Cryptography is the science of hiding messages by encrypting them, systematically changing the letters or words into different letters, thus hiding the original meaning to anyone who does not have the 'key'. Cryptanalysis is the science of finding the key to an encrypted message and thus being able to read its original content. We will see various ways to encrypt text. What you should do is write the code to encrypt text and then email it to a partner who should write the code to decrypt it. He, meanwhile, can write an alternative method of encryption and send you a message for you to decrypt.
Example:
The encryption algorithm used here is known as a 'Caesar Shift' and is now considered childishly simple but its use was widespread in Europe until the 16th Century (see Simon Singh's book for more details). It was not until this time that cryptanalysis caught up with cryptography and more sophisticated techniques had to be found. We now know that we can decrypt messages encoded by a mono-alphabetic shift by applying rules such as finding the most common letters (e, t, a, etc.), finding pairs of letters (ee, ss, etc.), finding short words (I, a, at, the, etc.) and by noting the position of letters (e follows h far more often than h follows e).
The algorithm is as follows:
Here are the functions:
function encrypt(s){
var astr=''; var e,f;
for (var i=0; i<s.length; ++i){
e=s.charCodeAt(i)+1;
f=String.fromCharCode(e);
astr+=f;}
document.encryption.encrypted.value=astr;
}
function decrypt(s){
var astr=''; var e,f;
for (var i=0; i<s.length; ++i){
e=s.charCodeAt(i)-1;
f=String.fromCharCode(e);
astr+=f;
}
The encrypt() function scans the string s in a for loop, extracts the numeric code of each character and adds 1 to it (e.g. 'a'=97, +1 = 98 or 'b'). The character value of the new code is then found and appended to a string.
Note the use of the String object functions charCodeAt() and String.fromCharCode(). charCodeAt is called as a method of the string defined in the function (s) and takes the current position in s as its parameter. fromCharCode is a static method, it does not need a declared string object (such as s), it works with the String statement.
The English alphabet provides 25 variants of the Caesar shift, 'a' can be mapped to any of the other 25 letters by adding 2, 3, 4, etc. instead of 1. In Caesar's time it was enough to perform a 'monoalphabetic shift' of this nature to confound any would-be reader of encrypted secret messages. It was the Arabs of the 10th Century who discovered ways to 'crack' codes of this type and who pushed cryptographers to devise increasingly elaborate methods.
The letters might be scrambled rather than shifted in a regular fashion and a phrase might be used the key, for example:
darling buds of May
A letter may only occur once in a key, and spaces not at all so this will have to be amended to:
darlingbusofmy
This key might be used as follows:
| a | b | c | d | e | f | g | h | i | j | k | l | m | n | o | p | q | r | s | t | u | v | w | x | y | z |
| x | z | d | a | r | l | i | n | g | b | u | s | o | f | m | y | c | e | h | j | k | p | q | t | v | w |
However complex the scrambling of letters this substitution cipher is still open to analysis by relatively simple means:
Look for the most common letters - e, t, s, a
Look for single letter words ('I' in capitals and 'a') - though a modern text
message may include 'c u l8tr'
Look for two letter words such as 'it', 'is', 'in', 'at', 'as', 'on', 'to', etc.
Look for common words such as 'the' and 'and'
Look for pairs of letters which might be 'ee', 'ss', 'tt', 'oo', etc.
When you have identified, using these methods, letters such as 'e', 't', 's' and 'a' you will be close to solving the cipher as a whole. Scrambling the letters may prevent you from writing the key straight out from just one known letter but it should not delay you long.
For an example of a more complex substitution cipher click here.
One method you can try to encode in program code is the 'rail fence' where the message is split into two parts by taking alternate letters from the original and adding one block of letters to the end of another:
'this is a secret message' becomes:
t i i a e r t e s g h s s s c e m s a e
The 'uncrackable' ("indéchiffrable") cypher was devised by Vigenère in the 16th century. A 'Vigenère square' is a list of all possible letter shifts in a given alphabet. In English the first few lines are:
B C D E F G H I J K L M N O P Q R S T U V W X Y Z A
C D E F G H I J K L M N O P Q R S T U V W X Y Z A B
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
etc.
Cryptographers had known for centuries that they could encode a message with any one of these single shifts and they could make things more difficult by applying double and triple shifts. Where Vigenère triumphed over other code makers was in the ingenious use of keys so that each word in a message could be encrypted by a different key. Say it's a Monday in August so we make the key 'UGUSTMONDY' (avoiding the A row which would be plain text). We now encrypt the first word of the message with the row beginning with 'U' in the Vigenère square. The next word is encrypted with the G row, and so on. This code proved very strong for centuries after Vigenère's death but today it is not regarded as safe, as it is susceptible, after some hard work, to the same methods of analysis described above.
You should now write the code for encrypting a message with the Vigenère square. The fact that you can encrypt and decrypt messages at high speed shows how computers have transformed the science of cryptography.
All cryptography, at least up to the 1970s, is open to the problem of key distribution. Messages may be encrypted in such a way that they are secure from cryptanalysis within a reasonable time period, but the legitimate recipient of the cyphertext (coded message) must have the key as well, or else he cannot decrypt it either. In warfare much effort has been put into finding out the enemy's encryption keys so that messages may be read and action taken accordingly. The side with knowledge of an enemy's keys should not react too obviously to the decrypted messages otherwise his knowledge will become obvious and the enemy will change them. This means that one side may have to choose which parts of its army must fight on in ignorance, and suffer losses, to protect the precious knowledge.
Similarly, financial institutions like banks have come increasingly to rely on electronic transfer of funds, for which there has to be a secure key for encryption before transmission. By the 1970s banks were sending couriers around the world with heavy briefcases containing the keys for the next week or so, but this could not continue as the number of transmissions grew. A German-American by the name of Horst Feistel devised a method of encryption (known as 'Lucifer') which was almost impossible to crack, but it still required both sender and receiver to have the key. Such codes are known as 'symmetric codes' because they involve encoding and decoding with the same key. However strong the encryption such methods still suffer from the problem of key distribution.
The computer age suffered the key distribution problem as well, until it was solved in the 1970s. If I want to send an encrypted message to someone I need to tell that person what my key is, but how can I do this? It's no use encrypting the key because I still need to have to send the key for this. How do you get your key to someone without risking its theft during transit? With the growth of e-commerce and the transmission of credit card details across the Internet this would be a genuine problem if it weren't for public key cryptography.
First, an analogue example. Suppose you have a box with a valuable gift which you want to send to a friend far away. You place a lock on the box which keeps it secure but how do you get the key to your friend so she can open it? It is unthinkable that you send the key so what do you do? The solution to this problem leads to public key cryptography by public exchange of keys.
The breakthrough in key distribution was made in America by Whitfield Diffie, Martin Hellman and Ralph Merkle, and also in England by James Ellis, Clifford Cocks and Malcolm Williamson, though the three Englishmen did it in secrecy at GCHQ, Cheltenham. Diffie tried for some time to find an algorithm which would allow keys to be distributed publicly without compromising the privacy of the encrypted message. A version of the key exchange method he and his colleagues published in 1975 was based on the function Yx (mod P). It works like this:
Thus Alice and Bob have generated the same key which is private to both of them because it is derived from their own private numbers. They can use this key (9) to encrypt and decrypt their messages without sending it to each other, though they do need to send the other numbers, 7 and 11. The information which is transmitted is of limited help in discovering the key so the function is a 'one-way function', it is easy to perform in one direction but much more difficult to reverse. They can use this key to encrypt their messages, safe in the knowledge that they can each decrypt a message with a key which no one else knows. A key such as 9 would not, of course, be very secure but computers can generate and transmit much larger keys, which are secure. (Have you figured out how to send the box yet?)
The work of Diffie, Hellman and Merkle was a breakthrough but it was not a perfect solution for electronic communication because numbers had to be exchanged before a key could be found. A better solution was discovered by Ronald Rivest, Adi Shamir and Leonard Adleman and the method became known as 'RSA'. The one way function found by Rivest, Shamir and Adleman was multiplication of very large prime numbers which is easy to perform but very hard to reverse - it takes a long time to factorise large primes. This method was prized by the 'intelligence community' and has been made available to the public through the 'Pretty Good Privacy' company of Phil Zimmerman.
All of these Americans have become wealthy from their research and discoveries but the same methods were discovered around the same time in England at GCHQ in Cheltenham by a man called Clifford Cocks. His discovery, equal to that of the Americans, was kept a secret, was not patented and made no money for the British, though their codes afterwards, the last years of the Cold War, would have been secure. The maths of RSA are more involved so you will have to look them up elsewhere.