CHAPTER I

General Information

The subject which we are about to study is the analysis and solution of _cipher_, though not including _code_, which is a very special form of cipher demanding something more than elementary knowledge; nor shall we enter at all into the subject of _invisible inks_, certainly a most important aspect of secret writing, but belonging to the province of chemistry rather than to that of cryptanalysis. _Cipher machines_, also, are not within our present scope.

The term _cipher_ implies a _method_, or _system_, of secret writing which, generally speaking, is unlimited in scope; it should be possible, using any one given cipher, to transform any _plaintext_ whatever, regardless of its length and the language in which it is written, into a _cryptogram_, or single enciphered message. The process of accomplishing this transformation is called _encipherment_; the opposite process, that of transforming the cryptogram into a plaintext, is called _decipherment_.

The word _decrypt_, with its various derivatives, is being used here to signify the process of _solving_ and reading cryptograms without any previous knowledge as to their _keys_, or secret formulas; thus the word _decipher_ has been left to convey only its one meaning, as mentioned above: the mechanical process of applying a known key. Our word _decrypt_, however, is an innovation borrowed from the modern French and Italian writers, and is somewhat frowned upon by leading cryptologists.

The word _digram_ is being used to indicate a two-letter sequence; similarly, we have _trigrams_, _tetragrams_, _pentagrams_, etc., to indicate sequences of three, four, five, etc. letters.

* * *

Ciphers, in general, fall into three major classifications:

1. Concealment Cipher 2. Transposition Cipher 3. Substitution Cipher

Minor types, such as “abbreviation,” are sometimes included, though, to the writer, these have never seemed to be truly of a cryptographic nature.

In _concealment cipher_, the true letters of the secret message are hidden, or disguised, by any device whatever; and this type of cipher, as a general rule, is intended to pass without being suspected as the conveyor of a secret communication.

In _transposition cipher_, the true letters of the secret message are taken out of their text-order, and are rearranged according to any pattern, or _key_, agreed upon by the correspondents.

In _substitution cipher_, these original text-letters are replaced with substitutes, or cipher-symbols, and these symbols are arranged in the same order as their originals. There may, of course, be combinations of types, or combinations of several forms belonging to a single type.

* * *

The aristocrat of the cipher family is _code_. This is a form of the substitution cipher which requires the preparation, in advance, of a _code book_. A series of terms likely to be used in future correspondence (that is, words, phrases, and even sentences) is first gathered into a vocabulary, or “dictionary”; and beside each of these terms is placed a substitute known as a _code group_, or _code word_. These substitutes may be groups of letters, or groups of digits, or actual words selected from ordinary language. Very common words or expressions are usually provided with more than one substitute; and nearly always there are substitutes provided for syllables and single letters, so as to take care of all words not originally included in the vocabulary.

No code presents any real security unless the code symbols have been assigned in a thoroughly haphazard manner. This means that any really good code would have to be printed in two separate sections. In one of these, the vocabulary terms would be arranged in alphabetical order, so that they could be readily found when enciphering (_encoding_) messages; but the code groups would be in mixed order and hard to find. In the other section, the code groups would be rearranged in straight alphabetical (or numerical) order, so as to be readily found when deciphering (_decoding_), and the vocabulary terms would be in mixed order. Just what is meant can be seen in Fig. 1, showing fragments from an imaginary code book.

Figure 1

ENCIPHERMENT SECTION DECIPHERMENT SECTION

Vocabulary Term Code Symbol Code Symbol Vocabulary Term

A 9001, 2114, 3000* 1120 Assenting to your Aachen 8463 1121 Horse About 1119, 0034* 1122 Meet me About time for 5434 1123* Come; Paris Armored car 1125 1124 Th- Assenting to your 1120 1125 Armored car

*) When a plaintext term has more than one symbol, these are called homophones. Polyphones are symbols which may have more than one meaning. The terms _encoding_, _decoding_ are usually preferred to _enciphering_, _deciphering_.

A code of this kind, with symbols assigned _absolutely at random_, provided it is carefully used (never without re-encipherment) and a close guard kept over the code books, represents perhaps the maximum of security to be attained in cryptographic correspondence; and security, of course, is of prime importance in the selection of a cipher for any practical purpose.

But in considering the relative merits of the various ciphers, it is always necessary to take into account many factors other than security, each cipher being evaluated in connection with the purpose for which it is wanted: Under what conditions must the encipherment and decipherment take place? How must the cryptograms be transmitted? How much of the enciphered correspondence is likely to be intercepted? What _degree_ of security, after all, is absolutely imperative?

A commercial, or other, firm, having a permanent base of operations, and in little danger of being blown to bits by an enemy shell, would not consider the first of these questions from the same angle as the War Department, and the War Department, though considering all of them from several different angles of its own, would still not consider them from the same viewpoint as the State Department.

If messages are to be sent by mail, or by hand, or by telephone, or pasted on a billboard, it is conceivable that a cipher which doubles or trebles their length could still be a practical cipher. For transmission by telephone, the presumption is that the cryptogram must be pronounceable, or, certainly, audible. For written communication, individual purposes have been served by means of pictures.

But when the cryptograms are to be sent by wire or radio, it must be possible to convert them into Morse symbols, either letters or figures, but not intermingled letters and figures. Here, length must be considered, involving questions of time, expense, and the current telegraphic regulations. Moreover, it is conceded that a meaningless text will not be transmitted with absolute accuracy, and a cryptogram which is to be sent by this means must not be of such a nature that ordinary errors of transmission will render it unintelligible at the receiving office.

A factor of particularly grave importance in the selection of a cipher to fit a given purpose is the probable amount of enciphered material which is going to fall into the possession of unauthorized persons. A criminal, who has had to send but one brief cryptogram in a lifetime, might reasonably expect that it will remain forever unread, no matter how weak the cipher. A commercial firm, transmitting thousands of words over the air, is more vulnerable; and the diplomatic office, or the newspaper office, which makes the mistake of publishing almost verbatim the translations of cryptograms which have been transmitted by radio, and thus has surely furnished the cipher expert with a _cryptogram and its translation_, might just as well have presented him with a copy of its code book.

As to just what constitutes the “perfect” cipher, perhaps it might be said that this description fits any cipher whatever which provides the degree of security wanted for an individual purpose, and which is suited in other respects to that individual purpose. Even a basically weak cipher, in the hands of an expert, can be made to serve its purpose; and the strongest can be made useless when improperly used.

In the present text, we are likely to be found looking at ciphers largely from a military angle, which, apparently, has a more general interest than any other. In time of war, the cryptographic service, that is, the encipherment and transmitting service, is suddenly expanded to include a large number of new men, many of whom know nothing whatever of _cryptanalysis_, or the science of decryptment. Many of these are criminally careless through ignorance, so that, entirely aside from numerous other factors (including espionage), it is conceded by the various War Departments that no matter what system or apparatus is selected for cipher purposes, the enemy, soon after the beginning of operations, will be in full possession of details concerning this system, and will have secured a duplicate of any apparatus or machine. For that reason, the secrecy of messages must depend upon a changeable key added to a sound basic cipher.

Speed in encipherment and decipherment is desirable, and often urgent; and the conditions under which these operations must often take place are conducive to a maximum of error. The ideal cipher, under these conditions, would be one which is simple in operation, preferably requiring no written memoranda or apparatus which cannot be quickly destroyed and reconstructed from memory, and having a key which is readily changed, easily communicated, and easily remembered. Yet the present tendency, in all armies, seems to be toward the use of small changeable _codes_, which are written (printed) documents; and, for certain purposes, small mechanical devices.

An enormous number of military cryptograms will be transmitted by radio and taken down by enemy listeners, and even the ordinary wire will be tapped. It is expected that the enemy will intercept dozens, and even hundreds, of cryptograms in a single day, some of which will inevitably be enciphered with the same key. With so much material, knowing the general subject matter, and often exactly what words to expect, or the personal expressions invariably used by individuals, it is conceded that he will read the messages. All that is desired of a cryptogram is that it will resist his efforts for a sufficient length of time to render its contents valueless when he finally discovers them. By that time, of course, the key will have been changed, probably several times, and even the cipher.

With these general facts understood, we may first dispose hastily of the concealment cipher, after which we will examine at greater length the two legitimate types, the transpositions and the substitutions.