Cryptography

C

Ciphers

Ease of use makes ciphers popular. There are two general types of ciphers. Substitution ciphers require a cipher alphabet to replace plaintext with other letters or symbols. Transposition ciphers use the shuffling of letters in a word to make the word incomprehensible.

Ciphers are the secret codes used to encrypt plaintext messages. Ciphers of various types have been devised, but all of them are either substitution or transposition ciphers. Computer ciphers are ciphers that are used for digital messages. Computer ciphers differ from ordinary substitution and transposition ciphers in that a computer application performs the encryption of data. The term cryptography is sometimes restricted to the use of ciphers or to methods involving the substitution of other letters or symbols for the original letters of a message

D

Substitution Ciphers

In simple substitution ciphers, a particular letter or symbol is substituted for each letter. The letters are substituted in their normal order, usually with normal word divisions. Such ciphers are recognized by the occurrence of a set of normal letter frequencies attached to the wrong letters. They are solved by using frequency analysis and by noting the characteristics of particular letters, such as the tendency to form doubles, common word prefixes and suffixes, common first and last letters in words, and common combinations, such as qu, th, er, and re.

A substitution cipher is performed by reordering the letters in the alphabet. For example, a cipher devised long ago by Julius Caesar shifts all the letters in the alphabet by three places. Thus, when the letter a is needed, a d is used, and when a b is to be written, an e is used. The letters wrap around at the end of the alphabet. So, if a person wants to encipher a z, it is written as a c. Similarly, a y is written as a b. The entire cipher is represented by two rows of letters. These rows are called a lookup table.

---

---

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

When someone wants to encrypt a word, he or she looks up the original letter in the top row and uses the corresponding ciphertext letter in the bottom row. So, for example, the word HELLO would be written as KHOOR. To decrypt the coded word, a person would search for the letter in the bottom row and write down the corresponding letter in the top row. So, KHOOR decrypts back to HELLO.

While the above substitution cipher is easy to remember, it is also easy to break. To make a substitution cipher more complex, multiple substitutions and sometimes even numbers are added to the cipher.

In multiple-substitution (polyalphabetic) ciphers, a keyword or number is employed. The first message letter might be enciphered by adding to it the numerical value of the first letter of the keyword; the second message letter is enciphered similarly, using the second letter of the keyword, and so on, repeating the keyword as often as necessary to encipher the whole message. When adding the numerical value of a keyword letter to a message letter, one starts counting with the message letter. Thus, to encipher the word TODAY by the code word DIG, t becomes w, as d is the fourth letter of the alphabet (count t, u, v, w); o becomes w, as i is the ninth letter of the alphabet; and d becomes j, as g is the seventh letter of the alphabet. For the rest of the message the code word is repeated, and thus TODAY is coded WWJDG.

By using combinations of the basic types of ciphers, ciphers can be created to various degrees of complexity. The key, however, should be easy to remember or reproduce, for without it the cipher is no longer a message but a puzzle. Given sufficient time and material, most ciphers can be solved and their keys discovered, but for a particular purpose the complexity need be only so great as to obtain the level of security desired. Military orders that must be kept secret for only a few hours, for example, can be encrypted in a cipher that would be entirely unsuited for diplomatic reports using a cipher over an extended period of time.

E

Transposition Cipher

In a transposition cipher, the order of plaintext letters is changed to derive the ciphertext. The message is usually written without word divisions in rows of letters arranged in a rectangular block. The letters are then transposed in a prearranged order, such as by vertical columns, diagonals, or spirals, or by more complicated systems, such as the knight's tour, which is based on the move of the knight in chess. The arrangement of the letters in the enciphered message depends upon the size of the block of code words used and upon the route followed in inscribing and transposing the letters.

A cipher in which every pair of letters is swapped is an example of a transposition cipher. In this case, for example, the ciphertext for elephant would be lepeahtn. The first and second letters are swapped, then the third and fourth letters are swapped, and so on. Transposition ciphers may be combined with substitution ciphers to produce a more complex encoded message.

F

Breaking Simple Ciphers

Substitution and transposition ciphers appear to be difficult to break. However, if enough messages are encrypted with any cipher, the cipher is easily broken. Repetition of a series of letters may lead code breakers to the key of any cipher system. In a substitution cipher, once a letter is associated with another letter, a pattern emerges and the cipher is easily decrypted.

In order to make a cipher even more secure, a key word or number may be used. Transposition ciphers might be recognized by the letter frequencies (the number of times a common letter, such as e, is used compared to the number of times a less frequently used letter, such as q, appears) for the language used. Solution of such ciphers without the key is possible by rearranging the letters in various geometric designs and at the same time forming a new word by reordering the letters of the coded word or phrase (such as from satin to stain) until the method of encipherment is discovered.

Computers may be used to break simple ciphers. Techniques for encrypting data naturally took advantage of the power of computers. Today’s modern cryptographic techniques are based entirely on a cryptographic key that is kept secret. The plaintext that is to be encrypted is converted to bits, or binary digits of 1s and 0s (see Bit). Then complex substitutions and transpositions are performed on the plaintext, using the key as a guide. The transformation of the plaintext to ciphertext is entirely dependent on the key.

III

Computer Ciphers and Encryption

Government agencies, banks, and many corporations now routinely send a great deal of confidential information from one computer to another. Such data are usually transmitted via telephone lines or other nonprivate channels, such as the Internet. Continuing development of secure computer systems and networks will ensure that confidential information can be securely transferred across computer networks.

In the early 1970s, Horst Feistel, a scientist at International Business Machines Corporation (IBM Corporation), developed LUCIFER, a computerized cryptosystem that used both substitution and transposition.

In 1977 the United States National Bureau of Standards (now the National Institute of Standards and Technology [NIST]) developed a cryptographic technique called the Data Encryption Standard (DES). DES was based on LUCIFER and made use of the computer binary code (converting plaintext to bits, or binary digits of 1s and 0s). DES transformed 64-bit segments of information into 64-bit segments of ciphertext using a key that was 56 bits in size. Each user randomly selected a key and revealed it only to those persons authorized to see the protected data. DES was broken in 1998.

In 1978 three American computer scientists, Ronald L. Rivest, Adi Shamir, and Leonard Adleman, who later founded the company RSA Data Security, created the Rivest-Shamir-Adleman (RSA) system. The RSA system uses two large prime numbers, p and q, multiplied to form a composite, n. The formula n = pq, capitalizes on the very difficult problem of factoring prime numbers. See also Encryption; Number Theory.

As more and more information is transferred over computer networks, computer scientists continue to develop more secure, complex algorithms. In 1997 the NIST began coordinating development of a replacement for DES called Advanced Encryption Standard (AES). AES will use a more complex algorithm, based on a 128-bit encryption standard instead of the 64-bit standard of DES. This 128-bit algorithm will make AES impossible to decrypt with current technology.

Another encryption system based on 128-bit segments is called International Data Encryption Algorithm, or IDEA. The Swiss Federal Institute of Technology developed the IDEA standard in the 1990s. Computer scientists have also proposed alternatives such as public-key cryptosystems (PKCs), which use two types of keys, a public key and a private key. The public key encrypts data, and a corresponding private key decrypts it. The user gives the public key out to other users, and they can use the public key for encrypting messages to be sent to the user. The user keeps the private key secret and uses it to decrypt received messages. An example of a PKC is the RSA system, described above.

	More from Encarta
	•  Important Notice: MSN Encarta to be discontinued. Learn more. •  Presidential Myths Quiz •  Coffee break: Recharge your brain