Summer 1985
Bexley Public Library, Bexley, Ohio
Like most cryptographers-to-be, I spent many of my summers off from school studying mathematical topics that I otherwise would not learn about until years later. I wanted to learn everything about how to ma- nipulate numbers and symbols to determine the value of the mysterious
x. Such studies necessitated frequent trips to the library.
At twelve years old, I discovered David Kahn’s 1967 book, The Codebreakers, sitting on the shelf of the library I frequented. Being interested in history, mathematics, and computers, the book looked promising. With over 1000 pages documenting the role of cryptogra- phy in one decisive point in history after another, I found myself drawn into a world where secrets could be written and transmitted, incompre- hensible to unintended readers. Just as intriguing were the unintended readers whose savvy and persistence allowed them to turn the jumble of ciphertext into valuable plaintext.
Before long, I became fascinated with the making and breaking of ciphers. Not content just to read about ciphers, I started to read more about how ciphers worked, and started to write my own enciphered messages—starting with the Caesar Cipher. Reckoning that a 2000- year-old cipher must be universally known, I began to develop my own systems for encrypting messages.
My first ciphers were intended to be manual systems—allowing for messages to be enciphered and deciphered with no more advanced tech- nology than a pencil and paper. Having practiced my own skill at break-
ing messages enciphered with simple substitution systems (such as in the daily newspaper’s “cryptoquote”), I started to look for ways to make substitution ciphers more resistant to attack.
In an effort to resist frequency analysis, I found that I could normal- ize frequency of letters and numbers appearing in ciphertext if instead of creating a simple one-to-one relationship between plaintext and ci- phertext (e.g., where A is always written as M), a plaintext character could be mapped to a group (e.g., where A could be written as M or 1). Letters with higher plaintext frequency would be assigned larger groups.
That led to a new problem: creating a mapping where some plain- text letters had more than one ciphertext equivalent meant that I needed more than twenty-six ciphertext characters to represent twenty- six plaintext letters. This problem was initially solved by adding num- bers to the mix. By requiring that all plaintext messages have numbers spelled out, I could gain an extra ten ciphertext characters, thus al- lowing more ciphertext letters to represent common letters like E and T.
I kept a notebook of my ciphers, giving each a name, along with some comments on the system’s strength and likely scenarios where each would be appropriate to choose. At the same time, I established a means to identify which cipher was in use.
Some of the more sophisticated systems were further resistant to analysis, using a single ciphertext digit for plaintext letters that com- monly appear together, such as TH,CH, andSH. As I continued to de- velop these, I moved further away from simple substitution ciphers that change ciphertext to plaintext one letter at a time and into codes, where a symbol could mean a whole word or phrase. Such systems de- manded more and more symbols to represent ciphertext, so I adopted the use of “codegroups” (groups of numbers or letters) for ciphertext. Once I had access to a computer, where I could create and manage such systems more easily, I settled on a system of five-digit numbers for my codegroups. Instead of being limited to thirty-six characters to represent ciphertext, I suddenly had 100,000. I could make the groups for common letters as large as I liked, add a large set of “nulls.” Nulls were codegroups that had no plaintext equivalent: they existed only to confuse attempts analyze the ciphertext.
Encrypting a message with such a system was tedious because such a large table was needed. In fact, it would work very much like a foreign
Discovery 39 language dictionary that goes from one language to another in the front part, and then back again in the second half.
To encrypt a message like:
Meet at the library after school today. The topic is algebra.
the plaintext-to-ciphertext table would be consulted to find words or phrases that would be defined. Most of the words in a message like this would be defined in their entirety, such as “meet,” “at,” “library,” and “today.” The phrases “after school” and “the topic is” would be defined in their entirety as well. Definite articles in this case can be safely dropped without any loss in meaning, leaving us to spell out only “algebra.”
A few sample entries from the table below will give us what is needed to convert the plaintext to ciphertext.
. 34134 a 34714 10398 27225 36404 after school 72191 at 47008 b 88420 library 02979 e 16628 72700 33525 73487 69419 15940 g 30148 l 46399 meet 40746 null 22604 24638 84879 71792 03858 11341 37135 11337 21715 92643 16989 67646 82998 07445 83430 10869 15653 17431 r 66911 today 65573 topic is 08565
Working through our cleartext message, constructing the ciphertext from the codebook would create ciphertext that obfuscates not only the letters and words used to create the message, but its general structure. The resulting ciphertext would look like the following.
40746 47008 02979 72191 65573 34134 08565 22604 34714 46399 30148 16628 88420 66911 10398 24638
Decryption would use the corresponding table that was sorted by number, e.g., 02979 library 08565 topic is 10398 a 16628 e 22604 null 24638 null 30148 g 34134 . 34714 a 40746 meet 46399 l 47008 at 65573 today 66911 r 72191 after school 88420 b
Using that table, the ciphertext could be converted back to plain- text, one codegroup at a time. After I began to use computers to con- struct these elaborate codebooks and to use them more efficiently, I learned how data are represented in computers and how they could be manipulated in much more powerful ways, opening a whole new world of cryptographic capabilities. It was then, in high school, that I learned about cryptosystems like DES and the mathematical methods used to try to break them.
I had not realized the complexity of the field until I learned enough that my pursuit of cryptography was no longer an absurdity.
My early cryptosystems—the most sophisticated of which I thought to be fiendishly devious—were all a joke in the grand scheme of things. On the other hand, they were secure for their purpose. My friends and I were able to use my systems to keep our secret plans to rendezvous at the library safe from the prying eyes of our “adversaries.” But the experience was valuable and ultimately helped me to develop expertise in cryptography that would allow me to protect information from sig- nificantly more sophisticated cryptanalysts than teachers and parents.