An ideal secret communication channel is very simple. Picture a dedicated and impenetrable pipe. Alice is at one end, Bob is at the other. Alice wants to send Bob a private message. She whispers into her end, Bob hears it from his. Nobody else can listen in, look inside, or alter the message. This pipe provides the perfect medium from a security perspective – available only to the sender and receiver.
Such a channel does not exist in real life. Parties tend to communicate over a public network such as the Internet. The goal of cryptography is to recreate the conditions in Alice and Bob’s length of pipe in a public network. This means both hiding the content of a transmission from an adversary and authenticating that messages really did originate with the sender and not from or modified by any adversarial forces.
Today, information is transferred across public networks in unprecedented quantity and through an increasingly diverse array of physical and digital channels. While the large majority of these messages are not life and death if intercepted, the information they contain can be extremely valuable. Cryptography protects everything from your credit card details when you shop online to your government's national secrets. This provides a great incentive for those with low morals and sticky fingers to get their grubby hands on it.
This massive quantity of information presents an often-bewildering array of challenges to cryptographers. The evolution of cryptography is driven by the constant development of new code-breaking techniques. Every time someone finds a way to break an encryption method, cryptographers must move one step forward too. This requires tremendous resources and skill, as reflected by the high average salaries that cryptographers now command (between $82,000-$146,500).
For the majority of its history though, cryptography has not been treated as a science but as an art. The recent advent of digital technologies has changed this, heralding a new, more disciplined approach akin to legitimate science. It is also, by necessity, more open. Modern cryptography blends computer and communications security, with end products that are practical and freely available. Encryption has been democratised, and blockchain technology is the logical consequence of thousands of years of evolution – both in terms of the technology and theory around it.
In this three-part series, we chart that journey.
Where it all began
The word 'cryptography' comes from two Greek terms. 'Krypto' means 'hidden' and 'graphene' means writing. It is, quite literally, the art of hiding writing from prying eyes.
The first example of ‘hidden writing’ was discovered in the tomb of an Ancient Egyptian noble named Khnumhotep II around 1900 BC – approximately 3,900 years ago. Written in the tomb were a number of unusual hieroglyphic symbols, which Egyptologists believe were designed to obscure the original meaning. Their purpose is not generally believed to be to conceal information. Rather, it was highly-stylised funerary language designed to enhance its linguistic appeal.
Recorded incidents of cryptography as a means to protect sensitive information do not occur until another 400 years later. A Mesopotamian scribe in 1500 BC employed cryptography to conceal a formula for pottery glaze, which was used on clay tablets. These tablets employed a simple substitution cipher, which works by substituting each letter or symbol in a message for another based on a particular rule – in this case, one cuneiform symbol was replaced by another.
Cryptography has also been documented in early civilisations such as India. The "Arthshashtra", a classic work on statecraft written by Kautalya, describes the espionage service in India and records assignments being given to spies in "secret writing".
The first military use of cryptography was developed by the Spartans in the 5th century BC. They created a displacement system – a device consisting of a wooden roller of a certain thickness and a papyrus or a thin, leather band that was bent around the cylinder. The hidden message was written over the roll along the roll, and then the strip was unwound from the cylinder and transmitted to the desired target. Here, the diameter of the cylinder served as a key to the encryption and resolution of the text.
The Caesar cipher
Despite the arrival of displacement systems and other methods, the substitution cipher was by far the most common method of encryption employed by early cryptographers. Today, even the more complex are relatively easy to solve, but back when literacy levels were lower it was almost impossible.
The Atbash cipher, for example, is a substitution cipher originally used by Hebrews in which the first letter of the alphabet is replaced with the last letter, the second letter is switched with the second to last, and so on. I.e. all 'A's are replaced with 'Z's, all 'B's are replaced with 'Y's.
The most famous example of its use, however, is the Caesar cipher. The Caesar shift cipher was developed in 100BC by Roman generals so they had a way to pass messages to each other and receive instructions from their leader without the enemy intercepting it. In this case, each letter was replaced by the one three places after it in the alphabet.
The first crypto-analysts
The Caesar cipher was eventually broken through a method of code breaking known as frequency analysis.
Frequency analysis was developed by Arabic mathematician and philosopher Abu Yusuf Al-Kindi in around 850 AD. A librarian by trade, Al-Kindi is widely considered the first code breaker and he wrote ‘Manuscript on Deciphering Cryptographic Messages’.
His breakthrough destroyed the security of existing encryption systems, in particular the substitution cipher. He realised that the letters of the alphabet appear with varying frequencies in written text, e.g., on average E accounts for 12.7% of letters in an English text, whereas J, Q, X and Z combined add up to less than 1%. If encryption involves substituting each letter for a different one, then the new letters will take on the frequencies of the letters that they actually represent. Al-Kindi believed that codebreakers should therefore count the frequencies of letters in an encrypted text, and then identify their true meaning according to how often they appeared, e.g. the most common letter probably represents E.
Throughout the Middle Ages, cryptography became increasingly important. Despite Al-Kindi’s work in cracking them, substitution ciphers remained the standard. This was particularly true in Europe, which lagged behind the Arab for centuries. It wasn’t until the 13th century that Italian city-states and the Vatican began developing their own systems, and it took until the 15th century for cryptography to really get going in the west – leading to a host of developments.