
# 4: Cryptology


Here are some Greek roots:

kryptos, $$\kappa\rho\upsilon\pi\tau o\varsigma$$

secret, hidden

logos, $$\lambda\acute{o}\gamma o\varsigma$$

word, study, speech

graph, $$\gamma\rho\acute{\alpha}\varphi\omega$$

write, written

From these (and others), English gets the words

cryptosystem

a set of algorithms for protecting secrets

cryptography

work done to make cryptosystems

cryptanalysis

work done to circumvent the protections of cryptosystems

cryptology

the union of cryptography and cryptanalysis, often abbreviated simply to crypto.

Beware that cryptography is widely (but inappropriately!) used as a synecdoche for cryptology. (This is not unlike the widely understood incorrect usage of the word hacker.) We will try to use these words more carefully.

With that understood, we start with a little elementary cryptology in this chapter. There will be very little number theory, but we will set up some terminology and simple examples of cryptography and the corresponding cryptanalysis, with an emphasis on the old, historic, systems which are no longer viable in the modern age. Later chapters will come around quickly to modern, number theoretic techniques in crypto.

• 4.1: Some Speculative History
Perhaps there was a form of deception that preceded language – certainly many a house pet has feigned innocence despite the clear evidence of involvement in stealing treats. And even apiologists may not know if some lazy bees make up a story about a long excursion to a new flower patch when their Queen demands an accounting.
• 4.2: The Caesar Cipher and Its Variants
Another system which dates to ancient times was supposedly used by Julius Caesar called the Caesar cryptosystem. Apparently, Julius Caesar usually used the key value k=3. His nephew Octavian, who later became the emperor Augustus, liked to use k=−1.
• 4.3: Frequency Analysis
The Caesar cipher seems very weak. But looking at a ciphertext, it is hard to know where to start – this hardly seems to be English at all. Perhaps we should start with the Caesar cipher itself, assuming (anachronistically) that Caesar was following Kerckhoff’s Principle, or that (more chronistically) spies had determined the cryptosystem but not the key.
• 4.4: Public-Key Crypto - the RSA Cryptosystem
Suppose Alice and Bob never had a chance to meet in person, and they nevertheless want to exchange messages which will be secret from Eve. What can they do? This section discusses symmetric ciphers, asymmetric ciphers, cryptographic salt, and the RSA cryptosystem.
• 4.5: Digital Signatures
Public-key cryptosystems allow several use-cases which symmetric cryptosystems do not. One which has come to have more and more importance in the modern digital economy is the creation of digital signatures – these are parts of electronic documents which are supposed to have something of the qualities of a physical signature in that are hard for an imposter to forge.
• 4.6: Man-in-the-Middle Attacks, Certificates, and Trust
While public-key crypto can seem an unalloyed benefit to the networked world, close examination of the details of the last two sections shows a dangerous gap between a casual statement of the properties of these cryptographic tools and their reality. This section explores a scenario called the "man-in-the-middle attack".

Thumbnail: The action of a Caesar cipher is to replace each plaintext letter with a different one a fixed number of places down the alphabet. The cipher illustrated here uses a left shift of three, so that (for example) each occurrence of E in the plaintext becomes B in the ciphertext. (Public Domain; Matt_Crypto via Wikipedia)

This page titled 4: Cryptology is shared under a CC BY-SA license and was authored, remixed, and/or curated by Jonathan A. Poritz.