The Code Book: The Science of Secrecy from Ancient Egypt …

People love secrets. Ever since the first word was written, humans have sent coded messages to each other. In The Code Book, Simon Singh, author of the bestselling Fermat’s Enigma, offers a peek into the world of cryptography and codes, from ancient texts through computer encryption. Singh’s compelling history is woven through with stories of how codes and ciphers have played a vital role in warfare, politics, and royal intrigue. The major theme of The Code Book is what Singh calls “the ongoing evolutionary battle between codemakers and codebreakers,” never more clear than in the chapters devoted to World WarII. Cryptography came of age during that conflict, as secret communications became critical to both sides’ success.

In the information age, the fear that drives cryptographic improvements is both capitalistic and libertarian–corporations need encryption to ensure that their secrets don’t fall into the hands of competitors and regulators, and ordinary people need encryption to keep their everyday communications private in a free society. Similarly, the battles for greater decryption power come from said competitors and governments wary of insurrection.

The Code Book is an excellent primer for those wishing to understand how the human need for privacy has manifested itself through cryptography. Singh’s accessible style and clear explanations of complex algorithms cut through the arcane mathematical details without oversimplifying. –Therese Littleton

See more here:
The Code Book: The Science of Secrecy from Ancient Egypt …

What is Cryptography? – Invest In Blockchain

When researching cryptocurrencies, youve most likely come across the term cryptography. You might think cryptography is connected to cryptocurrencies in some way, and you would be correct.

However, cryptography is used for far more applications, such as data protection, ATMs, computer passwords, and much more. In this article, we walk you through the basics of cryptography and discuss its role in cryptocurrencies.

Cryptography is a method of hiding information to keep its content safe and secret. To uncover the information, the reader needs to know how the information has been modified, or encrypted. The encrypted message can, if properly done, be read only by the sender and the recipient.

Cryptography is far from new and has been around for thousands of years. Historically, cryptography was used to send important messages which were only meant for a select set of eyes. The first cryptographic messages were found on ancient Egyptians sites, but the first evidence for cryptography being used strategically dates back to the Roman era.

According to historians, Julius Caesar used cryptography, developing his so-called Caesar Cipher to send secret messages to his highest-ranking generals. This method of sheltering sensitive information from unwanted eyes has been used up until the modern era.

During World War II, the Germans used an encryption machine called the Enigma Machine to send important information to their ranks. As with most cryptography, there was a way to crack it, which was discovered by Alan Turing (mathematical genius and namesake of the Turing Test), now seen by some as one of the most decisive turning points in WWII.

The abovementioned Caesar Cipher, or the shift cipher, is one of the simplest ways of encrypting a message and understanding cryptography. It is also called a shift cipher because it substitutes the original letters of a message with other letters by shifting up or down in the alphabet.

For instance, if we encrypt the message with +3, A would become D, and K would become N. Reversely, with a rule of -2, D would become B and Z would become X.

read everything on invest in blockchain

uhdg hyhubwklqj rq lqyhvw lq eorfnfkdlq

Even though this is one of the simplest cryptographic methods, the logic behind it is basically the same for each method. There is a message which is secret to everyone but the concerned parties, and a process to make this message unreadable for everyone except for those in the know. This process is the encryption, and it has two elements:

The Cipher This is the set of rules that youre using to encode the information. For example, shifting the alphabet an X number of letters like in the Caesar Cipher. The cipher doesnt necessarily have to be a secret, because you will only be able to read it if you have access to the key.

The Key This tells you how to arrange the set of rules of the cipher. For the Caesar Cipher, this would the the number of letters the cipher would alphabetically shift, such as +3 or -2. The key is the tool used for deciphering a message.

So a lot of people can have access to the same cipher, but without the key they are still unable to crack it.

The process for the transfer of a secret message goes as following:

Encrypted messages are encrypted to protect their content, which implies that there will always be parties interested in obtaining that information. However, as people have tried and succeeded in cracking various codes, cryptography has been forced to adapt. It has moved far beyond just shifting letters in the alphabet, evolving into extremely complex puzzles that are increasingly harder to solve. Instead of shifting a few letters in the alphabet, letters are now changed to numbers, other letters and symbols based on hundreds or thousands of intermediary steps.

The computer era led to an exponential increase in the difficulty of encryptions. This is because computers brought with them a drastic increase in computational power. The human brain is still by far the most complex computer around, but when it comes to doing calculations, computers are much faster and can handle far larger computations.

The cryptography of the digital era entails electrical engineering, computer science, and mathematics. Messages are now generally encrypted and decrypted using highly complex algorithms created by a combination of these technologies. However, no matter how strong the encryption, there will always be people working to crack it.

You can see that even without the key, a Caesar Cipher isnt too hard to crack. Every letter can only take on 25 different values, and for most of the values the message will not make sense. By means of trial and error, you would be able to decipher the message without too much effort.

Cracking an encryption by trying all possibilities is known as brute force. It means trying all possibilities until a solution fits. With an increase in computing power, this becomes a more realistic threat which can only be tackled by increasing the complexity of the encryption. The more possible keys there are to a cipher, the more difficult it becomes to brute force your way to the message.

Current advanced ciphers allow for trillions of possible keys, making brute force less of a threat. However, it has been argued that supercomputers, and especially quantum computers, will soon be able to crack most encryptions through brute force because of their unmatched computational power.

As said, deciphering messages is becoming harder and harder, but its not impossible. This is because a cipher is inherently bound to a set of rules. The rules can be analyzed and give way to a more subtle way for decrypting a message: frequency analysis.

With the enormous increase in the complexity of ciphers, this can only be done through computers nowadays, but it can still be done. This technique analyzes recurring events and tries to find the key through this method.

Lets use the Caesar Cipher example again to explain this. We know that the letter E is far more frequently used than other letters in the alphabet. When we apply this knowledge to a Caesar-encrypted message, were going to look for the letter that shows up most. We find that the letter H is used more often than others and test this assumption by applying a -3 shift to the message. The longer a message becomes, the easier frequency analysis becomes.

uhdg hyhubwklqj rq lqyhvw lq eorfnfkdlq

Most cryptocurrencies serve completely different purposes than sending secret messages, but cryptography still plays a key role. It has turned out that the traditional principles of cryptography and the tools used for it actually have more functions than we previously thought.

The most important newly discovered functions are hashing and digital signatures.

Hashing is a cryptographic method for transforming large amounts of data into short numbers that are difficult to imitate. It is a key component of blockchain technology and is mainly concerned with the protection and integrity of the data flowing through the blockchain.

This method is mainly used for four processes:

A digital signature, similar to your own signature, is used to verify that you are who you say you are. When it comes to cryptocurrencies, digital signatures are mathematical functions that are matched to a specific wallet.

Thus, they function as proof that a specific wallet is actually the wallet it claims to be essentially, its a digital identification of a wallet. By attaching a digital signature to a transaction, no one can dispute that that transaction came from the wallet it purports to have come from, and that wallet cant be impersonated by another wallet.

Digital signatures use cryptography for wallet identification and secretly match the public and private key of a wallet. Your public key is basically your bank account number, while your private key is the pincode. It doesnt matter if people know your bank account, because the only thing they can do with it is deposit money to your account. However, if they know your pincode too, you can have a real problem.

In blockchain, the private key is used for the encryption of transactions, while the public key is used for the decryption. This is possible because the sending party is the one responsible for a transaction. The sending party encrypts the transaction with their private key, but this can be decrypted with the recipients public key because they only need to verify that it was indeed you who sent the message. If the sending partys public key doesnt work to decrypt the transaction, then the transaction isnt from that wallet.

In this system, the public key is distributed freely and is paired secretly to a private key. It is not a problem if a public key is known, but the private key must always be kept a secret. Even though the two are paired, calculating someones private key based on their public key is computationally so challenging that its financially and technically infeasible.

Protecting the key is a main disadvantage of this method. If others learn your private key, they can access your wallet and make transactions with it, which actually happened in the Bloomberg blunder when a reported accidentally showed his private key on TV.

Related: How to Secure Your Cryptocurrencies

The cryptography that is used for blockchain technology has a lot of different layers to it. This article explores the basics of cryptography and its usage for blockchains, but there is much more technical depth to it. On this website you can learn everything there is to cryptography, for free! If you are more interested in an in-depth overview of the specific cryptographic methods used in blockchain technology, this article can be very helpful to start with.

Whats important to understand about the relationship between cryptography and blockchain technology is the protection and security cryptography provides. It allows for a trustless system in which parties do not have to trust each other because they can place their trust in the cryptographic methods used.

Since the emergence of Bitcoin in 2009, cryptographic protection of the blockchain has withstood all attempts at data-tampering, and there have been many. Moreover, new cryptocurrencies are implementing even more secure methods of cryptography, some of which are already quantum-proof and thus protected from potential future threats.

Without cryptography, there could be no Bitcoin and no cryptocurrency, period. Amazingly, its a scientific method invented thousands of years ago that keeps our digital assets safe and secure.

Here is the original post:
What is Cryptography? – Invest In Blockchain

Cryptography: The Science of Making and Breaking Codes

There are lots of different ways to encrypt a message, from early, simple ciphers to the famous Enigma machine. But its tough to make a code truly unbreakable.

Hosted by: Michael Aranda———-Dooblydoo thanks go to the following Patreon supporters — we couldn’t make SciShow without them! Shout out to Justin Ove, John Szymakowski, Fatima Iqbal, Justin Lentz, David Campos, and Chris Peters.———-Like SciShow? Want to help support us, and also get things to put on your walls, cover your torso and hold your liquids? Check out our awesome products over at DFTBA Records: http://dftba.com/scishow

Or help support us by becoming our patron on Patreon:https://www.patreon.com/scishow———-Looking for SciShow elsewhere on the internet?Facebook: http://www.facebook.com/scishowTwitter: http://www.twitter.com/scishowTumblr: http://scishow.tumblr.comInstagram: http://instagram.com/thescishow

Sources:http://www.vectorsite.net/ttcode_04.h…http://www.simonsingh.net/The_Black_C…http://book.itep.ru/depository/crypto…http://www.cs.trincoll.edu/~crypto/hi…http://www.sans.org/reading-room/whit…http://ftp.stmarys-ca.edu/jsauerbe/m1…http://www.turing.org.uk/scrapbook/ww…http://enigma.louisedade.co.uk/howitw…http://www.codesandciphers.org.uk/eni…http://www.pbs.org/wgbh/nova/military…http://www.cs.miami.edu/~burt/learnin…

View post:
Cryptography: The Science of Making and Breaking Codes

Best Sellers in Computer Cryptography – amazon.com

‘).appendTo(flyout.elem());var panelGroup=flyout.getName()+’SubCats’;var hideTimeout=null;var sloppyTrigger=createSloppyTrigger($parent);var showParent=function(){if(hideTimeout){clearTimeout(hideTimeout);hideTimeout=null;} if(visible){return;} var height=$(‘#nav-flyout-shopAll’).height(); $parent.css({‘height’: height});$parent.animate({width:’show’},{duration:200,complete:function(){$parent.css({overflow:’visible’});}});visible=true;};var hideParentNow=function(){$parent.stop().css({overflow:’hidden’,display:’none’,width:’auto’,height:’auto’});panels.hideAll({group:panelGroup});visible=false;if(hideTimeout){clearTimeout(hideTimeout);hideTimeout=null;}};var hideParent=function(){if(!visible){return;} if(hideTimeout){clearTimeout(hideTimeout);hideTimeout=null;} hideTimeout=setTimeout(hideParentNow,10);};flyout.onHide(function(){sloppyTrigger.disable();hideParentNow();this.elem().hide();});var addPanel=function($link,panelKey){var panel=dataPanel({className:’nav-subcat’,dataKey:panelKey,groups:[panelGroup],spinner:false,visible:false});if(!flyoutDebug){var mouseout=mouseOutUtility();mouseout.add(flyout.elem());mouseout.action(function(){panel.hide();});mouseout.enable();} var a11y=a11yHandler({link:$link,onEscape:function(){panel.hide();$link.focus();}});var logPanelInteraction=function(promoID,wlTriggers){var logNow=$F.once().on(function(){var panelEvent=$.extend({},event,{id:promoID});if(config.browsePromos&&!!config.browsePromos[promoID]){panelEvent.bp=1;} logEvent(panelEvent);phoneHome.trigger(wlTriggers);});if(panel.isVisible()&&panel.hasInteracted()){logNow();}else{panel.onInteract(logNow);}};panel.onData(function(data){renderPromo(data.promoID,panel.elem());logPanelInteraction(data.promoID,data.wlTriggers);});panel.onShow(function(){var columnCount=$(‘.nav-column’,panel.elem()).length;panel.elem().addClass(‘nav-colcount-‘+columnCount);showParent();var $subCatLinks=$(‘.nav-subcat-links > a’,panel.elem());var length=$subCatLinks.length;if(length>0){var firstElementLeftPos=$subCatLinks.eq(0).offset().left;for(var i=1;i’+ catTitle+”);panel.elem().prepend($subPanelTitle);}} $link.addClass(‘nav-active’);});panel.onHide(function(){$link.removeClass(‘nav-active’);hideParent();a11y.disable();sloppyTrigger.disable();});panel.onShow(function(){a11y.elems($(‘a, area’,panel.elem()));});sloppyTrigger.register($link,panel);if(flyoutDebug){$link.click(function(){if(panel.isVisible()){panel.hide();}else{panel.show();}});} var panelKeyHandler=onKey($link,function(){if(this.isEnter()||this.isSpace()){panel.show();}},’keydown’,false);$link.focus(function(){panelKeyHandler.bind();}).blur(function(){panelKeyHandler.unbind();});panel.elem().appendTo($parent);};var hideParentAndResetTrigger=function(){hideParent();sloppyTrigger.disable();};for(var i=0;i

Your Shopping Cart is empty.

Give it purposefill it with books, DVDs, clothes, electronics, and more.

If you already have an account, sign in.

See the article here:
Best Sellers in Computer Cryptography – amazon.com

Cryptography – Engineering and Technology History Wiki

Cryptography Background

The word cryptography comes from the Greek words kryptos meaning hidden and graphein meaning writing. Cryptography is the study of hidden writing, or the science of encrypting and decrypting text and messages.

It is believed that the oldest known text to contain one of the essential components of cryptography, a modification of the text, occurred some 4000 years ago in the Egyptian town of Menet Khufu where the hieroglyphic inscriptions on the tomb of the nobleman KHNUMHOTEP II were written with a number of unusual symbols to confuse or obscure the meaning of the inscriptions.

In 5BC the Spartans, a warrior society famed for their austere lifestyle, bravery, and skill in battle, developed a cryptographic device to send and receive secret messages. This device, a cylinder called a Scytale, was in the possession of both the sender and the recipient of the message. To prepare the message, a narrow strip of parchment or leather, much like a modern-day paper streamer, was wound around the Scytale and the message was written across it. Once unwound, for transport to the receiver, the tape displayed only a sequence of meaningless letters until it was re-wound onto a Scytale of exactly the same diameter. The code, produced by unwinding the tape, was a TRANSPOSITION cipher, that is, one where the letters remain the same but the order is changed. This is still the basis for many popular modern-day techniques.

The other major ingredient of these modern techniques is the ADDITIVE/SUBSTITUTION cipher. Although the Greek writer Polyibus described a substitution technique, its first recorded use was by Julius Caesar. Messages were encoded by substituting the letter in the text by one that is three positions to the right. A became D, V became Y etc. The reason why a substitution of three letters, and not four, two or six, was chosen has never been explained.

In an essay written in 1466, an Italian Leon Battista Alberti who is often called the father of western cryptography, described the construction of a cypher disk, founding the concept of POLY ALPHABETIC ciphers. Although he had made the most important advance in cryptography in at least five hundred years, he did not develop his concept. It was left for others, the best known being the French cryptographer Blaise de Vigenere to devise a practical poly alphabetic system which bears his name, the VIGENERE SQUARE. At the time, and for a considerable time afterwards this technique was believed to be unbreakable (Le Chiffre Indechiffrable). There was however a weakness in this cipher waiting to be exploited because the cyphertext produced by this method was vulnerable to the yet undiscovered statistical attack.

The earliest known use of cryptography is found in non-standard hieroglyphs carved into monuments from Egypt’s Old Kingdom (ca 4500+ years ago). These are not thought to be serious attempts at secret communications, however, but rather to have been attempts at mystery, intrigue, or even amusement for literate onlookers. These are examples of still other uses of cryptography, or of something that looks (impressively if misleadingly) like it. Some clay tablets from Mesopotamia, somewhat later are clearly meant to protect information they encrypt recipes, presumably commercially valuable. Later still, Hebrew scholars made use of simple monoalphabetic substitution ciphers (such as the Atbash cipher) beginning perhaps around 500 to 600 BC.

Cryptography has a long tradition in religious writing likely to offend the dominant culture or political authorities. Perhaps the most famous is the ‘Number of the Beast’ from the Book of Revelation in the Christian New Testament. ‘666’ might be a cryptographic (i.e., encrypted) way of concealing a dangerous reference; many scholars believe it’s a concealed reference to the Roman Empire, or more likely to the Emperor Nero himself, (and so to Roman persecution policies) that would have been understood by the initiated (who ‘had the key to understanding’), and yet be safe or at least deniable (and so ‘less’ dangerous) if it came to the attention of the authorities. At least for orthodox Christian writing, most of the need for such concealment ended with Constantine’s conversion and the adoption of Christianity as the official religion of the Empire.

A Scytale, an early device for encryption. The Greeks of Classical times are said to have known of ciphers (e.g., the scytale transposition cipher claimed to have been used by the Spartan military). Herodotus tells us of secret messages physically concealed beneath wax on wooden tablets or as a tattoo on a slave’s head concealed by regrown hair, though these are not properly examples of cryptography per se as the message, once known, is directly readable; this is known as steganography. Another Greek method was developed by Polybius (now called the “Polybius Square”).[1] The Romans certainly did know something of cryptography (e.g., the Caesar cipher and its variations). There is ancient mention of a book about Roman military cryptography (especially Julius Caesar’s); it has been, unfortunately, lost.

In India, cryptography was also well known. It is recommended in the Kama Sutra as a technique by which lovers can communicate without being discovered.

The first page of al-Kindi’s manuscript On Deciphering Cryptographic Messages, containing the first descriptions of cryptanalysis and frequency analysis. See also: Voynich Manuscript. It was probably religiously motivated textual analysis of the Qur’an which led to the invention of the frequency analysis technique for breaking monoalphabetic substitution ciphers by al-Kindi sometime around AD 800 (Ibrahim Al-Kadi -1992). It was the most fundamental cryptanalytic advance until WWII.

Essentially all ciphers remained vulnerable to this cryptanalytic technique until the development of the polyalphabetic cipher by Leone Battista Alberti (ca 1465), and many remained so thereafter. Alberti is often called the “Father of Western Cryptology”. Johannes Trithemius, in his work Poligraphia, invented the tabula recta, a critical component of the Vigenre cipher. The French cryptographer Blaise de Vigenere devised a practical poly alphabetic system which bears his name, the Vigenre cipher.[2]

Although Leone Battista Alberti is usually considered the father of polyalphabetic cipher, Prof. Al-Kadi’s 1990 paper (ref- 3), reviewing Arabic contributions to cryptography reported knowledge of polyalphabetic ciphers 500 years before Alberti, based on a recently discovered manuscript by al-Kindi.[citation needed]

The Arab mathematician, Al-Kindi, wrote a book on cryptography entitled Risalah fi Istikhraj al-Mu’amma (Manuscript for the Deciphering Cryptographic Messages), circa AD 800. He described the first cryptanalysis techniques, including some for polyalphabetic ciphers, cipher classification, Arabic Phonetics and Syntax, and, most importantly, described the use of several techniques for cryptanalysis, and gave the first descriptions on frequency analysis.[3] He also covered methods of encipherments, cryptanalysis of certain encipherments, and statistical analysis of letters and letter combinations in Arabic.[4]

Ahmad al-Qalqashandi (1355-1418) wrote the Subh al-a ‘sha, a 14-volume encyclopaedia which included a section on cryptology. This information was attributed to Taj ad-Din Ali ibn ad-Duraihim ben Muhammad ath-Tha ‘alibi al-Mausili who lived from 1312 to 1361, but whose writings on cryptography have been lost. The list of ciphers in this work included both substitution and transposition, and for the first time, a cipher with multiple substitutions for each plaintext letter. Also traced to Ibn al-Duraihim is an exposition on and worked example of cryptanalysis, including the use of tables of letter frequencies and sets of letters which can not occur together in one word.

In Europe, cryptography became (secretly) more important as a consequence of political competition and religious revolution. For instance, in Europe during and after the Renaissance, citizens of the various Italian states the Papal States and the Roman Catholic Church included were responsible for rapid proliferation of cryptographic techniques, few of which reflect understanding (or even knowledge) of Alberti’s polyalphabetic advance. ‘Advanced ciphers’, even after Alberti, weren’t as advanced as their inventors / developers / users claimed (and probably even themselves believed). They were regularly broken. This over-optimism may be inherent in cryptography for it was then, and remains today, fundamentally difficult to accurately know how vulnerable your system actually is. In the absence of knowledge, guesses and hopes, as may be expected, are common.

Cryptography, cryptanalysis, and secret agent/courier betrayal featured in the Babington plot during the reign of Queen Elizabeth I which led to the execution of Mary, Queen of Scots. An encrypted message from the time of the Man in the Iron Mask (decrypted just prior to 1900 by tienne Bazeries) has shed some, regrettably non-definitive, light on the identity of that real, if legendary and unfortunate, prisoner. Cryptography, and its misuse, were involved in the plotting which led to the execution of Mata Hari and in the conniving which led to the travesty of Dreyfus’ conviction and imprisonment, both in the early 20th century. Fortunately, cryptographers were also involved in exposing the machinations which had led to Dreyfus’ problems; Mata Hari, in contrast, was shot.

Outside of Europe, after the end of the Muslim Golden Age at the hand of the Mongols, cryptography remained comparatively undeveloped. Cryptography in Japan seems not to have been used until about 1510, and advanced techniques were not known until after the opening of the country to the West beginning in the 1860s. During the 1920s, it was Polish naval officers who assisted the Japanese military with code and cipher development.

It wasn’t until the 19th century that cryptographers developed anything more than ad-hoc approaches to either encryption or cryptoanalysis. Examples include Charles Babbage’s Crimean War era work on the mathematical cryptanalysis of polyalphabetic ciphers, redeveloped and published somewhat later by the Prussian Friedrich Kasiski. The understanding of cryptography at this time typically consisted of hard-won rules of thumb; eg, Auguste Kerckhoffs’ cryptographic writings in the latter 19th century. Edgar Allan Poe used systematic methods to solve ciphers in the 1840s. In particular he placed a notice of his abilities in the Philadelphia paper Alexander’s Weekly Express Messenger, inviting submissions of ciphers, of which he proceeded to solve almost all. His successes created a public stir lasting several months. He later wrote an essay on methods of cryptography which proved useful as an introduction for the novice Room 40 British cryptanalysts attempting to break German codes and ciphers during World War I, and in a famous story, “The Gold Bug”, in which cryptoanalysis featured prominently.

Around 1854, Charles Babbage, developed the method of statistical analysis by which he successfully decrypted messages encrypted by the Vigenere square. Unfortunately, due to his habit of not completing the paperwork, or possibly to protect the fact that because of his work Britain could decrypt Vigenere messages sent in the Crimea, this fact was not discovered until the twentieth century. The honour of developing the statistical attack technique and cracking Vigenere was to go to the Prussian Kasiski in 1863, this technique having since been termed the “Kasiski Test”.

In 1917, Gilbert Vernam proposed a teletype cipher where a previously-prepared key, kept on a paper tape, is combined character by character with the plaintext message to produce the output ciphertext. This led to the development of the one time pad and to the use of electromechanical devices known as cipher machines.

Both cryptography and cryptoanalysis have become far more mathematical since WWII. Even so, it has taken the wide availability of computers and the Internet as a communications medium, to bring effective cryptography into common use by anyone other than national governments or similarly large enterprises.

The Enigma machine was widely used by Nazi Germany; its cryptanalysis by the Allies provided vital Ultra intelligence. By World War II, mechanical and electromechanical cipher machines were in wide use, although where such machines were impractical manual systems continued in use. Great advances were made in both cipher design and cryptanalysis, all in secrecy. Information about this period has begun to be declassified as the official British 50-year secrecy period has come to an end, as U.S. archives have slowly opened, and as assorted memoirs and articles have appeared.

The Germans made heavy use, in several variants, of an electromechanical rotor machine known as Enigma. Mathematician Marian Rejewski, at Poland’s Cipher Bureau, in December 1932 deduced the detailed structure of the German Army Enigma, using mathematics and limited documentation supplied by Captain Gustave Bertrand of French military intelligence. This was the greatest breakthrough in cryptanalysis in a thousand years and more, according to historian David Kahn. Rejewski and his mathematical Cipher Bureau colleagues, Jerzy Rycki and Henryk Zygalski, continued reading Enigma and keeping pace with the evolution of the German Army machine’s components and encipherment procedures. As the Poles’ resources became strained by the changes being introduced by the Germans, and as war loomed, the Cipher Bureau, on the Polish General Staff’s instructions, on July 25, 1939, at Warsaw, initiated French and British intelligence representatives into the secrets of Enigma decryption.

Soon after World War II broke out on 1 September 1939, key Cipher Bureau personnel were evacuated on September 17, as the Soviet Union entered eastern Poland, they crossed into Romania. From there they reached Paris, France; at PC Bruno, near Paris, they continued breaking Enigma, collaborating with British cryptologists at Bletchley Park as the British got up to speed on breaking Enigma. In due course, the British cryptographers whose ranks included many chess masters and mathematics dons such as Gordon Welchman, Max Newman, and Alan Turing the conceptual founder of modern computing substantially advanced the scale and technology of Enigma decryption.

At the end of the War, on 19 April 1945, Britain’s top military officers were told that they could never reveal that the German Enigma cipher had been broken because it would give the defeated enemy the chance to say they “were not well and fairly beaten”. [1]

US Navy cryptographers, with cooperation from British and Dutch cryptographers broke into several Japanese Navy crypto systems after 1940. The break into one of these, JN-25, famously led to the US victory in the Battle of Midway; and to the publication of that fact in the Chicago Tribune shortly after the battle, though the Japanese seem not to have noticed for they kept using the JN-25 system. A US Army group, the SIS, managed to break the highest security Japanese diplomatic cipher system (an electromechanical ‘stepping switch’ machine called Purple by the Americans) even before WWII began. The Americans referred to the intelligence resulting from cryptanalysis, perhaps especially that from the Purple machine, as ‘Magic’. The British eventually settled on ‘Ultra’ for intelligence resulting from cryptanalysis, particularly that from message traffic protected by the various Enigmas. An earlier British term for Ultra had been ‘Boniface’ in an attempt to suggest, if betrayed, that it might have an individual agent as a source.

The German military also deployed several mechanical attempts at a one-time pad. Bletchley Park called them the Fish ciphers, and Max Newman and colleagues designed and deployed the Heath Robinson, and then the world’s first programmable digital electronic computer, the Colossus, to help with their cryptanalysis. The German Foreign Office began to use the one-time pad in 1919; some of this traffic was read in WWII partly as the result of recovery of some key material in South America that was discarded without sufficient care by a German courier.

The Japanese Foreign Office used a locally developed electrical stepping switch based system, named Purple by the US, and also had used several similar machines for attaches in some Japanese embassies. One of these was called the ‘M-machine’ by the US, another was referred to as ‘Red’. All these systems were broken, to one degree or another, by the Allies.

SIGABA is described in U.S. Patent 6,175,625 , filed in 1944 but not issued until 2001. Allied cipher machines used in WWII included the British TypeX and the American SIGABA; both were electromechanical rotor designs similar in spirit to the Enigma, albeit with major improvements. Neither is known to have been broken by anyone during the War. The Poles used the Lacida machine, but its security was found to be less than intended (by Polish Army cryptographers in the UK), and its use was discontinued. US troops in the field used the M-209 and the still less secure M-94 family machines. British SOE agents initially used ‘poem ciphers’ (memorized poems were the encryption/decryption keys), but later in the War, they began to switch to one-time pads.

The VIC cipher (used at least until 1957 in connection with Rudolf Abel’s NY spy ring) was a very complex hand cipher, and is claimed to be the most complicated known to have been used by the Soviets, according to David Kahn in Kahn on Codes. For the decrypting of Soviet ciphers (particularly when one-time pads were reused), see the Venona project.

Until the 1970s, secure cryptography was largely the preserve of governments. Two events have since brought it squarely into the public domain:

The era of modern cryptography really begins with Claude Shannon, arguably the father of mathematical cryptography, with the work he did during WWII on communications security. In 1949 he published Communication Theory of Secrecy Systems in the Bell System Technical Journal and a little later the book, Mathematical Theory of Communication, with Warren Weaver. Both included results from his WWII work. These, in addition to his other works on information and communication theory established a solid theoretical basis for cryptography and also for much of cryptanalysis. And with that, cryptography more or less disappeared into secret government communications organizations such as NSA, GCHQ, and their equivalents elsewhere. Very little work was again made public until the mid ’70s, when everything changed.

The mid-1970s saw two major public i.e., non-secret; advances. First was the publication of the draft Data Encryption Standard in the U.S. Federal Register on 17 March 1975. The proposed DES cipher was submitted by a research group at IBM, at the invitation of the National Bureau of Standards (now NIST), in an effort to develop secure electronic communication facilities for businesses such as banks and other large financial organizations. After ‘advice’ and modification by NSA, acting behind the scenes, it was adopted and published as a Federal Information Processing Standard Publication in 1977 (currently at FIPS 46-3). DES was the first publicly accessible cipher to be ‘blessed’ by a national agency such as NSA. The release of its specification by NBS stimulated an explosion of public and academic interest in cryptography.

The aging DES was officially replaced by the Advanced Encryption Standard (AES) in 2001 when NIST announced FIPS 197. After an open competition, NIST selected Rijndael, submitted by two Belgian cryptographers, to be the AES. DES, and more secure variants of it (such as Triple DES; see FIPS 46-3), are still used today, having been incorporated into many national and organizational standards. However, its 56-bit key-size has been shown to be insufficient to guard against brute force attacks. One such attack, undertaken by the cyber civil-rights group Electronic Frontier Foundation in 1997, succeeded in 56 hours the story is in Cracking DES, published by O’Reilly and Associates. As a result, use of straight DES encryption is now without doubt insecure for use in new cryptosystem designs, and messages protected by older cryptosystems using DES, and indeed all messages sent since 1976 using DES, are also at risk. Regardless of DES’ inherent quality, the DES key size (56-bits) was thought to be too small by some even in 1976, perhaps most publicly by Whitfield Diffie. There was suspicion that government organizations even then had sufficient computing power to break DES messages; clearly others have achieved this capability.

The second development, in 1976, was perhaps even more important, for it fundamentally changed the way cryptosystems might work. This was the publication of the paper New Directions in Cryptography by Whitfield Diffie and Martin Hellman. It introduced a radically new method of distributing cryptographic keys, which went far toward solving one of the fundamental problems of cryptography, key distribution, and has become known as the Diffie-Hellman key exchange. The article also stimulated the almost immediate public development of a new class of enciphering algorithms, the asymmetric key algorithms.

Prior to that time, all useful modern encryption algorithms had been symmetric key algorithms, in which the same cryptographic key is used with the underlying algorithm by both the sender and the recipient, who must both keep it secret. All of the electromechanical machines used in WWII were of this logical class, as were the Caesar and Atbash ciphers and essentially all cipher systems throughout history. The ‘key’ for a code is the codebook, which must likewise be distributed and kept secret, and so shares most of the same problems in practice.

Of necessity, the key in every such system had to be exchanged between the communicating parties in some secure way prior to any use of the system (the term usually used is ‘via a secure channel’) such as a trustworthy courier with a briefcase handcuffed to a wrist, or face-to-face contact, or a loyal carrier pigeon. This key management requirement is never trivial and very rapidly becomes unmanageable as the number of participants increases, or when secure channels aren’t available for key exchange, or when, as is sensible cryptographic practice, keys are frequently changed. In particular, if messages are meant to be secure from other users, a separate key is required for each possible pair of users. A system of this kind is known as a secret key, or symmetric key cryptosystem. D-H key exchange (and succeeding improvements and variants) made operation of these systems much easier, and more secure, than had ever been possible before in all of history.

In contrast, asymmetric key encryption uses a pair of mathematically related keys, each of which decrypts the encryption performed using the other. Some, but not all, of these algorithms have the additional property that one of the paired keys cannot be deduced from the other by any known method other than trial and error. An algorithm of this kind is known as a public key or asymmetric key system. Using such an algorithm, only one key pair is needed per user. By designating one key of the pair as private (always secret), and the other as public (often widely available), no secure channel is needed for key exchange. So long as the private key stays secret, the public key can be widely known for a very long time without compromising security, making it safe to reuse the same key pair indefinitely.

For two users of an asymmetric key algorithm to communicate securely over an insecure channel, each user will need to know their own public and private keys as well as the other user’s public key. Take this basic scenario: Alice and Bob each have a pair of keys they’ve been using for years with many other users. At the start of their message, they exchange public keys, unencrypted over an insecure line. Alice then encrypts a message using her private key, and then re-encrypts that result using Bob’s public key. The double-encrypted message is then sent as digital data over a wire from Alice to Bob. Bob receives the bit stream and decrypts it using his own private key, and then decrypts that bit stream using Alice’s public key. If the final result is recognizable as a message, Bob can be confident that the message actually came from someone who knows Alice’s private key (presumably actually her if she’s been careful with her private key), and that anyone eavesdropping on the channel will need Bob’s private key in order to understand the message.

Asymmetric algorithms rely for their effectiveness on a class of problems in mathematics called one-way functions, which require relatively little computational power to execute, but vast amounts of power to reverse, if reversal is possible at all. A classic example of a one-way function is multiplication of very large prime numbers. It’s fairly quick to multiply two large primes, but very difficult to find the factors of the product of two large primes. Because of the mathematics of one-way functions, most possible keys are bad choices as cryptographic keys; only a small fraction of the possible keys of a given length are suitable, and so asymmetric algorithms require very long keys to reach the same level of security provided by relatively shorter symmetric keys. The need to both generate the key pairs, and perform the encryption/decryption operations make asymmetric algorithms computationally expensive, compared to most symmetric algorithms. Since symmetric algorithms can often use any sequence of (random, or at least unpredictable) bits as a key, a disposable session key can be quickly generated for short-term use. Consequently, it is common practice to use a long asymmetric key to exchange a disposable, much shorter (but just as strong) symmetric key. The slower asymmetric algorithm securely sends a symmetric session key, and the faster symmetric algorithm takes over for the remainder of the message.

Asymmetric key cryptography, Diffie-Hellman key exchange, and the best known of the public key / private key algorithms (i.e., what is usually called the RSA algorithm), all seem to have been independently developed at a UK intelligence agency before the public announcement by Diffie and Hellman in 1976. GCHQ has released documents claiming they had developed public key cryptography before the publication of Diffie and Hellman’s paper. Various classified papers were written at GCHQ during the 1960s and 1970s which eventually led to schemes essentially identical to RSA encryption and to Diffie-Hellman key exchange in 1973 and 1974. Some of these have now been published, and the inventors (James H. Ellis, Clifford Cocks, and Malcolm Williamson) have made public select parts of their work.

The public developments of the 1970s broke the near monopoly on high quality cryptography held by government organizations, refer to S Levy’s Crypto for a journalistic account of some of the policy controversy of the time in the US. For the first time ever, those outside government organizations had access to cryptography not readily breakable by anyone, including governments. Considerable controversy, and conflict, both public and private, began more or less immediately. It has not yet subsided. In many countries, for example, export of cryptography is subject to restrictions. Until 1996 export from the U.S. of cryptography using keys longer than 40 bits, ie too small to be very secure against a knowledgeable attacker, was sharply limited. As recently as 2004, former FBI Director Louis Freeh, testifying before the 9/11 Commission, called for new laws against public use of encryption.

One of the most significant people favouring strong encryption for public use was Phil Zimmermann. He wrote and then in 1991 released PGP (Pretty Good Privacy), a very high quality crypto system. He distributed a freeware version of PGP when he felt threatened by legislation then under consideration by the US Government that would require backdoors to be included in all cryptographic products developed within the US. His system was released worldwide shortly after he released it in the US, and that began a long criminal investigation of him by the US Government Justice Department for the alleged violation of export restrictions. The Justice Department eventually dropped its case against Zimmermann, and the freeware distribution of PGP has continued around the world. PGP even eventually became an open Internet standard, RFC 2440 or OpenPGP.

The development of cryptography has been paralleled by near equal developments in cryptoanalysis of the “breaking” of codes and ciphers. The early discovery and application of frequency analysis to the reading of encrypted communications has on occasion altered the course of history. Thus the Zimmermann Telegram triggered the United States’ entry into World War I; and Allied reading of Nazi Germany’s ciphers shortened World War II, in some evaluations by as much as two years.

Modern cryptoanalysts sometimes harness large numbers of integrated circuits. This board is part of the EFF DES cracker, which contained over 1800 custom chips and could brute force a DES key in a matter of days. While modern ciphers like AES and the higher quality asymmetric ciphers are widely considered unbreakable, poor designs and implementations are still sometimes adopted and there have been important cryptanalytic breaks of deployed crypto systems in recent years.

Notable examples of broken crypto designs include DES, the first Wi-Fi encryption scheme WEP, the Content Scrambling System used for encrypting and controlling DVD use, the A5/1 and A5/2 ciphers used in GSM cell phones, and the CRYPTO1 cipher used in the widely deployed MIFARE Classic smart cards from NXP Semiconductors, a spun off division of Philips Electronics. All of these are symmetric ciphers. Thus far, not one of the mathematical ideas underlying public key cryptography has been proven to be ‘unbreakable’, and so some future mathematical analysis advance might render systems relying on them insecure. While few informed observers foresee such a breakthrough, the key size recommended for security as best practice keeps increasing as increased computing power required for breaking codes becomes cheaper and more available.

More recent developments utilising quantum computing is the NTRUEncrypt lattice based systems first proposed in 1996. It was standardised in 2008 by the IEEE Std 1363.1. This currently appears to be the leading candidate when RSA and elliptic curve cryptography eventually need to be withdrawn. The parallels, and an ideafor quantum encryption techniques are based on the massive computational intensive thermodynamics modelling in the book by George G Szpiro.

A5/0 utilizes no encryption.

A5/1 is the original A5 algorithm used in Europe.

A5/2 is a weaker encryption algorithm created for export and used in the United States.

A5/3 is a strong encryption algorithm created as part of the 3rd Generation Partnership Project (3GPP).

Motorola build voice/data crypto radios, XTS3000, XTS5000 etc. These have DES-XL, DVI-XL, DVP-XL (noting DVP is an early first generation Securenet product).

DVP is a Motorola developed Digital Voice Privacy algorithm made in the mid-1970’s using 32bit key length.

DES is Motorola encryption algorithm that meets US Government encryption guidelines, using a 56bit DES key.

DVP-XL is Motorola proprietary encryption algorithm using 32bit key encryption.

DVI-XL is an export grade variant of DVP-XL for export outside of the US.

DES-XL is a Motorola variant of the US Government DES algorithm.

DVP and DES are self-synchronizing modes of operation, coverage range is slightly degraded due to data errors due to Rayleigh fading on radio channel.

DVP-XL, DVI-XL, DES-XL use a sync header and periodic sync updates. For operation on fading radio channels, this provides encryption coverage range similar to analog FM voice coverage.

DVP-XL, DVI-XL, and DES-XL should provide similar coverage on conventional or trunked systems. Since current generation of trunking control channels are not encrypted, someone could monitor which talkgroups are active and the general level of activity, even though they could not monitor the talkgroup conversations on the traffic channels.

DES-OFB used output feedback for error correction.

ADP is a 40bit key length software based encryption method, simple, but restricts hardware updates.

AES-256, these algorithms that use a 256 bit key length.

Microsoft messed up the Windows 3.1 and Windows 95 password file (.PWL) encryption key processing, providing a maximum of 32 bits of keyspace. A dictionary attack could recover most password in a few seconds. Frank Stevenson extended this attack by taking advantage of the fact that the RC4 cipher that Microsoft used was a pure keystream generator, allowing all information protected with it to be recovered in a fraction of a second, even with more recent upgrades to 128bit keys.

The idea of self encrypting polymorphic viruses gained popularity in the early 1990s and brought to life generators of polymorphic code – in early 1992 the famous “Dedicated” virus appears, based on the first known polymorphic generator MtE and the first in a series of MtE-viruses; shortly after that there appears the polymorphic generator itself.

Cryptography is featured heavily in the 1998 film Mercury Rising with Bruce Willis, Alec Baldwin and Miko Hughes.

The 1992 film Sneakers touches on crypro techniques, and the 1988 Vietnam war film Bat 21 shows a crypto style graphical map key used to rescue a general.

“The Cryptographer”, Tobias Hill, Faber and Faber, 2003. Fiction. Investigative novel around the world’s first Quadrillionaire who made money from code breaking.

Bamford, James. The Puzzle Palace. Boston: Houghton Mifflin, 1982.

Bennett, Charles, Gilles Brassard, and Artur K. Ekert. Quantum Cryptography. Scientific American 267, Issue 4,July 1992.

Coe, Michael D. Breaking the Maya Code. London and New York: Thames and Hudson, 1992.

Fouche Gaines, Helen. Cryptanalysis: A Study of Ciphers and Their Solution. New York: Dover Publications, 1956.

Kahn, David. The Codebreakers, rev. ed. New York: Scribner, 1996.

Mel, H.X., and Doris Baker. Cryptography Decrypted. Boston, MA: Addison, Wesley, 2001.

Menezes, A. J., Paul C. Oorschot, and S. Vanstone. Handbook of Applied Cryptography. Boca Raton: CRC Press, 1996.

Port, Otis with Inka Resch, Theyre Listening to Your Calls. Businessweek, May 31, 1999.

Russell, Francis. The Secret War. Virginia: Time-Life Books, 1981.

Singh, Simon. The Code Book. New York: Doubleday, 1998.

Szpiro, George G. The Secret Life of Numbers. Washington, DC: Joseph Henry Press, 2006

Encryption Wars Article – Spectrum Magazine May 2000

Exhaustive Cryptoanalysis of the NBS Data Encryption Standard

View post:
Cryptography – Engineering and Technology History Wiki

What is Cryptography & Types of Cryptography | Synopsys

With symmetric cryptography, the same key is used for both encryption and decryption. A sender and a recipient must already have a shared key that is known to both. Key distribution is a tricky problemand was the impetus for developing asymmetric cryptography.

With asymmetric crypto, two different keys are used for encryption and decryption. Every user in an asymmetric cryptosystem has both a public key and a private key. The private key is kept secret at all times, but the public key may be freely distributed.

Data encrypted with a public key may only be decrypted with the corresponding private key. So, sending a message to John requires encrypting that message with Johns public key. Only John can decrypt the message, as only John has his private key. Any data encrypted with a private key can only be decrypted with the corresponding public key. Similarly, Jane could digitally sign a message with her private key, and anyone with Janes public key could decrypt the signed message and verify that it was in fact Jane who sent it.

Symmetric is generally very fast and ideal for encrypting large amounts of data (e.g., an entire disk partition or database). Asymmetric is much slower and can only encrypt pieces of data that are smaller than the key size (typically 2048 bits or smaller). Thus, asymmetric crypto is generally used to encrypt symmetric encryption keys which are then used to encrypt much larger blocks of data. For digital signatures, asymmetric crypto is generally used to encrypt the hashes of messages rather than entire messages.

A cryptosystem provides for managing cryptographic keys including generation, exchange, storage, use, revocation, and replacement of the keys.

Originally posted here:
What is Cryptography & Types of Cryptography | Synopsys

Cryptology – Cryptography | Britannica.com

The easiest way to describe the techniques on which cryptography depends is first to examine some simple cipher systems and then abstract from these examples features that apply to more complex systems. There are two basic kinds of mathematical operations used in cipher systems: transpositions and substitutions. Transpositions rearrange the symbols in the plaintext without changing the symbols themselves. Substitutions replace plaintext elements (symbols, pairs of symbols, etc.) with other symbols or groups of symbols without changing the sequence in which they occur.

In manual systems transpositions are generally carried out with the aid of an easily remembered mnemonic. For example, a popular schoolboy cipher is the rail fence, in which letters of the plaintext are written alternating between rows and the rows are then read sequentially to give the cipher. In a depth-two rail fence (two rows) the message WE ARE DISCOVERED SAVE YOURSELF would be written

Simple frequency counts on the ciphertext would reveal to the cryptanalyst that letters occur with precisely the same frequency in the cipher as in an average plaintext and, hence, that a simple rearrangement of the letters is probable.

The rail fence is the simplest example of a class of transposition ciphers, known as route ciphers, that enjoyed considerable popularity in the early history of cryptology. In general, the elements of the plaintext (usually single letters) are written in a prearranged order (route) into a geometric array (matrix)typically a rectangleagreed upon in advance by the transmitter and receiver and then read off by following another prescribed route through the matrix to produce the cipher. The key in a route cipher consists of keeping secret the geometric array, the starting point, and the routes. Clearly, both the matrix and the routes can be much more complex than in this example; but even so, they provide little security. One form of transposition (permutation) that was widely used depends on an easily remembered key word for identifying the route in which the columns of a rectangular matrix are to be read. For example, using the key word AUTHOR and ordering the columns by the lexicographic order of the letters in the key word

In decrypting a route cipher, the receiver enters the ciphertext symbols into the agreed-upon matrix according to the encryption route and then reads the plaintext according to the original order of entry. A significant improvement in cryptosecurity can be achieved by reencrypting the cipher obtained from one transposition with another transposition. Because the result (product) of two transpositions is also a transposition, the effect of multiple transpositions is to define a complex route in the matrix, which in itself would be difficult to describe by any simple mnemonic. (See Product ciphers, below.)

In the same class also fall systems that make use of perforated cardboard matrices called grilles; descriptions of such systems can be found in most older books on cryptography. In contemporary cryptography, transpositions serve principally as one of several encryption steps in forming a compound or product cipher.

In substitution ciphers, units of the plaintext (generally single letters or pairs of letters) are replaced with other symbols or groups of symbols, which need not be the same as those used in the plaintext. For instance, in Sir Arthur Conan Doyles Adventure of the Dancing Men (1903), Sherlock Holmes solves a monoalphabetic substitution cipher in which the ciphertext symbols are stick figures of a human in various dancelike poses.

The simplest of all substitution ciphers are those in which the cipher alphabet is merely a cyclical shift of the plaintext alphabet. Of these, the best-known is the Caesar cipher, used by Julius Caesar, in which A is encrypted as D, B as E, and so forth. As many a schoolboy has discovered to his embarrassment, cyclical-shift substitution ciphers are not secure. And as is pointed out in the section Cryptanalysis, neither is any other monoalphabetic substitution cipher in which a given plaintext symbol is always encrypted into the same ciphertext symbol. Because of the redundancy of the English language, only about 25 symbols of ciphertext are required to permit the cryptanalysis of monoalphabetic substitution ciphers, which makes them a popular source for recreational cryptograms. The explanation for this weakness is that the frequency distributions of symbols in the plaintext and in the ciphertext are identical, only the symbols having been relabeled. In fact, any structure or pattern in the plaintext is preserved intact in the ciphertext, so that the cryptanalysts task is an easy one.

There are two main approaches that have been employed with substitution ciphers to lessen the extent to which structure in the plaintextprimarily single-letter frequenciessurvives in the ciphertext. One approach is to encrypt elements of plaintext consisting of two or more symbols; e.g., digraphs and trigraphs. The other is to use several cipher alphabets. When this approach of polyalphabetic substitution is carried to its limit, it results in onetime keys, or pads.

In cryptosystems for manually encrypting units of plaintext made up of more than a single letter, only digraphs were ever used. By treating digraphs in the plaintext as units rather than as single letters, the extent to which the raw frequency distribution survives the encryption process can be lessened but not eliminated, as letter pairs are themselves highly correlated. The best-known digraph substitution cipher is the Playfair, invented by Sir Charles Wheatstone but championed at the British Foreign Office by Lyon Playfair, the first Baron Playfair of St. Andrews. Below is an example of a Playfair cipher, solved by Lord Peter Wimsey in Dorothy L. Sayerss Have His Carcase (1932). Here, the mnemonic aid used to carry out the encryption is a 5 5-square matrix containing the letters of the alphabet (I and J are treated as the same letter). A key word, MONARCHY in this example, is filled in first, and the remaining unused letters of the alphabet are entered in their lexicographic order:

Plaintext digraphs are encrypted with the matrix by first locating the two plaintext letters in the matrix. They are (1) in different rows and columns; (2) in the same row; (3) in the same column; or (4) alike. The corresponding encryption (replacement) rules are the following:

When the two letters are in different rows and columns, each is replaced by the letter that is in the same row but in the other column; i.e., to encrypt WE, W is replaced by U and E by G.

When A and R are in the same row, A is encrypted as R and R (reading the row cyclically) as M.

When I and S are in the same column, I is encrypted as S and S as X.

When a double letter occurs, a spurious symbol, say Q, is introduced so that the MM in SUMMER is encrypted as NL for MQ and CL for ME.

An X is appended to the end of the plaintext if necessary to give the plaintext an even number of letters.

Encrypting the familiar plaintext example using Sayerss Playfair array yields:

If the frequency distribution information were totally concealed in the encryption process, the ciphertext plot of letter frequencies in Playfair ciphers would be flat. It is not. The deviation from this ideal is a measure of the tendency of some letter pairs to occur more frequently than others and of the Playfairs row-and-column correlation of symbols in the ciphertextthe essential structure exploited by a cryptanalyst in solving Playfair ciphers. The loss of a significant part of the plaintext frequency distribution, however, makes a Playfair cipher harder to cryptanalyze than a monoalphabetic cipher.

The other approach to concealing plaintext structure in the ciphertext involves using several different monoalphabetic substitution ciphers rather than just one; the key specifies which particular substitution is to be employed for encrypting each plaintext symbol. The resulting ciphers, known generically as polyalphabetics, have a long history of usage. The systems differ mainly in the way in which the key is used to choose among the collection of monoalphabetic substitution rules.

The best-known polyalphabetics are the simple Vigenre ciphers, named for the 16th-century French cryptographer Blaise de Vigenre. For many years this type of cipher was thought to be impregnable and was known as le chiffre indchiffrable, literally the unbreakable cipher. The procedure for encrypting and decrypting Vigenre ciphers is illustrated in the figure.

In the simplest systems of the Vigenre type, the key is a word or phrase that is repeated as many times as required to encipher a message. If the key is DECEPTIVE and the message is WE ARE DISCOVERED SAVE YOURSELF, then the resulting cipher will be

The graph shows the extent to which the raw frequency of occurrence pattern is obscured by encrypting the text of this article using the repeating key DECEPTIVE. Nevertheless, in 1861 Friedrich W. Kasiski, formerly a German army officer and cryptanalyst, published a solution of repeated-key Vigenre ciphers based on the fact that identical pairings of message and key symbols generate the same cipher symbols. Cryptanalysts look for precisely such repetitions. In the example given above, the group VTW appears twice, separated by six letters, suggesting that the key (i.e., word) length is either three or nine. Consequently, the cryptanalyst would partition the cipher symbols into three and nine monoalphabets and attempt to solve each of these as a simple substitution cipher. With sufficient ciphertext, it would be easy to solve for the unknown key word.

The periodicity of a repeating key exploited by Kasiski can be eliminated by means of a running-key Vigenre cipher. Such a cipher is produced when a nonrepeating text is used for the key. Vigenre actually proposed concatenating the plaintext itself to follow a secret key word in order to provide a running key in what is known as an autokey.

Even though running-key or autokey ciphers eliminate periodicity, two methods exist to cryptanalyze them. In one, the cryptanalyst proceeds under the assumption that both the ciphertext and the key share the same frequency distribution of symbols and applies statistical analysis. For example, E occurs in English plaintext with a frequency of 0.0169, and T occurs only half as often. The cryptanalyst would, of course, need a much larger segment of ciphertext to solve a running-key Vigenre cipher, but the basic principle is essentially the same as beforei.e., the recurrence of like events yields identical effects in the ciphertext. The second method of solving running-key ciphers is commonly known as the probable-word method. In this approach, words that are thought most likely to occur in the text are subtracted from the cipher. For example, suppose that an encrypted message to President Jefferson Davis of the Confederate States of America was intercepted. Based on a statistical analysis of the letter frequencies in the ciphertext, and the Souths encryption habits, it appears to employ a running-key Vigenre cipher. A reasonable choice for a probable word in the plaintext might be PRESIDENT. For simplicity a space will be encoded as a 0. PRESIDENT would then be encodednot encryptedas 16, 18, 5, 19, 9, 4, 5, 14, 20 using the rule A = 1, B = 2, and so forth. Now these nine numbers are added modulo 27 (for the 26 letters plus a space symbol) to each successive block of nine symbols of ciphertextshifting one letter each time to form a new block. Almost all such additions will produce random-like groups of nine symbols as a result, but some may produce a block that contains meaningful English fragments. These fragments can then be extended with either of the two techniques described above. If provided with enough ciphertext, the cryptanalyst can ultimately decrypt the cipher. What is important to bear in mind here is that the redundancy of the English language is high enough that the amount of information conveyed by every ciphertext component is greater than the rate at which equivocation (i.e., the uncertainty about the plaintext that the cryptanalyst must resolve to cryptanalyze the cipher) is introduced by the running key. In principle, when the equivocation is reduced to zero, the cipher can be solved. The number of symbols needed to reach this point is called the unicity distanceand is only about 25 symbols, on average, for simple substitution ciphers.

In 1918 Gilbert S. Vernam, an engineer for the American Telephone & Telegraph Company (AT&T), introduced the most important key variant to the Vigenre system. At that time all messages transmitted over AT&Ts teleprinter system were encoded in the Baudot Code, a binary code in which a combination of marks and spaces represents a letter, number, or other symbol. Vernam suggested a means of introducing equivocation at the same rate at which it was reduced by redundancy among symbols of the message, thereby safeguarding communications against cryptanalytic attack. He saw that periodicity (as well as frequency information and intersymbol correlation), on which earlier methods of decryption of different Vigenre systems had relied, could be eliminated if a random series of marks and spaces (a running key) were mingled with the message during encryption to produce what is known as a stream or streaming cipher.

There was one serious weakness in Vernams system, however. It required one key symbol for each message symbol, which meant that communicants would have to exchange an impractically large key in advancei.e., they had to securely exchange a key as large as the message they would eventually send. The key itself consisted of a punched paper tape that could be read automatically while symbols were typed at the teletypewriter keyboard and encrypted for transmission. This operation was performed in reverse using a copy of the paper tape at the receiving teletypewriter to decrypt the cipher. Vernam initially believed that a short random key could safely be reused many times, thus justifying the effort to deliver such a large key, but reuse of the key turned out to be vulnerable to attack by methods of the type devised by Kasiski. Vernam offered an alternative solution: a key generated by combining two shorter key tapes of m and n binary digits, or bits, where m and n share no common factor other than 1 (they are relatively prime). A bit stream so computed does not repeat until mn bits of key have been produced. This version of the Vernam cipher system was adopted and employed by the U.S. Army until Major Joseph O. Mauborgne of the Army Signal Corps demonstrated during World War I that a cipher constructed from a key produced by linearly combining two or more short tapes could be decrypted by methods of the sort employed to cryptanalyze running-key ciphers. Mauborgnes work led to the realization that neither the repeating single-key nor the two-tape Vernam-Vigenre cipher system was cryptosecure. Of far greater consequence to modern cryptologyin fact, an idea that remains its cornerstonewas the conclusion drawn by Mauborgne and William F. Friedman that the only type of cryptosystem that is unconditionally secure uses a random onetime key. The proof of this, however, was provided almost 30 years later by another AT&T researcher, Claude Shannon, the father of modern information theory.

In a streaming cipher the key is incoherenti.e., the uncertainty that the cryptanalyst has about each successive key symbol must be no less than the average information content of a message symbol. The dotted curve in the figure indicates that the raw frequency of occurrence pattern is lost when the draft text of this article is encrypted with a random onetime key. The same would be true if digraph or trigraph frequencies were plotted for a sufficiently long ciphertext. In other words, the system is unconditionally secure, not because of any failure on the part of the cryptanalyst to find the right cryptanalytic technique but rather because he is faced with an irresolvable number of choices for the key or plaintext message.

In the discussion of transposition ciphers it was pointed out that by combining two or more simple transpositions, a more secure encryption may result. In the days of manual cryptography this was a useful device for the cryptographer, and in fact double transposition or product ciphers on key word-based rectangular matrices were widely used. There was also some use of a class of product ciphers known as fractionation systems, wherein a substitution was first made from symbols in the plaintext to multiple symbols (usually pairs, in which case the cipher is called a biliteral cipher) in the ciphertext, which was then encrypted by a final transposition, known as superencryption. One of the most famous field ciphers of all time was a fractionation system, the ADFGVX cipher employed by the German army during World War I. This system used a 6 6 matrix to substitution-encrypt the 26 letters and 10 digits into pairs of the symbols A, D, F, G, V, and X. The resulting biliteral cipher was then written into a rectangular array and route encrypted by reading the columns in the order indicated by a key word, as illustrated in the figure.

The great French cryptanalyst Georges J. Painvin succeeded in cryptanalyzing critical ADFGVX ciphers in 1918, with devastating effect for the German army in the battle for Paris.

View post:
Cryptology – Cryptography | Britannica.com

Definition of Cryptography | What is Cryptography …

Definition: Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa. It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. Cryptography not only protects data from theft or alteration, but can also be used for user authentication.

Description: Earlier cryptography was effectively synonymous with encryption but nowadays cryptography is mainly based on mathematical theory and computer science practice.

Modern cryptography concerns with:

Confidentiality – Information cannot be understood by anyone

Integrity – Information cannot be altered.

Non-repudiation – Sender cannot deny his/her intentions in the transmission of the information at a later stage

Authentication – Sender and receiver can confirm each

Cryptography is used in many applications like banking transactions cards, computer passwords, and e- commerce transactions.

Three types of cryptographic techniques used in general.

1. Symmetric-key cryptography

2. Hash functions.

3. Public-key cryptography

Symmetric-key Cryptography: Both the sender and receiver share a single key. The sender uses this key to encrypt plaintext and send the cipher text to the receiver. On the other side the receiver applies the same key to decrypt the message and recover the plain text.

Public-Key Cryptography: This is the most revolutionary concept in the last 300-400 years. In Public-Key Cryptography two related keys (public and private key) are used. Public key may be freely distributed, while its paired private key, remains a secret. The public key is used for encryption and for decryption private key is used.

Hash Functions: No key is used in this algorithm. A fixed-length hash value is computed as per the plain text that makes it impossible for the contents of the plain text to be recovered. Hash functions are also used by many operating systems to encrypt passwords.

More here:
Definition of Cryptography | What is Cryptography …

StoreName Enumeration (System.Security.Cryptography …

This documentation is archived and is not being maintained.

.NET Framework (current version)

The .NET API Reference documentation has a new home. Visit the .NET API Browser on docs.microsoft.com to see the new experience.

Specifies the name of the X.509 certificate store to open.

System (in System.dll)

The X.509 certificate store for other users.

The X.509 certificate store for third-party certificate authorities (CAs).

The X.509 certificate store for intermediate certificate authorities (CAs).

The X.509 certificate store for revoked certificates.

The X.509 certificate store for personal certificates.

The X.509 certificate store for trusted root certificate authorities (CAs).

The X.509 certificate store for directly trusted people and resources.

The X.509 certificate store for directly trusted publishers.

This enumeration specifies the X.509 store name, which also includes the type of certificates included. For example, My includes personal certificates, whereas Disallowed includes only revoked certificates.

The following code example opens an X.509 certificate store, adds and deletes certificates, and then closes the store. It assumes you have three certificates to add to and remove from a local store.

.NET Framework Available since 2.0

See more here:
StoreName Enumeration (System.Security.Cryptography …

Reviews for Cryptography from Coursera | Class Central

Understand and Apply Fundamental Concepts of CryptographyModule Topics: Encryption Concepts, Methods of Cryptography, Specific Hashing, In Encryption Concepts you will learn about key concepts and definitions and high work factor. In Methods of Cryptography you will learn about stream-based ciphers, stream-based cipher rules, block ciphers, Initialization Vectors (IV) Why are they needed? basic block cipher modes, evaluation of algorithms, common encryption techniques, encryption algorithm characteristics, and hashing. In Specific Hashing you will learn about message digest (MD) 2, 4, and 5, secure hash algorithm (SHA) 0, 1, and 2, hAVAL, RIPEMD-160, attacks on hashing algorithms and message authentication codes, and the birthday paradox.

Understand Requirements for CryptographyModule Topics: Salting, Symmetric/Asymmetric Cryptography, Non-Repudiation, Methods of Cryptanalytic Attack, Data Sensitivity and Regulatory Requirements, End-User Training. In data Sensitivity and Regulatory Requirements. In Symmetric/Asymmetric Cryptography you will learn about encryption and decryption, symmetric cryptography, out-of-band key distribution, advantages and disadvantages of DES, double DES, meet-in-the-middle, triple DES (3DES), advanced encryption standard (AES), Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP), and how CCMP works, Rijndael. In Additional algorithms you will learn about International Data Encryption Algorithm (IDEA), CAST, Secure and Fast Encryption Routine (SAFER), Blowfish, Twofish, RC5, RC4, advantages and disadvantages of symmetric algorithms, asymmetric cryptography, asymmetric algorithms, confidential messages, open message, confidential messages with proof of origin, RSA, attacking RSA, DiffieHellmann Algorithm, El Gamal, Elliptic Curve Cryptography (ECC), advantages and disadvantages of asymmetric key algorithms, hybrid cryptography, message digests, message authentication code (MAC), HMAC, digital signatures, and Non-Repudiation. In methods of Cryptanalytic Attack you will learn about chosen plain-text, Social engineering for key discovery, brute force, differential cryptanalysis, linear cryptanalysis, Algebraic, rainbow table, ciphertext-only attack, known plaintext, frequency analysis, chosen cipher-text, birthday attack, dictionary attack, replay attack, reverse engineering, and temporary files. In Data Sensitivity and Regulatory Requirements you will learn about data classification examples, protected data examples, non-sensitive data examples, legislative and regulatory compliance, United States example, privacy requirements compliance, and European Data Protection Directive. In End-User Training you will learn about security awareness training topics.

Operate and Implement Cryptographic SystemModule Topics: Public Key Infrastructure (PKI), Fundamental Key Management concepts, Creation and Distribution of Keys, Web of Trust, Secure Protocols. In PKI you will learn about functions of CA, establishing trust, and X.509v3 certification issued by VeriSign. In Fundamental Key Management Concepts you will learn about standards for financial institutions, segregation of duties, and examples. In Creation and Distribution of Keys you will learn about truly random, random, generating a two-key encryption key set, key length, Asymmetric key length, key wrapping and key encryption keys, key distribution, key distribution centers, key storage and destruction, factors affecting risk exposure, cost of certificate replacement/revocation, key recovery, key escrow. In Secure Protocols you will learn about Authentication Header (AH), Encapsulating Security Payload (ESP), security associations, transport mode and tunnel mode, Internet Key Exchange (IKE), Secure/Multipurpose Internet Mail Extensions (S/MIME), S/MIME provides two security services, digital signatures, process for verifying a digital signature of an E-Mail message, message encryption, process for encryption of an E-Mail message, process for decrypting an E-Mail message, process of digitally signing and encrypting an E-mail message, process of decrypting an E-Mail message and verifying a digital signature, and triple-wrapped messages.

Cryptography Case StudyThis assignment is based on a case study that will require the student to put into practice the knowledge they have gained through the course. It requires the basic understanding of the topics and the ability to relate those topics to the real world. The objective of review is to determine whether the student has understood the concepts and has performed the necessary analysis to ensure a complete and thorough answer.

End-of-Course Assessment

More:
Reviews for Cryptography from Coursera | Class Central