# Cryptography

#### Author: Kristin Davis

"Triple Locked" by Darwin Bell

Though Neal Stevenson's novel Cryptonomicon is fictional, its story of cryptography geniuses Lawrence Waterhouse, Alan Turing and Rudy von Hacklheber during World War II gives a very accurate account of the processes and drama experienced by these experts in their field. World War II fueled one of the greatest transformations in cryptography, and these three men were at the head of the changes. Cipher analysis had always been based off of knowledge of language, pattern recognition and frequency analysis, but Waterhouse, Turing and von Hacklheber shifted the focus away from language analysis and toward mathematical analysis.

In one of the turning points of the novel and cryptography history, Waterhouse discovers non-Enigma messages in the German U-boat U-553 that have stumped his analysts. After further examination, Waterhouse discovers that the code is made of a 32 letter alphabet. This number is significant because it is a power of two, meaning that each letter in the alphabet was first substituted by a number and then by a five character binary sequence. This type of code is called the Baudot code and was used by the Germans on teletype machines. The teletype machines converted 32 characters into five number sequences of 1's and 0's. These could then be represented by either holes or no holes on a strip of paper or could be transmitted by wire or radio through changes in electrical voltages to represent the 1 or 0.

By encrypting the Baudot code again through one time pads, the Germans further increased their security. What the Germans failed to realize was that their "random" one time pads were generated through an algorithm and where therefore only "pseudo-random." Though truly random one-time pads are impossible to crack, Turing and Waterhouse were able to design a precursor to the modern computer called Colossus that could find the weakness in the one-time pads.

Turing and Waterhouse's transformation from using frequency analysis to using formulas and computers to decipher a message marks a sudden change in cryptography history. Turing's first computers and the use of binary to encode messages would forever change the standard methods of cryptography. No longer was cryptography power based on weak letter based codes, but rather almost unbreakably powerful number based codes that would revolutionize cryptography less than a century later with public key encryption.

Though almost every American instinctively cringes at the mention of government limiting freedoms and invading privacy, I believe that often this invasion of privacy is a necessary evil to ensure safety. By limiting the DES, or Data Encryption Standard, to 56 bits or less for civilian business use, the NSA ensured that they would be able to crack an encryption through brute force if needed. Though this meant that businesses would be less secure, it also meant that the NSA would be able to investigate any dubious behavior by cracking the encryption. This is only a small example of the greater debate of privacy vs security. Unfortunately, it is almost impossible for a government to ensure both privacy and security; one must be greater than the other.

"Privacy" by Alan Cleaver

Though the business encryption of 56 bits is less secure than it could be, Singh states that 56 bits would be almost impossible for any civilian computer to brute-force break (250). Though some might argue that civilian computer power has increased to be able to break 56 bit encryption and the NSA has left businesses vulnerable, this is not true. Within the U.S., there is no restriction on the level of cryptography that one can use, and the only restrictions lie on exporting cryptography (Johnson 2002). This is because the NSA needs to be able to break encryption from possible terrorists or other groups that might want to harm the U.S. The government has even realized the weakness of DES and has encouraged a new encryption system called Advanced Data Encryption that can use up to 256 bits instead of 56 (Institute 2001). By increasing the standard encryption level, the NSA has shown that they are working to promote security for civilians, not intentionally limiting security to put people in danger.

A small amount of limiting of security, though it may put companies at risk, is a small price to pay to allow the NSA to, if necessary, break the encryption of data that would help protect the U.S. from a disaster that would cost lives. Though a break in security at a large company might cost them millions of dollars, the cost of lives lost from not being able to decrypt data is priceless.

Johnson, M. (2002, October 14). Where to Get PGP. Cryptography.org. Retrieved November 5, 2012, from http://www.cryptography.org/getpgp.htm#IS_PGP_LEGAL_

Institute of Standards and Technology. (2001, November 26). Federal Information Processing Standards Publication 197. Csrc.nist.gov. Retrieved November 5, 2012, from csrc.nist.gov/publications/fips/fips197/fips-197.pdf

No Chaos by Daniela Hartmann

In Little Brother, the main character Marcus Yarrow repeatedly uses cryptography to spread information without the DHS's knowledge while disguising it in the chaos of data. Though the characters are only teenagers, they certainly have moved past childish cryptography methods such as caesar ciphers or even vigenére ciphers.

To spread secret messages, the characters need an unbreakable cipher and a way to hide their communication. Instead of creating their own enciphering method, they use public keys that everyone can access. Though this seems counterintuitive, the method of using public keys is actually much safer than the best cipher someone could create on their own. Public keys have been tested and tried, while a secret key can either be discovered by a spy or cracked if weak enciphering methods are used. With public keys, you are more certain your cipher hasn't been compromised because everyone else would be compromised too. If you try to hide your key, you have no idea as to the strength of the key because no one has ever tried to crack it yet. The "so public it's private" double layering of information seems as though it would be easy to spot, but as Little Brother shows, the amount of data humans now have to process means it is becoming easier and easier to simply blend in with the noise.

Throughout the novel, instead of looking suspicious, the characters try to either make their patterns look as normal as possible or create so many false positives  that odd behavior becomes ordinary. This disguising of information combined with a public, computer encrypted cipher system allowed the characters to easily pass along information  without getting the attention of the DHS.

Though this seemingly contradictory approach to secrecy may seem unique to this novel, it has become the standard practice in the world today. Before and during WWII, secrecy of keys was of primary importance, but they were still either discovered or cracked. Today, the rise of computers has made it almost impossible to send messages the old way because computers can do thousands more calculations to decipher almost anything. By using tested public and private key combinations and by disguising the true message within the flood of data, as in Little Brother, messages can be easily sent and received without being compromised or even detected.

It is amazing to think that in the current age there are still mysteries waiting to be sovled. The progress of science has made so many advances and solved so many problems that it seems almost as if there can't be any mysteries left. Amazingly, after 100 years, the Beale ciphers have remained an uncrackable mystery. Considering the amount of resources, time, and manpower that has been spent on this two page cipher, it's very reasonable to say that if it hasn't been cracked by now, it might not ever be. Even though hundreds of people have tried, failed, and wasted years of their lives on this one cipher, people still believe that they will be the one person to figure out the mystery. The easiest explanation of this drive is simply greed. The one page of the Beale cipher that was decrypted referred to a buried treasure worth over \$20 million. That amount of money is tempting to any person, treasure hunter or not. Though the dollar sum itself is motivation, there is also another part to mysteries that drives people's need to figure them out. The human brain is naturally curious, and when things don't make sense we want to find a way to make sense of it. The desire to organize this chaotic world is why humans like to imagine the outline of a snake or a bear in the stars when they are really just randomly placed dots of light. Naturally contradictory, people at the same time love the mystery and suspense of a hidden buried treasure and love to make sense of nonsense. Though the Beale ciphers might really be impossible to crack, there will never be a shortage of people working to be that one person who solves yet another mystery of this world.

The Great Cipher, created by Antoine and Bonaventure Rossignol was, at its time, one of the greatest ciphers ever made. Cryptanalysists for 200 years worked to break the secrets hidden in the Rossignol's cipher, but it was only until Étienne Bazeries, a French expert in cryptography, spent three years tirelessly working on this cipher that it was finally broken. At that time, cryptanalysists had discovered the secret of frequency analysis to crack monoalphabetic substitution ciphers and had even discovered how to decipher homophonic substitution ciphers by looking at the unique character each letter in the English alphabet has.

The Rossignols' cipher built on these techniques but made cryptanalysis exponentially harder by making a few adjustments to the old techniques. The Rossignols, instead of assigning multiple numbers to the most common letters as in homophonic substitution, assigned multiple three digit numbers to the most common syllables. This made frequency analysis, though not impossible, much harder and more complex.

Bazeries, who finally cracked the cipher, was only able to discover their methods after three years of many trials and errors. Bazeries first thought the cipher might be a regular homophonic cipher, then perhaps a similar cipher with pairs of letters represented by numbers. After many months of educated guesses, Bazeries finally was able to discover one word, "les enemis," by using advanced frequency analysis but with French syllables instead of words.

This cipher was much harder to crack than its predecessors because of the use of syllables instead of letters. The Rossignols complicated their system even more by adding some numbers as syllables and some as single letters. They also made their cipher harder to crack by adding "traps" such as a number that represented no syllable or letter at all, but rather the deletion of the previous number. By increasing the layering of their cipher, the Rossignols were able to create a very complex cipher that effectively kept secret the information for over 200 years. Though even the Great Cipher was not impervious to the scrutiny of cryptanalysists, and all ciphers will eventually be figured out, the strength of a cipher is not measured by if it is able to be broken but how long it keeps the information safe.

There are two different types of scholarship: being able to learn and being able to discover. While almost anyone can be taught to accomplish a task, having the mental power to discover something that no one has ever thought of before takes ingenuity and a willingness to think outside the box that few people posses. Though people now might appear more intelligent than people hundreds of years ago, it is only because they have the resources to a greater wealth of knowledge and facts. This cumulative knowledge is why in the science of cryptanalysis what was once a task to be accomplished only by the finest minds of the age is now completed by common people. This occurs not because humans have evolved to become more intelligent but because it is easier and takes less time for a person to be taught how to do cryptanalysis than to have to discover how to do it. Even people who have not directly been taught to do cryptanalysis have access to a wider breadth of knowledge and experience than their ancient counterparts. Even simple things like being taught to count and recognize patterns helps people now to be able to decrypt things faster than people hundreds of years ago that never had practice in that kind of knowledge. Though humans may have greater access to the cumulative knowledge that we have amassed, it still takes the same amount of effort as before to discover new, never before thought of ideas. This is why, as in ancient times, there are only a handful of true leaders in knowledge but many followers.