Computer and Information Security Handbook

In this excerpt from chapter three of Computer and Information Security Handbook, author John R. Vacca reviews the basics of cryptography.

Computer and Information Security Handbook

The following is an excerpt from Computer and Information Security Handbook by author John R. Vacca and published by Syngress. This section from chapter three explores the origins of cryptography.

"Cryptography," as a word, literally means the "study of hidden writing." It comes from the Greek krypsό2, "hidden, secret"; and from grά4εin, graphein, "writing," or -logίa, -logia, "study." In practice, it is so much more than that. The zeros and ones of compiled software binary, something that frequently requires encryption, can hardly be considered "writing." Were a new word for cryptography to be invented today, it would probably be "secret communications." It follows that, rather than point to the first altered writing as the origins of cryptography, we must look to the origins of communication and to the first known alterations of it in any form. Historically, then, you might say that cryptography is a built-in defense mechanism, as a property of language. As you will see in this chapter, ultimately this dependency is also the final, greatest weakness of any cryptographic system, even the perceivably unbreakable Advanced Encryption Standard (AES) system. From unique, cultural body language to language itself, to our every means of communication, it is in our nature to want to prevent others who would do us harm from intercepting private communications (which could be about them!). Perhaps nothing so perfectly illustrates this fact as the art of cryptography. It is, in its purpose, an art form entirely devoted to the methods whereby we can prevent information from falling into the hands of those who would use it against us: our enemies.

Since the beginning of sentient language, cryptography has been a part of communication. It is as old as language itself. In fact, one could make the argument that the desire and ability to encrypt communication, to alter a missive in such a way so that only the intended recipient may understand it, is an innate ability hard-wired into the human genome. Aside from the necessity to communicate, it could well be what led to the development of language itself. Over time, languages and dialects evolved, as we can see with Spanish, French, Portuguese, and Italian, all of which derived from Latin. People who speak French have a great deal of trouble understanding people who speak Spanish, and vice versa. The profusion of Latin cognates in these languages is undisputed, but generally speaking, the two languages are so far removed that they are not dialects but rather separate languages. But why is this? Certain abilities, such as walking, are built into our nervous systems; other abilities, such as language, are not. From Pig Latin to whispering circles to word jumbles, to languages so foreign that only the native speakers understand them, to diverse languages and finally modern cryptography, it is in our nature to keep our communications secret.

Computer and Information Security Handbook

Author: John R. Vacca

Learn more about Computer and Information Security Handbook from publisher Syngress

At checkout, use discount code PBTY25 for 25% off this and other Elsevier titles

So why is language not hard-wired into our nervous system, as it is with bees, which are born knowing how to tell another bee how far away a flower is, as well as the quantity of pollen and whether there is danger present? Why do we humans not all speak the same language? The reason is undoubtedly because unlike bees, humans understand that knowledge is power, and knowledge is communicated via spoken and written words. Plus, we were not born with giant stingers with which to sting people we do not like. With the development of evolving languages innate in our genetic wiring, the inception of cryptography was inevitable.

In essence, computer-based cryptography is the art of creating a form of communication that embraces the following precepts:

  • It can be readily understood by the intended recipients.
  • It cannot be understood by unintended recipients.
  • It can be adapted and changed easily with relatively small modifications, such as a changed passphrase or word.

All artificially created lexicons, such as the Pig Latin of children, pictograph codes, gang-speak, and corporate lingo, and even the names of music albums, such as Four Flicks, are manners of cryptography in which real text, sometimes not so ciphered, is hidden in what appears to be plaintext. They are attempts at hidden communications.

1. What is cryptography? What is encryption?

Ask any ancient Egyptian and he will undoubtedly define "cryptography" as the practice of burying the dead so that they cannot be found again. The Egyptians were good at it; thousands of years later, new crypts are still being discovered. The Greek root krypt literally means "a hidden place," and as such it is an appropriate base for any term involving cryptology. According to the Online Etymology Dictionary, crypto- as a prefix, meaning "concealed, secret," has been used since 1760, and from the Greek graphikos, "of or for writing, belonging to drawing, picturesque." Together, crypto + graphy would then mean "hiding place for ideas, sounds, pictures, or words." Graph, technically from its Greek root, is "the art of writing." "Encryption," in contrast, merely means the act of carrying out some aspect of cryptography. "Cryptology," with its -ology ending, is the study of cryptography. Encryption is subsumed by cryptography.

How Is Cryptography Done?

For most information technology (IT) occupations, knowledge of cryptography is a small part of a broader skill set and is generally limited to relevant applications. The argument could be made that this is why the Internet is so extraordinarily plagued with security breaches. The majority of IT administrators, software programmers, and hardware developers are barely cognizant of the power of true cryptography. Overburdened with battling the plague that they inherited, they cannot afford to devote the time or resources needed to implement a truly secure strategy. The reason, as we shall see, is that as good as cryptographers can be, for every cryptographer there is a decryptographer working just as diligently to decipher a new encryption algorithm.

Traditionally, cryptography has consisted of any means possible whereby communications may be encrypted and transmitted. This could be as simple as using a language with which the opposition is not familiar. Who has not been in a place where everyone around them was speaking a language they did not understand? There are thousands of languages in the world; nobody can know them all. As was shown in World War II, when the Allied forces used Navajo as a means of communicating freely, some languages are so obscure that an entire nation may not contain one person who speaks it! All true cryptography is composed of three parts: a cipher, an original message, and the resultant encryption. The cipher is the method of encryption used. Original messages are referred to as plaintext or as clear text. A message that is transmitted without encryption is said to be sent "in the clear." The resultant message is called a ciphertext or cryptogram. This part of the chapter begins with a simple review of cryptography procedures and carries them through; each section builds on the next to illustrate the principles of cryptography.

2. Famous cryptographic devices

The past few hundred years of technical development and advances have brought greater and greater means to decrypt, encode, and transmit information. With the advent of the most modern warfare techniques and the increase in communication and ease of reception, the need for encryption has never been more urgent.

World War II publicized and popularized cryptography in modern culture. The Allied forces' ability to capture, decrypt, and intercept Axis communications is said to have hastened the end of the war by several years. Next, we take a quick look at some famous cryptographic devices from that era.

The Lorenz Cipher

The Lorenz cipher machine was an industrial-strength ciphering machine used in teleprinter circuits by the Germans during World War II. Not to be confused with its smaller cousin, the Enigma machine, the Lorenz cipher could possibly best be compared to a virtual private network tunnel for a telegraph line, only it was not sending Morse code, it was using a code like a sort of American Standard Code for Information Interchange (ASCII) format. A granddaddy of sorts, called the Baudot code, was used to send alphanumeric communications across telegraph lines. Each character was represented by a series of 5 bits.

Read an excerpt

Download the PDF of chapter three in full to learn more!

The Lorenz cipher is often confused with the famous Enigma, but unlike the Enigma (which was a portable field unit), the Lorenz cipher could receive typed messages, encrypt them, and send them to another distant Lorenz cipher, which would then decrypt the signal. It used a pseudorandom cipher XOR'd (an encryption algorithm) with plaintext. The machine would be inserted inline as an attachment to a Lorenz teleprinter. Fig. 3.1 is a rendered drawing from a photograph of a Lorenz cipher machine.


The Enigma machine was a field unit used in World War II by German field agents to encrypt and decrypt messages

Lorenze cipher machine
FIGURE 3.1 The Lorenz machine was set inline with a teletype to produce encrypted telegraphic signals.

and communications. Similar to the Feistel function of the 1970s, the Enigma machine was one of the first mechanized methods of encrypting text using an iterative cipher. It employed a series of rotors that, with some electricity, a light bulb, and a reflector, allowed the operator to either encrypt or decrypt a message. The original position of the rotors, set with each encryption and based on a prearranged pattern that in turn was based on the calendar, allowed the machine to be used even if it was compromised.

When the Enigma was in use, with each subsequent key press, the rotors would change in alignment from their set positions in such a way that a different letter was produced each time. With a message in hand, the operator would enter each character into the machine by pressing a typewriter-like key. The rotors would align and a letter would then illuminate, telling the operator what the letter really was. Likewise, when enciphering, the operator would press the key and the illuminated letter would be the cipher text. The continually changing internal flow of electricity that caused the rotors to change was not random, but it created a polyalphabetic cipher that could be different each time it was used.


About the author:

John R. Vacca is an information technology consultant, researcher, professional writer, editor, reviewer, and internationally-known best-selling author based in Pomeroy, Ohio. Since 1982, He has authored or edited 79 books, and written more than 600 articles in the areas of advanced storage, computer security and aerospace technology. Mr. Vacca was a configuration management specialist, computer specialist, and the computer security official (CSO) for NASA's space station program (Freedom) and the International Space Station Program, from 1988 until his retirement from NASA in 1995. He is an independent online book reviewer, and was one of the security consultants for the MGM movie, “Antitrust."

This was last published in September 2017

Dig Deeper on Data security and privacy