# Cryptography – Engineering and Technology History Wiki

Cryptography Background

The word cryptography comes from the Greek words kryptos meaning hidden and graphein meaning writing. Cryptography is the study of hidden writing, or the science of encrypting and decrypting text and messages.

It is believed that the oldest known text to contain one of the essential components of cryptography, a modification of the text, occurred some 4000 years ago in the Egyptian town of Menet Khufu where the hieroglyphic inscriptions on the tomb of the nobleman KHNUMHOTEP II were written with a number of unusual symbols to confuse or obscure the meaning of the inscriptions.

In 5BC the Spartans, a warrior society famed for their austere lifestyle, bravery, and skill in battle, developed a cryptographic device to send and receive secret messages. This device, a cylinder called a Scytale, was in the possession of both the sender and the recipient of the message. To prepare the message, a narrow strip of parchment or leather, much like a modern-day paper streamer, was wound around the Scytale and the message was written across it. Once unwound, for transport to the receiver, the tape displayed only a sequence of meaningless letters until it was re-wound onto a Scytale of exactly the same diameter. The code, produced by unwinding the tape, was a TRANSPOSITION cipher, that is, one where the letters remain the same but the order is changed. This is still the basis for many popular modern-day techniques.

The other major ingredient of these modern techniques is the ADDITIVE/SUBSTITUTION cipher. Although the Greek writer Polyibus described a substitution technique, its first recorded use was by Julius Caesar. Messages were encoded by substituting the letter in the text by one that is three positions to the right. A became D, V became Y etc. The reason why a substitution of three letters, and not four, two or six, was chosen has never been explained.

In an essay written in 1466, an Italian Leon Battista Alberti who is often called the father of western cryptography, described the construction of a cypher disk, founding the concept of POLY ALPHABETIC ciphers. Although he had made the most important advance in cryptography in at least five hundred years, he did not develop his concept. It was left for others, the best known being the French cryptographer Blaise de Vigenere to devise a practical poly alphabetic system which bears his name, the VIGENERE SQUARE. At the time, and for a considerable time afterwards this technique was believed to be unbreakable (Le Chiffre Indechiffrable). There was however a weakness in this cipher waiting to be exploited because the cyphertext produced by this method was vulnerable to the yet undiscovered statistical attack.

The earliest known use of cryptography is found in non-standard hieroglyphs carved into monuments from Egypt’s Old Kingdom (ca 4500+ years ago). These are not thought to be serious attempts at secret communications, however, but rather to have been attempts at mystery, intrigue, or even amusement for literate onlookers. These are examples of still other uses of cryptography, or of something that looks (impressively if misleadingly) like it. Some clay tablets from Mesopotamia, somewhat later are clearly meant to protect information they encrypt recipes, presumably commercially valuable. Later still, Hebrew scholars made use of simple monoalphabetic substitution ciphers (such as the Atbash cipher) beginning perhaps around 500 to 600 BC.

Cryptography has a long tradition in religious writing likely to offend the dominant culture or political authorities. Perhaps the most famous is the ‘Number of the Beast’ from the Book of Revelation in the Christian New Testament. ‘666’ might be a cryptographic (i.e., encrypted) way of concealing a dangerous reference; many scholars believe it’s a concealed reference to the Roman Empire, or more likely to the Emperor Nero himself, (and so to Roman persecution policies) that would have been understood by the initiated (who ‘had the key to understanding’), and yet be safe or at least deniable (and so ‘less’ dangerous) if it came to the attention of the authorities. At least for orthodox Christian writing, most of the need for such concealment ended with Constantine’s conversion and the adoption of Christianity as the official religion of the Empire.

A Scytale, an early device for encryption. The Greeks of Classical times are said to have known of ciphers (e.g., the scytale transposition cipher claimed to have been used by the Spartan military). Herodotus tells us of secret messages physically concealed beneath wax on wooden tablets or as a tattoo on a slave’s head concealed by regrown hair, though these are not properly examples of cryptography per se as the message, once known, is directly readable; this is known as steganography. Another Greek method was developed by Polybius (now called the “Polybius Square”).[1] The Romans certainly did know something of cryptography (e.g., the Caesar cipher and its variations). There is ancient mention of a book about Roman military cryptography (especially Julius Caesar’s); it has been, unfortunately, lost.

In India, cryptography was also well known. It is recommended in the Kama Sutra as a technique by which lovers can communicate without being discovered.

The first page of al-Kindi’s manuscript On Deciphering Cryptographic Messages, containing the first descriptions of cryptanalysis and frequency analysis. See also: Voynich Manuscript. It was probably religiously motivated textual analysis of the Qur’an which led to the invention of the frequency analysis technique for breaking monoalphabetic substitution ciphers by al-Kindi sometime around AD 800 (Ibrahim Al-Kadi -1992). It was the most fundamental cryptanalytic advance until WWII.

Essentially all ciphers remained vulnerable to this cryptanalytic technique until the development of the polyalphabetic cipher by Leone Battista Alberti (ca 1465), and many remained so thereafter. Alberti is often called the “Father of Western Cryptology”. Johannes Trithemius, in his work Poligraphia, invented the tabula recta, a critical component of the Vigenre cipher. The French cryptographer Blaise de Vigenere devised a practical poly alphabetic system which bears his name, the Vigenre cipher.[2]

Although Leone Battista Alberti is usually considered the father of polyalphabetic cipher, Prof. Al-Kadi’s 1990 paper (ref- 3), reviewing Arabic contributions to cryptography reported knowledge of polyalphabetic ciphers 500 years before Alberti, based on a recently discovered manuscript by al-Kindi.[citation needed]

The Arab mathematician, Al-Kindi, wrote a book on cryptography entitled Risalah fi Istikhraj al-Mu’amma (Manuscript for the Deciphering Cryptographic Messages), circa AD 800. He described the first cryptanalysis techniques, including some for polyalphabetic ciphers, cipher classification, Arabic Phonetics and Syntax, and, most importantly, described the use of several techniques for cryptanalysis, and gave the first descriptions on frequency analysis.[3] He also covered methods of encipherments, cryptanalysis of certain encipherments, and statistical analysis of letters and letter combinations in Arabic.[4]

Ahmad al-Qalqashandi (1355-1418) wrote the Subh al-a ‘sha, a 14-volume encyclopaedia which included a section on cryptology. This information was attributed to Taj ad-Din Ali ibn ad-Duraihim ben Muhammad ath-Tha ‘alibi al-Mausili who lived from 1312 to 1361, but whose writings on cryptography have been lost. The list of ciphers in this work included both substitution and transposition, and for the first time, a cipher with multiple substitutions for each plaintext letter. Also traced to Ibn al-Duraihim is an exposition on and worked example of cryptanalysis, including the use of tables of letter frequencies and sets of letters which can not occur together in one word.

In Europe, cryptography became (secretly) more important as a consequence of political competition and religious revolution. For instance, in Europe during and after the Renaissance, citizens of the various Italian states the Papal States and the Roman Catholic Church included were responsible for rapid proliferation of cryptographic techniques, few of which reflect understanding (or even knowledge) of Alberti’s polyalphabetic advance. ‘Advanced ciphers’, even after Alberti, weren’t as advanced as their inventors / developers / users claimed (and probably even themselves believed). They were regularly broken. This over-optimism may be inherent in cryptography for it was then, and remains today, fundamentally difficult to accurately know how vulnerable your system actually is. In the absence of knowledge, guesses and hopes, as may be expected, are common.

Cryptography, cryptanalysis, and secret agent/courier betrayal featured in the Babington plot during the reign of Queen Elizabeth I which led to the execution of Mary, Queen of Scots. An encrypted message from the time of the Man in the Iron Mask (decrypted just prior to 1900 by tienne Bazeries) has shed some, regrettably non-definitive, light on the identity of that real, if legendary and unfortunate, prisoner. Cryptography, and its misuse, were involved in the plotting which led to the execution of Mata Hari and in the conniving which led to the travesty of Dreyfus’ conviction and imprisonment, both in the early 20th century. Fortunately, cryptographers were also involved in exposing the machinations which had led to Dreyfus’ problems; Mata Hari, in contrast, was shot.

Outside of Europe, after the end of the Muslim Golden Age at the hand of the Mongols, cryptography remained comparatively undeveloped. Cryptography in Japan seems not to have been used until about 1510, and advanced techniques were not known until after the opening of the country to the West beginning in the 1860s. During the 1920s, it was Polish naval officers who assisted the Japanese military with code and cipher development.

It wasn’t until the 19th century that cryptographers developed anything more than ad-hoc approaches to either encryption or cryptoanalysis. Examples include Charles Babbage’s Crimean War era work on the mathematical cryptanalysis of polyalphabetic ciphers, redeveloped and published somewhat later by the Prussian Friedrich Kasiski. The understanding of cryptography at this time typically consisted of hard-won rules of thumb; eg, Auguste Kerckhoffs’ cryptographic writings in the latter 19th century. Edgar Allan Poe used systematic methods to solve ciphers in the 1840s. In particular he placed a notice of his abilities in the Philadelphia paper Alexander’s Weekly Express Messenger, inviting submissions of ciphers, of which he proceeded to solve almost all. His successes created a public stir lasting several months. He later wrote an essay on methods of cryptography which proved useful as an introduction for the novice Room 40 British cryptanalysts attempting to break German codes and ciphers during World War I, and in a famous story, “The Gold Bug”, in which cryptoanalysis featured prominently.

Around 1854, Charles Babbage, developed the method of statistical analysis by which he successfully decrypted messages encrypted by the Vigenere square. Unfortunately, due to his habit of not completing the paperwork, or possibly to protect the fact that because of his work Britain could decrypt Vigenere messages sent in the Crimea, this fact was not discovered until the twentieth century. The honour of developing the statistical attack technique and cracking Vigenere was to go to the Prussian Kasiski in 1863, this technique having since been termed the “Kasiski Test”.

In 1917, Gilbert Vernam proposed a teletype cipher where a previously-prepared key, kept on a paper tape, is combined character by character with the plaintext message to produce the output ciphertext. This led to the development of the one time pad and to the use of electromechanical devices known as cipher machines.

Both cryptography and cryptoanalysis have become far more mathematical since WWII. Even so, it has taken the wide availability of computers and the Internet as a communications medium, to bring effective cryptography into common use by anyone other than national governments or similarly large enterprises.

The Enigma machine was widely used by Nazi Germany; its cryptanalysis by the Allies provided vital Ultra intelligence. By World War II, mechanical and electromechanical cipher machines were in wide use, although where such machines were impractical manual systems continued in use. Great advances were made in both cipher design and cryptanalysis, all in secrecy. Information about this period has begun to be declassified as the official British 50-year secrecy period has come to an end, as U.S. archives have slowly opened, and as assorted memoirs and articles have appeared.

The Germans made heavy use, in several variants, of an electromechanical rotor machine known as Enigma. Mathematician Marian Rejewski, at Poland’s Cipher Bureau, in December 1932 deduced the detailed structure of the German Army Enigma, using mathematics and limited documentation supplied by Captain Gustave Bertrand of French military intelligence. This was the greatest breakthrough in cryptanalysis in a thousand years and more, according to historian David Kahn. Rejewski and his mathematical Cipher Bureau colleagues, Jerzy Rycki and Henryk Zygalski, continued reading Enigma and keeping pace with the evolution of the German Army machine’s components and encipherment procedures. As the Poles’ resources became strained by the changes being introduced by the Germans, and as war loomed, the Cipher Bureau, on the Polish General Staff’s instructions, on July 25, 1939, at Warsaw, initiated French and British intelligence representatives into the secrets of Enigma decryption.

Soon after World War II broke out on 1 September 1939, key Cipher Bureau personnel were evacuated on September 17, as the Soviet Union entered eastern Poland, they crossed into Romania. From there they reached Paris, France; at PC Bruno, near Paris, they continued breaking Enigma, collaborating with British cryptologists at Bletchley Park as the British got up to speed on breaking Enigma. In due course, the British cryptographers whose ranks included many chess masters and mathematics dons such as Gordon Welchman, Max Newman, and Alan Turing the conceptual founder of modern computing substantially advanced the scale and technology of Enigma decryption.

At the end of the War, on 19 April 1945, Britain’s top military officers were told that they could never reveal that the German Enigma cipher had been broken because it would give the defeated enemy the chance to say they “were not well and fairly beaten”. [1]

US Navy cryptographers, with cooperation from British and Dutch cryptographers broke into several Japanese Navy crypto systems after 1940. The break into one of these, JN-25, famously led to the US victory in the Battle of Midway; and to the publication of that fact in the Chicago Tribune shortly after the battle, though the Japanese seem not to have noticed for they kept using the JN-25 system. A US Army group, the SIS, managed to break the highest security Japanese diplomatic cipher system (an electromechanical ‘stepping switch’ machine called Purple by the Americans) even before WWII began. The Americans referred to the intelligence resulting from cryptanalysis, perhaps especially that from the Purple machine, as ‘Magic’. The British eventually settled on ‘Ultra’ for intelligence resulting from cryptanalysis, particularly that from message traffic protected by the various Enigmas. An earlier British term for Ultra had been ‘Boniface’ in an attempt to suggest, if betrayed, that it might have an individual agent as a source.

The German military also deployed several mechanical attempts at a one-time pad. Bletchley Park called them the Fish ciphers, and Max Newman and colleagues designed and deployed the Heath Robinson, and then the world’s first programmable digital electronic computer, the Colossus, to help with their cryptanalysis. The German Foreign Office began to use the one-time pad in 1919; some of this traffic was read in WWII partly as the result of recovery of some key material in South America that was discarded without sufficient care by a German courier.

The Japanese Foreign Office used a locally developed electrical stepping switch based system, named Purple by the US, and also had used several similar machines for attaches in some Japanese embassies. One of these was called the ‘M-machine’ by the US, another was referred to as ‘Red’. All these systems were broken, to one degree or another, by the Allies.

SIGABA is described in U.S. Patent 6,175,625 , filed in 1944 but not issued until 2001. Allied cipher machines used in WWII included the British TypeX and the American SIGABA; both were electromechanical rotor designs similar in spirit to the Enigma, albeit with major improvements. Neither is known to have been broken by anyone during the War. The Poles used the Lacida machine, but its security was found to be less than intended (by Polish Army cryptographers in the UK), and its use was discontinued. US troops in the field used the M-209 and the still less secure M-94 family machines. British SOE agents initially used ‘poem ciphers’ (memorized poems were the encryption/decryption keys), but later in the War, they began to switch to one-time pads.

The VIC cipher (used at least until 1957 in connection with Rudolf Abel’s NY spy ring) was a very complex hand cipher, and is claimed to be the most complicated known to have been used by the Soviets, according to David Kahn in Kahn on Codes. For the decrypting of Soviet ciphers (particularly when one-time pads were reused), see the Venona project.

Until the 1970s, secure cryptography was largely the preserve of governments. Two events have since brought it squarely into the public domain:

The era of modern cryptography really begins with Claude Shannon, arguably the father of mathematical cryptography, with the work he did during WWII on communications security. In 1949 he published Communication Theory of Secrecy Systems in the Bell System Technical Journal and a little later the book, Mathematical Theory of Communication, with Warren Weaver. Both included results from his WWII work. These, in addition to his other works on information and communication theory established a solid theoretical basis for cryptography and also for much of cryptanalysis. And with that, cryptography more or less disappeared into secret government communications organizations such as NSA, GCHQ, and their equivalents elsewhere. Very little work was again made public until the mid ’70s, when everything changed.

The mid-1970s saw two major public i.e., non-secret; advances. First was the publication of the draft Data Encryption Standard in the U.S. Federal Register on 17 March 1975. The proposed DES cipher was submitted by a research group at IBM, at the invitation of the National Bureau of Standards (now NIST), in an effort to develop secure electronic communication facilities for businesses such as banks and other large financial organizations. After ‘advice’ and modification by NSA, acting behind the scenes, it was adopted and published as a Federal Information Processing Standard Publication in 1977 (currently at FIPS 46-3). DES was the first publicly accessible cipher to be ‘blessed’ by a national agency such as NSA. The release of its specification by NBS stimulated an explosion of public and academic interest in cryptography.

The aging DES was officially replaced by the Advanced Encryption Standard (AES) in 2001 when NIST announced FIPS 197. After an open competition, NIST selected Rijndael, submitted by two Belgian cryptographers, to be the AES. DES, and more secure variants of it (such as Triple DES; see FIPS 46-3), are still used today, having been incorporated into many national and organizational standards. However, its 56-bit key-size has been shown to be insufficient to guard against brute force attacks. One such attack, undertaken by the cyber civil-rights group Electronic Frontier Foundation in 1997, succeeded in 56 hours the story is in Cracking DES, published by O’Reilly and Associates. As a result, use of straight DES encryption is now without doubt insecure for use in new cryptosystem designs, and messages protected by older cryptosystems using DES, and indeed all messages sent since 1976 using DES, are also at risk. Regardless of DES’ inherent quality, the DES key size (56-bits) was thought to be too small by some even in 1976, perhaps most publicly by Whitfield Diffie. There was suspicion that government organizations even then had sufficient computing power to break DES messages; clearly others have achieved this capability.

The second development, in 1976, was perhaps even more important, for it fundamentally changed the way cryptosystems might work. This was the publication of the paper New Directions in Cryptography by Whitfield Diffie and Martin Hellman. It introduced a radically new method of distributing cryptographic keys, which went far toward solving one of the fundamental problems of cryptography, key distribution, and has become known as the Diffie-Hellman key exchange. The article also stimulated the almost immediate public development of a new class of enciphering algorithms, the asymmetric key algorithms.

Prior to that time, all useful modern encryption algorithms had been symmetric key algorithms, in which the same cryptographic key is used with the underlying algorithm by both the sender and the recipient, who must both keep it secret. All of the electromechanical machines used in WWII were of this logical class, as were the Caesar and Atbash ciphers and essentially all cipher systems throughout history. The ‘key’ for a code is the codebook, which must likewise be distributed and kept secret, and so shares most of the same problems in practice.

Of necessity, the key in every such system had to be exchanged between the communicating parties in some secure way prior to any use of the system (the term usually used is ‘via a secure channel’) such as a trustworthy courier with a briefcase handcuffed to a wrist, or face-to-face contact, or a loyal carrier pigeon. This key management requirement is never trivial and very rapidly becomes unmanageable as the number of participants increases, or when secure channels aren’t available for key exchange, or when, as is sensible cryptographic practice, keys are frequently changed. In particular, if messages are meant to be secure from other users, a separate key is required for each possible pair of users. A system of this kind is known as a secret key, or symmetric key cryptosystem. D-H key exchange (and succeeding improvements and variants) made operation of these systems much easier, and more secure, than had ever been possible before in all of history.

In contrast, asymmetric key encryption uses a pair of mathematically related keys, each of which decrypts the encryption performed using the other. Some, but not all, of these algorithms have the additional property that one of the paired keys cannot be deduced from the other by any known method other than trial and error. An algorithm of this kind is known as a public key or asymmetric key system. Using such an algorithm, only one key pair is needed per user. By designating one key of the pair as private (always secret), and the other as public (often widely available), no secure channel is needed for key exchange. So long as the private key stays secret, the public key can be widely known for a very long time without compromising security, making it safe to reuse the same key pair indefinitely.

For two users of an asymmetric key algorithm to communicate securely over an insecure channel, each user will need to know their own public and private keys as well as the other user’s public key. Take this basic scenario: Alice and Bob each have a pair of keys they’ve been using for years with many other users. At the start of their message, they exchange public keys, unencrypted over an insecure line. Alice then encrypts a message using her private key, and then re-encrypts that result using Bob’s public key. The double-encrypted message is then sent as digital data over a wire from Alice to Bob. Bob receives the bit stream and decrypts it using his own private key, and then decrypts that bit stream using Alice’s public key. If the final result is recognizable as a message, Bob can be confident that the message actually came from someone who knows Alice’s private key (presumably actually her if she’s been careful with her private key), and that anyone eavesdropping on the channel will need Bob’s private key in order to understand the message.

Asymmetric algorithms rely for their effectiveness on a class of problems in mathematics called one-way functions, which require relatively little computational power to execute, but vast amounts of power to reverse, if reversal is possible at all. A classic example of a one-way function is multiplication of very large prime numbers. It’s fairly quick to multiply two large primes, but very difficult to find the factors of the product of two large primes. Because of the mathematics of one-way functions, most possible keys are bad choices as cryptographic keys; only a small fraction of the possible keys of a given length are suitable, and so asymmetric algorithms require very long keys to reach the same level of security provided by relatively shorter symmetric keys. The need to both generate the key pairs, and perform the encryption/decryption operations make asymmetric algorithms computationally expensive, compared to most symmetric algorithms. Since symmetric algorithms can often use any sequence of (random, or at least unpredictable) bits as a key, a disposable session key can be quickly generated for short-term use. Consequently, it is common practice to use a long asymmetric key to exchange a disposable, much shorter (but just as strong) symmetric key. The slower asymmetric algorithm securely sends a symmetric session key, and the faster symmetric algorithm takes over for the remainder of the message.

Asymmetric key cryptography, Diffie-Hellman key exchange, and the best known of the public key / private key algorithms (i.e., what is usually called the RSA algorithm), all seem to have been independently developed at a UK intelligence agency before the public announcement by Diffie and Hellman in 1976. GCHQ has released documents claiming they had developed public key cryptography before the publication of Diffie and Hellman’s paper. Various classified papers were written at GCHQ during the 1960s and 1970s which eventually led to schemes essentially identical to RSA encryption and to Diffie-Hellman key exchange in 1973 and 1974. Some of these have now been published, and the inventors (James H. Ellis, Clifford Cocks, and Malcolm Williamson) have made public select parts of their work.

The public developments of the 1970s broke the near monopoly on high quality cryptography held by government organizations, refer to S Levy’s Crypto for a journalistic account of some of the policy controversy of the time in the US. For the first time ever, those outside government organizations had access to cryptography not readily breakable by anyone, including governments. Considerable controversy, and conflict, both public and private, began more or less immediately. It has not yet subsided. In many countries, for example, export of cryptography is subject to restrictions. Until 1996 export from the U.S. of cryptography using keys longer than 40 bits, ie too small to be very secure against a knowledgeable attacker, was sharply limited. As recently as 2004, former FBI Director Louis Freeh, testifying before the 9/11 Commission, called for new laws against public use of encryption.

One of the most significant people favouring strong encryption for public use was Phil Zimmermann. He wrote and then in 1991 released PGP (Pretty Good Privacy), a very high quality crypto system. He distributed a freeware version of PGP when he felt threatened by legislation then under consideration by the US Government that would require backdoors to be included in all cryptographic products developed within the US. His system was released worldwide shortly after he released it in the US, and that began a long criminal investigation of him by the US Government Justice Department for the alleged violation of export restrictions. The Justice Department eventually dropped its case against Zimmermann, and the freeware distribution of PGP has continued around the world. PGP even eventually became an open Internet standard, RFC 2440 or OpenPGP.

The development of cryptography has been paralleled by near equal developments in cryptoanalysis of the “breaking” of codes and ciphers. The early discovery and application of frequency analysis to the reading of encrypted communications has on occasion altered the course of history. Thus the Zimmermann Telegram triggered the United States’ entry into World War I; and Allied reading of Nazi Germany’s ciphers shortened World War II, in some evaluations by as much as two years.

Modern cryptoanalysts sometimes harness large numbers of integrated circuits. This board is part of the EFF DES cracker, which contained over 1800 custom chips and could brute force a DES key in a matter of days. While modern ciphers like AES and the higher quality asymmetric ciphers are widely considered unbreakable, poor designs and implementations are still sometimes adopted and there have been important cryptanalytic breaks of deployed crypto systems in recent years.

Notable examples of broken crypto designs include DES, the first Wi-Fi encryption scheme WEP, the Content Scrambling System used for encrypting and controlling DVD use, the A5/1 and A5/2 ciphers used in GSM cell phones, and the CRYPTO1 cipher used in the widely deployed MIFARE Classic smart cards from NXP Semiconductors, a spun off division of Philips Electronics. All of these are symmetric ciphers. Thus far, not one of the mathematical ideas underlying public key cryptography has been proven to be ‘unbreakable’, and so some future mathematical analysis advance might render systems relying on them insecure. While few informed observers foresee such a breakthrough, the key size recommended for security as best practice keeps increasing as increased computing power required for breaking codes becomes cheaper and more available.

More recent developments utilising quantum computing is the NTRUEncrypt lattice based systems first proposed in 1996. It was standardised in 2008 by the IEEE Std 1363.1. This currently appears to be the leading candidate when RSA and elliptic curve cryptography eventually need to be withdrawn. The parallels, and an ideafor quantum encryption techniques are based on the massive computational intensive thermodynamics modelling in the book by George G Szpiro.

A5/0 utilizes no encryption.

A5/1 is the original A5 algorithm used in Europe.

A5/2 is a weaker encryption algorithm created for export and used in the United States.

A5/3 is a strong encryption algorithm created as part of the 3rd Generation Partnership Project (3GPP).

Motorola build voice/data crypto radios, XTS3000, XTS5000 etc. These have DES-XL, DVI-XL, DVP-XL (noting DVP is an early first generation Securenet product).

DVP is a Motorola developed Digital Voice Privacy algorithm made in the mid-1970’s using 32bit key length.

DES is Motorola encryption algorithm that meets US Government encryption guidelines, using a 56bit DES key.

DVP-XL is Motorola proprietary encryption algorithm using 32bit key encryption.

DVI-XL is an export grade variant of DVP-XL for export outside of the US.

DES-XL is a Motorola variant of the US Government DES algorithm.

DVP and DES are self-synchronizing modes of operation, coverage range is slightly degraded due to data errors due to Rayleigh fading on radio channel.

DVP-XL, DVI-XL, DES-XL use a sync header and periodic sync updates. For operation on fading radio channels, this provides encryption coverage range similar to analog FM voice coverage.

DVP-XL, DVI-XL, and DES-XL should provide similar coverage on conventional or trunked systems. Since current generation of trunking control channels are not encrypted, someone could monitor which talkgroups are active and the general level of activity, even though they could not monitor the talkgroup conversations on the traffic channels.

DES-OFB used output feedback for error correction.

ADP is a 40bit key length software based encryption method, simple, but restricts hardware updates.

AES-256, these algorithms that use a 256 bit key length.

Microsoft messed up the Windows 3.1 and Windows 95 password file (.PWL) encryption key processing, providing a maximum of 32 bits of keyspace. A dictionary attack could recover most password in a few seconds. Frank Stevenson extended this attack by taking advantage of the fact that the RC4 cipher that Microsoft used was a pure keystream generator, allowing all information protected with it to be recovered in a fraction of a second, even with more recent upgrades to 128bit keys.

The idea of self encrypting polymorphic viruses gained popularity in the early 1990s and brought to life generators of polymorphic code – in early 1992 the famous “Dedicated” virus appears, based on the first known polymorphic generator MtE and the first in a series of MtE-viruses; shortly after that there appears the polymorphic generator itself.

Cryptography is featured heavily in the 1998 film Mercury Rising with Bruce Willis, Alec Baldwin and Miko Hughes.

The 1992 film Sneakers touches on crypro techniques, and the 1988 Vietnam war film Bat 21 shows a crypto style graphical map key used to rescue a general.

“The Cryptographer”, Tobias Hill, Faber and Faber, 2003. Fiction. Investigative novel around the world’s first Quadrillionaire who made money from code breaking.

Bamford, James. The Puzzle Palace. Boston: Houghton Mifflin, 1982.

Bennett, Charles, Gilles Brassard, and Artur K. Ekert. Quantum Cryptography. Scientific American 267, Issue 4,July 1992.

Coe, Michael D. Breaking the Maya Code. London and New York: Thames and Hudson, 1992.

Fouche Gaines, Helen. Cryptanalysis: A Study of Ciphers and Their Solution. New York: Dover Publications, 1956.

Kahn, David. The Codebreakers, rev. ed. New York: Scribner, 1996.

Mel, H.X., and Doris Baker. Cryptography Decrypted. Boston, MA: Addison, Wesley, 2001.

Menezes, A. J., Paul C. Oorschot, and S. Vanstone. Handbook of Applied Cryptography. Boca Raton: CRC Press, 1996.

Port, Otis with Inka Resch, Theyre Listening to Your Calls. Businessweek, May 31, 1999.

Russell, Francis. The Secret War. Virginia: Time-Life Books, 1981.

Singh, Simon. The Code Book. New York: Doubleday, 1998.

Szpiro, George G. The Secret Life of Numbers. Washington, DC: Joseph Henry Press, 2006

Encryption Wars Article – Spectrum Magazine May 2000

Exhaustive Cryptoanalysis of the NBS Data Encryption Standard

# What is Cryptography & Types of Cryptography | Synopsys

With symmetric cryptography, the same key is used for both encryption and decryption. A sender and a recipient must already have a shared key that is known to both. Key distribution is a tricky problemand was the impetus for developing asymmetric cryptography.

With asymmetric crypto, two different keys are used for encryption and decryption. Every user in an asymmetric cryptosystem has both a public key and a private key. The private key is kept secret at all times, but the public key may be freely distributed.

Data encrypted with a public key may only be decrypted with the corresponding private key. So, sending a message to John requires encrypting that message with Johns public key. Only John can decrypt the message, as only John has his private key. Any data encrypted with a private key can only be decrypted with the corresponding public key. Similarly, Jane could digitally sign a message with her private key, and anyone with Janes public key could decrypt the signed message and verify that it was in fact Jane who sent it.

Symmetric is generally very fast and ideal for encrypting large amounts of data (e.g., an entire disk partition or database). Asymmetric is much slower and can only encrypt pieces of data that are smaller than the key size (typically 2048 bits or smaller). Thus, asymmetric crypto is generally used to encrypt symmetric encryption keys which are then used to encrypt much larger blocks of data. For digital signatures, asymmetric crypto is generally used to encrypt the hashes of messages rather than entire messages.

A cryptosystem provides for managing cryptographic keys including generation, exchange, storage, use, revocation, and replacement of the keys.

Originally posted here:
What is Cryptography & Types of Cryptography | Synopsys

# Cryptology – Cryptography | Britannica.com

The easiest way to describe the techniques on which cryptography depends is first to examine some simple cipher systems and then abstract from these examples features that apply to more complex systems. There are two basic kinds of mathematical operations used in cipher systems: transpositions and substitutions. Transpositions rearrange the symbols in the plaintext without changing the symbols themselves. Substitutions replace plaintext elements (symbols, pairs of symbols, etc.) with other symbols or groups of symbols without changing the sequence in which they occur.

In manual systems transpositions are generally carried out with the aid of an easily remembered mnemonic. For example, a popular schoolboy cipher is the rail fence, in which letters of the plaintext are written alternating between rows and the rows are then read sequentially to give the cipher. In a depth-two rail fence (two rows) the message WE ARE DISCOVERED SAVE YOURSELF would be written

Simple frequency counts on the ciphertext would reveal to the cryptanalyst that letters occur with precisely the same frequency in the cipher as in an average plaintext and, hence, that a simple rearrangement of the letters is probable.

The rail fence is the simplest example of a class of transposition ciphers, known as route ciphers, that enjoyed considerable popularity in the early history of cryptology. In general, the elements of the plaintext (usually single letters) are written in a prearranged order (route) into a geometric array (matrix)typically a rectangleagreed upon in advance by the transmitter and receiver and then read off by following another prescribed route through the matrix to produce the cipher. The key in a route cipher consists of keeping secret the geometric array, the starting point, and the routes. Clearly, both the matrix and the routes can be much more complex than in this example; but even so, they provide little security. One form of transposition (permutation) that was widely used depends on an easily remembered key word for identifying the route in which the columns of a rectangular matrix are to be read. For example, using the key word AUTHOR and ordering the columns by the lexicographic order of the letters in the key word

In decrypting a route cipher, the receiver enters the ciphertext symbols into the agreed-upon matrix according to the encryption route and then reads the plaintext according to the original order of entry. A significant improvement in cryptosecurity can be achieved by reencrypting the cipher obtained from one transposition with another transposition. Because the result (product) of two transpositions is also a transposition, the effect of multiple transpositions is to define a complex route in the matrix, which in itself would be difficult to describe by any simple mnemonic. (See Product ciphers, below.)

In the same class also fall systems that make use of perforated cardboard matrices called grilles; descriptions of such systems can be found in most older books on cryptography. In contemporary cryptography, transpositions serve principally as one of several encryption steps in forming a compound or product cipher.

In substitution ciphers, units of the plaintext (generally single letters or pairs of letters) are replaced with other symbols or groups of symbols, which need not be the same as those used in the plaintext. For instance, in Sir Arthur Conan Doyles Adventure of the Dancing Men (1903), Sherlock Holmes solves a monoalphabetic substitution cipher in which the ciphertext symbols are stick figures of a human in various dancelike poses.

The simplest of all substitution ciphers are those in which the cipher alphabet is merely a cyclical shift of the plaintext alphabet. Of these, the best-known is the Caesar cipher, used by Julius Caesar, in which A is encrypted as D, B as E, and so forth. As many a schoolboy has discovered to his embarrassment, cyclical-shift substitution ciphers are not secure. And as is pointed out in the section Cryptanalysis, neither is any other monoalphabetic substitution cipher in which a given plaintext symbol is always encrypted into the same ciphertext symbol. Because of the redundancy of the English language, only about 25 symbols of ciphertext are required to permit the cryptanalysis of monoalphabetic substitution ciphers, which makes them a popular source for recreational cryptograms. The explanation for this weakness is that the frequency distributions of symbols in the plaintext and in the ciphertext are identical, only the symbols having been relabeled. In fact, any structure or pattern in the plaintext is preserved intact in the ciphertext, so that the cryptanalysts task is an easy one.

There are two main approaches that have been employed with substitution ciphers to lessen the extent to which structure in the plaintextprimarily single-letter frequenciessurvives in the ciphertext. One approach is to encrypt elements of plaintext consisting of two or more symbols; e.g., digraphs and trigraphs. The other is to use several cipher alphabets. When this approach of polyalphabetic substitution is carried to its limit, it results in onetime keys, or pads.

In cryptosystems for manually encrypting units of plaintext made up of more than a single letter, only digraphs were ever used. By treating digraphs in the plaintext as units rather than as single letters, the extent to which the raw frequency distribution survives the encryption process can be lessened but not eliminated, as letter pairs are themselves highly correlated. The best-known digraph substitution cipher is the Playfair, invented by Sir Charles Wheatstone but championed at the British Foreign Office by Lyon Playfair, the first Baron Playfair of St. Andrews. Below is an example of a Playfair cipher, solved by Lord Peter Wimsey in Dorothy L. Sayerss Have His Carcase (1932). Here, the mnemonic aid used to carry out the encryption is a 5 5-square matrix containing the letters of the alphabet (I and J are treated as the same letter). A key word, MONARCHY in this example, is filled in first, and the remaining unused letters of the alphabet are entered in their lexicographic order:

Plaintext digraphs are encrypted with the matrix by first locating the two plaintext letters in the matrix. They are (1) in different rows and columns; (2) in the same row; (3) in the same column; or (4) alike. The corresponding encryption (replacement) rules are the following:

When the two letters are in different rows and columns, each is replaced by the letter that is in the same row but in the other column; i.e., to encrypt WE, W is replaced by U and E by G.

When A and R are in the same row, A is encrypted as R and R (reading the row cyclically) as M.

When I and S are in the same column, I is encrypted as S and S as X.

When a double letter occurs, a spurious symbol, say Q, is introduced so that the MM in SUMMER is encrypted as NL for MQ and CL for ME.

An X is appended to the end of the plaintext if necessary to give the plaintext an even number of letters.

Encrypting the familiar plaintext example using Sayerss Playfair array yields:

If the frequency distribution information were totally concealed in the encryption process, the ciphertext plot of letter frequencies in Playfair ciphers would be flat. It is not. The deviation from this ideal is a measure of the tendency of some letter pairs to occur more frequently than others and of the Playfairs row-and-column correlation of symbols in the ciphertextthe essential structure exploited by a cryptanalyst in solving Playfair ciphers. The loss of a significant part of the plaintext frequency distribution, however, makes a Playfair cipher harder to cryptanalyze than a monoalphabetic cipher.

The other approach to concealing plaintext structure in the ciphertext involves using several different monoalphabetic substitution ciphers rather than just one; the key specifies which particular substitution is to be employed for encrypting each plaintext symbol. The resulting ciphers, known generically as polyalphabetics, have a long history of usage. The systems differ mainly in the way in which the key is used to choose among the collection of monoalphabetic substitution rules.

The best-known polyalphabetics are the simple Vigenre ciphers, named for the 16th-century French cryptographer Blaise de Vigenre. For many years this type of cipher was thought to be impregnable and was known as le chiffre indchiffrable, literally the unbreakable cipher. The procedure for encrypting and decrypting Vigenre ciphers is illustrated in the figure.

In the simplest systems of the Vigenre type, the key is a word or phrase that is repeated as many times as required to encipher a message. If the key is DECEPTIVE and the message is WE ARE DISCOVERED SAVE YOURSELF, then the resulting cipher will be

The graph shows the extent to which the raw frequency of occurrence pattern is obscured by encrypting the text of this article using the repeating key DECEPTIVE. Nevertheless, in 1861 Friedrich W. Kasiski, formerly a German army officer and cryptanalyst, published a solution of repeated-key Vigenre ciphers based on the fact that identical pairings of message and key symbols generate the same cipher symbols. Cryptanalysts look for precisely such repetitions. In the example given above, the group VTW appears twice, separated by six letters, suggesting that the key (i.e., word) length is either three or nine. Consequently, the cryptanalyst would partition the cipher symbols into three and nine monoalphabets and attempt to solve each of these as a simple substitution cipher. With sufficient ciphertext, it would be easy to solve for the unknown key word.

The periodicity of a repeating key exploited by Kasiski can be eliminated by means of a running-key Vigenre cipher. Such a cipher is produced when a nonrepeating text is used for the key. Vigenre actually proposed concatenating the plaintext itself to follow a secret key word in order to provide a running key in what is known as an autokey.

Even though running-key or autokey ciphers eliminate periodicity, two methods exist to cryptanalyze them. In one, the cryptanalyst proceeds under the assumption that both the ciphertext and the key share the same frequency distribution of symbols and applies statistical analysis. For example, E occurs in English plaintext with a frequency of 0.0169, and T occurs only half as often. The cryptanalyst would, of course, need a much larger segment of ciphertext to solve a running-key Vigenre cipher, but the basic principle is essentially the same as beforei.e., the recurrence of like events yields identical effects in the ciphertext. The second method of solving running-key ciphers is commonly known as the probable-word method. In this approach, words that are thought most likely to occur in the text are subtracted from the cipher. For example, suppose that an encrypted message to President Jefferson Davis of the Confederate States of America was intercepted. Based on a statistical analysis of the letter frequencies in the ciphertext, and the Souths encryption habits, it appears to employ a running-key Vigenre cipher. A reasonable choice for a probable word in the plaintext might be PRESIDENT. For simplicity a space will be encoded as a 0. PRESIDENT would then be encodednot encryptedas 16, 18, 5, 19, 9, 4, 5, 14, 20 using the rule A = 1, B = 2, and so forth. Now these nine numbers are added modulo 27 (for the 26 letters plus a space symbol) to each successive block of nine symbols of ciphertextshifting one letter each time to form a new block. Almost all such additions will produce random-like groups of nine symbols as a result, but some may produce a block that contains meaningful English fragments. These fragments can then be extended with either of the two techniques described above. If provided with enough ciphertext, the cryptanalyst can ultimately decrypt the cipher. What is important to bear in mind here is that the redundancy of the English language is high enough that the amount of information conveyed by every ciphertext component is greater than the rate at which equivocation (i.e., the uncertainty about the plaintext that the cryptanalyst must resolve to cryptanalyze the cipher) is introduced by the running key. In principle, when the equivocation is reduced to zero, the cipher can be solved. The number of symbols needed to reach this point is called the unicity distanceand is only about 25 symbols, on average, for simple substitution ciphers.

In 1918 Gilbert S. Vernam, an engineer for the American Telephone & Telegraph Company (AT&T), introduced the most important key variant to the Vigenre system. At that time all messages transmitted over AT&Ts teleprinter system were encoded in the Baudot Code, a binary code in which a combination of marks and spaces represents a letter, number, or other symbol. Vernam suggested a means of introducing equivocation at the same rate at which it was reduced by redundancy among symbols of the message, thereby safeguarding communications against cryptanalytic attack. He saw that periodicity (as well as frequency information and intersymbol correlation), on which earlier methods of decryption of different Vigenre systems had relied, could be eliminated if a random series of marks and spaces (a running key) were mingled with the message during encryption to produce what is known as a stream or streaming cipher.

There was one serious weakness in Vernams system, however. It required one key symbol for each message symbol, which meant that communicants would have to exchange an impractically large key in advancei.e., they had to securely exchange a key as large as the message they would eventually send. The key itself consisted of a punched paper tape that could be read automatically while symbols were typed at the teletypewriter keyboard and encrypted for transmission. This operation was performed in reverse using a copy of the paper tape at the receiving teletypewriter to decrypt the cipher. Vernam initially believed that a short random key could safely be reused many times, thus justifying the effort to deliver such a large key, but reuse of the key turned out to be vulnerable to attack by methods of the type devised by Kasiski. Vernam offered an alternative solution: a key generated by combining two shorter key tapes of m and n binary digits, or bits, where m and n share no common factor other than 1 (they are relatively prime). A bit stream so computed does not repeat until mn bits of key have been produced. This version of the Vernam cipher system was adopted and employed by the U.S. Army until Major Joseph O. Mauborgne of the Army Signal Corps demonstrated during World War I that a cipher constructed from a key produced by linearly combining two or more short tapes could be decrypted by methods of the sort employed to cryptanalyze running-key ciphers. Mauborgnes work led to the realization that neither the repeating single-key nor the two-tape Vernam-Vigenre cipher system was cryptosecure. Of far greater consequence to modern cryptologyin fact, an idea that remains its cornerstonewas the conclusion drawn by Mauborgne and William F. Friedman that the only type of cryptosystem that is unconditionally secure uses a random onetime key. The proof of this, however, was provided almost 30 years later by another AT&T researcher, Claude Shannon, the father of modern information theory.

In a streaming cipher the key is incoherenti.e., the uncertainty that the cryptanalyst has about each successive key symbol must be no less than the average information content of a message symbol. The dotted curve in the figure indicates that the raw frequency of occurrence pattern is lost when the draft text of this article is encrypted with a random onetime key. The same would be true if digraph or trigraph frequencies were plotted for a sufficiently long ciphertext. In other words, the system is unconditionally secure, not because of any failure on the part of the cryptanalyst to find the right cryptanalytic technique but rather because he is faced with an irresolvable number of choices for the key or plaintext message.

In the discussion of transposition ciphers it was pointed out that by combining two or more simple transpositions, a more secure encryption may result. In the days of manual cryptography this was a useful device for the cryptographer, and in fact double transposition or product ciphers on key word-based rectangular matrices were widely used. There was also some use of a class of product ciphers known as fractionation systems, wherein a substitution was first made from symbols in the plaintext to multiple symbols (usually pairs, in which case the cipher is called a biliteral cipher) in the ciphertext, which was then encrypted by a final transposition, known as superencryption. One of the most famous field ciphers of all time was a fractionation system, the ADFGVX cipher employed by the German army during World War I. This system used a 6 6 matrix to substitution-encrypt the 26 letters and 10 digits into pairs of the symbols A, D, F, G, V, and X. The resulting biliteral cipher was then written into a rectangular array and route encrypted by reading the columns in the order indicated by a key word, as illustrated in the figure.

The great French cryptanalyst Georges J. Painvin succeeded in cryptanalyzing critical ADFGVX ciphers in 1918, with devastating effect for the German army in the battle for Paris.

# Definition of Cryptography | What is Cryptography …

Definition: Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa. It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. Cryptography not only protects data from theft or alteration, but can also be used for user authentication.

Description: Earlier cryptography was effectively synonymous with encryption but nowadays cryptography is mainly based on mathematical theory and computer science practice.

Modern cryptography concerns with:

Confidentiality – Information cannot be understood by anyone

Integrity – Information cannot be altered.

Non-repudiation – Sender cannot deny his/her intentions in the transmission of the information at a later stage

Authentication – Sender and receiver can confirm each

Cryptography is used in many applications like banking transactions cards, computer passwords, and e- commerce transactions.

Three types of cryptographic techniques used in general.

1. Symmetric-key cryptography

2. Hash functions.

3. Public-key cryptography

Symmetric-key Cryptography: Both the sender and receiver share a single key. The sender uses this key to encrypt plaintext and send the cipher text to the receiver. On the other side the receiver applies the same key to decrypt the message and recover the plain text.

Public-Key Cryptography: This is the most revolutionary concept in the last 300-400 years. In Public-Key Cryptography two related keys (public and private key) are used. Public key may be freely distributed, while its paired private key, remains a secret. The public key is used for encryption and for decryption private key is used.

Hash Functions: No key is used in this algorithm. A fixed-length hash value is computed as per the plain text that makes it impossible for the contents of the plain text to be recovered. Hash functions are also used by many operating systems to encrypt passwords.

# StoreName Enumeration (System.Security.Cryptography …

This documentation is archived and is not being maintained.

.NET Framework (current version)

The .NET API Reference documentation has a new home. Visit the .NET API Browser on docs.microsoft.com to see the new experience.

Specifies the name of the X.509 certificate store to open.

System (in System.dll)

The X.509 certificate store for other users.

The X.509 certificate store for third-party certificate authorities (CAs).

The X.509 certificate store for intermediate certificate authorities (CAs).

The X.509 certificate store for revoked certificates.

The X.509 certificate store for personal certificates.

The X.509 certificate store for trusted root certificate authorities (CAs).

The X.509 certificate store for directly trusted people and resources.

The X.509 certificate store for directly trusted publishers.

This enumeration specifies the X.509 store name, which also includes the type of certificates included. For example, My includes personal certificates, whereas Disallowed includes only revoked certificates.

The following code example opens an X.509 certificate store, adds and deletes certificates, and then closes the store. It assumes you have three certificates to add to and remove from a local store.

.NET Framework Available since 2.0

See more here:
StoreName Enumeration (System.Security.Cryptography …

# Reviews for Cryptography from Coursera | Class Central

Understand and Apply Fundamental Concepts of CryptographyModule Topics: Encryption Concepts, Methods of Cryptography, Specific Hashing, In Encryption Concepts you will learn about key concepts and definitions and high work factor. In Methods of Cryptography you will learn about stream-based ciphers, stream-based cipher rules, block ciphers, Initialization Vectors (IV) Why are they needed? basic block cipher modes, evaluation of algorithms, common encryption techniques, encryption algorithm characteristics, and hashing. In Specific Hashing you will learn about message digest (MD) 2, 4, and 5, secure hash algorithm (SHA) 0, 1, and 2, hAVAL, RIPEMD-160, attacks on hashing algorithms and message authentication codes, and the birthday paradox.

Operate and Implement Cryptographic SystemModule Topics: Public Key Infrastructure (PKI), Fundamental Key Management concepts, Creation and Distribution of Keys, Web of Trust, Secure Protocols. In PKI you will learn about functions of CA, establishing trust, and X.509v3 certification issued by VeriSign. In Fundamental Key Management Concepts you will learn about standards for financial institutions, segregation of duties, and examples. In Creation and Distribution of Keys you will learn about truly random, random, generating a two-key encryption key set, key length, Asymmetric key length, key wrapping and key encryption keys, key distribution, key distribution centers, key storage and destruction, factors affecting risk exposure, cost of certificate replacement/revocation, key recovery, key escrow. In Secure Protocols you will learn about Authentication Header (AH), Encapsulating Security Payload (ESP), security associations, transport mode and tunnel mode, Internet Key Exchange (IKE), Secure/Multipurpose Internet Mail Extensions (S/MIME), S/MIME provides two security services, digital signatures, process for verifying a digital signature of an E-Mail message, message encryption, process for encryption of an E-Mail message, process for decrypting an E-Mail message, process of digitally signing and encrypting an E-mail message, process of decrypting an E-Mail message and verifying a digital signature, and triple-wrapped messages.

Cryptography Case StudyThis assignment is based on a case study that will require the student to put into practice the knowledge they have gained through the course. It requires the basic understanding of the topics and the ability to relate those topics to the real world. The objective of review is to determine whether the student has understood the concepts and has performed the necessary analysis to ensure a complete and thorough answer.

End-of-Course Assessment

# Applied Cryptography: Protocols, Algorithms and Source …

Praise for Applied Cryptography

“This book should be on the shelf of any computer professional involved in the use or implementation of cryptography.” IEEE Software

“An encyclopedic survey … could well have been subtitled ‘The Joy of Encrypting’ … a useful addition to the library of any active or would-be security practitioner.” Cryptologia

“…the best introduction to cryptography I’ve ever seen…The book the National Security Agency wanted never to be published…” Wired magazine

“…easily ranks as one of the most authoritative in its field…” PC magazine

“…monumental…fascinating…comprehensive…the definitive work on cryptography for computer programmers…” Dr. Dobb’s journal

Written by the world’s most renowned security technologist this special Anniversary Edition celebrates 20 years for the most definitive reference on cryptography ever published, Applied Cryptography, Protocols, Algorithms, and Source Code in C. Inside security enthusiasts will find a compelling introduction by author Bruce Schneider written specifically for this keepsake edition.

Included in this edition:

# Export of cryptography from the United States – Wikipedia

The export of cryptographic technology and devices from the United States was severely restricted by U.S. law until 1992, but was gradually eased until 2000; some restrictions still remain.

Since World War II, many governments, including the U.S. and its NATO allies, have regulated the export of cryptography for national security reasons, and, as late as 1992, cryptography was on the U.S. Munitions List as an Auxiliary Military Equipment.[2]

Due to the enormous impact of cryptanalysis in World War II, these governments saw the military value in denying current and potential enemies access to cryptographic systems. Since the U.S. and U.K. believed they had better cryptographic capabilities than others, their intelligence agencies tried to control all dissemination of the more effective crypto techniques. They also wished to monitor the diplomatic communications of other nations, including those emerging in the post-colonial period and whose position on Cold War issues was vital.[3]

The First Amendment made controlling all use of cryptography inside the U.S. illegal, but controlling access to U.S. developments by others was more practical there were no constitutional impediments.

Accordingly, regulations were introduced as part of munitions controls which required licenses to export cryptographic methods (and even their description); the regulations established that cryptography beyond a certain strength (defined by algorithm and length of key) would not be licensed for export except on a case-by-case basis. This policy was also adopted elsewhere for various reasons.

The development and public release of Data Encryption Standard (DES) and asymmetric key techniques in the 1970s, the rise of the Internet, and the willingness of some to risk and resist prosecution, eventually made this policy impossible to enforce, and by the late 1990s it was being relaxed in the U.S., and to some extent (e.g., France) elsewhere. As late as 1997, NSA officials in the US were concerned that the widespread use of strong encryption will frustrate their ability to provide SIGINT regarding foreign entities, including terrorist groups operating internationally. NSA officials anticipated that the American encryption software backed by an extensive infrastructure, when marketed, was likely to become a standard for international communications.[4] In 1997, Louis Freeh, then the Director of the FBI, said

For law enforcement, framing the issue is simple. In this time of dazzling telecommunications and computer technology where information can have extraordinary value, the ready availability of robust encryption is essential. No one in law enforcement disputes that. Clearly, in today’s world and more so in the future, the ability to encrypt both contemporaneous communications and stored data is a vital component of information security.

As is so often the case, however, there is another aspect to the encryption issue that if left unaddressed will have severe public safety and national security ramifications. Law enforcement is in unanimous agreement that the widespread use of robust non-key recovery encryption ultimately will devastate our ability to fight crime and prevent terrorism. Uncrackable encryption will allow drug lords, spies, terrorists and even violent gangs to communicate about their crimes and their conspiracies with impunity. We will lose one of the few remaining vulnerabilities of the worst criminals and terrorists upon which law enforcement depends to successfully investigate and often prevent the worst crimes.

For this reason, the law enforcement community is unanimous in calling for a balanced solution to this problem.[5]

In the early days of the Cold War, the U.S. and its allies developed an elaborate series of export control regulations designed to prevent a wide range of Western technology from falling into the hands of others, particularly the Eastern bloc. All export of technology classed as ‘critical’ required a license. CoCom was organized to coordinate Western export controls.

Two types of technology were protected: technology associated only with weapons of war (“munitions”) and dual use technology, which also had commercial applications. In the U.S., dual use technology export was controlled by the Department of Commerce, while munitions were controlled by the State Department. Since in the immediate post WWII period the market for cryptography was almost entirely military, the encryption technology (techniques as well as equipment and, after computers became important, crypto software) was included as a Category XIII item into the United States Munitions List. The multinational control of the export of cryptography on the Western side of the cold war divide was done via the mechanisms of CoCom.

By the 1960s, however, financial organizations were beginning to require strong commercial encryption on the rapidly growing field of wired money transfer. The U.S. Government’s introduction of the Data Encryption Standard in 1975 meant that commercial uses of high quality encryption would become common, and serious problems of export control began to arise. Generally these were dealt with through case-by-case export license request proceedings brought by computer manufacturers, such as IBM, and by their large corporate customers.

Encryption export controls became a matter of public concern with the introduction of the personal computer. Phil Zimmermann’s PGP cryptosystem and its distribution on the Internet in 1991 was the first major ‘individual level’ challenge to controls on export of cryptography. The growth of electronic commerce in the 1990s created additional pressure for reduced restrictions.

In 1992, a deal between NSA and the SPA made 40-bit RC2 and RC4 encryption easily exportable using a Commodity Jurisdiction (which transferred control from the State Department to the Commerce Department). At this stage Western governments had, in practice, a split personality when it came to encryption; policy was made by the military cryptanalysts, who were solely concerned with preventing their ‘enemies’ acquiring secrets, but that policy was then communicated to commerce by officials whose job was to support industry.

Shortly afterward, Netscape’s SSL technology was widely adopted as a method for protecting credit card transactions using public key cryptography. Netscape developed two versions of its web browser. The “U.S. edition” supported full size (typically 1024-bit or larger) RSA public keys in combination with full size symmetric keys (secret keys) (128-bit RC4 or 3DES in SSL 3.0 and TLS 1.0). The “International Edition” had its effective key lengths reduced to 512 bits and 40 bits respectively (RSA_EXPORT with 40-bit RC2 or RC4 in SSL 2.0, SSL 3.0 and TLS 1.0), by zero-padding 88 bits of the normal 128-bit symmetric key[6]. Acquiring the ‘U.S. domestic’ version turned out to be sufficient hassle that most computer users, even in the U.S., ended up with the ‘International’ version,[7] whose weak 40-bit encryption could be broken in a matter of days using a single computer. A similar situation occurred with Lotus Notes for the same reasons.

Legal challenges by Peter Junger and other civil libertarians and privacy advocates, the widespread availability of encryption software outside the U.S., and the perception by many companies that adverse publicity about weak encryption was limiting their sales and the growth of e-commerce, led to a series of relaxations in US export controls, culminating in 1996 in President Bill Clinton signing the Executive order 13026[8] transferring the commercial encryption from the Munition List to the Commerce Control List. Furthermore, the order stated that, “the software shall not be considered or treated as ‘technology'” in the sense of Export Administration Regulations. The Commodity Jurisdiction process was replaced with a Commodity Classification process, and a provision was added to allow export of 56-bit encryption if the exporter promised to add “key recovery” backdoors by the end of 1998. In 1999, the EAR was changed to allow 56-bit encryption and 1024-bit RSA to be exported without any backdoors, and new SSL cipher suites were introduced to support this (RSA_EXPORT1024 with 56-bit RC4 or DES). In 2000, the Department of Commerce implemented rules that greatly simplified the export of commercial and open source software containing cryptography, including allowing the key length restrictions to be removed after going through the Commodity Classification process.[9]

This section needs to be updated. Please update this article to reflect recent events or newly available information. (October 2016)

As of 2009[update], non-military cryptography exports from the U.S. are controlled by the Department of Commerce’s Bureau of Industry and Security.[10] Some restrictions still exist, even for mass market products, particularly with regard to export to “rogue states” and terrorist organizations. Militarized encryption equipment, TEMPEST-approved electronics, custom cryptographic software, and even cryptographic consulting services still require an export license[10](pp.67). Furthermore, encryption registration with the BIS is required for the export of “mass market encryption commodities, software and components with encryption exceeding 64 bits” (75 FR 36494). In addition, other items require a one-time review by, or notification to, BIS prior to export to most countries.[10] For instance, the BIS must be notified before open-source cryptographic software is made publicly available on the Internet, though no review is required.[11] Export regulations have been relaxed from pre-1996 standards, but are still complex.[10] Other countries, notably those participating in the Wassenaar Arrangement,[12] have similar restrictions.[13]

U.S. non-military exports are controlled by Export Administration Regulations (EAR), a short name for the U.S. Code of Federal Regulations (CFR) Title 15 chapter VII, subchapter C.

Encryption items specifically designed, developed, configured, adapted or modified for military applications (including command, control and intelligence applications) are controlled by the Department of State on the United States Munitions List.

Encryption export terminology is defined in EAR part 772.1.[14] In particular:

Export destinations are classified by the EAR Supplement No. 1 to Part 740 into four country groups (A, B, D, E) with further subdivisions;[15] a country can belong to more than one group. For the purposes of encryption, groups B, D:1, and E:1 are important:

The EAR Supplement No. 1 to Part 738 (Commerce Country Chart) contains the table with country restrictions.[16] If a line of table that corresponds to the country contains an X in the reason for control column, the export of a controlled item requires a license, unless an exception can be applied. For the purposes of encryption, the following three reasons for control are important:

For export purposes each item is classified with the Export Control Classification Number (ECCN) with the help of the Commerce Control List (CCL, Supplement No. 1 to the EAR part 774). In particular:[10]

An item can be either self-classified, or a classification (“review”) requested from the BIS. A BIS review is required for typical items to get the 5A992 or 5D992 classification.

# Introduction to Cryptography: Simple Guide for Beginners …

Introduction to Cryptography

Cryptography, or the art and science of encrypting sensitive information, was once exclusive to the realms of government, academia, and the military. However, with recent technological advancements, cryptography has begun to permeate all facets of everyday life.

Everything from your smartphone to your banking relies heavily on cryptography to keep your information safe and your livelihood secure.

And unfortunately, due to the inherent complexities of cryptography, many people assume that this is a topic better left to black hat hackers, multi-billion dollar conglomerates, and the NSA.

But nothing could be further from the truth.

With the vast amounts of personal data circulating the Internet, it is more important now than ever before to learn how to successfully protect yourself from individuals with ill intentions.

In this article, I am going to present you with a simple beginners guide to cryptography.

My goal is to help you understand exactly what cryptography is, how its, how its used, and how you can apply it to improve your digital security and make yourself hacker-proof. Heres table of contents:

Since the dawn of human civilization, information has been one of our most treasured assets.

Our species ability (or inability) to keep secrets and hide information has eliminated political parties, shifted the tide of wars, and toppled entire governments.

Lets go back to the American Revolutionary War for a quick example of cryptography in practice.

Suppose that a valuable piece of information regarding the British Armys plan to attack an American encampment was intercepted by local militia.

Since this is 1776 and therefore pre-iPhone, General Washington couldnt just shoot a quick text to the commanding officers at the encampment in question.

He would have to send a messenger who would either transport some form of written correspondence, or keep the message locked away in their head.

And heres where the Founding Fathers would have hit a snag.

The aforementioned messenger must now travel through miles and miles of enemy territory risking capture and death in order to relay the message.

And If he was intercepted? It spelled bad news for team USA.

The British captors could have simply killed the messenger on sight, putting an end to the communication.

They could have persuaded him to share the contents of the message, which would then render the information useless.

Or, if the messenger was a friend of Benedict Arnolds, they could have simply bribed the messenger to spread false information, resulting in the deaths of thousands of American militia.

However, with the careful application of cryptography, Washington could have applied an encryption method known as a cipher (more on this in a second) to keep the contents of the message safe from enemy hands.

Assuming that he entrusted the cipher to only his most loyal officers, this tactic would ensure that even if the message was intercepted, the messenger would have no knowledge of its contents. The data would therefore be indecipherable and useless to the enemy.

Now lets look at a more modern example, banking.

Every day, sensitive financial records are transmitted between banks, payment processors, and their customers. And whether you realize it or not, all of these records have to be stored at some point in a large database.

Without cryptography, this would be a problem, a very big problem.

If any of these records were stored or transmitted without encryption, it would be open season for hackers and your bank account would quickly dwindle down to \$0.

However, the banks know this and have gone through an extensive process to apply advanced encryption methods to keep your information out of the hands of hackers and food on your table.

So now that you have a 30,000-foot view of cryptography and how it has been used, lets talk about some of the more technical details surrounding this topic.

*Note: For the purposes of this article, I will refer to messages in an easily readable format as plaintext and encrypted or unreadable messages as ciphertext. Please note that the words encryption and cryptography will also be used interchangeably*

Cryptography, at its most fundamental level, requires two steps: encryption and decryption. The encryption process uses a cipher in order to encrypt plaintext and turn it into ciphertext. Decryption, on the other hand, applies that same cipher to turn the ciphertext back into plaintext.

Heres an example of how this works.

Lets say that you wanted to encrypt a the simple message, Hello.

So our plaintext (message) is Hello.

We can now apply one of the simplest forms of encryption known as Caesars Cipher (also known as a shift cipher) to the message.

With this cipher, we simply shift each letter a set number of spaces up or down the alphabet.

So for example, the image below shows a shift of 3 letters.

Meaning that:

By applying this cipher, our plaintext Hello turns into the ciphertext Khoor

To the untrained eye Khoor looks nothing like Hello. However, with knowledge of Caesars cipher, even the most novice cryptographer could quickly decrypt the message and uncover its contents.

Before we continue, I want to touch on a more advanced topic known as polymorphism.

While the intricacies of this topic stretch far beyond the realm of this guide, its increasing prevalence mandates that I include a brief explanation.

Polymorphism is basically a cipher that changes itself with each use. Meaning that each time it is used, it produces a different set of results. So, if you encrypted the exact same set of data twice, each new encryption would be different from the previous one.

Lets go back to our original example with the plaintext Hello. While the first encryption would result in Khoor, with the application of a polymorphic cipher, the second encryption could result in something like Gdkkn (where each letter is shifted down a rung of the alphabet)

Polymorphism is most commonly used in cipher algorithms to encrypt computers, software, and cloud-based information.

I want to preface the rest of this article with a warning.

Throughout the rest of this article, I will be explaining exactly how cryptography works and how it is applied today. In doing so, I will have to employ a significant amount of technical jargon that may feel tedious at times.

But bear with me and pay attention. Understanding how all of the pieces fit together will ensure that you are able to maximize your personal security and keep your information out of the wrong hands.

So before I go full blast, explaining symmetric and asymmetric cryptography, AES, and MD5, I want to explain, in Laymans terms, why this matters and why you should care.

For starters, lets discuss the only real alternative to cryptography, obfuscation. Obfuscation is defined as The act of making something unclear, obscure, or unintelligible. It means that, in order to transmit a secure message, you must hold back some of the information required to understand the message.

Which, by default, means it would only take one person with knowledge of the original message to divulge the missing pieces to the public.

With cryptography, a specific key and numerous calculations are required. Even if someone knew the encryption method used, they wouldnt be able to decrypt the message without the corresponding key, making your information much more secure.

To understand why cryptography really matters you need look no further than something we all know and love, the Internet.

By design, the Internet was created to relay messages from one person to another, in a similar manner to the postal service. The Internet delivers packets from the sender to the recipient, and without the various forms of cryptography that we will discuss in a moment, anything that you sent would be visible to the general populace.

Those private messages you meant to send to your spouse? The whole world could see them. Your banking information?

Anybody with a router could intercept your funds and redirect them to their own account. Your work emails discussing sensitive company secrets? You might as well package those up and ship them to your competitors.

Luckily, we do have cryptographic algorithms that actively protect almost all of our personal data.

However, this does not mean that you are completely secure.

You need to look no further than recent attacks on companies like AdultFriendFinder and Anthem Inc. to realize that large corporations do not always implement the necessary systems required to protect your information.

Your personal security is your responsibility, no one elses.

And the sooner that you can develop a strong understanding of the systems in place, the sooner you will be able to make informed decisions about how you can protect your data.

So with that out of the way, lets get to the good stuff.

There are four primary types of cryptography in use today, each with its own unique advantages and disadvantages.

They are called hashing, symmetric cryptography, asymmetric cryptography, and key exchange algorithms.

Hashing is a type of cryptography that changes a message into an unreadable string of text for the purpose of verifying the messages contents, not hiding the message itself.

This type of cryptography is most commonly used to protect the transmission of software and large files where the publisher of the files or software offers them for download. The reason for this is that, while it is easy to calculate the hash, it is extremely difficult to find an initial input that will provide an exact match for the desired value.

For example, when you download Windows 10, you download the software which then runs the downloaded file through the same hashing algorithm. It then compares the resulting hash with the one provided by the publisher. If they both match, then the download is completed.

However, if there is even the slightest variation in the downloaded file (either through the corruption of the file or intentional intervention from a third party) it will drastically change the resulting hash, potentially nullifying the download.

Currently, the most common hashing algorithms are MD5 and SHA-1, however due to these algorithms multiple weaknesses, most new applications are transitioning to the SHA-256algorithm instead of its weaker predecessors.

Symmetric Cryptography, likely the most traditional form of cryptography, is also the system with which you are probably most familiar.

This type of cryptography uses a single key to encrypt a message and then decrypt that message upon delivery.

Since symmetric cryptography requires that you have a secure channel for delivering the crypto key to the recipient, this type of cryptography is all but useless for transmitting data (after all, if you have a secure way to deliver the key, why not deliver the message in the same manner?).

As such, its primary application is the protection of resting data (e.g. Hard Drives and data bases)

In the Revolutionary War example that I mentioned earlier, Washingtons method for transmitting information between his officers would have relied on a symmetric cryptography system. He and all of his officers would have had to meet in a secure location, share the agreed upon key, and then encrypt and decrypt correspondence using that same key.

Most modern symmetric cryptography relies on a system known as AES or Advanced Encryption Standards.

While the traditional DES models were the industry norm for many years, DES was publicly attacked and broken in 1999 causing the National Institute of Standards and Technology to host a selection process for a stronger and more updated model.

After an arduous 5-year competition between 15 different ciphers, including MARS from IBM, RC6 from RSA Security, Serpent, Twofish, and Rijndael, the NIST selected Rijndael as the winning cipher.

It was then standardized across the country, earning the name AES or Advanced Encryption Standards. This cipher is still widely used today and is even implemented by the NSA for the purposes of guarding top secret information.

Asymmetric cryptography (as the name suggests) uses two different keys for encryption and decryption, as opposed to the single key used in symmetric cryptography.

The first key is a public key used to encrypt a message, and the second is a private key which is used to decrypt them. The great part about this system is that only the private key can be used to decrypt encrypted messages sent from a public key.

While this type of cryptography is a bit more complicated, you are likely familiar with a number of its practical applications.

It is used when transmitting email files, remotely connecting to servers, and even digitally signing PDF files. Oh, and if you look in your browser and you notice a URL beginning with https://, thats a prime example of asymmetric cryptography keeping your information safe.

Although this particular type of cryptography isnt particularly applicable for individuals outside of the cyber-security realm, I wanted to briefly mention to ensure you have a full understanding of the different cryptographic algorithms.

A key exchange algorithm, like Diffie-Hellman, is used to safely exchange encryption keys with an unknown party.

Unlike other forms of encryption, you are not sharing information during the key exchange. The end goal is to create an encryption key with another party that can later be used with the aforementioned forms of cryptography.

Heres an example from the Diffie-Hellman wiki to explain exactly how this works.

Lets say we have two people, Alice and Bob, who agree upon a random starting color. The color is public information and doesnt need to be kept secret (but it does need to be different each time). Then Alice and Bob each selects a secret color that they do not share with anyone.

Now, Alice and Bob mix the secret color with the starting color, resulting in their new mixtures. They then publicly exchange their mixed colors. Once the exchange is made, they now add their own private color into the mixture they received from their partner, and the resulting in an identical shared mixture.

So now that you understand a little bit more about the different types of cryptography, many of you are probably wondering how it is applied in the modern world.

There are four primary ways that cryptography is implemented in information security. These four applications are called cryptographic functions.

When we use the right cryptographic system, we can establish the identity of a remote user or system quite easily. The go-to example of this is the SSL certificate of a web server which provides proof to the user that they are connected to the right server.

The identity in question is not the user, but rather the cryptographic key of that user. Meaning that the more secure the key, the more certain the identity of the user and vice versa.

Heres an example.

See the original post here:
Introduction to Cryptography: Simple Guide for Beginners …

# Cypherpunk – Wikipedia

A cypherpunk (UK /sfpk/ US /sfrpk/)[1] is any activist advocating widespread use of strong cryptography and privacy-enhancing technologies as a route to social and political change. Originally communicating through the Cypherpunks electronic mailing list, informal groups aimed to achieve privacy and security through proactive use of cryptography. Cypherpunks have been engaged in an active movement since the late 1980s.

Until about the 1970s, cryptography was mainly practiced in secret by military or spy agencies. However, that changed when two publications brought it out of the closet into public awareness: the US government publication of the Data Encryption Standard (DES), a block cipher which became very widely used; and the first publicly available work on public-key cryptography, by Whitfield Diffie and Martin Hellman.

The technical roots of Cypherpunk ideas have been traced back to work by cryptographer David Chaum on topics such as anonymous digital cash and pseudonymous reputation systems, described in his paper “Security without Identification: Transaction Systems to Make Big Brother Obsolete” (1985).[2]

In the late 1980s, these ideas coalesced into something like a movement.[2]

In late 1992, Eric Hughes, Timothy C. May and John Gilmore founded a small group that met monthly at Gilmore’s company Cygnus Solutions in the San Francisco Bay Area, and was humorously termed cypherpunks by Jude Milhon at one of the first meetings – derived from cipher and cyberpunk.[3] In November 2006, the word was added to the Oxford English Dictionary.[4]

The Cypherpunks mailing list was started in 1992, and by 1994 had 700 subscribers.[3] At its peak, it was a very active forum with technical discussion ranging over mathematics, cryptography, computer science, political and philosophical discussion, personal arguments and attacks, etc., with some spam thrown in. An email from John Gilmore reports an average of 30 messages a day from December 1, 1996 to March 1, 1999, and suggests that the number was probably higher earlier.[5] The number of subscribers is estimated to have reached 2000 in the year 1997.[3]

In early 1997, Jim Choate and Igor Chudov set up the Cypherpunks Distributed Remailer,[6] a network of independent mailing list nodes intended to eliminate the single point of failure inherent in a centralized list architecture. At its peak, the Cypherpunks Distributed Remailer included at least seven nodes.[7] By mid-2005, al-qaeda.net ran the only remaining node.[8] In mid 2013, following a brief outage, the al-qaeda.net node’s list software was changed from Majordomo to GNU Mailman[9] and subsequently the node was renamed to cpunks.org.[10] The CDR architecture is now defunct, though the list administrator stated in 2013 that he was exploring a way to integrate this functionality with the new mailing list software.[9]

For a time, the cypherpunks mailing list was a popular tool with mailbombers,[11] who would subscribe a victim to the mailing list in order to cause a deluge of messages to be sent to him or her. (This was usually done as a prank, in contrast to the style of terrorist referred to as a mailbomber.) This precipitated the mailing list sysop(s) to institute a reply-to-subscribe system. Approximately two hundred messages a day was typical for the mailing list, divided between personal arguments and attacks, political discussion, technical discussion, and early spam.[12][13]

The cypherpunks mailing list had extensive discussions of the public policy issues related to cryptography and on the politics and philosophy of concepts such as anonymity, pseudonyms, reputation, and privacy. These discussions continue both on the remaining node and elsewhere as the list has become increasingly moribund.

Events such as the GURPS Cyberpunk raid lent weight to the idea that private individuals needed to take steps to protect their privacy. In its heyday, the list discussed public policy issues related to cryptography, as well as more practical nuts-and-bolts mathematical, computational, technological, and cryptographic matters. The list had a range of viewpoints and there was probably no completely unanimous agreement on anything. The general attitude, though, definitely put personal privacy and personal liberty above all other considerations.

The list was discussing questions about privacy, government monitoring, corporate control of information, and related issues in the early 1990s that did not become major topics for broader discussion until ten years or so later. Some list participants were more radical on these issues than almost anyone else.

Those wishing to understand the context of the list might refer to the history of cryptography; in the early 1990s, the US government considered cryptography software a munition for export purposes, which hampered commercial deployment with no gain in national security, as knowledge and skill was not limited to US citizens. (PGP source code was published as a paper book to bypass these regulations and demonstrate their futility.) The US government had tried to subvert cryptography through schemes such as Skipjack and key escrow. It was also not widely known that all communications were logged by government agencies (which would later be revealed during the NSA and AT&T scandals) though this was taken as an obvious axiom by list members.

The original cypherpunk mailing list, and the first list spin-off, coderpunks, were originally hosted on John Gilmore’s toad.com, but after a falling out with the sysop over moderation, the list was migrated to several cross-linked mail-servers in what was called the “distributed mailing list.”[14][15] The coderpunks list, open by invitation only, existed for a time. Coderpunks took up more technical matters and had less discussion of public policy implications. There are several lists today that can trace their lineage directly to the original Cypherpunks list: the cryptography list (cryptography@metzdowd.com), the financial cryptography list (fc-announce@ifca.ai), and a small group of closed (invitation-only) lists as well.

Toad.com continued to run with the existing subscriber list, those that didn’t unsubscribe, and was mirrored on the new distributed mailing list, but messages from the distributed list didn’t appear on toad.com.[16] As the list faded in popularity, so too did it fade in the number of cross-linked subscription nodes.

To some extent, the cryptography list[17] acts as a successor to cypherpunks; it has many of the people and continues some of the same discussions. However, it is a moderated list, considerably less zany and somewhat more technical. A number of current systems in use trace to the mailing list, including Pretty Good Privacy, /dev/random in the Linux kernel (the actual code has been completely reimplemented several times since then) and today’s anonymous remailers.

The basic ideas can be found in A Cypherpunk’s Manifesto (Eric Hughes, 1993): “Privacy is necessary for an open society in the electronic age. … We cannot expect governments, corporations, or other large, faceless organizations to grant us privacy … We must defend our own privacy if we expect to have any. … Cypherpunks write code. We know that someone has to write software to defend privacy, and … we’re going to write it.”[18]

Some are or were quite senior people at major hi-tech companies and others are well-known researchers (see list with affiliations below).

The first mass media discussion of cypherpunks was in a 1993 Wired article by Steven Levy titled Crypto Rebels:

The people in this room hope for a world where an individual’s informational footprints — everything from an opinion on abortion to the medical record of an actual abortion — can be traced only if the individual involved chooses to reveal them; a world where coherent messages shoot around the globe by network and microwave, but intruders and feds trying to pluck them out of the vapor find only gibberish; a world where the tools of prying are transformed into the instruments of privacy.

There is only one way this vision will materialize, and that is by widespread use of cryptography. Is this technologically possible? Definitely. The obstacles are political — some of the most powerful forces in government are devoted to the control of these tools. In short, there is a war going on between those who would liberate crypto and those who would suppress it. The seemingly innocuous bunch strewn around this conference room represents the vanguard of the pro-crypto forces. Though the battleground seems remote, the stakes are not: The outcome of this struggle may determine the amount of freedom our society will grant us in the 21st century. To the Cypherpunks, freedom is an issue worth some risk.[19]

The three masked men on the cover of that edition of Wired were prominent cypherpunks Tim May, Eric Hughes and John Gilmore.

Later, Levy wrote a book, Crypto: How the Code Rebels Beat the Government Saving Privacy in the Digital Age,[20] covering the crypto wars of the 1990s in detail. “Code Rebels” in the title is almost synonymous with cypherpunks.

The term cypherpunk is mildly ambiguous. In most contexts it means anyone advocating cryptography as a tool for social change, social impact and expression. However, it can also be used to mean a participant in the Cypherpunks electronic mailing list described below. The two meanings obviously overlap, but they are by no means synonymous.

Documents exemplifying cypherpunk ideas include Timothy C. May’s The Crypto Anarchist Manifesto (1992)[21] and The Cyphernomicon (1994),[22]A Cypherpunk’s Manifesto.[18]

A very basic cypherpunk issue is privacy in communications and data retention. John Gilmore said he wanted “a guarantee — with physics and mathematics, not with laws — that we can give ourselves real privacy of personal communications.”[23]

Such guarantees require strong cryptography, so cypherpunks are fundamentally opposed to government policies attempting to control the usage or export of cryptography, which remained an issue throughout the late 1990s. The Cypherpunk Manifesto stated “Cypherpunks deplore regulations on cryptography, for encryption is fundamentally a private act.”[18]

This was a central issue for many cypherpunks. Most were passionately opposed to various government attempts to limit cryptography export laws, promotion of limited key length ciphers, and especially escrowed encryption.

The questions of anonymity, pseudonymity and reputation were also extensively discussed.

Arguably, the possibility of anonymous speech and publication is vital for an open society, an essential requirement for genuine freedom of speech this was the position of most cypherpunks.[citation needed] A frequently cited example was that the Federalist Papers were originally published under a pseudonym.

Questions of censorship and government or police monitoring were also much discussed. Generally, cypherpunks opposed both.

In particular, the US government’s Clipper chip scheme for escrowed encryption of telephone conversations (encryption secure against most attackers, but breakable at need by government) was seen as anathema by many on the list. This was an issue that provoked strong opposition and brought many new recruits to the cypherpunk ranks. List participant Matt Blaze found a serious flaw[24] in the scheme, helping to hasten its demise.

Steven Schear created[when?] the warrant canary to thwart the secrecy provisions of court orders and national security letters.[citation needed] As of 2013[update], warrant canaries are gaining commercial acceptance.[25]

An important set of discussions concerns the use of cryptography in the presence of oppressive authorities. As a result, Cypherpunks have discussed and improved steganographic methods that hide the use of crypto itself, or that allow interrogators to believe that they have forcibly extracted hidden information from a subject. For instance, Rubberhose was a tool that partitioned and intermixed secret data on a drive with fake secret data, each of which accessed via a different password. Interrogators, having extracted a password, are led to believe that they have indeed unlocked the desired secrets, whereas in reality the actual data is still hidden. In other words, even its presence is hidden. Likewise, cypherpunks have also discussed under what conditions encryption may be used without being noticed by network monitoring systems installed by oppressive regimes.

As the Manifesto says, “Cypherpunks write code”;[18] the notion that good ideas need to be implemented, not just discussed, is very much part of the culture of the mailing list. John Gilmore, whose site hosted the original cypherpunks mailing list, wrote: “We are literally in a race between our ability to build and deploy technology, and their ability to build and deploy laws and treaties. Neither side is likely to back down or wise up until it has definitively lost the race.”[citation needed]

Anonymous remailers such as the Mixmaster Remailer were almost entirely a cypherpunk development. Among the other projects they have been involved in were PGP for email privacy, FreeS/WAN for opportunistic encryption of the whole net, Off-the-record messaging for privacy in Internet chat, and the Tor project for anonymous web surfing.

In 1998, the Electronic Frontier Foundation, with assistance from the mailing list, built a \$200,000 machine that could brute-force a Data Encryption Standard key in a few days.[26] The project demonstrated that DES was, without question, insecure and obsolete, in sharp contrast to the US government’s recommendation of the algorithm.

Cypherpunks also participated, along with other experts, in several reports on cryptographic matters.

One such paper was “Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security”.[27] It suggested 75 bits was the minimum key size to allow an existing cipher to be considered secure and kept in service. At the time, the Data Encryption Standard with 56-bit keys was still a US government standard, mandatory for some applications.

Other papers were critical analysis of government schemes. “The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption”,[28] evaluated escrowed encryption proposals. Comments on the Carnivore System Technical Review.[29] looked at an FBI scheme for monitoring email.

Cypherpunks provided significant input to the 1996 National Research Council report on encryption policy, Cryptography’s Role In Securing the Information Society (CRISIS).[30] This report, commissioned by the U.S. Congress in 1993, was developed via extensive hearings across the nation from all interested stakeholders, by a committee of talented people. It recommended a gradual relaxation of the existing U.S. government restrictions on encryption. Like many such study reports, its conclusions were largely ignored by policy-makers. Later events such as the final rulings in the cypherpunks lawsuits forced a more complete relaxation of the unconstitutional controls on encryption software.

Cypherpunks have filed a number of lawsuits, mostly suits against the US government alleging that some government action is unconstitutional.

Phil Karn sued the State Department in 1994 over cryptography export controls[31] after they ruled that, while the book Applied Cryptography[32] could legally be exported, a floppy disk containing a verbatim copy of code printed in the book was legally a munition and required an export permit, which they refused to grant. Karn also appeared before both House and Senate committees looking at cryptography issues.

Daniel J. Bernstein, supported by the EFF, also sued over the export restrictions, arguing that preventing publication of cryptographic source code is an unconstitutional restriction on freedom of speech. He won, effectively overturning the export law. See Bernstein v. United States for details.

Peter Junger also sued on similar grounds, and won.

John Gilmore has sued US Attorneys General Ashcroft and Gonzales, arguing that the requirement to present identification documents before boarding a plane is unconstitutional.[33] These suits have not been successful to date.

Cypherpunks encouraged civil disobedience, in particular US law on the export of cryptography. Until 1996, cryptographic code was legally a munition, and until 2000 export required a permit.

In 1995 Adam Back wrote a version of the RSA algorithm for public-key cryptography in three lines of Perl[34][35] and suggested people use it as an email signature file:

Vince Cate put up a web page that invited anyone to become an international arms trafficker; every time someone clicked on the form, an export-restricted item originally PGP, later a copy of Back’s program would be mailed from a US server to one in Anguilla. This gained overwhelming attention. There were options to add your name to a list of such traffickers and to send email to the President of the United States registering your protest.[36][37][38]

In Neal Stephenson’s novel Cryptonomicon many characters are on the “Secret Admirers” mailing list. This is fairly obviously based on the cypherpunks list, and several well-known cypherpunks are mentioned in the acknowledgements. Much of the plot revolves around cypherpunk ideas; the leading characters are building a data haven which will allow anonymous financial transactions, and the book is full of cryptography. But, according to the author[39] the book’s title is in spite of its similarity not based on the Cyphernomicon,[22] an online cypherpunk FAQ document.

Cypherpunk achievements would later also be used on the Canadian e-wallet, the MintChip, and the creation of bitcoin. It was an inspiration for CryptoParty decades later to such an extent that the Cypherpunk Manifesto is quoted at the header of its Wiki,[40] and Eric Hughes delivered the keynote address at the Amsterdam CryptoParty on 27 August 2012.

Cypherpunks list participants included many notable computer industry figures. Most were list regulars, although not all would call themselves “cypherpunks”.[41] The following is a list of noteworthy cypherpunks and their achievements:

* indicates someone mentioned in the acknowledgements of Stephenson’s Cryptonomicon.

Read the original here:
Cypherpunk – Wikipedia