Sinopsis
The world of secret messages and code breakers might seem like something out of a high-tech espionage thriller, but the fascination we have with cryptology and its methods in novels has been inspired by some very real practices. At times, these practices have helped change history, and while cryptology continues to adapt by using cutting-edge technology, it is a science—and to some extent an art—with roots that go back to ancient times. This book will let you in on the secrets of cryptography and code breaking, including their colourful history, the extremely intricate structures that go into cryptographic systems, and the high-level puzzle-solving required to break a code. In the process, you will see both sides of a cat-and-mouse game: those who are trying to devise impenetrable codes, and those who are trying to crack those codes.
Given the long history of the practice, it is appropriate that the word cryptography comes from ancient Greek. It literally means “hidden writing,” and the practice is one of trying to conceal messages in plain sight. Cryptanalysis represents the other side of game: the practice of trying to decipher or forge messages written
in someone else’s code. Cryptology is a broad description of the overall field, encompassing both cryptography and cryptanalysis.
Talk of secret messages and code breakers evokes images of spies and international diplomacy, and cryptology continues to play its traditional role in that realm. However, in a world of electronic commerce, cryptology is also central to more mundane types of business, as each day it allows millions of financial transactions to take place with safety and ease. Fundamentally, cryptography is based on a key, which is the formula for converting the original message (known as plaintext) into a cipher, or a secretly coded message. The process for making this conversion is known as encryption, and the reverse process is known as decryption.
The use of a key to convert information into a cipher can be quite simple, but there are various techniques for making that conversion process more complex, and thus the cipher harder to crack. This book will show how modern encryption methods have built on the basic principles of cryptography to create increasingly elaborate yet efficiently automated methods of securely encoding information. These encryption methods are essential to 21st century electronic commerce. Credit and debit cards, Internet transactions, and electronic money transfers all rely on principles of cryptography. In addition to using cryptography to safeguard information belonging to consumers, merchants, and financial institutions, electronic commerce relies on cryptography for one other element that is necessary for automated transactions, and that is authentication. In a world where the parties to a transaction increasingly do not meet face to face, encrypted authentication methods are vital to ensuring that those parties are whom they claim to be.
Unfortunately, encryption methods have become increasingly sophisticated out of necessity, as the theft and unauthorised decryption of sensitive information has grown right along with electronic commerce itself. Illegal decryption is often the basis for cyber crimes such as identity theft. By the first decade of the 21st century, this type of fraud was already affecting millions of people in the United States alone, resulting in the losses of billions of dollars by businesses and consumers.
While encryption methods continue to evolve to meet the growing security challenge, a look back at the origins of cryptography provides some insight into the basic building blocks of today’s systems. This book will examine the historical development of the two major types of ciphers: transpositions and substitutions. Transposition ciphers conceal a message by scrambling the sequence of its components, while substitution ciphers replace those components with different letters, numbers, or other symbols while maintaining the same sequence.
Transposition ciphers, which often use an agreedupon keyword to signal the rearrangement of the letters in the original text, were popular in the early history of cryptography, and are still used today in more complex forms, which often entails layering one transposition on top of another to further scramble the message.
Substitution ciphers are the way codes have often been depicted in popular stories and films: a letter or symbol is substituted for each letter of the alphabet, and the original message is converted accordingly. In its simplest form, this has the drawback of presenting an often-recognisable pattern of how the characters appear, according to the language of the original text. To obscure those patterns, variations on substitution ciphers have been developed, such as using multiple alphabets so the substitution does not correlate as closely with the original message.
With both transposition and substitution ciphers, a key to avoiding unauthorised decoding of the message can be the level of complexity, as often one set of encryption rules is layered on top of another. This book will look at some significant examples of how this has been done. Historically, this effort has included variations on substitution ciphers such as Playfair ciphers, Vigenère ciphers, and Vernam-Vigenère ciphers.
Product ciphers are cryptography systems employing multiple transpositions, and some ciphers have even employed a combination of substitution and transposition. With each new level of complexity, cryptologists thought they had devised an unbreakable cipher—only to have resourceful code breakers prove them wrong.
Because of the nature of this adversarial game, over the years cryptology developed a colourful history. The use of ciphers in wartime and in criminal activity, and the efforts to crack those ciphers, often had a dramatic impact.
Whether a cipher is simple or complex, at its heart is the key—the system for how the original information is coded into a cipher. Because the key is the basis for coding information, it is also the basis for decoding that information, which makes it a critical security concern. Distributing and protecting these keys is of such concern that in military operations, keys themselves may be disseminated in code, which must be decoded according to a different key before the coded key can be applied to a message. In business applications, a central problem is the sheer number of people exchanging coded information, which requires each pair in an exchange to have a unique code.
An important development in safeguarding the security of cipher keys was the creation of the two-key system, in which each user has a unique encryption and decryption key. This type of system is known as secret-sharing, because two or more people must participate in the decryption of a message. Secret-sharing is a central element in modern security procedures.
Another critical issue in two-key systems is authentication— verifying that a message came from the person it claims to be from. Thus, the method for coding information is just the beginning. Modern encryption and decryption systems also have to provide for communicating multiple keys and authenticating the identity of sender and recipient. In U.S. government security circles, all of this complexity results in key systems that are based on 310-digit numbers. To add yet another wrinkle, block ciphers and stream ciphers break information up into sections, each of which is coded using a different part of the encryption key. Thus, even if some of the message is decoded, the rest cannot be interpreted unless changes in the decryption key are perfectly synchronised with the encryption key.
Cryptologists haven’t devised these elaborate systems simply out of a love of mathematical complexity. As cryptology has become more complex, it has been followed stride for stride by cryptanalysis, which is the unauthorised interpretation or forgery of encrypted information. While cryptology is largely a question of scientifically structuring and layering encryption principles, cryptanalysis is often a combination of science and art, as flashes of inspiration can be just as important as quantitative analysis in cracking a code. Still, as codes become more complex, cryptanalysis relies more and more on computing power to discern patterns in the text, and longer passages of encrypted information may be necessary before those patterns can emerge.
This book will describe a variety of ways cryptanalysis is approached. A general principle is to be able to match a section of deciphered text with a section of cipher, in order to figure out the encryption principle and apply it to other sections of the cipher. This can be done if a portion of the text is known to the cryptanalyst or can be guessed at due to context. Another approach is to use computers to apply vast numbers of possible decryption principles to the cipher, until a passage appears that makes sense. Then, the decryption method applying to that passage can be applied to the rest of the cipher.
Cryptanalysis has some of the characteristics of a game, but in truth it is often very serious business. In this book, you’ll see how code breaking played an important role in both world wars, and how it continues to be pursued intently by intelligence agencies around the world.
A recurring theme in this story of cryptology is the role of technology, and technology helps define three distinct eras in the history of cryptology. In the first phase, ciphers were constructed manually, and while new ciphers were devised all the time, the manual approach to implementing them was little changed for two thousand years, until just after World War I. At that point the mechanised era of cryptology began, starting first with calculating machines and progressing to the use of rotor machines by all participants in World War II. These machines could encrypt and decrypt faster than any manual operation and with less chance of error. The third era of cryptology came in the late 20th century with the switch to advanced computers, which can process trillions of bits of cipher in a matter of seconds. The third era of cryptology involves not so much the method of constructing ciphers as it does the massive deployment of them to a vastly expanded range of applications in the information age.
Some examples of the first two of these eras help illustrate the ongoing role that cryptology has played in the history of civilisation. Beginning with the use of ciphers by Spartan military commanders around the year 400 bce, this book will show how cryptology has been applied down through time. Though the dawn of the mechanised era of cryptology in the 20th century increased the complexity of ciphers that could be implemented, it is fascinating to see how some of the basic principles of cryptology that date back hundreds of years or more remain in place to this day.
Still, while cryptologists from ancient Greece or medieval Europe might understand the conceptual foundation
of today’s ciphers, they would be mystified by the enormous amount of computing power that is brought to bear to implement those ciphers. On the other side of the fence, a similar degree of computing muscle is applied to trying to crack those codes. The last section of this book will show how computers have shaped the evolution of modern cryptography.
Early computers were applied to cryptology shortly after World War II. At first, these were just electronic versions of earlier rotor cipher machines, which were a mechanical means of varying a cipher key periodically to increase the complexity of the overall cipher. The potential of computers to radically change the game was realised slowly—in fact, those mechanical rotor machines were still used simultaneously with computers up until the 1980s. Encryption techniques began to fully take advantage of computing power with the adoption of the Data Encryption Standard (DES) by the United States in the mid-1970s. Under this standard, an ever-changing sequence of 16 rounds of substitutions and transpositions are layered on top of one another to create a cipher whose complexity would be well beyond any mechanical means of construction. The DES became the international financial and business standard for encryption.
However, just as computing power increased the complexity of encryption, it also advanced the speed with
which information could be analysed and decrypted. By the late 1990s, it was apparent that even DES ciphers were vulnerable to this type of cryptanalysis. So, in 2000 a new encryption standard was approved, the Advanced Encryption Standard (AES). The AES not only took advantage of advances in computer hardware and software since the DES had been formulated, but it was also designed to be adaptable by increasing its key length if conditions call for it.
Will the AES prove to be the ultimate move in the cat-and-mouse game between cryptographers and cryptanalysts? It remains to be seen, but given what’s at stake in both international affairs and electronic commerce, one thing is certain: that secret game will continue. The clandestine world this book explores was once the territory of spies and diplomats. Today, electronic commerce has made cryptography an essential element of everyday life. By learning about how cryptography works, its various applications in the modern world, and the threats to its protections, you can better appreciate how these methods affect you, and perhaps learn how to more effectively safeguard your information.
0 komentar:
Posting Komentar