The Code Book

Simon Singh has written a readable and timely book about what he suggests is the Golden Age of Cryptography, complete with tales of code-breaking intrigue from Mary Queen of Scots to the NSA. Codes have dramatically altered the history of the world. Quantum cryptography will take the evolution of secrecy to a completely different level. The Code Book author Simon Singh pages 401 publisher Doubleday rating 8/10 reviewer Jon Katz ISBN 0-385-49531-5 summary The evolution of cryptography, from Mary Queen of Scots to the NSA

Simon Singh has written a readable, comprehensible and significant book about cryptography.

"The Code Book: The Evolution of Secrecy From Mary, Queen of Scots, to Quantum Cryptography" (Doubleday, $US 24) chronicles the obsessive human interest in and importance of codes, from Elizabethan England to the intrigue-riddled halls of the NSA and the era of quantum cryptography.

Secrets and the codes that protect them are important. They've brought about the rise and fall of monarchs and won wars; in some techno-circles, cryptography is almost becoming a religion. Issues surrounding codes speak directly to the Net, computing, freedom, privacy and power. Singh, a British author, producer and physicist, wrote the best-selling "Fermat's Enigma," and directed a documentary on Fermat's Last Theorm that aired on PBS's "Nova" series.

From tales of buried treasure, to stories of how the legendary mathematician and code breaker Alan Turing secretly helped defeat the Nazis and how Navajos (called code walkers) used their language to fight the Japanese, Singh puts our contemporary fascination with cryptography into perspective. He writes crisply and logically, and an instinct for talking about cryptography in terms of its most interesting tales.

"For two thousand years, codemakers have fought to preserve secrets while codebreakers have tried their best to reveal them," he explains. "It has always been a neck-and-neck race,with codebreakers battling back when codemakers seemed to be in command, and codemakers inventing new and stronger forms of encryption when previous methods had been compromised."

This battle becomes increasingly more intense and relevant, as the free-wheeling structure of the Internet increasingly collides with the perceived interests of individual citizens, with privacy, and with the interests and operations of law enforcement officials and national security organizations.

Singh suggests that we are entering a golden age of cryptography. He quotes one cryptographer as saying: "It is now possible to make ciphers in modern cryptography that are really, really out of reach of all known forms of cryptanalysis. And I think it's going to stay that way." This view, writes Singh, is supported by one of the NSA's Deputy Directors, who told him: "If all the personal computers in the world - approximately 260 million computers - were to be put to work on a single PGP encrypted message, it would take on average an estimated 12 million times the age of the universe to break a single message."

"The Code Book" even ends with "The Cipher Challenge: 10 Steps to $15,000." Singh offers a code -breaking challenge in 10 separate stages. I'll pass, but some of you might want take a shot at it.

Cryptography is a complex, even arcane subject for laypeople and non techno-heads to read about it. To Singh's credit, he's written a book that cryptographers and newbies can love equally. "The Code Book" unlocks the sometimes impenetrable complexity that surrounds cyptography, an achievement all its own.

You can pick this book up at Amazon.

Good read, but little mention of Magic / Purple

[A+nonymous+Coward]

I know he's got a Brit slant, and he never claims to cover everything, but I was a bit disappointed to find so little coverage of breaking the Pacific war codes, arguably a more difficult job than the Atlantic Enigma. It would be very interesting to know as much about the Japanese cipher machines as Enigma; he has written the clearest explanation of Enigma I have ever seen.

--

Navajo

[Detritus]

They were "code talkers", not "code walkers".

Re:One Time Pads and cypher technology

[Mr.+Slippery]

You've missed the point. The main problem with the OTP is not storing the pad, or even generating it (diode noise or some other physical random event will do); it's the fact that you have to get a copy of the pad to both the sender and the receiver.

You also can't reuse a pad between two people you want to talk to. (Unless you're only doing broadcasts.) Therefore, I have to arrange a secure line of communication (classically, a trusted courier) to send them a copy of the "I-them" pad, for every value of "them" with whom I want to exchange messages. I then have to mangage and keep secret all these different pads.

Increased storage density or faster processors won't help with these problems.

On the Golden Age of cryptography...

[Enoch+Root]

I dunno, maybe working on crypto has made me paranoid.

However, I find it hard to believe we have attained this age when crypto is almost on the threshold of total unbreakability. I think ciphers will always be broken, whether it is a simple Caesar cipher or quantum cryptography.

It is a bit like warfare: yes, it's becoming increasingly hard to break a cipher, but as ciphers become harder to analyse, so does the public become more knowledgeable on the subject.

In Ian Pears' novel 'An Instance of the Fingerpost', Cromwell's cryptographer uses a one-time pad whose key is a rare book, with some letters circled throughout the book. The key is the letters of the book. He then goes on to call the encryption scheme unbreakable. It was used by Kings and their spies to communicate safely.

Yet, we break such codes today without breaking a sweat. I am citing this example to show that, although our methods are being refined, so is the tools of cryptanalysis. In the end, I don't think we'll ever have a 100% perfect method of encryption and key management. Perfect cryptography will always require vigilance, intuition, deep thinking and a healthy dose of paranoia.

I'm not saying it's easy to break quantum cryptography (or, as it should be called, quantum key management.) I'm not saying it's not safe. I'm saying I doubt it'll be safe forever; it just seems safe now, as we haven't put a lot of energy into trying to break it yet.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Errata?

[Ledge+Kindred]

Navajo "code walkers" or "code talkers"? I've always heard the latter term.

Also, not really related, but I saw that "Nova" episode about Fermat's Last Theorem. All I can say about it was that it was incredibly fascinating, it was very well done to make clear what's obviously a very mathematical concept to someone without a lot of deep math background, and that hard-core mathematicians have absolutely no life whatsoever.

Next time your S.O. complains about you spending too much time in front of the keyboard, just get them to watch this show and see how those zany math-heads sit in their den/office doing not much more than doodling mathematic formulae on legal pads for as much as 18 hours a day, 7 days a week...

-=-=-=-=-

Re:Errata?

[jsm2]

those zany math-heads sit in their den/office doing not much more than doodling mathematic formulae on legal pads for as much as 18 hours a day, 7 days a week...

Which reminds me of a favourite joke:

The CompSci department had put in their latest request for a huge and expensive mainframe machine (this was the 1950s, remember). Exasperated, the university admin shouted "Why can't you be more like the Math department?! All they ever ask for is paper, pencils and wastebaskets! Or even better, the philosophy department -- they only ever ask for pencils and paper!

Sorry for wasting your time really

jsm

A quick observation regarding quantum encryption

[Effugas]

I'm not an expert in this subject, and I don't even play one on TV, but a number of the concepts underlying quantum encryption appear to be...well, somewhat sketchy, to say the least.

While I accept that interception of a data stream is likely to cause modification to the underlying signal, so too should the natural chaos underlying any physical-realm transport. Any system even attempting to make quantum encryption a reality would have to be engineered to allow unplanned, non-predicted breaks in the link. Such expected breaks would be perfect opportunities for so-named "man in the middle" attacks, where the attacking agent would only need to compute expected replies.

It appears that the actual synthesis of the quantum-tuned keysystems is where the real "magic" goes on, and I agree, it's a seductive concept to have the literal photons in a stream be intrinsically keyed to their destination. But in order for such a system to be perfect, excessive order and stability(the same order and stability that would be presumed to be missing in case of an attack) is required.

In the meantime, the sheer inconvenience of this system still keeps pure mathematical cryptography in high demand. Even the best laser can not adjust for the curvature of the earth, and fiber isn't particuarly difficult to server *backhoe fade*. I can't really imagine quantum properties on radio signals, but then I'm not qualified to make that call. I do know back at Wireless '97, there were innumerable companies selling RF Fingerprinting technologies to combat cell phone cloning, but I'm rather sure the technology did not exploit quantum mechanics. ;-)

Yours Truly,

Dan Kaminsky
DoxPara Research
http://www.doxpara.com

Simon Singh was on theconnection

[JeffL]

Simon Singh was interviewed on The Connection immediately after the l0pht show last week. It was interesting and the real audio can be found at here.

Fluffy, albeit with a hard centre 8/10

[cah1]

Simon Singh has a proven track record of writing about hard maths and science so that you don't need to be a hard mathematician or scientist in order to understand it all. His book on Fermat's Last Theorem is one of my favourites, I'm not a mathmo by training, I'm a CompSci so while I could follow it, it could easily have been way beyond my ken. It was more than that though, Singh caught hold of Wiles' drive and passion - something that most of us can empathise with, but sometimes you can lose because the project going badly or your boss is being a little too PHed. He reminded me why I'm doing what I'm doing.

The Code Book isn't *that* good - but then I doubt it ever could be. He gets a little muddled himself in places and there are better descriptions out there on the work of Bletchley Park (although he gives the Poles more of their due credit than most), but there are some gems in there too. His background writing, the side-tracking on Linear B, the revelations about how Diffie-Hellman-Merkle (and even RSA, to an extent) were beaten to their marks by us Brits but because that information was classified until very recently no-one knows it .... I certainly didn't appreciate it until now. Which is the key to some of the gems - that much of what he writes couldn't have been known even eighteen months ago.

He finishes with a look at the future and quantum machines - very topical and, a physicist by training, he seems more certain of his ground here - or maybe that's just because I know less about that than I did about the rest of the book.

He does a great job putting codes, ciphers and cryptography into context - both more the modern world and way back whenever.

If you're a cryptographer, this book will probably annoy more than inform, but I'm a sucker for pop science books and my knowledge of cryptography isn't so strong. I enjoyed it.