A Brief History Of Cryptography Why was public-key cryptography such a quantum leap in privacy protection? To answer that question, you need to know what cryptography can do and what the conventional alternative cryptosystems are. A very brief look at cryptography. At its simplest, cryptography is a means of disguising the content of a message by substituting one symbol for another. One very common form is the cryptogram in your daily newspaper, in which the content of a message, called the plaintext or cleartext, is concealed by substituting one letter for another in a systematic fashion. The pattern of substitution (eg, a=x, b=d, c=r, etc) is called the key, and the resulting unreadable text is known as ciphertext. Numbers can be used as substitutes just as easily as letters. The mathematical maze the cipher follows in scrambling the numbers is known as the encryption algorithm. A simple algorithm might involve multiplying every number by the square root of the number to its immediate left. A simple algorithm that children often use to "encrypt" their vocal communications is "Pig Latin:" move the first letter of each word to the end of the word and add -ay. "Industrial- strength" algorithms, of course, are far more complex in order to discourage successful cryptanalysis. You use the key to encrypt the cleartext. The easiest way to decrypt the ciphertext back to cleartext is to use the same key to simply reverse the substitution. Lacking a key, the task becomes significantly harder, requiring the techniques of cryptanalysis to deduce the key and break the code. Many mathematicians and cryptographers make their living as cryptanalysts. The NSA employs thousands of them. Almost as soon as humans started writing words, they started trying to conceal those words from prying eyes. Cryptohistorian David Kahn traces secret writing back at least 4,000 years to an unknown hieroglyphicist in ancient Egypt. While countless cryptosystems were invented over the intervening millennia, most have been pen and ink designs -- often clever, but rarely approaching "unbreakable." Their complexity was limited by the time required to apply the algorithm using pencil-and-paper methods. One of the most interesting early cryptosystems was the scytale, which was invented by the Spartans around 400 BC. To encrypt a message with a scytale, it was necessary to wrap a long length of parchment or papyrus around a cylindrical rod. The words of the secret message were written on the paper lengthwise along the rod, with one letter on each revolution of the strip. The strip was then unrolled and removed, revealing a succession of meaningless letters. The crucial factor for decrypting the message was a cylinder exactly the same diameter as that used to encrypt it. Any more or less would yield nothing gibberish. Significant progress in the field didn't come until the 20th century, when the military, needing to communicate rapidly over great distances, often over insecure telephone or radio channels, invested heavily in strong cryptosystems and code making and breaking technologies. During the early part of the century, machines that automatically encrypted and decrypted messages appeared, although they remained unknown outside of the highest military circles. These machines made longer, more secure keys and more complex algorithms feasible, thus facilitating the encryption and decryption of longer, more complex messages with a relatively high degree of surity that they could not easily be broken. The Allies' cracking of the German "Enigma" code and the Japanese "Purple" code, both of which were based on the use of electromechanical encryption/decryption machines, is viewed among the most decisive events of World War II. If mechanical encryption machines were a giant step for cryptographers, the development of the computer after the war launched cryptography into an entirely new dimension. Keys could now be far larger and ciphers infinitely more complex. Choosing, distributing and installing keys a process known as key management could now also be totally automated, further improving security and facilitating usage. For the most part, this revolution went on in secret, as serious cryptography remained the exclusive province of the military. For the past 42 years in the United States, Bruce Schneier writes, "The NSA has spent billions of dollars in the very serious game of securing their own communications while trying to break everyone else's. The private individual, with far less expertise and budget, has been powerless to protect his own privacy against these governments."1 During the first two post-war decades, little serious cryptographic research went on outside NSA, and few scholarly papers were published. The last 20 years, however, have seen a vast blooming of cryptography in the public academic and commercial world. Although it hasn't been able to completely stop it, NSA keeps a close watch on nongovernmental cryptographic work, and on more than one occasion has attempted to suppress it. During the late 1970s, there was a flurry of anticryptographic activity. In one instance, an NSA employee named Joseph A. Meyer wrote a letter warning everyone planning to attend a cryptography symposium that by participating they might be violating the Arms Control Act. A few months later, the NSA (through the Department of Commerce) threatened Professor George I. Davida, of the University of Wisconsin-Milwaukee, with two years in jail and a $10,000 fine if he published a scholarly cryptographic article he had written without access to classified material. It was also at about this time that NSA Director Inman gave his famous "sky is falling" speech in which he equated cryptosystems with nuclear weapons.1 Go to Conventional Cryptography Return to Table of Contents [Want to keep the snoopers out of your private life? Wantcontinued access to this HyperBook? Then beam us $9.95 now!Here's how!] We want to hear from you. Send us feedback! And/or submit your writing and art to Smart Publications for inclusion in Tools For Privacy! Tools For Privacy copyright 1995 Smart Publications smart@crl.com