Pretty Good Privacy
- The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography by Simon Singh
Fourth Estate, 402 pp, £16.99, September 1999, ISBN 0 85702 879 0
- In Code: A Mathematical Journey by Sarah Flannery
Profile, 292 pp, £14.99, April 2000, ISBN 1 86197 222 9
- Privacy on the Line: The Politics of Wiretapping and Encryption by Whitfield Diffie and Susan Landau
MIT, 346 pp, £10.50, April 1999, ISBN 0 262 54100 9
The English mathematician G.H. Hardy, who worked in the purest of all mathematical fields, the theory of numbers, used to boast in his patrician way that nothing he did in mathematics would ever be useful. He must be turning in his grave at developments in the ‘science of secrecy’ over the last quarter of a century. Like so many other practices, it has been transformed into a species of applied mathematics by the digital computer, with Hardy’s beloved prime numbers playing a leading role. How this came about is the subject of Simon Singh’s The Code Book, a very readable and skilfully told history of cryptography. Singh’s method is to attach the abstract ideas involved to someone who thought of them, failed to think of them, championed them, or suffered their consequences – this last allowing him to include Mary Queen of Scots, whose unfortunate contribution to the art of secrecy was to correspond with her conspirators using an insecure cipher.
One of the earliest ciphers, familiar to anybody who played with codes as a child, is the Caesar shift, in which each letter of the alphabet is replaced by another a fixed number of places from it. The Caesar shift is an example of a monoalphabetic cipher, all of which, as Arab mathematicians demonstrated in the tenth century, are easily broken because letter frequencies are consistent across texts in a given language – the commonest letter in any such encryption of an English text will correspond to E. The way round this is to use a polyalphabetic cipher, which changes the encrypting alphabet, in a pre-assigned way, at each successive letter. Thus, the word ADA might be encrypted by changing the first A to E (Caesar shift of four places), the D to E (shift of one place), the second A to Z (reversal), and so on; the enciphering of ADA as EEZ hides the repetition of A and defeats attempts at letter frequency analysis. The technique, prefigured in Alberti’s meditations on codes and formulated by several individuals in the Renaissance, is named after its 16th-century rediscoverer, Blaise de Vigenère. For several centuries, the Vigenère cipher gloried under the title of ‘chiffre indéchiffrable’, only to fall in the middle of the 19th century to the efforts of a retired Prussian officer, Friedrich Kasiski, and, independently, to the English inventor Charles Babbage.
The cipher’s weak point, it turned out, was not its encoding strategy, but the length of the key (usually a single word or phrase) which has to be repeated many times until it covers the message if it’s to designate an alphabet for each plaintext letter. Any repeat or duplication gives decrypters a toehold, and both Kasiski and Babbage exploited this to reduce the polyalphabetic coding to an interweaving of monoalphabetic ones, each of which could then be cracked by analysing the letter frequency. So why not use message-length keys consisting of passages from a pre-assigned book? Unfortunately, these introduce another kind of repetition – words such as ‘and’ occur many times – which again facilitates decipherment. Alternatively, one could use a long, random sequence of numbers as a fresh key – a ‘session’ key – for each new message. The resulting cipher, known as a ‘one-time pad’, is indeed unbreakable, but the problems of generating and securely distributing enough keys has restricted it to situations combining low use with the highest security, such as traffic on the White House-Kremlin hotline.