Which of the following is substitution technique?

Substitution Ciphers

Substitution ciphers encrypt the plaintext by swapping each letter or symbol in the plaintext by a different symbol as directed by the key. Perhaps the simplest substitution cipher is the Caesar cipher, named after the man who used it. To modern readers, the Caesar cipher is perhaps better known through the Captain Midnight Code-O-Graph and secret decoder rings that even came inside Kix cereal boxes [4]. Technically speaking, the Caesar cipher may be differentiated from other, more complex substitution ciphers by terming it either a shift cipher or a mono-alphabetic cipher; both are correct.

Let’s take a look at an example. Since case does not matter for the cipher, we can use the convention that plaintext is represented in lowercase letters, and ciphertext in uppercase. Spaces in the ciphertext are just added for readability; they would be removed in a real application of the cipher to make attacking the ciphertext more difficult.

Plaintext: speak, friend, and enter

Key: E

Ciphertext: WTIEOD JVMIRHD ERH IRXIV

This cipher’s method of combining the plaintext and the key is actually addition. Each letter of the alphabet is assigned a number—that is, A is 0, B is 1, and so on, through Z at 25. The set of letters used can be more complex. This example also uses the comma character as the final character of the alphabet, 26. The spaces in the plaintext are ignored, for now. For each letter in the plaintext, it is converted to its number, then the value for the key is added, and the resulting number is converted back to a letter: S is 18 and E is 4. So the result is 22, or W. This is repeated for each character in the plaintext. Decryption is simple—the inverse of addition is just subtraction, so the key is subtracted from the ciphertext to get the plaintext back. Of course, 22−4=18.

There are obviously lots of problems with this. To decrypt the message, one could quickly try all 26 keys. The number of possible keys is called the key space. If the key space is small enough that an adversary can try all possible keys in a “short” amount of time, then it doesn’t matter what the algorithm is, it is essentially useless. This is known as the sufficient key space principle[1, p. 11]. “Short” is in quotes because the exact length of time depends on the use of the key in the cryptosystem and the risk model that the defender has for how long the communication needs to be secret. However, if the adversary can try all of the keys in a day or a week, then the key space is generally too small for general commercial use. On modern computer systems, about 280 keys can be tried in a “short” amount of time, so any algorithm employed by the defender to resist attack should have a key space at least this large. However, if the defender does not want to have to change the cipher relatively soon, we suggest a rather larger key space, and so does NIST (National Institute of Standards and Technology) [5].

In this simple shift cipher, the key space is small. The best case for a mono-alphabetic cipher does not have a small key space, however. If A is randomly assigned to one of the 26 letters, B one of the remaining 25, C to one of the remaining 24, and so on, we create a table for the key that looks like this:

Plaintext character: a b c d e f g h i j k l m n o p q r s t u v w x y z

Key character: X F Q G A W Z S E D C V B N M L K J H G T Y U I O P

This is called a mono-alphabetic substitution cipher. For this cipher, there is no equivalent addition for encrypting the plaintext. The key is the whole table, and each letter is substituted by the key character. Decryption uses the same key, but you look up the ciphertext character on the bottom row and substitute the top-row character. The previous plaintext, “speak, friend, and enter,” becomes HLAXCWJEANGXNGANGAJ, ignoring commas and spaces. The whole key space is quite large. There are 26×25×24×23×…×2×1 possible keys. This is written as 26!, read “twenty-six factorial.” 26! is about equal to 288, which is large enough to resist brute-force attacks that try all the possible keys; that is, it satisfies the sufficient key space principle. But that does not mean the algorithm resists all attempts to subvert it.

The mono-alphabetic cipher is subject to frequency attacks or guessing. The ciphertext has just as many ‘A’ characters as there are ‘e’ characters in the plaintext. Anyone trying to attack the ciphertext could use a table of the frequency of letters in the English language to make some smart guesses about which ciphertext characters are which plaintext characters. This succeeds relatively easily. Humans can do it, rather slowly, once they have about 10 words, sometimes less. This is a relatively common puzzle in newspapers, so it should not be surprising it’s easy to break. Computers can also do it reliably when they have at least 150 characters [6, p. 131].

Frequency attacks are not limited to single letters. The problem applies to modern systems as well. If a bank begins every transaction with the same 10 characters, then an adversary would rightfully guess that that string is more frequent. Modern algorithms try to be robust against this in a variety of ways, which will be discussed later. However, sometimes the best course of action for the defender to resist such frequency attacks is for the defender to modify the contents of the actual message, before encryption, to remove these regularities. If that is not possible, regularities in the plaintext should be minimized.

One method of frustrating frequency attacks on the underlying plaintext is to increase the block size of the cipher. The block size is how many units (in our example characters) are encrypted at once. Both the Caesar cipher and the mono-alphabetic substitution have a block size of one—only one character is encrypted at a time. A different defense is to use a key that changes per element of plaintext, whether or not the block size increases. The number of changes in the key per element of plaintext before the key repeats is called the period of the key; both preceding cipher examples have a key period of 1 as well as a block size of 1. Block ciphers are ciphers with a block size greater than 1, and they will be discussed in more detail in the context of modern encryption in the section “Block Ciphers”. However, before moving to the discussion of transposition ciphers, we will discuss one more substitution cipher: one with a key period of arbitrary length.

The Vigenère cipher, or polyalphabetic shift cipher, was invented in 16th- century France, and for many centuries was considered unbreakable. Instead of choosing a single letter as the key, we choose a word or random string of letters. The encryption per character is the same as the Caesar cipher—letters are converted to numbers and added. When the final letter of the key has been used, the algorithm loops back to the beginning of the key and starts again, and so on, until it reaches the end of the message. For example:

Plaintext: speak, friend, and enter

Key: FRODO

Ciphertext: XFSDYE WELSSUN DAI VAWSW

To encrypt, use the first letter s+F=X, the second letter p+R=F, the third letter e+O=S, and so on. On the sixth character we reach the end of the key, and so go back to the beginning of the key to compute ,+F=E, followed by f+R=W, and so on. The cipher is conceptually like using multiple different mono-alphabetic cipher keys in sequence.

In this example, the letter e in the plaintext is variably encrypted to S and V, and in the ciphertext W is, in different places, the result of a plaintext f, t, and r. This variability makes attacking the ciphertext by the frequency of letters in English much more difficult. Note a feature of the math here that did not arise in the previous example. The letter P is 15, R is 17, and so 15+17=32. However, 32 is greater than the value of a comma, 26, the last character in our alphabet. To bring 32 back into our ring of numbers, we subtract by the number of characters we have (27) and then convert the answer to the letter F. What mathematicians use to be rigorous about this is the modulus operator, which uses the “mod” symbol, %. So we write 32 % 27=5, read “32 modulo 27” or “32 mod 27” for short. The operation is technically to divide by 27 and then take the whole number remainder that is left. It comes up a lot in cryptography, but that is all that needs to be said about it for now.

The Vigenère cipher is still breakable, although it is harder. If the adversary knows the key period, frequency attacks are possible on each unit that uses the same key. And in the mid-19th century a robust method for discovery of the key period of the cipher was developed. This problem persists to this day. The Vigenère cipher is an example of a stream cipher. Modern stream ciphers are discussed in a following section. However, the general method for avoiding this problem has simply been to make a key period that is long enough that it essentially never repeats, and if it does repeat, to start using a new key. There is no good algorithmic way around the problem of short key periods—once it starts to repeat, the cipher is breakable.

Difference Between Substitution and Transposition Cipher

In substitution cipher we replace each letter of the plaintext with another letter, symbol, or number; for the decryption, the reverse substitution has to be performed. However, in transposition cipher we just rearrange the plaintext letters in a different order; for example, when encrypting the word Attack using a Caesar shift (shift of three), it results in DWWDFN. In simple transposition cipher we can simply reorder the plaintext, and then Attack would become KCATTA. We simply reverse the text.

The simplest form of substitution cipher is when each character is replaced by exactly one other character (monoalphabetic ciphers). This encryption can be broken with statistical methods (frequency analysis) because in every language characters appear with a particular probability (Fig. 1.6). Examples of similar weak ciphers are Caesar Shift, Atbash, and Keyword.

The basic use of frequency analysis is to first count the frequency of ciphertext letters and then associate guessed plaintext letters with them (Table 1.12). The first one who studied frequencies of letters was the Muslim Arab mathematician Al-Kindi (c.801–873 CE), who formally developed this method.

Table 1.12. Frequency of Common Letter Combinations in the English Language

Polyalphabetic cipher was adopted to reduce the effectiveness of frequency analysis attacks on the ciphertext, because each letter in the ciphertext is shifted by a different amount, determined according to the key used. Nonetheless, any resulting frequencies in the ciphertext would not represent the frequencies of the actual message. This makes conducting frequency analysis attacks harder in this cipher but not impossible to crack!

Polygraphic cipher (like the Playfair cipher) is also harder to break using a frequency analysis technique. Playfair encrypts pairs of letters (digraphs) instead of one letter in a monoalphabetic cipher, which means we have more than 600 possible digraphs rather than the 26 possible monographs.

Transposition cipher is also susceptible to many different attacks. A single columnar transposition could be attacked by guessing possible column lengths, writing the message out in its columns, and then looking for possible anagrams. Nowadays with the advance of computer systems many classical algorithms mentioned before could be broken in a fraction of a second. The best methods now to secure encryption is to combine both substitution and transposition ciphers to create a powerful encryption schema (AES and DES algorithms combine both ciphers to create very powerful algorithms).

The techniques mentioned earlier are considered obsolete in today’s world, but knowing these techniques remain useful for understanding cryptography and the workings of more complex modern ciphers.

Early ciphers used

The history of encryption has been to try to devise an uncrackable code – and equal effort to crack them. For every measure created there is a countermeasure developed. For example, when radar guns were created for the police departments to catch speeders, soon after radar detectors were developed for the consumer to avoid being caught. Manufacturers were quick to respond to the need because of the potential financial rewards. So too with encryption ciphers. Whenever there is a new cipher developed, the challenge is to immediately find a way of breaking that code.

Early ciphers were relatively simple systems, easy for both sender and receiver to use. As children we used a code that was developed by Julius Caesar. The messages were encoded with a “substitution cipher” used by Caesar. In this substitution method each letter is replaced by the third letter after it in the alphabet: A is replaced by D, B by E, etc. At the end of the alphabet, the pattern wraps around to the beginning: X becomes A, Y becomes B, and Z becomes C. As one might expect, such simplicity works both ways. The coded text is easily decoded, especially when we think about the more sophisticated codes in use today. Caesar’s cipher can be cracked simply by moving each letter in the encoded message back three spaces in the alphabet. OK, so what if I move the letter out four or five letters. The same patterns can be easily determined with today’s technology. So substitution methods make for a far less reliable coding technique.

More sophisticated substitution ciphers, in which the alphabet is thoroughly scrambled, are nevertheless easy enough to break, even for a novice. Quotes and word puzzles in the local newspapers are examples of this type of scrambling. The English language is very repetitive; for example, the most common letter is usually “E,” the second most common is “T,” and a three-letter word that appears repeatedly is probably “The.” By applying this type of “frequency analysis,” an eavesdropper can easily guess which letters in the ciphertext represent “E,” “T,” and so on.3 Voice is also very repetitive, in that sounds and vowels are readily replicated due to sampling. A VoIP call may have 50 samples/s using 160 bytes of voice. Using this scenario, an eavesdropper can begin to get the syllabic content of a word or sentence by capturing a few packets. However, if one has access to the network, and a packet capture tool (such as Wireshark), then a stream of packets can be captured and a stream analysis run, and then the actual two-way conversation can be played out. It doesn’t take a lot of guesswork to determine the two Internet Protocol (IP) addresses communicating and then capturing the RTP packets for a period of time. The rest is just to let the application put the conversation together and play it out. Now, with unsecured VoIP the eavesdropper can understand what is being said, or can actually use another program to manipulate the voice packets and create different sentences, or replay the same voice as they see fit. One such program is Audacity that allows the manipulation of words or sentences. So encryption must be sufficient to keep this from happening. Complexity is no guarantee of security, however, so a detailed understanding of the risk and reward is a must.

Incidentally, it is helpful to know that prior to 1970 all encryption systems were symmetrical key encryption. This means that the keys for encryption and decryption were the same. A person in possession of the key could either send or receive messages. Some examples of a symmetrical key encryption/decryption include 3DES, IDEA, RC4, and AES.4 This can be seen in Figure 4.1, which shows use of a symmetrical key. When Alice sends information to Bob, they use the same key to encrypt and decrypt the data.

In the early 1970s, Whitfield Diffie teamed up with Martin Hellman reasoned that for some applications this two-way symmetrical key capability was unnecessary. In a communications system with a different sender and receiver, each sending their own data one way, the encryption and decryption keys need not be the same. And, if two different one-way keys are used, then security can be enhanced. This added security helps when dealing with a VoIP system, for example. Together Diffie and Hellman created such a system. The real magic of their system is the use of a one-way key. Each message recipient (Bob) chooses a “private key” that he will use to decode messages. There should be enough possibilities, so that Bob can pick a key “more or less” at random. Then he uses the “one-way function” to work out the corresponding encoding key. This is a “public key,” which he can share with Alice or anyone else, and anyone can use it to send an encrypted message to him.

Only Bob has the private key, so he and he alone can decrypt the message. No one else can figure out the private key because that would require them to reverse the one-way function. What is encrypted with the public key can only be decrypted by the private key. This understanding, that cryptosystems did not have to be symmetrical, opened the door to more intense use of cryptography. It simplifies the process considerably and makes way for a PKI. Anyone can use this PKI and public key system. It is used quite extensively in websites, online shopping services, bank transfers, and the like. The public key system allows far more flexibility in dealing with transactional processing. This is shown in Figure 4.2. The normal public-key encryption algorithms use either Diffie–Hellman or RSA software.

Alice, a customer using Bob’s banking service, wants to tell Bob to move funds from her account to her mortgage company account, paying her monthly mortgage. She uses Bob’s public key to encrypt the information before sending it to him. Bob is the only person with the private key, so he is the only one who can decrypt the message. Because of the private key limitation, Alice knows that no eavesdropper can capture and decode the information; thus, she feels safe in conducting the funds transfer. So what is locked with a public key can only be unlocked with the private key. Conversely, what is locked with the private key can only be unlocked with the public key.

Substitution Ciphers

Simple substitution is a method often used by children in their first experiments with secret code. A substitution cipher merely substitutes different letters, numbers, or other characters for each character in the original text. The most straightforward example is a simplistic substitution in which each letter of the alphabet is represented by a numerical digit, starting with 1 for A. The message goodbye then becomes 7-15-15-4-2-25-5. This code is obviously extremely easy to break.

The Caesar Cipher used a simple shifting method, in which each letter of the message is represented by the letter two places to the right in the alphabet (A becomes C, B becomes D, and so on). Other substitution methods can be much more difficult to crack. For example, if two parties exchanging communications have an identical copy of a particular book, they might create a message by referencing page, line, and word numbers (for example, 73-12-6 tells you that the word in the message is the same as the sixth word in the twelfth line on page 72 of the code book). In this case, anyone who doesn't have a copy of the book (and to cite the correct pages, it must be the exact same edition and print run) will not be able to decipher the message.

Some types of substitution ciphers are:

Monoalphabetic substitution Each letter is represented by another letter or character in a one-to-one relationship.

Polyalphabetic substitution Different cipher-text characters can represent the same plain-text letter, making it more difficult to decrypt messages using the frequency analysis technique. Renaissance architect and art theorist Leon Battista Alberti is credited with developing this technique, earning him recognition as the “father of Western cryptography.”

Polygraphic (block) cipher Several letters (or digits when we're dealing with binary data) are encrypted at the same time, using a system that can handle all the possible combinations of a set number of characters.

Fractionation Multiple symbols are substituted for each plain-text letter, and then the letters or digits are transposed.

The Difference Between Substitution Ciphers and Transposition Ciphers

Substitution ciphers differ from transposition ciphers. In a transposition cipher, the plaintext is repositioned, but the letters are left unchanged. In contrast, a substitution cipher maintains the same sequence of the plaintext and modifies the letters themselves. As demonstrated earlier, transposition ciphers are limited by their limited principle of repositioning. There’s simply only so many ways you can reposition the letters of a message, therefore most of these techniques can be cracked by hand without the necessity for a computer. Substitution ciphers have literally thousands of different implementations, some of which include serious complexity.

Today, the complexity of substitution ciphers has increased tremendously since the creation of the computer. This computing power also allows the ease of combining substitution and transposition into one ciphering technique. For example, Data Encryption Standard (DES) “applies 16 cycles of transposition and substitution to each group of eight letters.”2 Impractical hundreds of years ago, brute-force attacks on keys are also commonplace with today’s computing power. Today, the computer is a cryptanalyst’s strongest weapon.

14 Summary

In this chapter we have attempted to cover cryptography from its simple structure such as substitution ciphers to complex AES and EC cryptosystems. There is a subject known as cryptoanalysis that attempts to crack the encryption to expose the key, partially or fully. We briefly discussed this in the section on DLP. Over the past decade, we have seen the application of quantum theory to encryption in what is termed quantum cryptology, which is used to transmit the secret key securely over a public channel. The reader will observe that we did not cover the Public Key Infrastructure owing to a lack of space in the chapter.

Finally, let us move on to the real interactive part of this chapter: review questions/exercises, hands-on projects, case projects, and the optional team case project. The answers and/or solutions by chapter can be found in the Online Instructor’s Solutions Manual.

13. Summary

In this chapter we have attempted to cover cryptography from its very simple structure such as substitution ciphers to the complex AES and elliptic curve cryptosystems. There is a subject known as cryptoanalysis that attempts to crack the encryption to expose the key, partially or fully. We briefly discussed this in the section on the discrete logarithm problem. Over the past 10 years, we have seen the application of quantum theory to encryption in what is termed quantum cryptology, which is used to transmit the secret key securely over a public channel. The reader will observe that we did not cover the Public Key Infrastructure (PKI) due to lack of space in the chapter.

14 Summary

In this chapter we have attempted to cover cryptography from its very simple structure such as substitution ciphers to the complex AES and elliptic curve crypto-systems. There is a subject known as cryptoanalysis that attempts to crack the encryption to expose the key, partially or fully. We briefly discussed this in the section on the discrete logarithm problem. Over the past 10 years, we have seen the application of quantum theory to encryption in what is termed quantum cryptology, which is used to transmit the secret key securely over a public channel. The reader will observe that we did not cover the Public Key Infrastructure (PKI) due to lack of space in the chapter.

Finally, let’s move on to the real interactive part of this Chapter: review questions/exercises, hands-on projects, case projects and optional team case project. The answers and/or solutions by chapter can be found in the Online Instructor’s Solutions Manual.

Encryption

Assuming that devices are secure and the connection is also, the next issue to address is that of interception. Data may be deliberately intercepted (via packet logging) or simply mislaid. In either case, the next level of security is encryption. Successful encryption means that only the authorized receiver can read the message.

Encryption is, of course, a very old science. It has gone from simple substitution ciphers (where each letter of the alphabet is exchanged for another – decryption is a simple matter of reversing the substitution), through the complexity of the Enigma machine, to today’s prime-number based techniques. The most common encryption in use today is RSA developed by Rivest, Shamir and Adelman in 1978 and relies upon the difficulty of factoring into prime numbers. It works as follows:

Let p and q be large prime numbers and let N = pq. Let e be a positive integer which has no factor in common with (p − 1) (q − 1). Let d be a positive integer such that ed − 1 is divisible by (p − 1) (q − 1).

Let f(x) = xe mod N, where a mod N means “divide N into a and take the remainder.”

Let g(x) = xd mod N.

Use f(x) for encryption, g(x) for decryption.

[Clay Mathematics Institutexxviii]

Therefore, in order to transmit a secure message only the numbers e and N are required. To decrypt the message, d is also required. This can be found by factoring N into p and q then solving the equation to find d.xxix However, this factorization would take millions of years using current knowledge and technology.19

A simpler method is Pretty Good Privacy (PGP) developed by Phil Zimmerman in 1991xxx and subsequently multiply revised. In this there is a single public key (published) which is used for encryption and a single private key which is used for decryption. In PGP a random key is first generated and is encrypted using the recipient’s public key. The message is then encrypted using the generated (or “session”) key. Both the encrypted key and the encrypted message are sent to the recipient. The recipient then decrypts the session key using their private key, with which they decrypt the message.20

So far we have only considered data transmissions. Encryption can also be used on data “at rest”, i.e. on a storage device. RSA encryption is therefore useable in this context, although PGP isn’t. There are two forms of encryption: hardware and software. Both use similar algorithms but the use of hardware encryption means that the resultant storage device is portable as it requires no software to be loaded in order to be used. A device may be fully encrypted (i.e. the entire storage, sometimes including the master boot record) or filesystem-level encrypted, which just encrypts the storage being used, often leaving the file names and structure in plain text, so it is worth being careful when naming files and folders. Devices may use multiple keys for different partitions, thereby not being fully compromised if one key is discovered.

Three final concepts must be considered before we move on from encryption: steganography, checksums and digital signatures. Steganography is a process of hiding files within other files, often at bit level – image files are therefore very suitable for this, as reducing 24-bit colour depth to (say) 16-bit is rarely noticeable to the human eye (which is the basic rationale behind lossy compression) and so the other 8 bits can be used for the hidden information.

Checksums were originally developed due to the unreliability of electronic transmission. In the simplest form, the binary bits of each part of the message (which could be as small as a byte) were summed. If the result was odd, a bit with the value 1 would be added to the end of the message. If even, then the bit would be 0. Thus, by summing the entire message’s bits, the result should always be even.

As an example, consider 9. As a 7-bit number this is 0001001. It has 2 1s, so the check digit is 0, giving 00010010. It is therefore vital to know whether you are using even or odd checksums (often called parity).

Extensions to this basic sum were developed in order to detect the corruption of multiple bits (as a simple checksum can really only reliably detect one error) and also to correct simple errors.21 Developed to ensure the integrity of the message due to electronic failure, these techniques can also be used to detect tampering (also see “RAID”, later).

A full-file checksum is commonly used to ensure the reliable transmission of the file (e.g. from memory stick to PC) and is calculated using a hashing function. “The most common checksums are MD5 and SHA-1, but both have been found to have vulnerabilities. This means that malicious tampering can lead to two different files having the same computed hash. Due to these security concerns, the newer SHA-2 is considered the best cryptographic hash function since no attack has been demonstrated on it as of yet.”xxxi A checksum is calculated by the transmitting (or source) system prior to transmission and also by the receiving (or destination) system after receipt and then compared. If they are the same, then the file is presumed to have been transferred without corruption.

Digital signatures verify where the information received is from. They use a similar asymmetric cryptography technique to PGP, in that a message is signed (encrypted) using a public key and verified (decrypted) using a private key. A more complex version also uses the message, thereby demonstrating (in a similar fashion to checksums) that the message has not been altered. A valid digital signature provides three things: a reason to believe that the message was created by a known sender, that the sender cannot deny having sent the message, and that the message was not altered in transit.

Digital signatures are commonly used for software distribution, financial transactions, contract management software, and in other cases where it is important to detect forgery or tampering. They are also often used to implement electronic signatures. “Electronic signature” is a broader term that refers to any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. In many countries, including the United States, Algeria, Turkey, India, Brazil, Indonesia, Mexico, Saudi Arabia, Uruguay, Switzerland and the European Union, electronic signatures have legal significance.

In the UK, the Electronic Prescription Service (EPS) implements an electronic signature via a smartcard, thus guaranteeing that the electronic prescription has been appropriately authorized.

The Substitution Cipher

In this method, each letter of the message is replaced with a single character. Table 3.1 shows an example of a substitution cipher. Because some letters appear more often and certain words are used more than others, some ciphers are extremely easy to decrypt and can be deciphered at a glance by more practiced cryptologists.

Table 3.1. Simple Substitution Cipher

Letters are numbered by their order in the alphabet, to provide a numeric reference key. To encrypt a message, the letters are replaced, or substituted, by the numbers. This is a particularly easy cipher to reverse.

Simply by understanding probability and employing some applied statistics, certain metadata about a language can be derived and used to decrypt any simple one-for-one substitution cipher. Decryption methods often rely on understanding the context of the ciphertext. What was encrypted: business communication? Spreadsheets? Technical data? Coordinates? For example, using a hex editor and an access database to conduct some statistics, we can use the information in Table 3.2 to gain highly specialized knowledge about the data in Chapter 40, “Cyber Forensics,” by Scott R. Ellis, in this book. A long chapter at nearly 25,000 words, it provides a sufficiently large statistical pool to draw some meaningful analyses.

Table 3.2. Statistical Data of Interest in Encryption

An analysis of a selection of a manuscript (in this case, the preedited version of Chapter 40 of this book) can provide insight into the reasons why good ciphers need to be developed.

Table 3.3 gives additional data about the occurrence of specific words in Chapter 40. Note that because it is a technical text, words such as “computer,” “files,” “email,” and “drive” emerge as leaders. Analysis of these leaders can reveal individual and paired alpha frequencies. Being armed with knowledge about the type of communication can be beneficial in decrypting it.

Table 3.3. Five-Letter Word Recurrences in Chapter 40

A glimpse of the leading five-letter words found in the preedited manuscript. Once unique letter groupings have been identified, substitution, often by trial and error, can result in a meaningful reconstruction that allows the entire cipher to be revealed.

Further information about types of data being encrypted includes word counts by the length of words. Table 3.4 contains such a list for Chapter 40. This information can be used to begin to piece together useful and meaningful short sentences, which can provide cues to longer and more complex structures. It is exactly this sort of activity that good cryptography attempts to defeat.

Table 3.4. Leaders by Word Length in the Preedited Manuscript for Chapter 40

The context of the clear text can make the cipher less secure. After all, there are only a finite number of words. Few of them are long.

If it was encrypted using a simple substitution cipher, a good start to deciphering Chapter 40 could be made using the information we have gathered. As a learning exercise, game, or logic puzzle, substitution ciphers are useful. Some substitution ciphers that are more elaborate can be just as difficult to crack. Ultimately, though, the weakness behind a substitution cipher is that the ciphertext remains a one-to-one, directly corresponding substitution; ultimately, anyone with a pen and paper and a large enough sample of the ciphertext can defeat it. Through use of a computer, deciphering a simple substitution cipher becomes child's play.