Cryptography
Cryptography literature has a recurring cast of three. Alice sends the message. Bob receives it. Eve listens in, hoping to read what she was never meant to see. This small drama, repeated across textbooks and protocols, captures the whole field in three names. Cryptography is the practice and study of techniques for secure communication when an adversary is actively trying to intercept, alter, or impersonate. It is what keeps Eve from reading Alice's words.
The earliest known cryptography is carved into stone in Egypt, dated to around 1900 BCE. The newest worries about machines that do not yet fully exist, capable of cracking today's strongest keys in seconds. Between those two points lies a story of tattooed scalps, a wheel cipher invented by Thomas Jefferson, a British graduate student who took the US government to court, and an encryption chip that civil liberties advocates fought to kill. How did a craft once synonymous with simply scrambling letters become a discipline sitting at the intersection of mathematics, computer science, and physics? And why have governments classified it as a weapon?
Suetonius reports that Julius Caesar shifted each letter three positions down the alphabet to write to his generals, a method now called the Caesar cipher. The Hebrew Atbash is another early example. These are substitution ciphers, systematically replacing letters with others. Their cousins are transposition ciphers, which rearrange letter order rather than swap symbols. The Spartans are said to have used a transposition aid called the scytale, a rod for winding and reading a strip of text.
Herodotus preserved one of the strangest early tricks, not encryption but concealment. A message was tattooed onto a slave's shaved head, then hidden under the regrown hair. This is steganography, hiding the very existence of a message. Its modern descendants include invisible ink, microdots, and digital watermarks, along with music ciphers that disguise a secret inside ordinary sheet music.
The 2000-year-old Kama Sutra of Vatsyayana describes two ciphers, Kautiliyam and Mulavediya, one built on phonetic relations and the other on paired letters. Sassanid Persia, according to Ibn al-Nadim, kept two secret scripts, the King's script for official correspondence and another for messages to foreign countries. David Kahn, in The Codebreakers, credits the Arabs as the first to systematically document cryptanalysis. Al-Khalil, who lived from 717 to 786, wrote the Book of Cryptographic Messages, the first work to use permutations and combinations to list possible Arabic words.
Al-Kindi, the Arab mathematician and polymath, wrote Risalah fi Istikhraj al-Mu'amma, describing the first known use of frequency analysis. The insight is deceptively simple. Ciphertext leaks statistical fingerprints of the plaintext, since some letters appear far more often than others. Once an attacker counts frequencies, nearly every classical cipher falls apart. Those broken ciphers survive today mainly as puzzles.
Leon Battista Alberti, around 1467, offered the strongest answer to frequency analysis with the polyalphabetic cipher, which switches between multiple substitution alphabets within a single message. He also built what was probably the first automatic cipher device, a wheel realizing part of his idea. The Vigenere cipher applies the same principle using a key word to govern substitutions. Charles Babbage showed in the mid-19th century that the Vigenere cipher was vulnerable to what is now called Kasiski examination, though Friedrich Kasiski published it about ten years later.
Auguste Kerckhoffs stated a lasting principle in 1883. The secrecy of a cipher's algorithm is no real safeguard. A sound scheme must stay secure even when the adversary fully understands how it works, with the key as the only secret. Claude Shannon restated it more bluntly as Shannon's Maxim, "the enemy knows the system." Physical aids kept pace with this thinking, from Alberti's cipher disk to Johannes Trithemius' tabula recta and Thomas Jefferson's wheel cypher, which was reinvented independently by Bazeries around 1900.
Rotor machines arrived early in the 20th century, the most famous being the Enigma used by the German government and military from the late 1920s and through World War II. These better machine designs made cryptanalysis far harder after the First World War. Breaking them by hand proved both difficult and laborious, which pushed codebreakers toward machines of their own.
Bletchley Park in the United Kingdom drove that effort during the war, automating the repetitive grind of decryption. The result was Colossus, described as the world's first fully electronic, digital, programmable computer. It helped decrypt messages from the German Army's Lorenz SZ40/42 machine.
Claude Shannon, working at Bell Labs, supplied the theory the machines lacked. His 1948 paper founded information theory, and his 1949 paper turned cryptography, as one assessment put it, from an art to a science. For that he is called the founding father of modern cryptography. Shannon also proved something rare and absolute, that the one-time pad is unbreakable when its key is truly random, never reused, kept secret, and at least as long as the message itself.
June 1976 marks a dividing line. Until then, every publicly known encryption method shared one key between sender and receiver, the symmetric model. That model carries a heavy burden. Each pair of parties ideally needs its own key, and the number of keys grows as the square of the network's size, which quickly becomes unmanageable.
Whitfield Diffie and Martin Hellman broke that constraint in a groundbreaking 1976 paper, proposing public-key cryptography. Two mathematically related keys do the work, a public key anyone may distribute and a private key that stays secret. Deriving the private key from the public one is computationally infeasible. David Kahn called this the most revolutionary new concept in the field since polyalphabetic substitution emerged in the Renaissance. Diffie and Hellman could not build a full encryption system, but they delivered the Diffie-Hellman key exchange, letting two parties secretly agree on a shared key.
The race for a practical system ended in 1978, won by Ronald Rivest, Adi Shamir, and Len Adleman, whose answer became the RSA algorithm. RSA had appeared a year earlier in Martin Gardner's Scientific American column. A document published in 1997 by GCHQ, the British intelligence organization, revealed the idea had been anticipated in secret. James H. Ellis conceived asymmetric cryptography around 1970, Clifford Cocks invented something close to RSA in 1973, and Malcolm J. Williamson is credited with the Diffie-Hellman exchange in 1974.
IBM personnel in the early 1970s designed the Data Encryption Standard, which became the first US federal cryptography standard. The Advanced Encryption Standard later replaced it, though triple-DES, a more secure variant, stayed popular across ATMs, e-mail privacy, and secure remote access. Symmetric ciphers come in two forms, block ciphers that process fixed-size blocks and stream ciphers that combine a long key stream with the plaintext bit by bit. RC4 is a widely used stream cipher.
Cryptographic hash functions form a third family, taking input of any length and returning a short, fixed-length output that cannot be reversed to recover the original. A good one makes it infeasible to find two messages with the same hash. MD4 is broken, and MD5, its strengthened variant, is broken in practice as well. The US National Security Agency built the Secure Hash Algorithm series. SHA-0 was flawed and withdrawn, SHA-1 is more secure than MD5 but has known attacks, and SHA-2 was vulnerable to clashes as of 2011.
A competition was launched to select a new national standard called SHA-3. It ended on the 2nd of October 2012, when NIST announced that Keccak had won. These functions guard everyday systems. Operating systems store hashes of passwords rather than the passwords themselves, so when you log in the system hashes your input and compares it, and neither it nor an attacker ever holds the plaintext password.
Encryption was once designated auxiliary military equipment in the United States and placed on the Munitions List, making it illegal after the Second World War to sell or distribute the technology overseas. That collided with the open internet. When the source code for Philip Zimmermann's Pretty Good Privacy reached the internet in June 1991, a complaint from RSA Security triggered a criminal investigation of Zimmermann by the US Customs Service and the FBI, though no charges were filed.
Daniel J. Bernstein, then a graduate student at UC Berkeley, sued the US government, arguing that source code was protected speech. The 1995 case Bernstein v. United States produced a 1999 ruling that printed cryptographic source code is free speech under the Constitution. In 1996, thirty-nine countries signed the Wassenaar Arrangement, an arms control treaty covering dual-use technologies, and a major US relaxation in 2000 lifted most key-size limits on mass-market software.
Governments also pushed from the other direction. The 1993 Clipper chip, built around the classified Skipjack algorithm, included an escrow key the government would hold for wiretapping, violating Kerckhoffs's Principle and drawing fierce criticism. In 1998 President Bill Clinton signed the Digital Millennium Copyright Act, which criminalized tools for circumventing digital rights management and chilled cryptanalytic research. Dmitry Sklyarov was arrested visiting the US and jailed for five months over work that was legal in Russia. The struggle continues into the quantum era, where a single sufficiently powerful machine could reduce the effort to break the strongest RSA or elliptic-curve keys from millennia to seconds, which is why researchers are racing to build post-quantum cryptography before such machines arrive.
Continue Browsing
Common questions
What is cryptography and what is it used for?
Cryptography is the practice and study of techniques for secure communication in the presence of adversarial behavior. Its practical applications include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.
What is the difference between symmetric and public-key cryptography?
Symmetric cryptography uses the same secret key to encrypt and decrypt a message, and was the only publicly known kind until June 1976. Public-key cryptography uses two mathematically related keys, a public key that can be freely distributed and a private key that stays secret.
Who invented public-key cryptography and the RSA algorithm?
Whitfield Diffie and Martin Hellman proposed public-key cryptography in a groundbreaking 1976 paper, including the Diffie-Hellman key exchange. The RSA algorithm was developed in 1978 by Ronald Rivest, Adi Shamir, and Len Adleman, though GCHQ cryptographers including James H. Ellis and Clifford Cocks had anticipated these ideas in secret around 1970 to 1974.
What is the only cipher proven to be unbreakable?
The one-time pad is the only theoretically unbreakable cipher, proven so by Claude Shannon. It holds only when the key material is truly random, never reused, kept secret from all attackers, and of equal or greater length than the message.
What is frequency analysis in cryptography?
Frequency analysis is a cryptanalytic technique that breaks classical ciphers by using the statistical fingerprints that ciphertext reveals about plaintext. The Arab mathematician Al-Kindi described the first known use of it in his work Risalah fi Istikhraj al-Mu'amma.
Why is cryptography treated as a legal and national security issue?
Cryptography's potential as a tool for espionage and sedition has led many governments to classify it as a weapon and limit or prohibit its use and export. In the United States it was once placed on the Munitions List, and the 1999 Bernstein v. United States ruling held that printed cryptographic source code is protected free speech.
How does quantum computing threaten current cryptography?
Estimates suggest a quantum computer could reduce the effort to break today's strongest RSA or elliptic-curve keys from millennia to mere seconds, rendering protocols such as TLS that rely on those keys insecure. Researchers are developing post-quantum cryptography whose security rests on problems believed to remain hard for both classical and quantum computers.