Re: Historical Ciphers

From: John A. Malley (
Date: 06/25/03

  • Next message: Tom St Denis: "Heads up on the LibTomMath Book"
    Date: Tue, 24 Jun 2003 20:35:56 -0700

    Lurker wrote:

    > It gets pretty muddy trying to examine 19th century perspectives of
    > 16th century codes. How much of the 19th century analysis was
    > subjective creation on the part of the analyzers?

    Astoundingly, very little, according to the anecdotes in Kahn's "The

    The 19th Century holds the roots of many modern cryptology concepts.

    We see the first steps toward "codification" of cryptanalytic "truths"
    as cryptanalysis books appear in print. European military cryptanalysts
    as well civilian cryptanalysts with strong connections to the military,
    published basic cryptologic facts in the 19th Century - Kirchoff's
    Principles, the Method of Kasiski. By the 19th Century, military
    cryptanalysts knew substitution ciphers (and codes) preserved the
    frequencies and dependencies of the "plaintext" in the "ciphertext" or
    encoded messages. They knew of the probable word attack. The knew of
    stereotyped beginnings and endings as ways into systems. They understood
    the importance of messages in depth for substitution cipher systems, and
    the importance of multiple same-length messages from transposition
    cipher systems. They knew to exploit characteristics of the code books.
    Code numbers assigned to plaintext tended to reflect the alphabetical
    order of the plaintext - so an unknown code group between two known code
    groups corresponded to plaintext alphabetically between that of those
    two code groups. Here we see the root of "cryptosystem characteristic
    exploitation", the idea of taking advantage of characteristics of the
    mapping from plaintext to ciphertext to break into the system without
    the key, or to reconstruct the key. This idea grew in the cryptanalysis
    of rotor based cipher machines and flourishes today as in the
    mathematical assessment of group characteristics, differential and
    linear cryptanalysis, fast factoring algorithms, related-key attacks,
    and more.

    > Look at some of the analysis of the Voynich manuscript for example.
    > What gets pulled out of the water in this case depends to a great
    > extent on what the analyzer brings to the table.

    Yes. Kahn covers this phenomenon well in his book in a chapter on
    pathological cryptanalysis (IIRC). I tend to think of it as an
    affliction of the amateur cryptanalyst. Consider it a blessing, though,
    because had we no pathological cryptanalysis, William Friedman may had
    never taken to cryptanalysis! (See Kahn's book for the story of his work
    at Riverbank and the Quest to Decipher Shakespeare. )


    John A. Malley

  • Next message: Tom St Denis: "Heads up on the LibTomMath Book"

    Relevant Pages

    • Re: Kryptor for Linux released
      ... I have been discussing with Angelo in private and I told ... version of their "cipher", no serious cryptographer would ... attacks attemps and reduced-round cryptanalysis. ... I hope Angelo that you are not trying to push low-grade crypto around. ...
    • No Fear of Cryptanalysis.
      ... that I am expounding here in sci crypt is theoretically unbreakable by ... I will accept a paper cryptanalysis backed ... This cryptography uses a random key string that is equal in length to ... Pad cipher but is generally applicable to all scalar ciphers. ...
    • Re: simple math question
      ... I did not once state that linear cryptanalysis or differential cryptanalysis ... If you actually want to learn how to design ... from the basics by focusing on the attacks already published. ... An 8-bit cipher with an 8x8 bijective sbox S the cipher is simply ...
    • Re: Is plaintext with CRC more suseptable to cryptoanalysis?
      ... >Does the notion of the CRC on previous bytes in the packet, ... >to another, introduces a weakness, regardless of the actual cipher. ... Instant Ciphertext-Only Cryptanalysis of GSM ...
    • Re: Can you decrypt this?
      ... the cipher is to have its integrity tested. ... supposing it is simply being submitted for cryptanalysis? ... Why should I use a cypher whose security is dependant on how well the ... You think the Enemy is going to TELL you this? ...