Cryptography Through The Ages (Part 1)
From Scytale to Quantum-Safe Cryptography
Introduction
The story begins 3921 years ago (1900 Bc) in Egypt in the tomb of a nobleman known as Khnumhotep II when they found altered hieroglyphs stone inscriptions, Though the inscription was not a form of secret writing, but incorporated some sort of transformation of the original text and this is the oldest known text to do so. (read more …)
Cryptography started in Ancient Greece in 400 BC when the Spartans used a cipher to communicate during military campaigns using a device called Scytale
But what is a Scytale and how it works?
Spartan Scytale (400 BC)
(Ancient Greek: σκυτάλη skutálē “baton, cylinder”)
A scytale is a tool that consists of a cylinder with a strip of parchment wound around it on which is written a message (encryption)
On the other end, all the recipient has to do is to wound the parchment around a cylinder with the same diameter (decryption)
Imagine that we went back in time to 400 BC and you were in the army fighting against the Spartans and somehow you acquired the parchment but not the cylinder how would you decrypt the message?
Vulnerability
To decrypt Scytale all you need is multiple wooden rods with different diameters and you start trying wounding the parchment around the wooden rods until the letters start making sense
Code
Scytale-cipher (Python)
Caesar Cipher (100 BC)
Julius Caesar knew the risk of communicating with his general while conquering Europe without cryptography. the probability of the message being intercepted by the enemy was high, so he decided to invent the Caeser cipher which is also known as ROT3 (Rotate 3)
Encryption:
To encrypt the message all you need to do is to shift each letter 3 places to the right
Example:
- A => D
- B => E
- C => F
Decryption:
To decrypt the message all you need to do is to shift each letter 3 places to the left
Example:
- D => A
- E => B
- F => C
Did you already find out why is the Caesar Cipher vulnerable?
Vulnerability
Caesar cipher is vulnerable to a type of attack called frequency analysis.
But what is frequency analysis?
According to Wikipedia:
Frequency analysis (also known as counting letters) is the study of the frequency of letters or groups of letters in a ciphertext. The method is used as an aid to breaking classical ciphers.
The most common letters in the English language are E, T, A, O, N, R, I, S, and H (RINOS HEAT for short)
To break the Caeser cipher all you need is to find the most common letters in the encrypted text and substitute those common letters to help determine the pattern
Code
caesar cipher (Python)
Vigenère Cipher (1553)
The cipher was invented in 1553 by the Italian cryptographer Giovan Battista Bellaso but for centuries was attributed to the 16th-century French cryptographer Blaise de Vigenère, who devised a similar cipher in 1586. (There are some resources that contradict this)
Vigenère Cipher was inspired by Caesar's cipher but it increased the difficulty of encryption and decryption by implementing a key
What is a key?
In cryptography, a key is a piece of information (a parameter) that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. The key is used to encrypt and decrypt messages so that only the intended receiver can understand them.
Encryption
To encrypt a message, each letter of the keyword is used to select a different Caesar cipher from a set of 26 available ciphers. The ciphertext is then created by applying the selected cipher to each letter of the plaintext message.
Decryption
To decrypt the message, the same keyword is used to select the appropriate cipher and the ciphertext is decrypted using that cipher.
Example:
The plaintext message to be encrypted is “ATTACKATDAWN”.
The keyword used is “LEMON”.
The first step is to create a Vigenère table, which looks like this:
The ciphertext is then created by looking up each letter of the plaintext message in the table and substituting it with the corresponding letter of the keyword.
The ciphertext is “LXFOPVEFRNHR”.
Vulnerability
The Vigenère Cipher is vulnerable to a type of cryptanalysis called Kasiski examination. This technique exploits the repeating patterns in ciphertext to identify the length of the key and then determine the individual letters of the key.
What is cryptanalysis?
Cryptanalysis refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic security systems and gain access to the contents of encrypted messages, even if the cryptographic key is unknown
(source: Wikipedia)
Code
vigenère cipher (python)
Jefferson Wheel Cipher (1790s)
The Jefferson Wheel Cipher, also known as the wheel cipher, was invented by Thomas Jefferson in the late 18th century.
The Jefferson Wheel Cipher is a mechanical cipher that uses a series of rotating wheels to encrypt messages. Each wheel has 26 letters of the alphabet printed on its circumference and can be rotated to change the cipher’s key.
Encryption and Decryption
To encrypt a message, the sender and receiver must have a set of wheels with the same sequence of letters so that when a letter is encoded, the receiver is able to decode the message.
Vulnerability
The Jefferson Wheel Cipher is vulnerable because it relies on the same substitution cipher each time and the same wheel order is used. This makes it vulnerable to frequency analysis and other cryptanalysis techniques. Additionally, since the wheel order is the same every time, a determined attacker can eventually figure out the key.
Code
Jefferson Wheel Cipher (python)
Vernam Cipher aka One Time Pad (1917)
The one-time pad is a type of encryption system that is considered to be unbreakable, even in the face of modern computing power. It is a type of symmetric key cryptography, meaning that the same key is used for both encryption and decryption.
Encryption and Decryption
The one-time pad is a simple but effective system. It relies on a randomly generated key that is only used once. Each character in the message is encrypted using the corresponding character from the key, and the resulting ciphertext is unreadable without the key. The key is then discarded, ensuring that the message can never be decrypted by the same key in the future.
Advantages
The main advantage of the one-time pad is its absolute security. Because the key is used only once, an attacker would have to guess every single character in the key in order to decrypt the message. This is impossible given the sheer size of the key, making the one-time pad practically unbreakable.
Disadvantages
The biggest downside of the one-time pad is that it requires a unique key for every message. This means that the sender and receiver must always be in constant communication in order to exchange keys, making it impractical for many applications.
Code
One Time Pad (python)
TL;DR
Cryptography has been around since ancient times, from the early Egyptians to the modern-day digital age. It has been used for a variety of purposes over the centuries, from protecting military secrets and diplomatic communications to ensuring the security of financial transactions. The first recorded use of cryptography dates back to the 4th century BC when it was used to disguise messages sent by Spartan generals. In the Middle Ages, cryptography was used by merchants and traders to protect their messages from being intercepted by rivals. During the Renaissance, cryptography was used by statesmen and diplomats to ensure the secrecy of their communications. In the 19th century, advances in mathematics enabled the development of more advanced cipher systems, such as the Vigenère Cipher. In the early 20th century, the invention of the computer revolutionized cryptography, giving rise to the development of sophisticated encryption algorithms, such as RSA and AES, which are used to protect data and communications today. Despite the ever-evolving nature of cryptography, its importance remains the same: to protect information from being accessed or modified by unauthorized individuals.
Special thanks to my information security professor, DR Hasan Çifci
Newsletter
I will be sharing my learning journey, cyber security news, new CVEs and study resources, and more, feel free to subscribe 😊 and please don’t forget to drink water 🌊
