Cryptography for Dummies — Part 2: The Caesar Cipher
Check out part 1 here.
One place you’ll hear about cryptography a lot is in the context of war and the military. I’m sure you’ve seen those movies like The Imitation Game that make cryptography look super complicated, and super badass. Genius mathematicians doing things with computers that the rest of us can’t begin to understand, and somehow winning the war. But if you take a minute to think about it, the role of cryptography in the military makes a lot of sense. Being able to share secret messages with your troops and allies gives you a great advantage in battle. And being able to intercept and decode your enemy’s secret messages gives you an even greater advantage.
Military leaders knew this long before The Imitation Game, and in their efforts to win wars, ended up making massive contributions to the field of cryptography. In fact, the first known cipher was used by Julius Caesar, and is now called the Caesar Cipher. As we said in our last post, a cipher is an operation that uses a key to lock a message. In the case of the Caesar Cipher, this operation was very simple: you just had to shift each letter in your message forward by a given number. This number was like your key. You shared it with the recipient of your message, so that only they could unlock your message.
Let’s see how this would work in action. Imagine Caesar wants to send the following message to his troops: “ATTACK”.
First, he and his troops would have to agree on a key. They would have to do this in person before they set out for battle. Let’s say the agreed on the key 3.
Now, to encrypt his message, Caesar would shift every letter forward by 3:
Then he would send this message openly to his troops. Any enemy troop that intercepted the message, wouldn’t know what it meant. Even if they knew the Caesar Cipher operation (shifting letters forward), they still couldn’t decode it, because they don’t have the key (3). Keep this in mind as you think about modern cryptography. Cryptographic algorithms are just operations that are publicly known, but are still unbreakable, because the key used in each instance is kept secret.
Once Caesar’s troops got his message, they could decrypt it by shifting each letter backwards by 3:
Simple enough, right? Now imagine if you were part of the enemy troop, tasked with breaking Caesar’s cipher. How would you go about doing it? Are there any flaws or weak spots in this cipher that stand out to you?
If you didn’t get it, don’t worry. It took mathematicians 800 years to break Caesar’s Cipher. They finally cracked the code by looking at an important property of language. In every language, some letters are used more often than others. In fact, if you take any book and count the number of times each letter appears, you will notice the same pattern.
This is the pattern for English:
As you can see, E, T and A are the most popular letters in English. But that’s not all this graph tells us. The graph tells us how many times each letter of the alphabet will occur in any given text in relation to the other letters. So for example, in every piece of English text, for every 1 G, there are 2 Ls, and so on. Every language has its own pattern, and this pattern is repeated in every piece of text. So in a way, this pattern is like a language’s fingerprint. We leave this fingerprint when communicate without realizing it.
With this information at hand, it’s not too hard to break Caesar’s Cipher. If we know what language a message was written in, we can just count up the frequencies of each letter in the encrypted text and check how far the language’s fingerprint has shifted.
For example, in this graph, we can see that the most popular letter in the encrypted message, or ciphertext is I, instead of E, so that means that each letter was likely shifted by a key of 4. Knowing this, we can easily reverse the shift to reveal the original message.
What we just did is called frequency analysis, and it was a blow to the security of the Caesar Cipher. How do you think the Caesar Cipher had to evolve to defend against code-breakers using frequency analysis? In our next post, we’ll look at how this battle between code-creators and code-breakers continues.
Check out part 3 here!
