The History and Mathematics of Codes and Code Breaking

Tag: weak cryptography

The Problem with Weak Encryption

In Chapter 1 of The Code Book, author Simon Singh states, “The cipher of Mary Queen of Scots clearly demonstrates that a weak encryption can be worse than no encryption at all.”  What this essentially means is that overconfidence with a cipher, especially a relatively weak one, can be dangerous in that it creates an illusion of privacy that may lead to careless communication.  This was problematic for Mary and continues to be problematic today.

The encryption method used by Mary and Babington was called nomenclator, in which both letters and common words are replaced with corresponding symbols in the ciphertext.  In their minds, that system was more than effective, but they were unaware of the advancements in cryptanalysis that were being made at the time which allowed Walsingham and Phelippes to decipher it.  As a result, Mary and Babington had the false impression that they could say anything to each other without their messages being understood if intercepted.  This ended up proving worse for them than if they had no encryption method at all.  Had that been the case, they would have consciously made efforts to be vague and discreet when discussing sensitive information because there would be an obvious threat of self-incrimination.  However, their blind confidence in the encryption masked that threat and led them to speak directly and openly about their plans to assassinate Queen Elizabeth.  When it turned out that Walsingham was able to decipher their messages, they were caught completely off guard.

The issue of reliance on weak encryption methods is arguably even more prevalent today in the digital age.  The internet allows more information than ever before to be accessible to more people than ever before, so weak encryption can pose extreme privacy and security risks.  That is why it is important to be careful what information you put online, even if it is protected by a password.  There is always a possibility that hackers can gain access to your personal info.  For that reason, it is important to utilize the best encryption methods, and even then, to avoid putting out sensitive information when possible.


The Dangers of Weak Cryptography

For one who is not well-versed in “cryptography,” hearing the word might simply bring to mind the language game Pig Latin. However, Singh is trying to convey, in layman’s terms, that cryptography is not a child’s game for all; in Mary Queen of Scots’ case, it was literally an instance of life or death. The issue at hand is that while encryption is meant to show that one’s guard is up, it actually creates a false sense of security when utilized poorly.

For instance, there has been a time in every person’s life when he or she whispered something to a neighbor in the hopes of keeping the message a secret. Unbeknownst to them, spectators who speak the same language were either able to eavesdrop and hear the secret or possibly even lipread bits and pieces. Yet, to the two that were whispering in their own world, it was as if they had been speaking a foreign language. Babington and Mary were in this same little world, where they had a false sense of reality and security. As Singh stated, this was honestly an unfortunate time for Mary to be communicating through cryptography because the first true cryptanalysts were emerging. The two did little to alter their patterns and believed that only they could read what was intended for one another. The problem is, in an ever-changing world, it is naive to think that one should not have to adapt to remain undiscovered. Like two people whispering, Babington and Mary let their guard down at a critical point of their mission

By trusting her basic encoding system at an essential turning point in the history of cryptanalysis, Mary left herself vulnerable to decryption and was caught openly aligning with the rebels attempting to free her. Had she been writing without encryption, she would not have directly given her blessing for the assassination. Singh wants other cryptographers to be aware that they cannot expect to simply lay encryption over their messages like some form of a safety blanket. If a message is truly meant to be a secret, cryptographers should work to ensure that their ciphers are unbreakable.

Powered by WordPress & Theme by Anders Norén