ENCRYPTION

The Internet is an open and interconnected system that is both a boon and a hazard to businesses and consumers. On one hand, it makes the act of shopping, comparing, and purchasing extraordinarily quick and convenient. On the other hand, with so many people able to access information and potentially misuse it, there are justified fears of transferring sensitive information, such as credit card numbers and purchasing habits, over the Internet. To eliminate the hazards so that the benefits of e-commerce can be more widely enjoyed, encryption was developed. Encryption is the scrambling of sensitive information, such as credit card numbers, personal information, legal documents, confidential records, and even personal communications, in such a way that only authorized persons or organizations are able to decipher it.

Encryption is the fruit of cryptography, the study of codes and ciphers for the guarding of secret information. While crude (by contemporary standards) encryption methods have existed for centuries, modern encryption typically involves processing the concerned information with one or more mathematical algorithms using sophisticated computer technology, which allows for vastly more complex, and thus stronger, encryption schemes. However, while encryption technology has developed rapidly over the years, particularly in the 1990s and early 2000s, so have the skills of those who would seek to break encryption codes to steal, tamper with, or otherwise illicitly access sensitive data. As a result, the development of ever more impenetrable encryption methods amounts to an arms race between those aiming to protect information and those aiming to compromise it.

Encryption has a long and contentious history, pitting governments concerned with the security of unclassified domestic documents and information against technological libertarians, businesses, and privacy groups pushing for more open systems of encryption use and commerce, particularly in the international arena. By the 2000s, the latter groups were slowly emerging victorious in these debates, as the potentials of e-commerce gradually convinced governments to relax restrictions on the sale and export of encryption technologies. As a result, encryption was moving to its expected place as a key element in the development of e-commerce, finding increasing prominence in online transactions by way of digital certificates and digital signatures.

POPULAR ENCRYPTION TECHNOLOGIES

Countless encryption schemes were used throughout the world for commerce, communication, and other purposes. However, only a small handful achieved particular prominence through the 1990s for use over the Internet in general, and in conjunction with e-commerce in particular. At the top of the list was the RSA encryption system, developed by Ronald Rivest, Adi Shamir, and Leonard Aldeman in the late 1970s at the Massachusetts Institute of Technology. RSA went on to become one of the most widely used and best-known encryption systems, programmed into such major software packages as Windows, Quicken, and Netscape Navigator. The CEO of RSA Security, Joe Bidzos, who had long been one of the encryption industry's foremost proponents and a champion of the relaxation of export restrictions, went on to found the RSA spin-off VeriSign in 1995. VeriSign was the leading digital certificate authority through the late 1990s, highlighting the connection to e-commerce. Meanwhile, RSA's encryption software appeared on more than 450 million computers worldwide.

Security Sockets Layer (SSL), a public-key encryption scheme widely used in client-to-server applications, was developed by Netscape and was supported by both Netscape and Microsoft browsers. Identified in commercial software by the small gold lock symbol that appears upon loading a Web page secured by SSL, the scheme was employed for the transmission of personal identification numbers (PINs), credit card information, and passwords, among other things. However, SSL suffered from its complex computation system, which prolongs the time it takes to perform the encryption and decryption processes.

Another popular encryption technology was Pretty Good Privacy (PGP), developed by Phil Zimmerman and released in 1991. PGP was hailed for its easy-to-use format and strong encryption. PGP actually was targeted by government investigators on suspicion of violating export restrictions in the mid-1990s, though the government dropped its case in 1996. Shortly thereafter, PGP Inc. was launched to commercialize the software. After Network Associates purchased PGP, Zimmerman continued to develop the encryption scheme to more widely adapt it to emerging technologies and ripen it for e-commerce applications.

Over the years, a number of file encryption products became available on the market. Most were geared toward individual users seeking to protect information on their hard drives, rather than companies operating over a large network. These programs, such as Symantec Corp.'s Norton Your Eyes Only, encrypted individual files or hard disks and required personal passwords to access them. However, according to Network Computing, these were often seen as excessively cumbersome, particularly for the office setting, since in order to fulfill their function, they required users to remember to encrypt files each time they use them and avoid leaving unprotected copies elsewhere on their hard drives. Moreover, in an office, recovery of data following an employee's departure was crucial, and not always feasible with such programs since they usually lacked data-recovery features. By the 2000s, software programs such as Windows 2000 came equipped with automatic encryption schemes, in which users only needed to set a specific attribute to save encrypted data in a specified, central location on the computer's hard drive. Alternatively, such programs could encrypt data onto a company server and allow only those with authorized access to the files to decrypt them.

CUTTING-EDGE ENCRYPTION SCHEMES

Encryption system developers never gave up on the possibility of an entirely unbeatable encryption code. In 2001, Michael Rabin of Harvard introduced an outline of his "hyper encryption" program. Although the feasibility of such a system was hotly contested, Rabin's notions were highly intriguing to cryptographers and policy analysts. Hyper encryption involves the generation, perhaps by satellite, of such a large quantity of random numbers that no storage system could possibly retain and interpret them. The involved communicators settle on a method of retrieving certain numbers, which are then used to decrypt the information. Immediately upon encrypting or decrypting, their computers then discard the numbers. In this way, in the event that a hacker is able to intercept a message and discover the method by which the random numbers were picked from the stream, he or she would still be without the crucial numbers themselves, and thus would be unable to decrypt the information. Also on the horizon was the development of quantum cryptography, which combined high-tech encryption technology with the latest developments in quantum physics for unbeatable encryption. However, by the early 2000s these were mere promises.

ENCRYPTION IN THE E-COMMERCE ARENA

In the 2000s, encryption was the preferred method of disguising and protecting information during Internet transactions. Encryption was at the heart of many of the key technological breakthroughs furthering e-commerce. In particular, it served as the cornerstone of digital certificates and digital signatures, which were increasingly used to authenticate, secure, and sign electronic documents on the Internet using public-key encryption. Public-key encryption refers to an open encryption system in which a number of individuals maintain a public key or code to encrypt documents, but where only one entity retains the private key that can decrypt them. In an e-commerce transaction, for instance, the online merchant maintains the private key while its customers use the public key.

In 2000, RSA's Bidzos won the praise of Ed Hart, the former deputy director of information security at the U.S. National Security Agency (NSA), for laying the foundation for the commercial encryption industry in the 1980s, and for having the prescience of the importance of encryption technologies for the development of electronic business. Lynn McNulty, a former official at the National Institute of Standards and Technology (NIST) told Computer Reseller News that Bidzos "almost single-handedly commercialized the use of public key encryption." Bidzos had long insisted, since his early days at RSA in the mid-and late 1980s, that the commercialization of and relaxed export controls for encryption technology was crucial for the commercialization of the Internet and the development of e-commerce, long before most businesses, let alone consumers, had even heard of the Internet.

THE DEVELOPMENT OF ENCRYPTION STANDARDS

The NIST adopted the Data Encryption Standard (DES) in 1977. DES was designed in the realization that individuals, including those outside of the spying racket, needed to protect their sensitive information, even though it wasn't classified. Over time the private sector came to adopt DES and, especially, its younger and stronger cousin, Triple DES. DES earned its share of critics over the years. A common complaint was that the relatively short 56-bit key wasn't as strong as it could have been. The most cynical of such critics, according to Communications of the ACM, even surmised that the National Security Agency may have purposely left the encryption standard fairly easy to decrypt so that it could view DES-encrypted documents.

For many years encryption technology was the jurisdiction of the NSA. The U.S. government was, in fact, one of the biggest foes of the spread of strong encryption technology, and cryptographers battled with the government for years to open up the playing field. The main focus of this battle was over the length of encryption keys. A 1992 agreement between the government and industry groups allowed encryption algorithms utilizing no more than 40 bits to be exported, which ruled out those algorithms conforming to DES. As a result, the allowable encryption technologies were generally weaker than those that had become commonplace within the United States, and weaker than what most industry experts felt was necessary at the time to adequately safeguard information.

Particularly after the opening of the Internet, the 56-bit DES began to show its age, culminating in its cracking, as part of a test of DES, in 1998 by a computer built especially for the task by the Electronic Frontier Foundation. Two years earlier, the National Research Council report on cryptography called for the relaxation of export restrictions, but no action had been taken. Moreover, as a sign of its time, DES was geared more specifically toward use with hardware. NSA scientists had not anticipated the proliferation and importance of software.

Realizing that the old standard had realized its value, the Clinton administration used the occasion of DES's cracking to announce that the United States would at last relax the restrictions on the export of encryption technologies. In 1997, seeing the writing on the wall, NIST began seeking out a new encryption algorithm that could replace DES as the official encryption standard for government computers. The private sector, both inside and outside the United States, was expected to adopt the new standard as well.

In October 2000, NIST finally settled on its choice for the Advanced Encryption Standard (AES).The requirements for the AES competition, which involved dozens of contestants worldwide (a signal that the United States was committed to an open, international standard after years of protectionism under the NSA), demanded that the new standard incorporate 128-, 192-, and 256-bit encryption; demonstrate versatility and flexibility across platforms; consistently maintain high speeds of encryption and decryption; and exhibit an exceptionally high degree of impenetrability. The winning algorithm, called Rijndael, was designed by Belgian cryptographers Vincent Rijmen and Joan Daemen.

GOVERNMENTAL CONTROL: SECURITY VS. FREEDOM?

The ability to break codes and intercept secret information was a crucial element of security work for many countries, including the United States. For that reason, many governments were wary of allowing their domestic encryption products to be exported and proliferate throughout the world, where they conceivably could fall into enemy hands and make international eavesdropping especially cumbersome.

According to Federal Communications Law Journal, the Clinton administration, which was the first to deal with encryption policy in the age of e-commerce, initially ruffled the feathers of privacy advocates and industry proponents by proposing the "Clipper Chip" initiative in 1993. Developed by the National Security Administration, the Clipper Chip used an algorithm called "Skipjack," a classified code that would have allowed the government to access classified information. The proposal failed, as did three subsequent Clipper Chip movements. All included measures to tightly restrict the export of encryption technologies.

By the 2000s, protection of encryption technology in the name of national security was falling out of favor among governments and especially businesses. This especially was the case in the United States. For one thing, technology had advanced to the point where encryption systems were common throughout the world, and governmental impediments to the export of encryption was thus seen as a fruitless policy. However, more important to many business leaders was that encryption had become a big business, one that played a key role in global e-commerce. Thus, in order to remain competitive in this burgeoning world market, businesses needed to be free to market their technologies across borders.

In 2000, the Washington, D.C.-based Electronic Privacy Information Center (EPIC) released a study entitled "Cryptography and Liberty 2000: An International Survey of Encryption Policy." The study reported that governments around the world were slowly coming to perceive the commercial value of encryption technology and its importance in the growth of many industries, particularly in the broad field of e-commerce.

While many governments, such as those of Pakistan, China, and Russia, maintained some form of control over encryption use and exportation, the trend by the 2000s was certainly blowing in the other direction toward greater openness and proliferation of strong encryption schemes. In this movement, governments may have to adjust their security strategies to compensate for the inevitable loss of some information in the interests of enjoying the benefits of and staying competitive in e-commerce.

FURTHER READING:

Black, Tricia E. "Taking Account of the World As It Will Be: The Shifting Course of U.S. Encryption Policy." Federal Communications Law Journal, March 2001, 289.

Dugan, Sean M. "e-Business Innovators: Phil Zimmerman, Security." InfoWorld, October 9, 2000, 64.

"Electronic Security Technology Roadmap." Power Engineering, November 2000, 37.

Gingrich, Newt. "Bush Faces Two Top IT Challenges." Computerworld, January 15, 2001.

Harrison, Ann. "Feds Propose New Encryption Standard." Computerworld, October 9, 2000.

——. "Web Outpaces Crypto Rules." Computerworld, April 10, 2000.

Landau, Susan. "Designing Cryptography for the New Century." Communications of the ACM, May 2000.

Levy, Steven. "An Unbreakable Code?" Newsweek, March 5,2001.

Messmer, Ellen. "Crypto Proposal Faces Long Journey." Network World, October 16, 2000, 33.

O'Mara, Debora L. "Encryption Stands Tough in PC Security." Security, December 2000.

Savage, Marcia. "Jim Bidzos: The Security Warrior." Computer Reseller News, November 13, 2000.

Stijns, William, and Mark Gunton. "Safe from Prying Eyes." World Trade, September 2000.

SEE ALSO: Advanced Encryption Standard (AES); Cryptography; Data Encryption Standard (DES); Digital Certificate; Digital Certificate Authority; Digital Signature; Digital Signature Legislation; Electronic Frontier Foundation; Electronic Privacy Information Center (EPIC); Privacy: Issues, Policies, Statements

Cipher Pad

█ LARRY GILMAN

A cipher pad is a printed list of cipher keys, each intended to be used for the encipherment and decipherment of a single message. Cipher pads (also termed one-time pads) are closely related to one-time tapes and stream ciphers, which are discussed below.

A key is a string of letters or numbers that is needed to correctly encipher or decipher a message. Each distinct key produces a unique ciphertext from a given plaintext (and vice versa). Both sender and receiver must therefore, know the key associated with a specific message if the message is to be successfully enciphered and deciphered. As long as the key remains unknown to an opponent, the enciphered message is secure. If an opponent, however, does manage to steal or guess the key—for example, by systematically trying out all possible keys—then they will have broken the cipher and can decipher the secret message. Another weakness of ordinary key-based ciphering is that the more text is sent using a single key, the easier it is for an opponent to deduce the key by analysis of intercepted messages.

These facts suggest two basic rules of key use: (1) Change keys often. This prevents an opponent from building up a large mass of text, all enciphered by the same key, which can be used to deduce the key. (2) Use long keys. This makes it impractical for an attacker to find the right key by pure guessing. For example, if the key is a 56-bit binary number (as it is for the Data Encryption Standard, a U.S.-government-designed ciphering system widely used since 1977), then there are 2⁵⁶ > 7.2 × 10¹⁶ possible keys.

A cipher-pad system takes key changing to a logical extreme by using a different key for every message. The keys used are, furthermore, long enough to keep an opponent from simply guessing at them. These selected keys are printed in a book (the cipher pad), the pad is distributed to all senders and receivers, and the keys in the pad are used up one by one as messages are sent. This has the disadvantage that only a limited number of messages can be sent before a new cipher pad must be printed and distributed. Also, as with codebook systems, there is always the danger that a copy of the book will be captured. For these reasons, printed cipher pads have not often been used.

Principle of ciphering. The cipher-pad principle is important, however, when combined with the following fundamental principle of ciphering: A cipher employing a key that is at least as long as the message itself and is never used for any other message can be made truly unbreakable. This is easy to verify: imagine a message 50 letters long that has been encrypted using a key 50 letters long. To guess the correct key means trying out all possible 50-letter strings. Even if this were practical—and it is not, for there are 26⁵⁰ > 10⁷⁰ such strings, more than the number of atoms in our galaxy—generating all keys 50 characters long is the same thing as generating all messages 50 characters long. Generating all possible messages is the same as simply guessing at what the message is, which is the same as being unable to break the cipher.

The first mechanized application of this principle was the one-time tape system, invented early in the 20th century by U.S. cryptologist Gilbert Vernam (1890–1960) and perfected by Major Joseph Mauborgne of the U.S. Army in 1918. In this system, a message is encrypted as a series of punched holes on a long paper tape. The holes on the message tape are a function of both the message and a randomly generated key (character string) that is as long as the message itself. The key is stored on one tape and the message on the other, and both tapes are shipped by different routes to the intended recipient. The tapes are read simultaneously by a machine that outputs the deciphered text. There is an obvious disadvantage to this technique: the need to send the key. This rules out any kind of telecommunications, for if an enemy intercepted both the key sequence and the message sequence they could decipher the message. Thus, only a perfectly secure transmission channel can be trusted with such information. If the transmission channel is perfectly secure, then there is no need to cipher. The one-tape system is thus, limited to situations in which physical transport of messages is practical.

This limitation is overcome in modern communications by the use of pseudorandom numbers. A truly random number sequence is one that contains no overall structure or pattern; a pseudorandom number sequence is one that looks like truly random sequence but is in fact produced by a series of arithmetical calculations that can be repeated at will. Pseudorandom number sequences are easy to generate in digital computers using arithmetical procedures termed pseudorandom number generators (PNGs). The bits produced by a PNG can be strung together into a stream that is as long as any desired message. This stream of bits is termed "the cryptographic bit stream" or "key-stream." A message can then be encrypted by performing the EXCLUSIVE OR (XOR) operation pairwise on bits from the message-stream and the key-stream. The XOR operation for two bits is defined as follows:

The following is a message-stream, a key-stream, and the encrypted bitstream produced by XORing the message-stream and the key-stream together:

Message-stream:     1 0 1 1 0 0 0 1

Key-stream:      0 1 0 1 0 0 1 1

Encrypted bitstream:   1 1 1 0 0 0 1 0

It is easy to verify that each bit in the encrypted bitstream is the XOR of the two bits above it.

The XOR function is used for encipherment because it has the following useful property: the XOR of the encrypted bitstream and of the key-stream recovers the message-stream.

Encrypted bitstream:   1 1 1 0 0 0 1 0

Key-stream:       0 1 0 1 0 0 1 1

Recovered message:   1 0 1 1 0 0 0 1

In the example above, it is easy to verify that each bit in the recovered message is the XOR of the two bits above it. Because cipher systems of this type work on streams of bits, they are termed stream ciphers.

The discussion so far assumed that the receiver of the encrypted message has access to the same key-stream as the sender. In a cipher-pad or one-time-tape system, agreement on the key sequence is assured by sending the key (on paper or some other medium) to both ends of the link. In a stream cipher, it is assured by generating the key-stream at both ends of the link. Because the pseudorandom bits of the key-stream are generated by a PNG, both ends of the cipher link need only start their PNGs at the same point in its series of operations to generate the same key-stream. This can be accomplished by transmission to the receiver of a group of numbers termed a "seed" or "initializing vector."

Quantum cryptography. Weak points exist even in this system. For example, all PNGs start to repeat themselves eventually, and so do not produce truly random numbers. Also, the initializing vector must be known somehow at both ends of the cipher link. The answer to these difficulties may be resolved using quantum cryptography. In quantum cryptography, stream ciphering returns to the old idea of sending a key-stream along with the message. However, the key-stream is not sent on a paper tape or even as a conventional digital message. It is generated by the sender as a series of truly random subatomic events and shared by the sender and receiver using pairs of "entangled" photons that cannot, by the most fundamental laws of physics as they are now understood, be intercepted without revealing the presence of the eavesdropper.

Real-world quantum-cryptographic systems are being developed rapidly, and proof-of-concept systems have already been built. Thus, there seems to be no basic obstacle to the development of truly unbreakable quantum-cryptographic systems, the ultimate development of the cipher-pad concept.

█ FURTHER READING:

BOOKS:

Meyer, Carl H., and Stephen M. Matyas. Cryptography: A New Dimension in Computer Data Security. New York: John Wiley & Sons, 1982.

Mollin, Richard A. An Introduction to Cryptography. New York: Chapman & Hall, 2001.

PERIODICALS:

Bennett, Charles H., and Peter W. Shor. "Privacy in a Quantum World." Science no. 5415 (1999): 747–748.

SEE ALSO

Codes and Ciphers
Quantum Physics: Applications to Espionage, Intelligence, and Security Issues

Cipher Machines

█ LARRY GILMAN

A cipher machine is a mechanical device that assists in the production of ciphertext from plaintext and vice versa. In this broad sense, any mechanical aid from a cipher wheel to a supercomputer can qualify as a cipher machine; however, the term is usually reserved for devices that are fairly complex and that operate on mechanical or electromechanical rather than on electronic principles.

Before World War I, ciphers were implemented using either marks on paper or simple aids such as cipher wheels. After the war, a number of inventors in various countries produced cipher machines that transferred the complexity and tedium of ciphering to a mechanism. These machines allowed the operator, who might be completely ignorant of the cipher's nature, to simply type at a keyboard or enter characters one by one by moving a wheel with their fingers. If plaintext (ordinary written language) was entered into such a machine, ciphertext (apparently random characters) was produced; if ciphertext was entered, plaintext was produced. Cipher machines made it possible to cipher and decipher large numbers of messages with less training for personnel, fewer errors, and higher speed.

Many cipher machines invented in the post–World War I period employed as their key component the scrambler disk or rotor. The typical rotor is a disk a few inches in diameter, with letters and numbers printed around its rim and embedded wires connecting one side to the other. Matching points on opposite surfaces of the disk correspond to the same alphanumeric characters, and each wire running through the disk corresponds to one character to be enciphered or deciphered. By connecting one point on surface A of the rotor—say, the point corresponding to the letter M—to a different point on surface B—say, the point corresponding to the letter Z—the rotor implements a fixed substitution cipher (i.e., replaces every character by some other). In this example, M is enciphered to Z and Z is deciphered to M (or vice versa).

The substitution cipher built into the wires of a single rotor is a trivial one. What the inventors of the rotor-based cipher machines realized was that by lining up multiple cipher disks and continually rotating them as a message was enciphered or deciphered, they could produce much more formidable ciphers. For instance, three rotors could be stacked or aligned so that surface B of rotor 1 met surface A of rotor 2, while surface B of rotor 2 met surface A of rotor 3. Each letter of the input (at surface A of rotor 1) then follows a tortuous path through the wiring of all three disks to the output (at surface B of rotor 3). If the rotors are shifted upon encryption or decryption of each and every message character, the encryption/decryption path is not only tortuous, but also changing. A degree of cipher security that was essentially impossible with pencil-and-paper ciphering was made possible by such machines.

The rotor principle was discovered independently by inventors in several countries, the most famous being German engineer Arthur Scherbius (1878–1929). Scherbius invented a three-rotor cipher machine, the Enigma, in 1918 (the last year of World War I). Scherbius tried unsuccessfully to sell his machine to commercial buyers, but he was ahead of his time; corporations did not begin to use encryption widely until the 1960s. Enigma was, however, purchased by the German government in 1926. At that time, Germany was busy rebuilding its military forces after its defeat in World War I and the humiliating terms of the Treaty of Versailles. Furthermore, the German military leadership had become aware that their pencil-and-paper field cipher, the famous ADFGVX cipher, had been broken by French cryptographers only a few months after its deployment in 1918, leading to at least one significant military defeat for the Germans. In order to prevent a repetition of the ADFGVX debacle, the Germans switched to Enigma as their primary system for secret communications.

The different branches of the German military also employed slightly different models of the Enigma cipher machine. In 1943, the German military deployed the SZ42 cipher machine for use over 26 crucial communications links. The SZ42 employed the stream-cipher technique, in which identical key-streams of pseudorandom characters are generated at both the sending and receiving end of the link and added, character by character, to the individual characters of the plaintext (for ciphering) or ciphertext (for deciphering). The German military did not replace Enigma with the SZ42 for general use because the SZ42's complexity made it too heavy for the field.

The SZ42 cipher proved difficult for allied cryptographers to crack, as did another German cipher machine, the Geheimschreiber, first deployed by the German navy in 1942. However, Allied cryptographers cracked the Enigma, SZ42, and Geheimschreiber ciphers by building specialized devices to systematically try out possible keys

for the decryption of messages. The first such devices— "bombes,"invented by Polish mathematician Marian Rejewski (1905–1980) and possibly named for the loud ticking noises they emitted while functioning—were electromechanical (i.e., used a combination of electrical currents and moving parts). Bombes sufficed for the Enigma cipher, but to crack the SZ42 and Geheimschreiber ciphers, the Allies built what is sometimes considered the world's first electronic computer, the Colossus. The Colossus was based primarily on the ideas of British engineer T. H. Flowers (1905–1998) and British mathematician Alan Turing (1912–1954). (An "electronic" computer, as opposed to an electromechanical device, does not use moving parts to perform its calculations.)

Cipher-machine technology reached its peak in the Geheimschreiber and SZ42 cryptosystems, achieving a level of cryptographic security that could only be breached by the invention of a wholly new technology: the electronic computer. Nevertheless, all the major German ciphers of the World War II—and the primary Japanese cipher too, codenamed Purple—were broken by the Allies.

The Allies also used cipher machines during World War II, but with better luck, as the Axis governments did not succeed in breaking Allied ciphers routinely. The United States Army's primary cipher machine descended from a compact device invented by Swedish inventor Boris Hagelin (1892–1983) in the mid 1920s. Hagelin's cipher machine, originally designated the B-21, sold thousands of copies to the French military between 1934 and the French defeat in World War II. The U.S. Army purchased Hagelin's machine after the German invasion of Norway in 1940 and redesignated it the M-209. More than 140,000 M-209s were manufactured before the end of the war. The M-209, like the SZ42, employed the stream-cipher technique, with matched generation of the key-stream at the transmitting and receiving ends of each link. Interestingly, this technique is still used today in applications such as digital pay-TV, file encryption, and communication with secure Web sites; however, electronic, rather than mechanical, generation of the pseudorandom key stream is used.

Cipher machines continued to be used by many countries for some years after the end of World War II, but were slowly rendered obsolete by the increasing availability of general-purpose digital computers. The displacement of cipher machines by computers was inevitable for several reasons. A computer can be flexibly reprogrammed to implement any number of ciphering schemes, whereas a cipher machine can implement only the cipher it is built for. Further, electronic computers operate at far higher speeds than can mechanical devices. Today, all serious ciphering is performed using digital computers, and the only remaining ciphering machines are in museums.

█ FURTHER READING:

BOOKS:

Churchouse, Robert. Codes and Ciphers. Cambridge University Press, 2002.

Deavours, Cipher, et al. Cryptology: Machines, History and Methods. Norwood, MA: Artech House, 1989.

Singh, Simon. The Code Book. New York: Doubleday, 1999.

SEE ALSO

ADFGX Cipher
Cipher Pad
Codes and Ciphers
Purple Machine

Cipher Disk

A cipher disk is a handheld coding device for generating a limited number of substitution ciphers, that is, ciphers in which each letter of the regular alphabet is enciphered as a single character from a cipher alphabet. A typical cipher disk consists of an inner ring with the characters of the regular alphabet printed around its outer edge, and an outer ring that fits snugly around the inner ring and can be rotated. Around the outer ring is printed a cipher alphabet that has the same number of characters as the regular alphabet. This cipher alphabet may consist of a scrambled regular alphabet or of other symbols. To encipher a message, the user of the cipher disk first chooses some particular alignment of the outer ring with the inner ring. For example, if the cipher alphabet consists of the numbers 1 through 26 (in order), the user may align the number 10 on the outer ring with the letter A on the inner ring. The letter A will then encipher as 10, the letter C as 12, the letter Z as 9, and so forth. By shifting the outer ring one or more letter-positions, the user obtains a different substitution cipher. Some cipher disks have an internal mechanism that advances the outer ring by one step after the encipherment of each letter; this prevents a given plaintext letter from always enciphering as the same ciphertext letter.

The earliest known description of the cipher disk was penned by Italian artist Leon Battista Alberti (1404–1472) in 1470. Cipher disks produce ciphers that are too simple for practical use in the modern world, but were used in the field by Confederate forces during the United States Civil War (1861–1865). Union cryptographers, however, often had no problem reading the Confederacy's encrypted messages. Cipher disks were also widely distributed in the U.S. in the 1940s as marketing giveaways for radio adventure programs such as Captain Midnight. These programs were popular even with adults, including active air crews during World War II, and stories—possibly apocryphal—have circulated claiming that combat forces occasionally put the toy cipher disks to real-life use. More complex ciphering systems based fundamentally on the cipher disk concept, such as Enigma, have seen extensive real-world service.

█ FURTHER READING:

BOOKS:

Deavours, Cipher, et al. Cryptology: Machines, History & Methods. Norwood, MA: Artech House, 1989.

Singh, Simon. The Code Book. New York: Doubleday, 1999.

SEE ALSO

Cipher Machines
Codes and Ciphers
Enigma

Cipher Key

A cipher key is a sequence of symbols that a user of a given cipher system must possess in order to use the system. Without a key, a user cannot encipher messages (turn them from plaintext to ciphertext) or decipher messages (turn them from ciphertext to plaintext).

Keys greatly enhance cipher security and are a feature of all modern ciphers. To see the value of keys, consider the following Caesar shift cipher:

Plaintext alphabet:
ABCDEFGHIJKLMNOPQRSTUVWXYZ

Ciphertext alphabet:
DEFGHIJKLMNOPQRSTUVWXYZABC

Note that the ciphertext alphabet is merely the plaintext alphabet shifted to the left by three letter-positions (with A, B, and C wrapped around to the right). As it stands, this cipher has no key; it consists of a one-step method that never varies (e.g., in reading the above table, E from the Plaintext alphabit always enciphers to H of the Ciphertext alphabet, the E being directly below the H in the table). Ciphers such as this example are easy to break. Twenty-four similar, but distinct ciphers can be generated, however, simply by shifting the lower alphabet by some number of positions other than three. For example, a left-shift of six letters changes the ciphertext alphabet to GHIJKLMNOPQRSTUVWXYZABCDEF. One can therefore imagine a cipher system in which one specifies a different shift before enciphering each message. The receiver will also need to know the shift, so that they can use the same substitution cipher that the sender used. In this improved cipher, the shift number for each message would function as a key. There are 25 possible keys (i.e., shifts) in this system, each of which would cause a different ciphertext to be produced from a given plaintext. This is a general feature of keys: a key modifies the rules for producing or deciphering ciphertext.

In general, an opponent who obtains a key (and who understands the rest of the cipher system) can decipher all the plaintext that has been enciphered using that key. In the example above, there are only 25 possible keys, and the cipher can easily be attacked by exhaustion, that is, by trying all possible keys. In real-world cipher systems, the number of keys is made too large for exhaustion to be practical. For example, if a 56-bit binary number is used as the key, there are 2⁵⁶ > 7.2 × 10¹⁶ possible keys. An ideal cipher would be breakable only by exhaustion; in practice, ciphers almost always have subtle weaknesses that make it possible to break them without having to guess all possible keys.

█ FURTHER READING:

BOOKS:

Mollin, Richard A. An Introduction to Cryptography. New York: Chapman & Hall, 2001.

SEE ALSO

Codes and Ciphers