), a computer programthat provides cryptographicprivacy and authentication,allowing anybody to use theRSA method of encryptionwithout having to deal withits complex mathematics. Itwas invented by PhilZimmerman and is mainlyused to protect email
communications, whichotherwise are completelyunencrypted, although it canalsobeused to encryptothercomputerdata.
Its introduction wasstimulated by theextraordinary rise in internetand email communication,echoing the impact of theinventionofthetelegramandradio systems in the past.
Communication has neverbeen easier, and nor hasinterference in it. Digitalcommunication raises anumber of issues, stemmingfrom the fact that anyone,anywhere in the world, cansend and intercept messages.There are enormousopportunitiesforfraud,scamsand interference in theworkingsofothercomputers.
Most purchases made on theinternet involve the use ofcryptographytoprotectcreditcard numbers or otherfinancial information.This isdone via the Secure SocketsLayer (SSL) and,increasingly,TransportLayerSecurity (TLS). Pagesprotected by SSL have an‘https’ prefix instead of theconventional ‘http’ one, anduse a blend of protocols and
algorithms to enable keyexchange, authentication andcommunicationincipher.
Passwords:themodernkey
Formostofus,thinkingupapasswordorusername tokeyinto our computer is thenearest we get to having to
createasecretcode,andmostpeople are terrible at it. Anysystemisonlyasstrongasitsweakest link, and passwordsarebyfar theeasiest formofencryptiontoattack.
AGOODPASSWORD
So a good passwordshould follow theserules:
• Use the maximumpossible number ofcharacters.
• Do not userecognizedwordsornames.
• VaRycapiTaliZation.
• Include randomnumbers or graphicsigns as well asletters. This isknownas‘salting’.
There isabasicproblem:weare encouraged to createpasswords we can remembereasily, and discouraged fromwriting them down. So there
is a strong temptation to usewords related to the task(‘password’ is a commonpassword!) or names offamilymembers, and tokeepthe password short – studiessuggest more than one inseven passwords are onlythree keys long. Forcingpeople to change theirpassword every month isn’teffectivebecauseeveniftheyfollow the rule, they tend to
choose passwords they haveused already, often simplyalternating them with eachenforcedchange.
One of the biggest sins is tochoose letter-onlypasswords,especially those that spell aword. But, of course, this isthe easiestway to generate ausernamethatyoucanbesureofremembering.
PASSWORDATTACKS
Someone who wants to findyour password will try themost obvious choices first –family names, maiden name,mother’smaidenname.Intheageof the internet, suchdataisrelativelyeasytofind.Thecomputercanalsobeused totest out other possiblepasswords through a
dictionary attack. In this, acomputer simply tries everywordinthedictionaryuntilithits the right one. Powerfulmachines can do this in amatterofseconds.Iftheyfail,they’ll do the same withreversed words, variedcapitalization and extranumbers.
Amore sophisticated way tofind your password is a
timingattack.Thisnoteshowlong it takes you to key inyour password, allowing thecomputer to calculate thelikelynumberofcharactersinit. This system can also beused to measure how long ittakes for a password to berejected: the more time, thecloser the guess is likely tobe.
Another form of attack is
‘password sniffing’. This iswhen a hacker installssoftware on your computerthat stores the first fewkeystrokes of every session,which is very likely toincludeyourpassword.
Thetroubleis,ofcourse,thata good, complexpassword isthen hard to remember, soyou’llmost probably need towrite it down. Provided it is
keptinasecureplace(notonanotestucktothecomputer!)this is a sensible option –your attacker is probablytappingakeyboardthousandsof miles away, not snoopingaround your desk. Thismethod allows you to createtrickier passwords withoutneeding to make themmemorable. You’ve got thesame level of security as thecodebooksthatwereusedfor
centuries.
PINS
Encryption is used to protectfinancial information sent byhole-in-the-wall AutomaticTeller Machines (ATMs).The customer places theirplasticcardwithitsmagneticstrip (and, increasingly, itsidentifying ‘chip’) in themachine and enters their
Personal IdentificationNumber (PIN). This iscommunicated to a centralcomputer, which checks thedata and ascertains if thecustomer is permitted tomake a withdrawal – soinformation has to pass bothways.
The four-digit PIN is‘padded’withextradigitsandall data is sent in encrypted
formusingaDataEncryptionStandard (DES) cipher. ThePINobviouslytakestheplaceofa‘password’or‘key’,andsince there are only 10,000possible combinations offour-digit numbers (a tinyfigurecomparedtothemulti-digit encryption possibilitiesgeneratedbyRSA) theATMonly allows three attempts toinput the number beforeretaining the card. This is
starting to seem generousgiven thata recentlydevised,extremely complexmathematical attack methodcan allegedly identify a PINinabout15guesses.
QUANTUMCRYPTOGRAPHY
Standard cryptography usesthe laws of mathematics.
Quantum cryptography usesthe (highly complex)approaches of quantummechanicsandthephysicsofinformation. Communicationisviaphotonsinopticalfibresor electrons in electriccurrent. Since these aremeasurableandthechannelishighly sensitive, anyeavesdroppingisimmediatelydetected, so communicationceases until it can be kept
safe.
Additionally, quantumcomputers are theoreticallycapable of incredibly fastfactoring of large numbers,and somay be able to breakRSAkeysandcrackDESandblock ciphers far faster thanthe present generation ofconventionalcomputers.
To summarize: quantum
technology may be able tofind a way to crack codesfaster than ever, but also tocreate secure, closedcommunicationssystems.
QUANTUMMECHANICS
Thetheoryofquantum
mechanics is acompletely differentway of looking at theworld. It replacesNewtonian mechanicsand classicalelectromagnetism atthe atomic andsubatomic levels andunderpins variousfields of physics andchemistry, such ascondensed matter
physics, quantumchemistry and particlephysics.
CODESINMUSIC
Composer EdwardElgar loved puzzles
and codes, andmanaged to create amusical puzzle of hisown in his EnigmaVariations, a series ofmusical characterportraits that is oneofhis best-loved works.Inall,14peopleandadogarefeaturedinthevariations: the peopleare identified byinitials, except for the
13th variation, whichmayhavebeenaboutalover of Elgar’s whohadleftEngland.Elgaralso revealed that he‘hid’ a well-knowntune in the fabric ofthe score, and formany years musicaldetectives tried to findit.Atlast,in1991,themusicologist JosephCooper solved the
conundrum – the tuneis a passage from theslow movement ofMozart’s PragueSymphony.
Elgar’sothercipherElgar was the authorof the Dorabellacipher, a note sent tohis friend Mrs Dora
Powell in 1897. Itcomprises 87 squigglycharacters at variousangles in three neatlines. No one hasmanagedtodecipheritanditisthoughtitmayhavebeenlinkedtothemystery surroundinghisEnigmaVariations.
Do,re,mi,fa,
sol,la,codeComposers have longbeenabletouselettersidentifiedwithmusicalnotationtobuildwordsintotheirmusic.Therearetwomethods:
• The Sol Fa scalecreates the syllablesdo,re,mi,fa,sol,la,andsi/ti, representedbythenotesC,D,E,
F,G,AandB.
• Western notationuses the lettersA toG but in Germanmusical tradition Bis also known as H,and E flat isrepresented by S,providing asomewhat limitedbutusablealphabet.
Baroque composers
oftenusedtheseletterstoweavethenamesoffriends or places intotheir music, andJohannSebastianBachwas particularly fondof spelling out hissurname. RobertSchumann’s ABEGGVariations records thename of a woman hewasinlovewith:MetaAbegg.
Russian composerDmitri Shostakovichfrequently representedhimself with themusical motif DSCH.He also used thesequence EAEDA torepresent his studentElmira Nasirova,creating the ‘word’ E,La,Mi,Re,A.
FromblackchamberstoCheltenham
The new doughnut-shapedspycentreinCheltenham,thecentre forsignals intelligencein the UK, is the latestinstalment in an internationalsaga of concealing andprobing communications that
goesbackforcenturies.
INTERCEPTIONANDDECEPTION
Asexplorersfoundnewlandsand places with which totrade, countries neededdiplomats to negotiate withothergovernmentsaroundtheworld. Inevitably, theirmessages would be
intercepted, so they startedusing codes to conceal theircontent. Thus, the ‘blackchambers’ were born. Inmanycountriesfromthe16thcentury onwards, missivessent by foreign diplomatswere routinely intercepted(often throughbribing lowly-paid or greedy officials),opened,copied,re-sealedandsentontheirwaywhileclerksbegan breaking their codes.
The practice became evenmore widespread whenBritain separated from theCatholicChurch,asEuropeancountries and the papacydiscussed the significance ofthemoveandmanoeuvredforpoliticaladvantagefromit.
This culture of secrecy andsubterfuge stimulatedcryptological endeavour. In16th-century Venice, there
werespecialistschoolsonthesubject,suchwasthedemandfor cryptography in thiscommercial and diplomaticcentre. In England, thesuccess of Elizabeth I’sspymaster Walsingham intrapping her rival Mary,Queen of Scots (see pages)was down to his efficientteam of code breakers. In1703, William Blencowebecame the first Englishman
to get a regular salary forcryptanalysis, receiving £100ayear and takingon the titleDecrypter. Actually the jobhadbeengoingforyears,andBlencowe was taking overfrom his grandfather, JohnWallis, who had trained himup in the dark art ofunravelling secrets fromcodedwriting.
NEEDLINGOUT
INFORMATION
One efficient methodfor seeing letterssealed in envelopesused a long needlerather like an old-fashioned sardine tinopening key. The
needle was slippedinto a corner of theenvelope and turned,rolling up the paperinside.Thiscouldthenbe removed, copiedand returned with thesame method, leavingthe envelope sealundisturbed. The onlyevidence of tamperingwasasmallholeinthecorneroftheenvelope.
At this time, themost activeand efficient black chamberintheworldwastheGeheimeKabinets-Kanzlei in Vienna,Austria. Here the day’sintercepted missives arrivedat 7 o’clock each morning,and were immediatelydictated to secretaries toprepare the copy that the
cryptanalysts would set towork decoding while theoriginal message went on itsway. Staff received financialincentives to master newlanguages and successfuldecryptions earned asubstantial bonus, paid inperson by the grateful king,Karl V. They even gotcompensation for lostpayment opportunities if oneof their spy colleagues
succeeded in stealingsolutions direct from theembassies!
The analysts worked oneweek on, one week off intheir Viennese office inrecognition of the mentalstrain of their job. Indeed,thereisalonghistoryofrapidweight loss, stress and evennervous breakdownassociated with the people
working in this field.Cryptanalysts have oftenreported difficulty insleeping, and recurrentdreams in which they arefaced with impossibly bigsearches, like finding therightpebbleonabeach.
Throughout the 18th andearly19thcenturies,theblackchambers were a secret miniindustry that recruited the
brightest minds and trainedthem topuzzleout the secretmessagesoffriendsandfoes.Suchwas their expertise andvalue that they would oftenbe kept on by newadministrationsandmonarchseven when other officialswho had served the previousgovernmentweredisposedof.
NOSUCHAGENCY
TheNationalSecurityAgency(NSA)issaidto be the world’smajoremployeroftopmathematicians, toownthe largestgroupof supercomputers,and to have a bigger
budget than the CIA.This is despite itbeing surrounded bysuch secrecy that itsinitials were said tostand for ‘No SuchAgency’.
DOTHEYKNOWWHATWEKNOW?
A recurring issue in thehistory of code breaking iswhat to do with theinformationgathered,becauseoftheriskthatyouropponentwill realize their codes havebeen broken and so changethem. Diplomats wouldremain tight-lipped as otherambassadors expressedopinions known to be theopposite of the viewexpressed in secret
communication with theirsuperiors. At one point, theSpanish government was alaughing stock amongdiplomats because its codeswere so easy to break. Theychuckled behind their hands,however, as the informationthey were receiving was souseful.In
CODECOURSES
A number ofuniversities in the UKand the US now offercourses aboutinformationsecurityinwhich much of thecontent is aboutcryptography.
Graduates tend to goon to work as ITsecurity managers orconsultants.
World War II, the Britishsometimes took no actionover decrypted messages forfear of alerting the GermanstotheirabilitytoreadEnigmamessages, and at the time of
the Pearl Harbor attack, theAmericansknewtheJapanesewere going to break offdiplomatic relations beforetheir own ambassador coulddeliverthemessage.
Anamusingvariationon thisthemeofwhethertorevealorconcealwhatyouknowisthestoryfromHenryII’ssiegeofRéalmontin1628.Adecodedintercepted message revealed
the defenders had fewsupplies left. Henry sent inthedecodedplaintextoftheirletter and they surrendered,knowing they had no chanceofsuccess.
WHEREARETHEYNOW?After World War I, the USfounded MI-8, a code-breakingteamundertheguise
of a New York commercialcode production company. Itwas briefly closed down in1931 on the orders ofSecretary of State HenryStimson, allegedly with thecomment ‘Gentlemen don’treadothergentlemen’smail’.Thisdepriveditskeyworker,Herbert Yardley, of anincome so he wrote a bookabouthiswork,whichalertedthe Japanese to the fact that
America had broken itscodes, which weresubsequently completelyredeveloped.
Laterreformed,MI-8becametheNationalSecurityAgency(NSA), combining its workwith the Central SecurityService(CSS).
Britain’s black chambermoved to Room 40 at the
Admiralty in London duringWorldWarI.Itlaterevolvedinto Bletchley Park andvariousothersites,and todaythe GovernmentCommunicationsHeadquarters (GCHQ) atCheltenham is theUKcentrefor signals intelligence andinformationprotection.
Both the American andBritish secrets-busting
organizations run websitesexplainingsomeofwhattheydo(seepages).
Acodechronology
Date Event
c.1900BC
Some Egyptianhieroglyphs are written innon-standard characters, acode apparently intendedto add a little mystery.Possibly as little as 250years later a small part ofthe Leiden, or Ipuwer,papyrus (dates much
disputed) was partly incipher
c.1500BC A Sumerian pottery glazerecipeiswrittenincode
600–500BC
Hebrew scribes use theATBASHcipher
487BC Greek use of the scytaledeviceisrecorded
60–50BC JuliusCaesar’sshiftcipherisused
AD 0–400(date
The Kama Sutra ofVatsayana listscryptography as the 44th
unknown) and45thof64arts(yogas)formenandwomen
805–873LifespanofAbuAl-Kindi,the first genuinecryptanalyst
c.1214–94Lifespan of Roger Bacon(Dr Mirabilis), whodescribedciphersinuse
1379Gabrieli di Lavindepublishes the first-knownnomenclators
Treatise on the Astrolabe,attributed to English poetGeoffrey Chaucer,
1391 contains some encipheredpassages
1412
Subh al-a‘sha, a 14-volume encyclopediawritten by Shihab al-Dinal-Qalqashand, includesmaterialoncryptology
1466–7
Leon Battista Albertiinvents the cipher disc toallow encryption usingtwoalphabets
Religious disputes makesecret communicationmore important,
16thcentury
stimulating the use ofnomenclators and ciphersand the growth of thedeciphering ‘blackchambers’
1516
First printed book oncryptology,Steganographia byJohannes Trithemius, ispublished
1563
Giovanni Battista Portacreates the first-knownpolygraphic substitutioncipher
1586 Blaise de Vigenèrepublishes his Vigenèresquare
1587Mary, Queen of Scots isexecuted after her codesarebroken
17thcentury
Antoine and BonaventureRossignol develop theGreat Cipher (date ofcreationunknown)
1623 Francis Bacon produceshisbilateralcode
1781BenjaminFranklin inventsthe homophonic
substitutioncipher
1790sThomas Jefferson inventsthe Jefferson wheel, thenforgetsaboutit
1791 Optical telegraph isdemonstrated
1811
Major George Scovellcracks the French codes,helping Wellington winthePeninsularWar
1838 Morsecodeisinvented
1844Invention of the electrictelegraph stimulates new
interestincodemaking
1854 Playfaircipher is inventedbyCharlesWheatstone
1891Bazièrescylinderdevelopsas a reinvention of theJeffersonwheel
1914–18
World War I encouragesthe development and useofciphers,fieldcodesandcryptanalysis
1914Code-breakingRoom40issetupatAdmiraltyHouse,London
1917 US enters the war as aresult of the decipheredZimmermantelegram
1918
Gilbert S. Vernam andJoseph Mauborgne devisethe Vernam cipher one-timepad
1924 Enigma machine firstshown
1939–45
Codesandciphersplayanimportant role inconcealing and revealingcommunications duringWorldWarII
1974 Story of howEnigmahadbeensolvedistold
1976
Diffie–Hellman–Merklekey exchange schemeintroduces the idea ofpublickeyencryption
1977RSA algorithm makespublic key encryptionfeasible
1990s
Therapidglobalriseoftheinternet and emailcommunication highlightsthe issue of digitalcryptography
1990 First research is publishedonquantumcryptography
1991Phil Zimmerman releaseshis Pretty Good Privacyprogram
Code-breakingchecklist
A variety of code-breakingmethodsarementionedinthisbook where relevant tocertain types of codes orciphers.However,asummaryofapproachescanbeuseful.
COLLECTALL
THEDATA
Gather all the encodedmessages together.Themorematerial you have at thisstage, the more leads therearetofollow.
ISITASIMPLECODE?
Studythetextcarefullytoseeifanyofitmakessense.Lookforthebalanceofvowelsand
consonants. Could it be ananagram? Check forembeddedwordsorlettersbylooking at initial letters, andtry counting every second,third or fourth (etc.) letter.Look at the start of themessage and consider if anyof it could containinstructions for the decoder:1/5, for example, mightindicate that the plaintext iscontainedineveryfifthletter.
Theremay also be clues if akeyword or date has beenused (see ‘Identifying thekey’onpage175).
THEMETHOD
The scientific processforcodebreakingis:
• Analysis (letter
counting,etc.)
• Hypothesis(guesswork)
• Prediction (if youfind‘e’,otherlettersbecomeclearer)
• Verification (youwereright!)or
• Refutation (startagain, checking ifwhat you think you
knowiscorrect).
Thismethodtakesyouthroughthreestages:
• Identification of thecodetype
• Breakingthecodetoseehowitworks
• Setting,which is theterm for decryptingindividualmessages.
CODESUPPOSITIONSIf it seems likely that groupsofcharacterseachrepresentaword or phrase, rememberthey were put together in adictionary, most probably inalphabetical order and solower value numbers arelikely to refer to wordsbeginning with letters thatappearearlierinthealphabet,andviceversa.
WORDBREAKS
It isamajoradvantage if theciphertext is still brokendown into words, in whichcase it will be in groupsvarying in size between oneand about eight characters,with the majority of wordsbeing three, four or fiveletters long. If thegroupsarelargerbut still irregular, eachletter may be represented by
morethanonecharacterasina Baconian or binary code(seepage).
Ifwordlengthsareclear,lookforone-,two-andthree-letterwords. Check them againstthe list of the most commononesonpage94.Lookforthedefinite or indefinite article(‘the’,‘a’or‘an’)at thestartofsentences.
In continuous ciphertext, theword (or, more often,sentence) breaks may beindicated by a null, themostobvious being an X or someother repeated character orpattern. Identifying the startsof sentences allows you tomakemore informed guessesabout likely words, andtherefore initial letters, atthosepointsintheciphertext.
CRIBSANDCONTEXT
If part of the message is inplaintext (i.e. not encoded orenciphered), read up to theenciphered words andconsider the context. Couldthey be names, places ornumbers?Ifnot,itislikelytobe more technical languagethat is being concealed, soconsider the overall context
of the message: is it aboutbattle preparations, finance,romance,etc.?
You may be able to find acrib.Areanysectionsof twomessages the same, in wordlengthorcharacterpattern?Ifyou know something of thecontext, what words orphrases might you expect tofind? Does the message (or,far more usefully, do the
messages) appear to start orfinish in a formal way?Sometimes you can createyour own crib. Assume thatthe message starts with theletter ‘a’. Work out the keyletter that could haveencrypted ‘a’ into the firstciphertext letter.Try thatkeyonthefirstlettersoftheothermessages. Then repeat,assumingthefirstletteris‘b’.Each time, look for patterns
inthelistsofletters.
LETTERFREQUENCY
Make a frequency chart foreach character in theciphertext.Refer to the letterfrequency information onpages 91–5. The mostcommon letter in English is‘e’, which will appear
noticeably more often thanothers in a monoalphabeticcipher. The frequency tablewillgiveyoucluesastoothercommonletters.
Once you can identify acommonletter,youcanmakemore informedguesses aboutitsneighbours(forexampleathree-letterwordendingin‘e’is very likely to be ‘the’).You can also look for
common letter patterns suchas‘ing’(whichisparticularlyuseful as it ends a word,giving you less options tocheckforthestartofthenextword).
If the encryption ispolyalphabetic, there will beno marked differences incharacterfrequency,buttheremay still be discerniblepatterns. These can help you
identifythekey.
IDENTIFYINGTHEKEY
Ifyoususpectakeywasusedto encrypt, look for anyindicationsfromthesenderofwhatthekeywordis–itmaynot have been agreed inadvance.
Encryption using a keyword
can be attacked by guessingthe length of the keyword.This can be achieved byexploitingthefactthatcertainpatterns (such as ‘th’ or ‘ed’are likely to appear veryfrequentlyintheplaintextandso may at some stages havebeen encoded with the sameciphertext letters. Numbereach character by position(1st, 2nd, 3rd, and so on).Now look for any repeated
patterns (say, repeated pairsor triplets of letters ornumbers).
Count how many characterstherearebetween thestartofeach repeated pattern. If youfind that certain pairs ofcharacters appear after 54,then 120, then 96, then 186ciphertext letters, you canturn to mathematics to help.Try dividing each of these
numbers by three, then four,then five, and so on.Disregard any answers thatare not whole. In this case,you will find that eachnumber is divisible by boththree and six. This suggeststhekeywordusedtoencipherwaseither threeor six letterslong.The lowerfigureseemsunlikely,sotrysixfirst.Nowyou can test the assumptionthattheencipheringpatternis
repeated every six letters byputtingtheciphertextintosixcolumns and carrying outfrequency analysis on eachcolumn,because those lettersare likely to have beenenciphered with the sameletter.
For example, if part of theciphertext readJAQLZSOUFBLWPNIAFYHJBIWLVCEUFCHBWXX, and you assume from
analysis of the full text thatthe keyword length is six,arranging the letters of thissection into six columnsproduces:
J A Q L Z SO U F B L WP N I A F YH J B I W LV C E U F CH B V V X X
Frequencyanalysisofthefullciphertext might then revealthat the letters in the firstthreecolumnswereshifted3,9 and 16 places respectivelyon a Vigenère square,producingaplaintextof:
g r a ? ? ?l l y ? ? ?m e s ? ? ?e s t ? ? ?s t o ? ? ?
e s e ? ? ?
Thiswouldshowthatthefirstthree letters of the keywordare CIP. A combination ofcontinued frequency analysisand guesswork of thekeyword would reveal it asCIPHER, with the fullplaintext in columns nowknowntobe:
g r a d u aI I y t h em e s s a ge s t a r ts t o m a ke s e n s e
and the plaintext can bewritten as, ‘Gradually themessage starts to makesense’.
This example shows that
sometimesyouwillbeabletoworkoutpartofthekeywordused and from this discoverthe whole keyword. Forexample, if you are prettysure the keyword has theletters ENC___T_ON, youcanguessthefullkeywordisENCRYPTION.
HISTORYOFDECRYPTION
The history ofdecryption is as longas that of encryptionandthereisonlyspaceheretoshowtheinitialbasic steps. Moreinformation can befoundat:
www.bbc.co.uk/dna/h2g2/alabaster/A613135andwww.vectorsite.net/ttcode_01.html
Glossary
algorithm: A set ofmathematicalinstructions forming astep-by-step procedureto encrypt or decryptinformation.
ASCII: American StandardCode for InformationInterchange, used torepresent text in
computers.asymmetric key system: A
cryptological systemwhere a different ‘one-way’ key is needed forencrypting anddecrypting.
authentication: The processofconfirmingidentity.
bigram: Pair of letters,syllables or words,commonly used as the
basis for statisticalanalysisoftext.
binary code: Code systemusing only twocharactersornumbers,0and1.
black chamber: Generalterm for thecryptological offices setup by variousgovernments since the16th century whereintercepted messages
were studied fordecryption.
block cipher: A cipher inwhichblocksof text areenciphered in groups,usuallyeachof64bits.
Caesar shift cipher: Cipherin which a letter isreplaced by another, aset number of placesalonginthealphabet.
cipher: A process in which
individual letters arereordered or replaced toconcealthemeaningofatext.
ciphertext:Encipheredtext.clear text: Another term for
plaintextorenclair.code: A system in which
words or phrases arereorderedorreplacedforconcealment. The word‘code’ comes from theLatin for ‘book’,
‘codex’.code book: The crucial
‘dictionary’ givingwords and phrases andthe character(s) to beused to represent them.For larger-scalecodes,areverse dictionary isrequiredfordecryption.
crib: A section of knownplaintext, which can beused to break a code orcipher.
cryptanalysis: The art ofbreaking codes andciphers.
cryptography: The art ofdevising codes andciphers.
cryptology:Thegeneraltermfor cryptanalysis andcryptography.
cryptosystem: A system forencrypting anddecryptingdata.
decipher:Toturnencipheredtext into the originalmessage,orplaintext.
decode:To turnacoded textinto the originalmessage,orplaintext.
decryption: The process ofturning encoded orenciphered text intoplaintext.
DES: Data EncryptionStandard, the algorithmwidely used for data
encryption, adopted in1976.
Diffie–Hellman–Merkle keyexchange: Process forestablishinga secretkeythrough publicdiscussion.
digital signature: Electronicidentification of aperson, using a publickeyalgorithm.
digraph: Two lettersrepresenting one sound,
such as ‘ph’ or ‘th’,forming commonpairings that are usefulindecryption.
encode:Toturnplaintextintoacodedmessage.
encipher: To turn plaintextintoaciphermessage.
Enigma: Most famousenciphering system inrecent history, used bythe Germans in World
War II and, crucially,brokenbytheBritish.
en clair: Plaintext, un-encodedmessage.
fractionation: Process inwhich plaintext symbolsare converted into newsymbols prior totransposition, creating amorecomplexcipher.
frequency analysis:Decryption strategy in
which ciphertext lettersare counted to identifypatterns,which relate tohow often letters occurinnaturaltext.
Greek square: Device forchanging characters intonumbers, using the gridreferences of a square.Also known as thePolybius square or theGreekcheckerboard.
homophonicsubstitution:Acipherwherealettercanbe represented byseveral differentcharacters, thuscombating frequencyanalysis.
key: The set of charactersthat determines how atextistobeencrypted.
key length: The number ofcharacters or bits in the
key.Thelongeritis,theharderitistodecrypt.
monoalphabeticsubstitution cipher:Cipher in which theplaintext is encryptedusingonealphabet.
nomenclator: Encryptionusing a mixture ofhomophonic substitutionand codes for certainwords and phrases. It
was the maincryptologicalmethodforseveral centuries untilWorldWarI.
null: Part of the ciphertext,which indicates ends ofsentences, or which canbe ignored indecryptionbecause it is there toconfuse enemy codebreakers.
one-time pad: The only
known totally secureencryption method – arunning key of totallyrandom characters, usedonlyonce.
plaintext: A message beforeit is encrypted and afteritisdecrypted.
Polybius checkerboard: seeGreeksquare.
polyalphabetic cipher:Cipher in which the
plaintext is encryptedusing more than onealphabet.
PrettyGoodPrivacy(PGP):A method for secure,encrypted emailcommunication,developed by PhilZimmerman.
privatekey:The‘secret’partof an asymmetric keysystem, also known asthedecryptionkey.
public key: The ‘open’ partof an asymmetric keysystem, also known astheencryptionkey.
quantum cryptography:The use of quantumphysicstocreaterandombits on a computer,which can be used tocreate a one-time padcipher.
running key: A key as long
as the plaintext, as in abookcipher.
RSA: Rivest, Shamir andAdleman’s systemenabling public keycryptography, inventedin1977.
steganography: Greek for‘hidden writing’, this isthe art of hiding themessage itself, ratherthan concealing its
meaning.substitution cipher:
Encryption system inwhich letters arereplaced but remain inthecorrectposition.
superencipherment:Encrypting a messagetwice, either with thesame orwith a differentmethod for the secondprocess. Also known assuperencryption.
Transposition cipher:Encryption system inwhich letters changeposition,creatingagiantanagram (in which thelettersarealsochanged).
Vigenère square: The firstpolyalphabetic ciphermade using a tabularecta combined with akeyword.
Furtherreading
BOOKSAppliedCryptography,Bruce
Schneier (WileyPublishing,1995)and
Secrets and Lies, BruceSchneier (WileyPublishing, 2004) dealwith the practice andissues of computerizedcryptography
Codes and Ciphers, RobertChurchhouse (CUP,2002) gives a goodbriefing with manyexamples
Codes, Ciphers and SecretWriting,MartinGardner(Dover Publications,2002) isgoodonsimplecodes
Cryptography: A Very ShortIntroduction, Fred PiperandSeanMurphy(OUP,
2002) is agoodbriefingonmoderntrends
Cryptography:TheScienceofSecretWriting,LaurenceDwight Smith (DoverPublications, 1971)coverssimplecodes
GeneralhistoriesTheCodeBook,SimonSingh
(Fourth Estate, 1999)coversthestoryofcodes
The Codebreakers, David
Khan(Scribner,1996)isthe classic work on thehistoryofcodes
SpecifichistoriesThe Man Who Broke
Napoleon’sCodes,MarkUrban(FaberandFaber,2001) is the story ofWilliamScovell
NavajoWeapon: TheNavajoCode Talkers, SallyMcClain (Rio Nuevo,
2002)Navajo Code Talkers,
Andrew Santella(Compass Point Books,2004)
The Victorian Internet, TomStandage (WeidenfeldandNicolson,1998)tellsthestoryofthetelegraphsystem
WEBSITES
Thehistoryofcodeshttp://fly.hiwaay.net/~paul/cryptology/history.html
covers the early historyofcryptography
www.axsmith.net/encryption.htmwww.bbc.co.uk/history/ancient/egyptians/decipherment_03.shtmlwww.brooklynmuseum.org/exhibitions/2003/egyptreborn/ancientegypt/k4/language/language05www.freemaninstitute.com/Gallery/rosetta.htmhem.passagen.se/tan01/simsub.html
has examples of simplesubstitutions
www.jproc.ca/crypto/crypto_hist.htmlhas a timeline ofcryptography
www.murky.org/archives/cryptography/haslots on history anddevelopment
www.simonsingh.com/website of the author ofthe excellent The CodeBook
www.thebritishmuseum.ac.uk/compass/ixbin/goto?id=OBJ67home.ecn.ab.ca/~jsavard/crypto/entry.htm
www.vectorsite.net/idsearch.htmltells the story of codeswith plenty on theirAmericanhistoryandon
breakingcodeswww.world.std.com/~cme/html/timeline.html
has a chronology ofcryptography
Sites for children andbeginnershttp://search.looksmart.com/p/browse/us1/us317837/us317922/us903634/usl0124254/
has links to sites forchildren
www.google.com/intl/xx-piglatin/ translatesmessagesintoPigLatin
www.scouting.org.za/codes/www.10ticks.co.uk/s_codebreaker.asp
allows you to emailcoded messages to yourfriends
Sites with specialistinformationftp://ftp.pgpi.org/pub/pgp/6.5/docs/english/IntroToCr
ypto.pdf is acomprehensive site onall aspects of moderncryptography
http://members.tripod.com/~mr_sedivy/colorado44.htmlshows the cowboybrandingalphabet
http://starbase.trincoll.edu/~crypto/historical/railfence.htmlforrailfenceandscytaleciphers
www.aldertons.com/index.htmis a cockney rhymingslangdictionary
www.cia.gov/cia/information/tour/krypt.htmlthe CIA website on‘Kryptos’
www.cockneyrhymingslang.co.uk/cockney/
is a cockney rhymingslangdictionary
www.codesandciphers.org.uk/documents/includes the 1944Bletchley Parkcryptographicdictionary
www.comsoc.org/livepubs/cil/public/anniv/pdfs/hellman.pdfis an article giving anoverview on modernpubliccryptography
www.cs.dartmouth.edu/~jford/crypto.htmlgives background onquantumcryptography
www.elonka.com/kryptosisasite about the ‘Kryptos’sculpture
www.fas.org/irp/world/uk/gchq/index.htmlis an unofficial websiteaboutGCHQ
www.gchq.gov.uk/websiteofthe UK signalsintelligenceheadquarters
www.geocities.com/Vienna/4056/cipher.htmlshowstheElgarcode
www.history.navy.mil/faqs/faq61-2.htm contains
information on Navajocodetalkers
www.infosyssec.org/infosyssec/cryl.htmhas lots of backgroundand current informationonsecurity
www.nationalarchives.gov.uk/spies/ciphers/default.htmwww.profactor.at/~wstoec/rsa.html
has a step-by-step guidetopublicencryption
Miscellaneousothersiteshttp://elonka.com/UnsolvedCodes.html
http://eprint.iacr.org/ anarchive of papers oncryptology
http://mad.home.cern.ch/frode/crypto/lists many papers onpost-warcodes
www.faqs.org/faqs/cryptography-faq/part01/index.htmlanswers your questionsoncryptography
www.gchq.gov.uk/codebreaking/is the site of the Britishgovernment’s
communicationsexperts,and has puzzles andgames
www.nsa.gov/history/index.cfmis the website of theUSA National SecurityAgency
www.nsa.gov/museum/index.cfmis the website of thenational cryptologicmuseumintheUS
www.puzz.com/cryptoquotes.htmlhas cryptograms of
sayings by famouspeople
www.spymuseum.org/index.aspis the website of theinternational spymuseumintheUS
www.und.nodak.edu/org/crypto/crypto/.sample-issue.html is thewebsiteof the Americancryptogram association,whichwas set up in the1920s
Computer short cuts andsymbolsen.wikipedia.org/wiki/Leet
has an alphabet of leetsymbols
http://tronweb.super-nova.co.jp/characcodehist.htmlhas a brief history ofASCIIcharactercodes
www.acronymfinder.com/gives definitions foracronyms andabbreviations
www.lingo2word.com/lists/txtmsg_listA.htmltxtlingo
www.microsoft.com/athome/security/children/kidtalk.mspx?is a parents’ guide tocomputerslang
www.smsglossary.com/what-is-sms.html
www.techdictionary.com/emoticons.htmlis a dictionary of textshortcutswithsymbols
www.t-mobile.com/mytmobile/communication/messaging/shorthand.aspisabouttextshortcuts
Index
The pagination of thiselectronic edition does notmatchtheeditionfromwhichit was created. To locate aspecificentry,pleaseuseyoure-bookreader’ssearchtools.
ABFGXcipher129–30acrosticcodes48–9ADFGVXcipher131
Alberti, Leon Battista 102,107–8
AliceandBob150,151–2alphabet,expanding103–5American Standard Code for
Information Interchange(ASCII) 144, 146, 148,149
ArmyofPortugalcode101Atbash78–9
Bacon,Francis145Baudot,Emile144,147
Bazièrescylinder134bifidcipher120–1bilateralcipher145binarycode143–6,147blackchambers160–5Blencowe,William161BletchleyPark137,142,165blockcipher149bookcode60books,codesin58Braille27–9
Caesarshift72Cardanogrille50–2Central Security Service
(CSS)164Chappe,ClaudeandRené25checkerboardciphers118–26Chinese,ancient39cipherdefinition54cipherdisc108ciphers128–9combining107–8
Cockneyrhymingslang45–6
codechronology167–70codedefinition54codes128–9ColdWar39columnartransposition68–9commonletters91–3computerencryption143–9cowboybranding17,18cribs131–3,174cuneiformwriting15–16
Data Encryption Standard
(DES)cipher156dateshiftciphers112decryption,historyof178Delastelle,Felix121dictionarycode56–9Diffie–Hellman–Merkle key
exchange152digitalwriting,invisible41–2digraphs93–5dotcipher61–2doubletransposition70–1Doyle,SirArthurConan90
enclair102Enigma135–8,164
fieldciphers129–31field codes and ciphers 127–
33films,codesin70frequency analysis 89–95,
105,174–7beating97–106
frequencytables92,94Friedman,William140–1
GovernmentCommunicationsHeadquarters (GCHQ)165
greatPariscipher101–2Greekscytale63–4Greek square 81–2, 97–102,
118
Hellman,Martin151–2Herodotus37hieroglyphs11–13Histiaeus38hobos,17
inks,forinvisiblewriting40–1,43,47
international signal flags 22–3
invisiblewriting40–3
Jeffersonwheel133–4,135Jefferson,Thomas133JN-25141–2
keydistribution149–53keystreamsequence147keywordidentification175–7
keywords108–9using76–78
KingCharlemagnecipher82,83
‘Kryptos’96
leet34–5linecipher62
Marryat,Captain19Mary, Queen of Scots 88–9,
161Mauborgne,Joseph117
MI-8164modulararithmetic151–2monoalphabeticcipher72Morse code 30–3, 92, 131,
144music,codesin158
National Security Agency(NSA),164
nomenclator88nullcipher48,97nulls66
numberciphers79–80numberkeysseewordkeys
one-timepad117Opish44opticaltelegraph24–5
Painvin,Georges131passwordattacks155–6passwordsniffing155passwords153–6Personal Identification
Number(PIN)156
PigLatin43pigpencipher85–6Playfaircipher118–19Pliny40polyalphabetic cipher 72, 98,
112–13Polybius square 81–2, 118,
122Porta,Giavanni38Pretty Good Privacy (PGP)
152–3publickeyenciphering150
PURPLEcode140–1
quantumcryptography157quantummechanics157
railfencecipher64–6Romanji140Room40165Rosicruciancipher,86,87runningkey116–17
Scovell,George101Secure Sockets Layer (SSL)
153semaphore19–21Shepherd’sMonument124shiftciphers71–3signlanguage25–7Signals Intelligence Service
(SIS)140sliderulecipher73spacecode53–5spokencodes43–7StCyrcipher72–3steganography39,40
stencilcode50straddlingcheckerboard125–
6streamcipher147–8subrosacodes56substitutionciphers71–89symbols,using82–3
Tacitus39texting35–6TheShadowmagazine74–5transmissionsecurity39
Transport Layer Security(TLS)153
transposition ciphers 55, 63–71
transpositionwithakey67transposition,double70–1trifidcipher122–3Turing,Alan137typewritercipher77–8
Vernamcipher117Vernam,Gilbert117,147
Vigenèresquare110–16
Wallis,John161waxtablets38–9Wheatstone,Charles119wordbreaks112–13wordfrequency95wordkeys68–71WorldWarIcodes127–33World War II codes 132,
133–39,140–2,164WorldWarIIfilmsandcodes
139
XORoperation147
Zimmerman,Phil152Zip’slaw95
IfyouenjoyedCodesandCiphers,checkouttheseothergreatCollinsGemtitles.
Copyright
CollinsAnimprintofHarperCollinsPublishers
77-85FulhamPalaceRoad,Hammersmith,LondonW68JB
www.harpercollins.co.uk
Firstpublished2006Text©SeanCallery,2006
AllrightsreservedunderInternationalandPan-AmericanCopyright
Conventions.Bypaymentoftherequiredfees,youhavebeengranted
thenonexclusive,nontransferablerighttoaccessandreadthetextofthise-bookon-screen.Nopartofthistextmaybereproduced,transmitted,downloaded,decompiled,reverse-
engineered,orstoredinorintroducedintoanyinformationstorageand
retrievalsystem,inanyformorbyanymeans,whetherelectronicor
mechanical,nowknownorhereinafterinvented,withouttheexpresswrittenpermissionofHarperCollinse-books.
AcataloguerecordforthisbookisavailablefromtheBritishLibrary
Illustrations:AnthonyDuke
SourceISBN:9780007228041
EbookEdition©DECEMBERISBN:9780007551118
Version:2014-01-24
HarperCollinsPublishershasmadeeveryreasonableefforttoensurethatanypicturecontentandwrittencontentinthisebookhasbeenincludedorremovedinaccordancewiththecontractualandtechnological
constraintsinoperationatthetimeofpublication.
AboutthePublisher
AustraliaHarperCollinsPublishers(Australia)Pty.Ltd.
Level13,201ElizabethStreet
Sydney,NSW2000,Australia
http://www.harpercollins.com.au
CanadaHarperCollinsCanada
2BloorStreetEast–20thFloor
Toronto,ON,M4W,1A8,Canada
http://www.harpercollins.ca
NewZealandHarperCollinsPublishers(NewZealand)Limited
P.O.Box1Auckland,NewZealand
http://www.harpercollins.co.nz
UnitedKingdomHarperCollinsPublishersLtd.
77-85FulhamPalaceRoadLondon,W68JB,UK
http://www.harpercollins.co.uk
UnitedStatesHarperCollinsPublishersInc.
10East53rdStreetNewYork,NY10022
http://www.harpercollins.com