Cryptography (from Greek kryptós, "hidden", and gráphein, "to write") is the study of the principles and techniques by which information can be concealed in a 'garbled' version that is much more difficult to read for an unauthorized person than for one in possession of the secret(s) needed to convert the gobbledygook back into the original plaintext. Encryption is used to describe the plaintext --> garble conversion, decryption the garble --> plaintext conversion. One main type of garbling is called encoding (yielding 'codetext'), the other is called enciphering (yielding, naturally, ciphertext). see key. The term cryptology has sometimes been used for cryptography in this definition. There is some tension between the two schools.

Cryptography has four main goals:

1. message confidentiality: Only the authorised receiver should be able to extract the contents of the message from its encrypted form. In addition, it should not be possible to obtain information about the message contents (such as a statistical distribution of certain characters).
2. message integrity: The receiver should be able to determine if the message has been altered since transmission.
3. authentication: The receiver should be able to identify the sender. Furthermore, they should be able to verify that the sender did actually send the message.
4. non-repudiation: The sender should not be able to deny sending the message.

Not all cryptographic systems or algorithms achieve all of the above goals. Some are not practical (or desirable) in some contexts: for example, the sender of the message may want to be anonymous, or the system may have to be designed for an environment with limited computing resources. In particular, note that if confusion is embedded in a crypto system design as to who a sender or receiver is (examples for real crypto systems include 1) a computer program on a local system, 2) a computer program on a 'nearby' system which 'provides security services' for users on other close-by systems, or -- what most humans believe (even if without realizing it) is obviously meant -- 3) a human being using some computer system), each of these goals are very easily not acheivable. Failure often happens without notice to any human involved, and is most often due to extra cryptographic issues. Even with perfect algorithms, superb (even provably secure) system design, and error free implementation. Good algorithms and good protocols do not alone provide 'security'. Careful thought is required -- and too often absent.

Although cryptography has a long and complex history, it wasn't until the 19th centry that it developed anything more than ad hoc approaches to either cryptanalysis (eg, C Babbage) or encryption (eg, A Kerckoffs). An increasingly mathematically theoretical trend accelerated up to WWII (notably in W Freidman's applications of statistical techniques to cryptography and in M Rejewski's initial break of the German Army Enigma system) and became essentially completely mathematical afterwards. Even then, it has taken the Internet to bring effective cryptography into common use by anyone other than national governments or similarly sized enterprises.

The earliest use of cryptography can be found with the use of non-standard hieroglyphics on monuments by the Egyptians from the Old Kingdom (ca 3500 years ago). These are not regarded as serious attempts at secret communications, however. Hebrew scholars also made use of simple substitution ciphers (such as the Atbash cipher) beginning perhaps around 500 to 600 BCE. As did the Greeks (eg, the scytale trasposition cipher) and the Romans (eg, the Caesar cipher and its variations).

Both cryptography and cryptanalysis featured in the Babington plot during the reign of Queen Elizabeth I. And an encrypted message from the time of the Man in the Iron Mask (decrypted around 1900 by E Bazeries) has shed some light on the identity of that legendary, and unfortunate, prisoner. Cryptography, and its misuse, was involved in the plotting which led to the execution of Mata Hari and even more reprehensibly in the travesty which led to Dreyfus' conviction and imprisonment, both in the early 20th century. Fortunately, cryptography was also invoved in setting Dreyfus free; Mata Hari, in contrast, was shot.

Mathematical cryptography leaped ahead after WWI. M Rejewski, in Poland, attacked and 'broke' the German Army Enigma system using purely mathematical techniques (1932 et seq), and his work was extended by A Turing, G Welchman, and others at Bletchley Park beginning in 1939. US Navy cryptographers (with help from the British and the Dutch) broke into several Japanese Navy crypto systems leading most famously to the US victory at Midway, and into some of the Japanese attache systems. The US Army SIS group managed to break the highest security Japanese diplomatic system (a machine called Purple by the Americans) before the WWII began. The Americans referred to the intelligence resulting from cryptanalysis, perhaps especially that from the Purple machine, as 'Magic'. The British eventually settled on 'Ultra' for intelligence resulting from cryptanalysis, particularly that from the various Enigmas.

By World War II mechanical and electromechanical cryptographic systems were in wide use, although manual systems were still used where such systems were impractical. Great advances were made in both practical and mathematical cryptography in this period, all in secrecy. Some of this information has begun to be declassified in recent years as the official 50-year (British) secrecy period has come to an end.

The Germans made heavy use of an electro-mechanical rotor system known as Enigma, the Japanese Foreign Office used the independently developed electrical stepping switch based system called Purple by the US and in the earlier similar machine used by some attaches in Japanese embassies. This last was called the M-machine by the US.

The era of modern cryptography started with Claude Shannon, arguably the father of mathematical cryptography. In 1949 he published the paper Communication Theory of Secrecy Systems in the Bell System Technical Journal and a little later the book, Mathematical Theory of Communication. These, in addition to his other works on information and communication theory established a strong theoretical basis for cryptography.

1976 saw two major public advances. First was the DES (Data Encryption Standard) developed by IBM and the NSA in an effort to develop secure communication facilities for businesses (perhaps esp banks) (DES was later published as a FIPS (Federal Information Processing Standard) in 1977) (currently at FIPS 46-3, and made obsolete by the adoption of the Advanced Encryption Standard as FIPS 197). DES was the first cipher algorithm approved by a national crypto agency such as NSA which was accessible to the public. The release of the specifications of the DES algorithm by NBS (now NIST) stimulated an explosion of public and academic interest in cryptography. DES and more secure variants of it (such as 3DES, see FIPS 46-3) are still used today, although DES was effectively replaced by AES (Advanced Encryption Standard) in 2001.

Secondly, and perhaps even more importantly, was the publication of the paper New Directions in Cryptography by Whitfield Diffie and Martin Hellman. This paper introduced a radically new method of distributing cryptographic keys, known as asymmetric key cryptography. This essentially solved one of the fundamental problems of cryptography, key distribution.

Prior to this, all useful modern encryption algorithms had been 'symmetric key algorithms' (qv), in which the same key (qv) must be used with the underlying algorigthm by both the sender and the receipient. Of necessity, the same key had to be exchanged between the communicating parties in some secure way (the term usually used is 'via a secure channel') such as a trusted courier or face-to-face contact -- prior to any effective use of the cipher algorithm. This requirement rapidly becomes unmanageable when the number of participants increases beyond some small number, or (really) secure channels aren't available for key exchange. In particular, a separate key is required for each communicating pair if other parties are not to decrypt their messages. A system of this kind is also known as a "private key cryptosystem."

In 'asymmetric key' (qv) cryptography, there are a pair of related keys for the algorithm, one of which is used for encryption and the other for decryption. Some of these algorithms have the property that one of the keys may be made public since the other cannot be (by any currently known method) deduced from the public key. The other key in these systems is kept secret and is usually called the private key. A system of this kind is known as a public key algorithm, although the term asymmetric key cryptography is preferred by those who wish to avoid the unclarity of using that term for all such algorithms and to stress that there are two distinct keys with different secrecy requirements. As a result, only one key pair is now needed per receiver (regardless of number of senders) as possession of a public key does not compromise the security of the corresponding private key. Note, however, that it is not been proved, for good algorithms, that the private key cannot be deduced from the public key, but informed observers believe it to be so. Some of the well respected public key / private key algorithms can be broken by on or another cryptanalytic attack and so, like essentially all encryption algorithms, the protocols in which they are used must be chosen and implemented carefully.

However, both asymmetric key cryptography and the best known of the public key / private key algorithms (ie, what is usually called RSA) seem to have been developed by a UK military intelligence agency before public research caught up. On December 17, 1997, GCHQ released documents claiming that they had developed public key cryptography before the publication of Diffie and Hellman's paper. Various classified papers were writtem during the 1960s and 1970s which led to schemes essentially identical to RSA encryptiion and Diffie-Hellman key exchange in 1973 and 1974. Some have now been published.

Some algorithms of various kinds:

• MD5
• SHA-1
• RIPEMD-160

• RSA
• Diffie-Hellman
• Elliptic curve cryptography

• Enigma
• One-time pad
• Data Encryption Standard (DES, FIPS 46-3)
• Lucifer cipher
• RC4
• Blowfish
• International Data Encryption Algorithm (IDEA)
• Advanced Encryption Standard (AES, FIPS 197)
• IDEA
• Twofish
• RC6

• Blum Blum Shub

• Dining cryptographers protocol
• Anonymous remailer

• Cryptographic key
• Cipher
• Code
• Brute force attack
• Dictionary attack

• Schneier, Bruce - Applied Cryptography ISBN 0471117099. The best single volume covering modern cryptographic practice. Not overly mathematical and so accessible -- mostly -- to the non-technical.
• Schneier, Bruce - Secrets and Lies ISBN 0471253111, a discussion of the context for cryptography and cryptosystems. Meta-cryptography if you will.
• Bamford, James - The Puzzle Palace : A Report on America's Most Secret Agency ISBN 0140067485, and the more recent "Body of Secrets" The best of a small group of books about NSA.
• A. J. Menezes, P. C. van Oorschot and S. A. Vanstone - Handbook of Applied Cryptography ISBN 0849385237 (online version) Equivalent to Applied Cryptography in many ways, but seriously mathematical.
• Kahn, David - The Codebreakers ISBN 0684831309 The best available single source for cryptographic history, at least for events up to the mid-60s. The added chapter on more recent developments is thin. See also his other publications on cryptography.
• Singh, Simon - The Code Book ISBN 1857028899. An anecdotal introduction to the history of cryptography. Covers more recent material than does The Codebreakers, and is written in British, but is much better than such an approach might be expected to produce. The cryptanalytic contest has been won and the prize awarded.

Echelon, Enigma, Espionage, Purple code, Ultra, Security engineering, SIGINT, Steganography, Cryptographers, SSL