Cryptology is the study of encoding and decoding messages and the study of the mathematical foundations of cryptographic messages. The processes involved in cryptology rely on the principles of mathematics and statistics, and encompass areas such as probability theory, number theory, abstract algebra, and formula analysis.

Cryptography is the art of creating a code for a secret message, and is also known as encryption, or encrypting a message. Cryptanalysis is the art of breaking, or decrypting, the message without the use of the appropriate key. In other words, code-breakers are individuals who intercept or retrieve information not intended for them.

Historic Overview

The word “cryptology” comes from the Greek word kryptos, which means hidden. Cryptology dates back at least 4,000 years to its earliest recorded use in Egyptian hieroglyphics. Historically, the primary motivation for secure communications has been military: namely to keep the enemy from learning of plans even if they captured messages.

For example, when Julius Caesar (100 B.C.E.–44 B.C.E.) sent messages, he used a method that replaced every A with a D, every B with an E, and so on. Only those with whom Caesar entrusted his “shift by three” method could decrypt his messages.

Throughout the centuries, cryptology has continued to play a major role in military applications. For example, the success of mathematicians and cryptanalysts in breaking the seemingly unbreakable Nazi Enigma code greatly influenced the outcome of World War II. The German Enigma machine was a complex electromechanical encoding apparatus whose invention in 1918 for banking purposes quickly led to use by the German military. To solve the Enigma machine cipher, analysts had to determine which of the15 billion billion (15x 10¹⁸) settings were used.

Three young Polish mathematicians first broke the Enigma code in 1933. In 1939 they passed along their knowledge to Great Britain and France, who—with American support—went on to break the ever-changing versions of the wartime Enigma. British mathematician Alan Turing further developed an idea originally proposed by the Poles: namely, an electromechanical machine (later known as The Bombe) that greatly reduced the odds, and therefore the time required, to break the daily-changing Enigma keys.

In today’s world of e-commerce and global concerns, secure communications are an ever-increasing necessity. Diplomatic codes are now common.

And the importance of information in everyday transactions has increased interest in both business and personal security.

Encryption and Security

Most encryption involves a key and a set of steps or a procedure known as an algorithm. The key is an item of information used repeatedly in the algorithm while the message (called plaintext, even if it is sound or pictures) is being encrypted. The key customizes the algorithm. It is used with the algorithm for encoding and again later for decoding an entire message. If one knows the algorithm and the key, retrieving the plaintext from an encoded message is easy.

Encryption systems fall into one of two main categories. In symmetrickey encryption, the key is the same for the encryption of the message as for the decryption: that is, both the encoder and the decoder know and use the same key. In asymmetric or “public-key” encryption, the key provided to the decoder is not the same as the encoder’s key.

The transmission of symmetric-key encryptions is safe provided that nobody besides the sender and intended receiver obtains the key. However,  the problem in security arises from the difficulty of securely transferring the key so that those receiving the encrypted message are able to decrypt it.

Asymmetric keys minimize this problem because a public-key cryptosystem uses a pair of keys—a private key that remains with the encryptor, and a public key that is openly available to all users, thus eliminating the need to transfer a key in secrecy.

Levels of Security.

Systems that involve transmitting or storing the key with each message are very insecure. If an unauthorized person can recognize the key, then the next step is to recognize, guess at, or figure out the algorithm. Even without the key, the codebreaker can guess the algorithm and then, by trying all the possible keys in succession, can conceivably recover the plaintext. For example, in Caesar’s alphabetical cryptosystem discussed earlier, the cryptanalyst could simply try each of the 25 possible values of the key.

The security of transmissions can therefore be increased by increasing the number of possible keys and by increasing the amount of time it takes to try each key. If the same key is used for multiple messages, the cryptanalyst only has to figure out one key; but by varying the key from one message to another, the encryptor has essentially used a different procedure for encoding each one. With a complicated algorithm that may have a very large number of possible keys, even if the basic algorithm is known or guessed, the time and effort required to try all possible keys would take years, making decryption wholly impractical.

An example of a more secure algorithm is a book code. Both the sender and the receiver each have a copy of the same edition of some book. During encoding, each word in the plaintext is replaced with a code group that indicates where that same word appears in the book. Different occurrences of the same word in the plaintext may be represented by different code groups in the encoded message. With this method, the key is the book itself. Although a person who intercepts a message may guess that a book code is being used, the messages cannot be decoded unless the interceptor can determine what edition of what book is being used. The number of possible keys (books) is huge.

Before electronic computers became available, the most secure encryption method known was the one-time pad. The pad is a long list of different randomly chosen keys. Two (and only two) identical copies of the list of keys exist—one for the person encoding each message and another for whoever is decoding it. After being used for one message, a key is discarded and never used again. The next message will use the next key on the list. If the algorithm is even moderately complicated and the keys are long enough, cryptanalysis is practically impossible.

Cryptology and Computers

Electronic computing has revolutionized cryptology. Computers make it practical to use mathematical and logical algorithms that otherwise are much too complicated and time consuming. Encryption and decryption algorithms can be put into integrated circuit chips so that this technology can be eco nomically applied anywhere. Yet governments are concerned that this will allow criminals to use modern communication and data storage methods without any fear of revealing their activities. Hence, consideration is being given to requiring that manufacturers include in encryption chips some facility for allowing authorized agents of the law to read messages encoded with them.

Computers have also brought cryptology into the home. As more and more everyday business transactions and personal communications are made at home by computer, personal privacy and transmission security have become everyone’s concern. Present-day problems of security in transmission are compounded not only by the increased number of users but also by the users themselves—and a cryptosystem can be only as good as its users. Many attacks on private systems are inside jobs, and even honest users weaken the security of cryptosystems simply through careless use, such as failure to log off.

Because of the Internet, huge quantities of highly personal information are sent through a network of communications all over the world. Transmitted data includes credit card and bank account information and e-mail correspondence, as well as sensitive company, military, and government information. Computer encryption systems provide the level of security that permits such large-scale transmission of data to be reasonably safe. Computer encryption programs use mathematical formulas to scramble data so that the code is extremely difficult to crack, thereby making cryptanalysis

very time-consuming, expensive, and, in the end, often unsuccessful.

Toward an Unbreakable Code

The Data Encryption Standard (DES), developed by IBM and adopted in 1976 as the federal standard, remains today as America’s official standard symmetric cryptosystem, although ongoing work on an advanced system may soon replace it. The DES is considered secure because it has a sufficiently large number of keys and encryption is done in eighteen steps, in each of which the bits are permuted and scrambled. Decryption basically involves running the entire eighteen-step process in reverse. An attacker would have to try so great a number of keys to crack the code as to make cryptanalysis infeasible.

Despite advances in cryptology, a known unbreakable code has yet to be discovered. From time to time, mathematicians and cryptographers have derived methods that they believed to be—or that actually were for a period of time—secure, but none has remained unbroken. However, as reported in newspapers across the country in March 2001, Harvard professor Michael Rabin has advanced a claim that he, along with his student Yangzhong Ding, has developed a mathematical proof that can be used to create a code unbreakable even by the most powerful computers.

In Rabin’s method, a stream of random characters generated by a computer disappears after it is decoded by Rabin’s mathematical proof, leaving nothing for a hacker to break and the method safe to repeat. Some professors have expressed reservations about the security of Rabin’s method, and even his supporters remark that no code will remain unbreakable for very long.

On the technological horizon, however, looms the eventual advent of quantum and DNA computers, which will be capable of performing multiple tasks at a speed not possible for today’s serial computers. Perhaps then cryptology will be able to boast of the discovery of a truly unbreakable code.

______________________________________________________________________________________________

Reference

Kahn, David.  The Codebreakers: The Story of Secret Writing, rev. ed. New York:  Scribner, 1996.

Cohen, Frank. “A Short History of Cryptography.” <http://al.net/books/ip/Chap2-1.html>.

“How Encryption and Digital Signatures Work.” Bionic Buffalo Corporation.<http://www.tatanka.com/doc/technote/tn0035.htm>.

“Introduction to Cryptography.” SSH Communications Security. <http://www.ssh.fi/tech/crypto/intro.html>.

Kozaczuk, Wladyslaw. The Origins of the Enigma-Ultra Operation. <http://home.us.net/~encore/Enigma>.

Sale, Tony. The Principle of the Enigma. <http://www.codesandciphers.org.uk/enigma>.