Cipher

# Cipher

Overview

Discussion

Recent Discussions
Encyclopedia

In cryptography
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...

, a cipher (or cypher) is an algorithm
Algorithm
In mathematics and computer science, an algorithm is an effective method expressed as a finite list of well-defined instructions for calculating a function. Algorithms are used for calculation, data processing, and automated reasoning...

for performing encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...

or decryption — a series of well-defined steps that can be followed as a procedure. An alternative, less common term is encipherment. In non-technical usage, a “cipher” is the same thing as a “code
Code (cryptography)
In cryptography, a code is a method used to transform a message into an obscured form, preventing those who do not possess special information, or key, required to apply the transform from understanding what is actually transmitted. The usual method is to use a codebook with a list of common...

”; however, the concepts are distinct in cryptography. In classical cryptography, ciphers were distinguished from codes.
Codes operated by substituting according to a large codebook
Codebook
A codebook is a type of document used for gathering and storing codes. Originally codebooks were often literally books, but today codebook is a byword for the complete record of a series of codes, regardless of physical format.-Cryptography:...

which linked a random string of characters or numbers to a word or phrase. For example, “UQJHSE” could be the code for “Proceed to the following coordinates”. When using a cipher the original information is known as plaintext
Plaintext
In cryptography, plaintext is information a sender wishes to transmit to a receiver. Cleartext is often used as a synonym. Before the computer era, plaintext most commonly meant message text in the language of the communicating parties....

, and the encrypted form as ciphertext
Ciphertext
In cryptography, ciphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Ciphertext is also known as encrypted or encoded information because it contains a form of the original plaintext that is unreadable by a human or computer without the proper cipher...

. The ciphertext message contains all the information of the plaintext message, but is not in a format readable by a human or computer without the proper mechanism to decrypt it; it should resemble random gibberish to those not intended to read it.

The operation of a cipher usually depends on a piece of auxiliary information, called a key
Key (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...

(or, in traditional NSA parlance, a cryptovariable). The encrypting procedure is varied depending on the key, which changes the detailed operation of the algorithm. A key must be selected before using a cipher to encrypt a message. Without knowledge of the key, it should be difficult, if not nearly impossible, to decrypt the resulting ciphertext into readable plaintext.

Most modern ciphers can be categorized in several ways
• By whether they work on blocks of symbols usually of a fixed size (block cipher
Block cipher
In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...

s), or on a continuous stream of symbols (stream cipher
Stream cipher
In cryptography, a stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream . In a stream cipher the plaintext digits are encrypted one at a time, and the transformation of successive digits varies during the encryption...

s).
• By whether the same key is used for both encryption and decryption (symmetric key algorithms), or if a different key is used for each (asymmetric key algorithms). If the algorithm is symmetric, the key must be known to the recipient and sender and to no one else. If the algorithm is an asymmetric one, the enciphering key is different from, but closely related to, the deciphering key. If one key cannot be deduced from the other, the asymmetric key algorithm has the public/private key property and one of the keys may be made public without loss of confidentiality.

## Etymology of “Cipher”

“Cipher” is alternatively spelled “cypher”; similarly “ciphertext
Ciphertext
In cryptography, ciphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Ciphertext is also known as encrypted or encoded information because it contains a form of the original plaintext that is unreadable by a human or computer without the proper cipher...

” and “cyphertext”, and so forth.

The word “cipher” in former times meant “zero” and had the same origin: Middle French as cifre and Medieval Latin as cifra, from the Arabic صفر ṣifr = zero (see Zero — Etymology). “Cipher” was later used for any decimal digit, even any number. There are many theories about how the word “cipher” may have come to mean “encoding”:
• Encoding often involved numbers.
• The Roman number system
Roman numerals
The numeral system of ancient Rome, or Roman numerals, uses combinations of letters from the Latin alphabet to signify values. The numbers 1 to 10 can be expressed in Roman numerals as:...

was very cumbersome because there was no concept of zero (or empty space). The concept of zero (which was also called “cipher”), which we all now think of as natural
Natural number
In mathematics, the natural numbers are the ordinary whole numbers used for counting and ordering . These purposes are related to the linguistic notions of cardinal and ordinal numbers, respectively...

, was very alien in medieval Europe, so confusing and ambiguous to common Europeans that in arguments people would say “talk clearly and not so far fetched as a cipher”. Cipher came to mean concealment of clear messages or encryption.
• The French formed the word “chiffre” and adopted the Italian word “zero”.
• The English used “zero” for “0”, and “cipher” from the word “ciphering” as a means of computing.
• The Germans used the words “Ziffer” (digit) and “Chiffre”.
• The Dutch still use the word "cijfer" to refer to a numerical digit.
• The Italians and the Spanish also use the word "cifra" to refer to a number.

concluded that the Arabic word sifr, for the digit zero, developed into the European technical term for encryption.

## Ciphers versus codes

In non-technical usage, a “(secret) code
Code (cryptography)
In cryptography, a code is a method used to transform a message into an obscured form, preventing those who do not possess special information, or key, required to apply the transform from understanding what is actually transmitted. The usual method is to use a codebook with a list of common...

” typically means a “cipher”. Within technical discussions, however, the words “code” and “cipher” refer to two different concepts. Codes work at the level of meaning — that is, words or phrases are converted into something else and this chunking generally shortens the message.

An example of this is the Telegraph Code
Telegraph code
A telegraph code is a character encoding used to transmit information through telegraphy machines. The most famous such code is Morse code.-Manual telegraph codes:Morse code can be transmitted and received with very primitive equipment....

which was used to shorten long telegraph messages which resulted from entering into commercial contracts using exchanges of Telegrams.

Ciphers, on the other hand, work at a lower level: the level of individual letters, small groups of letters, or, in modern schemes, individual bits. Some systems used both codes and ciphers in one system, using superencipherment to increase the security. In some cases the terms codes and ciphers are also used synonymously to substitution and transposition.

Historically, cryptography was split into a dichotomy of codes and ciphers; and coding had its own terminology, analogous to that for ciphers: “encoding, codetext, decoding” and so on.

However, codes have a variety of drawbacks, including susceptibility to cryptanalysis
Cryptanalysis
Cryptanalysis is the study of methods for obtaining the meaning of encrypted information, without access to the secret information that is normally required to do so. Typically, this involves knowing how the system works and finding a secret key...

and the difficulty of managing a cumbersome codebook
Codebook
A codebook is a type of document used for gathering and storing codes. Originally codebooks were often literally books, but today codebook is a byword for the complete record of a series of codes, regardless of physical format.-Cryptography:...

. Because of this, codes have fallen into disuse in modern cryptography, and ciphers are the dominant technique.

## Types of cipher

There are a variety of different types of encryption. Algorithms used earlier in the history of cryptography
History of cryptography
The history of cryptography begins thousands of years ago. Until recent decades, it has been the story of what might be called classic cryptography — that is, of methods of encryption that use pen and paper, or perhaps simple mechanical aids...

are substantially different from modern methods, and modern ciphers can be classified according to how they operate and whether they use one or two keys.

### Historical ciphers

Historical pen and paper ciphers used in the past are sometimes known as classical cipher
Classical cipher
A cipher is a means of concealing a message, where letters of the message are substituted or transposed for other letters, letter pairs, and sometimes for many letters. In cryptography, a classical cipher is a type of cipher that was used historically but now has fallen, for the most part, into...

s. They include simple substitution cipher
Substitution cipher
In cryptography, a substitution cipher is a method of encryption by which units of plaintext are replaced with ciphertext according to a regular system; the "units" may be single letters , pairs of letters, triplets of letters, mixtures of the above, and so forth...

s and transposition cipher
Transposition cipher
In cryptography, a transposition cipher is a method of encryption by which the positions held by units of plaintext are shifted according to a regular system, so that the ciphertext constitutes a permutation of the plaintext. That is, the order of the units is changed...

s. For example “GOOD DOG” can be encrypted as “PLLX XLP” where “L” substitutes for “O”, “P” for “G”, and “X” for “D” in the message. Transposition of the letters “GOOD DOG” can result in “DGOGDOO”. These simple ciphers and examples are easy to crack, even without plaintext-ciphertext pairs.

Simple ciphers were replaced by polyalphabetic substitution ciphers which changed the substitution alphabet for every letter. For example “GOOD DOG” can be encrypted as “PLSX TWF” where “L”, “S”, and “W” substitute for “O”. With even a small amount of known or estimated plaintext, simple polyalphabetic substitution ciphers and letter transposition ciphers designed for pen and paper encryption are easy to crack. It is possible to create a secure pen and paper cipher based on one-time pad with the help of a computer that generates random numbers "Unbreakable" Pen&Paper Encryption. The low-point of such a system is complicated management of cipher tables in large deployments.

During the early twentieth century, electro-mechanical machines were invented to do encryption and decryption using transposition, polyalphabetic substitution, and a kind of “additive” substitution. In rotor machine
Rotor machine
In cryptography, a rotor machine is an electro-mechanical device used for encrypting and decrypting secret messages. Rotor machines were the cryptographic state-of-the-art for a prominent period of history; they were in widespread use in the 1920s–1970s...

s, several rotor disks provided polyalphabetic substitution, while plug boards provided another substitution. Keys were easily changed by changing the rotor disks and the plugboard wires. Although these encryption methods were more complex than previous schemes and required machines to encrypt and decrypt, other machines such as the British Bombe
Bombe
The bombe was an electromechanical device used by British cryptologists to help decipher German Enigma-machine-encrypted signals during World War II...

were invented to crack these encryption methods.

### Modern ciphers

Modern encryption methods can be divided by two criteria: by type of key used, and by type of input data.

By type of key used ciphers are divided into:
• symmetric key algorithms (Private-key cryptography), where the same key is used for encryption and decryption, and
• asymmetric key algorithms (Public-key cryptography
Public-key cryptography
Public-key cryptography refers to a cryptographic system requiring two separate keys, one to lock or encrypt the plaintext, and one to unlock or decrypt the cyphertext. Neither key will do both functions. One of these keys is published or public and the other is kept private...

), where two different keys are used for encryption and decryption.

In a symmetric key algorithm (e.g., DES
Data Encryption Standard
The Data Encryption Standard is a block cipher that uses shared secret encryption. It was selected by the National Bureau of Standards as an official Federal Information Processing Standard for the United States in 1976 and which has subsequently enjoyed widespread use internationally. It is...

and AES
Advanced Encryption Standard is a specification for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. It supersedes DES...

), the sender and receiver must have a shared key set up in advance and kept secret from all other parties; the sender uses this key for encryption, and the receiver uses the same key for decryption. The Feistel cipher
Feistel cipher
In cryptography, a Feistel cipher is a symmetric structure used in the construction of block ciphers, named after the German-born physicist and cryptographer Horst Feistel who did pioneering research while working for IBM ; it is also commonly known as a Feistel network. A large proportion of block...

uses a combination of substitution and transposition techniques. Most block cipher algorithms are based on this structure. In an asymmetric key algorithm (e.g., RSA), there are two separate keys: a public key is published and enables any sender to perform encryption, while a private key is kept secret by the receiver and enables only him to perform correct decryption.

Ciphers can be distinguished into two types by the type of input data:
• block cipher
Block cipher
In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...

s, which encrypt block of data of fixed size, and
• stream cipher
Stream cipher
In cryptography, a stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream . In a stream cipher the plaintext digits are encrypted one at a time, and the transformation of successive digits varies during the encryption...

s, which encrypt continuous streams of data

## Key size and vulnerability

In a pure mathematical attack (i.e., lacking any other information to help break a cipher), three factors above all, count:
• Mathematical advances that allow new attacks or weaknesses to be discovered and exploited.
• Computational power available, i.e., the computing power which can be brought to bear on the problem. It is important to note that average performance/capacity of a single computer is not the only factor to consider. An adversary can use multiple computers at once, for instance, to increase the speed of exhaustive search for a key (i.e., “brute force” attack) substantially.
• Key size
Key size
In cryptography, key size or key length is the size measured in bits of the key used in a cryptographic algorithm . An algorithm's key length is distinct from its cryptographic security, which is a logarithmic measure of the fastest known computational attack on the algorithm, also measured in bits...

, i.e., the size of key used to encrypt a message. As the key size increases, so does the complexity of exhaustive search to the point where it becomes infeasible to crack encryption directly.

Since the desired effect is computational difficulty, in theory one would choose an algorithm
Algorithm
In mathematics and computer science, an algorithm is an effective method expressed as a finite list of well-defined instructions for calculating a function. Algorithms are used for calculation, data processing, and automated reasoning...

and desired difficulty level, thus decide the key length accordingly.

An example of this process can be found at Key Length which uses multiple reports to suggest that a symmetric cipher with 128 bits, an asymmetric cipher with 3072 bit keys, and an elliptic curve cipher
Elliptic curve cryptography
Elliptic curve cryptography is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. The use of elliptic curves in cryptography was suggested independently by Neal Koblitz and Victor S...

with 512 bits, all have similar difficulty at present.

Claude Shannon proved, using information theory considerations, that any theoretically unbreakable cipher must have keys which are at least as long as the plaintext, and used only once: one-time pad