760:
1087:
1497:
1434:
3920:
1808:
31:
462:. Furthermore, it might only reveal a small amount of information, enough to prove the cryptosystem imperfect but too little to be useful to real-world attackers. Finally, an attack might only apply to a weakened version of cryptographic tools, like a reduced-round block cipher, as a step towards breaking the full system.
1042:
guesses, the analyst may recover much or all of the original plaintexts. (With only two plaintexts in depth, the analyst may not know which one corresponds to which ciphertext, but in practice this is not a large problem.) When a recovered plaintext is then combined with its ciphertext, the key is revealed:
1404:
predicts that computer speeds will continue to increase. Factoring techniques may continue to do so as well, but will most likely depend on mathematical insight and creativity, neither of which has ever been successfully predictable. 150-digit numbers of the kind once used in RSA have been factored.
457:
in a scheme is usually defined quite conservatively: it might require impractical amounts of time, memory, or known plaintexts. It also might require the attacker be able to do things many real-world attackers can't: for example, the attacker may need to choose particular plaintexts to be encrypted
433:
Academic attacks are often against weakened versions of a cryptosystem, such as a block cipher or hash function with some rounds removed. Many, but not all, attacks become exponentially more difficult to execute as rounds are added to a cryptosystem, so it's possible for the full cryptosystem to be
1041:
The recovered fragment of the second plaintext can often be extended in one or both directions, and the extra characters can be combined with the merged plaintext stream to extend the first plaintext. Working back and forth between the two plaintexts, using the intelligibility criterion to check
365:
notes that even computationally impractical attacks can be considered breaks: "Breaking a cipher simply means finding a weakness in the cipher that can be exploited with a complexity less than brute force. Never mind that brute-force might require 2 encryptions; an attack requiring 2 encryptions
1399:
In 1980, one could factor a difficult 50-digit number at an expense of 10 elementary computer operations. By 1984 the state of the art in factoring algorithms had advanced to a point where a 75-digit number could be factored in 10 operations. Advances in computing technology also meant that the
1371:
as the basis of their security, so an obvious point of attack is to develop methods for solving the problem. The security of two-key cryptography depends on mathematical questions in a way that single-key cryptography generally does not, and conversely links cryptanalysis to wider mathematical
1147:
However, any postmortems for cryptanalysis may be premature. While the effectiveness of cryptanalytic methods employed by intelligence agencies remains unknown, many serious attacks against both academic and practical cryptographic primitives have been published in the modern era of computer
1127:, in which a selected plaintext is matched against its ciphertext, cannot yield the key that unlock other messages. In a sense, then, cryptanalysis is dead. But that is not the end of the story. Cryptanalysis may be dead, but there is – to mix my metaphors – more than one way to skin a cat.
834:, official historian of British Intelligence in World War II, made a similar assessment about Ultra, saying that it shortened the war "by not less than two years and probably by four years"; moreover, he said that in the absence of Ultra, it is uncertain how the war would have ended.
90:
Even though the goal has been the same, the methods and techniques of cryptanalysis have changed drastically through the history of cryptography, adapting to increasing cryptographic complexity, ranging from the pen-and-paper methods of the past, through machines like the
British
2666:
1. A series of code messages reciphered with the same, or the same part of a, reciphering key especially when written under one another so that all the groups (usually one in each message) that are reciphered with the same group of the subtractor lie under each other and form a
498:
488:
being designed to replace old broken designs, and new cryptanalytic techniques invented to crack the improved schemes. In practice, they are viewed as two sides of the same coin: secure cryptography requires design against possible cryptanalysis.
3254:
1114:
more complex than ever before. Taken as a whole, modern cryptography has become much more impervious to cryptanalysis than the pen-and-paper systems of the past, and now seems to have the upper hand against pure cryptanalysis. The historian
634:
would be a likely candidate for "E". Frequency analysis of such a cipher is therefore relatively easy, provided that the ciphertext is long enough to give a reasonably representative count of the letters of the alphabet that it contains.
1375:
Asymmetric schemes are designed around the (conjectured) difficulty of solving various mathematical problems. If an improved algorithm can be found to solve the problem, then the system is weakened. For example, the security of the
313:: Like a chosen-plaintext attack, except the attacker can obtain ciphertexts encrypted under two different keys. The keys are unknown, but the relationship between them is known; for example, two keys that differ in the one bit.
893:, each message had its own key. Usually, the transmitting operator informed the receiving operator of this message key by transmitting some plaintext and/or ciphertext before the enciphered message. This is termed the
1143:
as replacements for the traditional means of cryptanalysis. In 2010, former NSA technical director Brian Snow said that both academic and government cryptographers are "moving very slowly forward in a mature field."
650:, cipher classification, Arabic phonetics and syntax, and most importantly, gave the first descriptions on frequency analysis. He also covered methods of encipherments, cryptanalysis of certain encipherments, and
1409:
for RSA. Numbers with several hundred digits were still considered too hard to factor in 2005, though methods will probably continue to improve over time, requiring key size to keep pace or other methods such as
354:
It is sometimes difficult to predict these quantities precisely, especially when the attack is not practical to actually implement for testing. But academic cryptanalysts tend to provide at least the estimated
1062:
Knowledge of a key then allows the analyst to read other messages encrypted with the same key, and knowledge of a set of related keys may allow cryptanalysts to diagnose the system used for constructing them.
993:(In modulo-2 arithmetic, addition is the same as subtraction.) When two such ciphertexts are aligned in depth, combining them eliminates the common key, leaving just a combination of the two plaintexts:
434:
strong even though reduced-round variants are weak. Nonetheless, partial breaks that come close to breaking the original cryptosystem may mean that a full break will follow; the successful attacks on
807:
intelligence has been credited with everything between shortening the end of the
European war by up to two years, to determining the eventual result. The war in the Pacific was similarly helped by
682:
Successful cryptanalysis has undoubtedly influenced history; the ability to read the presumed-secret thoughts and plans of others can be a decisive advantage. For example, in
England in 1587,
195:), attempting to "break" the encryption to read the ciphertext and learning the secret key so future messages can be decrypted and read. A mathematical technique to do this is called a
1417:
Another distinguishing feature of asymmetric schemes is that, unlike attacks on symmetric cryptosystems, any cryptanalysis has the opportunity to make use of knowledge gained from the
3900:
3730:
1405:
The effort was greater than above, but was not unreasonable on fast modern computers. By the start of the 21st century, 150-digit numbers were no longer considered a large enough
216:
can be classified based on what type of information the attacker has available. As a basic starting point it is normally assumed that, for the purposes of analysis, the general
3133:
1123:
Many are the cryptosystems offered by the hundreds of commercial vendors today that cannot be broken by any known methods of cryptanalysis. Indeed, in such systems even a
173:. The concept is that even if an unauthorized person gets access to the ciphertext during transmission, without the secret key they cannot convert it back to plaintext.
228:. This is a reasonable assumption in practice – throughout history, there are countless examples of secret algorithms falling into wider knowledge, variously through
3583:
299:: like a chosen-plaintext attack, except the attacker can choose subsequent plaintexts based on information learned from previous encryptions, similarly to the
1388:
found a faster way to find discrete logarithms (in certain groups), and thereby requiring cryptographers to use larger groups (or different types of groups).
163:, recovering the plaintext. To decrypt the ciphertext, the recipient requires a secret knowledge from the sender, usually a string of letters, numbers, or
2725:
1173:
standard encryption algorithm but not widely used, was demolished by a spate of attacks from the academic community, many of which are entirely practical.
1021:
at various locations; a correct guess, when combined with the merged plaintext stream, produces intelligible text from the other plaintext component:
366:
would be considered a break...simply put, a break can just be a certificational weakness: evidence that the cipher does not perform as advertised."
1075:, both military and diplomatic, and established dedicated organizations devoted to breaking the codes and ciphers of other nations, for example,
853:
ciphers required new levels of mathematical sophistication. Moreover, automation was first applied to cryptanalysis in that era with the Polish
1367:) is cryptography that relies on using two (mathematically related) keys; one private, and one public. Such ciphers invariably rely on "hard"
3504:
3483:
3462:
3441:
3416:
3395:
3374:
3338:
3241:
3124:
3011:
2990:
2938:
2760:
2044:
1956:
1582:
on a quantum computer, brute-force key search can be made quadratically faster. However, this could be countered by doubling the key length.
1304:
176:
Encryption has been used throughout history to send important military, diplomatic and commercial messages, and today is very widely used in
291:): the attacker can obtain the ciphertexts (plaintexts) corresponding to an arbitrary set of plaintexts (ciphertexts) of their own choosing.
2485:
2831:
1107:
754:
3576:
3282:
3264:
3219:
3209:
3199:
3189:
3171:
3161:
3151:
3141:
3111:
3041:
3024:
2968:
2921:
2423:
2389:
2239:
2212:
2185:
2100:
1891:
301:
1605: – Multi-disciplinary methods for decision support systems security, a term for information security often used in government
1196:
and wireless phone technology can all be broken in hours, minutes or even in real-time using widely available computing equipment.
941:
Generally, the cryptanalyst may benefit from lining up identical enciphering operations among a set of messages. For example, the
87:
that do not target weaknesses in the cryptographic algorithms themselves, but instead exploit weaknesses in their implementation.
2671:(c) two or more messages in a machine or similar cipher that have been enciphered on the same machine-setting or on the same key.
323:
295:
1377:
1660:
580:
3295:
3948:
3779:
1829:
1825:
1470:
3057:
1872:
1309:
713:, which uses a repeating key to select different encryption alphabets in rotation, was considered to be completely secure (
622:"TH" is the most likely pair of letters in English, and so on. Frequency analysis relies on a cipher failing to hide these
2883:
1844:
924:
Sending two or more messages with the same key is an insecure process. To a cryptanalyst the messages are then said to be
3953:
3569:
2669:(b) two or more messages in a transposition cipher that are of the same length and have been enciphered on the same key;
2847:
1626: – Process of incorporating security controls into an information system, the design of applications and protocols
3895:
3850:
3663:
2229:
2202:
1411:
1258:
on hash functions. The certificate issuers involved changed their practices to prevent the attack from being repeated.
1251:
750:
675:
3546:
1851:
3774:
2175:
1299:
1294:
916:
cipher system, and the comprehensive breaking of its messages without the cryptanalysts seeing the cipher machine.
627:
2413:
2379:
1818:
3890:
1614:
1548:
1324:
1211:
225:
3958:
3880:
3870:
3725:
2722:
1858:
1533:
1244:
1218:
1170:
1080:
670:
435:
287:
3156:
Friedman, William F., Military
Cryptanalysis, Part III, Simpler Varieties of Aperiodic Substitution Systems,
3875:
3865:
3668:
3628:
3621:
3611:
3606:
3181:
1528:
1364:
1360:
1124:
796:
481:
471:
281:
3616:
3320:
1840:
1639:
1629:
1314:
1237:
1160:
815:
784:
691:
269:
253:
3116:
2122:
579:. Al-Kindi is thus regarded as the first codebreaker in history. His breakthrough work was influenced by
3923:
3769:
3715:
3551:
3541:
3177:
2904:
1675:
1602:
1591:
1393:
702:
647:
619:
120:
2331:
Broemeling, Lyle D. (1 November 2011). "An
Account of Early Statistical Inference in Arab Cryptology".
1579:
706:
2676:
2177:
The
Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet
83:
In addition to mathematical analysis of cryptographic algorithms, cryptanalysis includes the study of
3885:
3809:
2673:
2. be in depth : (of messages). Stand to each other in any of the relationships described above.
2289:
1781:
1690:
1623:
1608:
1567:, which are still in the early phases of research, have potential use in cryptanalysis. For example,
1368:
1339:
1319:
1267:
1189:
1140:
854:
827:
823:
808:
804:
730:
683:
651:
517:
152:
84:
694:. The plans came to light after her coded correspondence with fellow conspirators was deciphered by
3648:
3129:
3029:
2872:
2706:
1700:
1596:
1568:
1487:
1329:
1136:
1116:
1111:
787:
benefitted enormously from their joint success cryptanalysis of the German ciphers – including the
776:
764:
639:
543:
535:
521:
416:
237:
177:
1918:
908:
to break the Enigma cipher system. Similar poor indicator systems allowed the
British to identify
3754:
3738:
3685:
3077:
2956:
2464:
2348:
2092:
1962:
1695:
1685:
1389:
1381:
1334:
1284:
1233:
1199:
1072:
950:
935:
866:
819:
741:, in an attempt to minimise the repetition that had been exploited to break the Vigenère system.
576:
513:
390:
309:
77:
65:
3166:
Friedman, William F., Military
Cryptanalysis, Part IV, Transposition and Fractionating Systems,
710:
845:
became more important in cryptanalysis. This change was particularly evident before and during
3814:
3804:
3675:
3500:
3479:
3458:
3437:
3412:
3391:
3370:
3344:
3334:
3326:
3278:
3260:
3237:
3215:
3205:
3195:
3185:
3167:
3157:
3147:
3137:
3120:
3107:
3037:
3020:
3007:
2986:
2964:
2934:
2917:
2827:
2756:
2419:
2385:
2307:
2235:
2208:
2181:
2084:
2040:
1952:
1710:
1289:
722:
169:
96:
2034:
240:. (And on occasion, ciphers have been broken through pure deduction; for example, the German
143:) is sent securely to a recipient by the sender first converting it into an unreadable form (
3749:
3214:
Friedman, William F. and
Lambros D. Callimahos, Military Cryptanalytics, Part II, Volume 2,
3204:
Friedman, William F. and
Lambros D. Callimahos, Military Cryptanalytics, Part II, Volume 1,
3069:
3033:
2748:
2489:
2340:
2297:
2076:
1993:
1944:
1739:
1735:
1725:
1705:
1611: – Protecting information by mitigating risk, the overarching goal of most cryptography
1564:
1279:
1255:
1225:
901:
897:, as it indicates to the receiving operator how to set his machine to decipher the message.
759:
734:
695:
607:
599:
548:
531:
116:
3194:
Friedman, William F. and Lambros D. Callimahos, Military Cryptanalytics, Part I, Volume 2,
1981:
1865:
3046:
2729:
2061:
1791:
1730:
1665:
1644:
1572:
1465:
1385:
1203:
1086:
718:
592:
328:
Attacks can also be characterised by the resources they require. Those resources include:
43:
3531:
2742:
1110:
and other systems during World War II, it also made possible new methods of cryptography
973:
Deciphering combines the same key bits with the ciphertext to reconstruct the plaintext:
2293:
1262:
Thus, while the best modern ciphers may be far more resistant to cryptanalysis than the
3824:
3744:
3705:
3653:
3638:
3099:
3053:
2979:
2744:
Read "Cryptography and the Intelligence Community: The Future of Encryption" at NAP.edu
2661:
2415:
History of Islamic Philosophy: With View of Greek Philosophy and Early History of Islam
2204:
History of Islamic Philosophy: With View of Greek Philosophy and Early History of Islam
2118:
1997:
1785:
1749:
1670:
1538:
1401:
1263:
1099:
1095:
942:
930:
905:
882:
788:
738:
497:
362:
221:
155:. The ciphertext is sent through an insecure channel to the recipient. The recipient
100:
68:
in order to understand hidden aspects of the systems. Cryptanalysis is used to breach
54:
39:
2257:
Ibrahim A. Al-Kadi (April 1992), "The origins of cryptology: The Arab contributions",
1496:
1433:
3942:
3905:
3860:
3819:
3799:
3695:
3658:
3526:
3427:
3229:
3225:
2999:
2928:
2801:
2450:
2352:
1754:
1744:
1553:
1543:
1475:
1185:
913:
878:
831:
792:
638:
Al-Kindi's invention of the frequency analysis technique for breaking monoalphabetic
630:(where each letter is simply replaced with another), the most frequent letter in the
553:
409:– the attacker discovers additional plaintexts (or ciphertexts) not previously known.
241:
3081:
1966:
3855:
3700:
3690:
3680:
3643:
3592:
3304:
2161:
1760:
1344:
1207:
1193:
1153:
946:
890:
886:
862:
846:
780:
379:
375:
213:
208:
184:
164:
112:
104:
69:
2776:
2096:
588:
3494:
3473:
3452:
3431:
3406:
3385:
3364:
3085:
3834:
3331:
The Ultra secret: the inside story of Operation Ultra, Bletchley Park and Enigma
3291:
3256:
The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography
3250:
2949:"It Wasn't All Magic: The Early Struggle to Automate Cryptanalysis, 1930s–1960s"
2909:
2876:
2678:
The Bletchley Park 1944 Cryptographic Dictionary formatted by Tony Sale (c) 2001
2445:
2259:
1807:
1775:
1770:
1765:
1680:
850:
842:
838:
772:
726:
659:
477:
458:
or even to ask for plaintexts to be encrypted using several keys related to the
426:
245:
108:
27:
Study of analyzing information systems in order to discover their hidden aspects
2160:
For an example of an attack that cannot be prevented by additional rounds, see
1941:
History of Cryptography and Cryptanalysis: Codes, Ciphers, and Their Algorithms
1202:
has broken some real-world ciphers and applications, including single-DES (see
382:
according to the amount and quality of secret information that was discovered:
3794:
3764:
3759:
3720:
3275:
The Emperor's Codes: Bletchley Park and the breaking of Japan's secret ciphers
3073:
1948:
1720:
1418:
1349:
642:
was the most significant cryptanalytic advance until World War II. Al-Kindi's
631:
623:
459:
258:
160:
156:
146:
132:
73:
35:
3348:
2311:
2088:
2080:
1071:
Governments have long recognized the potential benefits of cryptanalysis for
359:
of their attacks' difficulty, saying, for example, "SHA-1 collisions now 2."
273:: the attacker has a set of ciphertexts to which they know the corresponding
3784:
655:
615:
400:
274:
229:
217:
190:
138:
17:
3228:(1993), "Introduction: The influence of Ultra in the Second World War", in
2344:
654:
of letters and letter combinations in Arabic. An important contribution of
3520:
1013:
The individual plaintexts can then be worked out linguistically by trying
111:
advanced computerized schemes of the present. Methods for breaking modern
3829:
3789:
1715:
1406:
603:
564:
560:
502:
262:
233:
1575:, in effect breaking some commonly used forms of public-key encryption.
1098:
wired together. Each of the rapidly rotating drums, pictured above in a
945:
enciphers by bit-for-bit combining plaintext with a long key using the "
869:– the first electronic digital computers to be controlled by a program.
841:
knowledge as it does on statistics, but as ciphers became more complex,
556:
were the first people to systematically document cryptanalytic methods.
374:
The results of cryptanalysis can also vary in usefulness. Cryptographer
2951:. Fort Meade: Center for Cryptologic History, National Security Agency.
2709:
1159:, proposed in 1984 but not widely used, was found to be susceptible to
1156:
1132:
934:
by which the sending operator informs the receiving operator about the
687:
3536:
2302:
2278:"Cryptographic methods and development stages used throughout history"
2277:
480:
together with cryptography, and the contest can be traced through the
30:
3710:
3049:: Contemporary Block Ciphers. Lectures on Data Security 1998: 105–126
2948:
1228:, was shown to be breakable in practice because of a weakness in the
563:(c. 801–873, also known as "Alkindus" in Europe), a 9th-century Arab
539:
485:
2752:
559:
The first known recorded explanation of cryptanalysis was given by
2930:
Battle of wits: The Complete Story of Codebreaking in World War II
1254:
and certificate issuer practices that made it possible to exploit
1222:
1131:
Kahn goes on to mention increased opportunities for interception,
1091:
1085:
858:
800:
758:
666:
496:
443:
199:. Cryptographic attacks can be characterized in a number of ways:
92:
29:
1943:. History of Computing. Cham: Springer International Publishing.
814:
Cryptanalysis of enemy messages played a significant part in the
646:
described the first cryptanalytic techniques, including some for
575:). This treatise contains the first description of the method of
3004:
Colossus: The Secrets of Bletchley Park's Codebreaking Computers
1396:– a breakthrough in factoring would impact the security of RSA.
1181:
1177:
1166:
1076:
900:
Poorly designed and implemented indicator systems allowed first
779:
was instrumental in bringing the United States into the war. In
3565:
3119:, Modern Cryptanalysis: Techniques for Advanced Code Breaking,
2802:"Fast Evaluation of Logarithms in Fields of Characteristic Two"
2710:
Remarks on the 50th Anniversary of the National Security Agency
673:(1535–1615) was the author of a seminal work on cryptanalysis,
1801:
1491:
1428:
1248:
1229:
439:
187:, to gain as much information as possible about the original (
2981:
Codes and Ciphers: Julius Caesar, the Enigma and the Internet
690:
as a result of her involvement in three plots to assassinate
701:
In Europe during the 15th and 16th centuries, the idea of a
403:
for encryption and decryption, but without learning the key.
3523:(files contain 5 line header, that has to be removed first)
3475:
Modern cryptanalysis: techniques for advanced code breaking
1243:
In 2008, researchers conducted a proof-of-concept break of
2824:
Cryptography and Network Security: Principles and Practice
2036:
Cryptography and public key infrastructure on the Internet
1636:; vulnerabilities can include cryptographic or other flaws
830:
intelligence as having been "decisive" to Allied victory.
614:" is likely to be the most common letter in any sample of
224:"the enemy knows the system" – in its turn, equivalent to
3547:
UltraAnvil tool for attacking simple substitution ciphers
3454:
Applied Cryptanalysis: Breaking Ciphers in the Real World
3433:
Advanced Linear Cryptanalysis of Block and Stream Ciphers
611:
2916:
Friedrich L. Bauer: "Decrypted Secrets". Springer 2002.
1106:
Even though computation was used to great effect in the
425:– the attacker can distinguish the cipher from a random
115:
often involve solving carefully constructed problems in
3146:
Friedman, William F., Military Cryptanalysis, Part II,
1649:
Pages displaying short descriptions of redirect targets
1634:
Pages displaying short descriptions of redirect targets
1508:
1445:
1102:
museum mockup, simulated the action of an Enigma rotor.
598:
Frequency analysis is the basic tool for breaking most
419:
about plaintexts (or ciphertexts) not previously known.
3731:
Cryptographically secure pseudorandom number generator
3532:
List of tools for cryptanalysis on modern cryptography
2907:,"The origins of cryptology: The Arab contributions",
257:: the cryptanalyst has access only to a collection of
2276:
Sahinaslan, Ender; Sahinaslan, Onder (2 April 2019).
1392:'s security depends (in part) upon the difficulty of
928:
This may be detected by the messages having the same
3557:
3319:
Transcript of a lecture given by Prof. Tutte at the
3259:, London, England: Fourth Estate, pp. 143–189,
2963:, Cleobury Mortimer, Shropshire: M & M Baldwin,
1619:
Pages displaying wikidata descriptions as a fallback
1380:
scheme depends on the difficulty of calculating the
725:(1805–81) succeeded in breaking this cipher. During
72:
security systems and gain access to the contents of
3843:
3599:
3058:"A Self-Study Course in Block-Cipher Cryptanalysis"
3019:Helen Fouché Gaines, "Cryptanalysis", 1939, Dover.
2381:
The Biographical Encyclopedia of Islamic Philosophy
2231:
The Biographical Encyclopedia of Islamic Philosophy
1832:. Unsourced material may be challenged and removed.
1083:, organizations which are still very active today.
1031:(Plaintext1 ⊕ Plaintext2) ⊕ Plaintext1 = Plaintext2
1003:
Ciphertext1 ⊕ Ciphertext2 = Plaintext1 ⊕ Plaintext2
705:was developed, among others by the French diplomat
446:were all preceded by attacks on weakened versions.
399:– the attacker discovers a functionally equivalent
64:, "to analyze") refers to the process of analyzing
3236:, Oxford: Oxford University Press, pp. 1–13,
2985:, Cambridge, England: Cambridge University Press,
2978:
1757:, the Renaissance's first outstanding cryptanalyst
1738:, whose contributions affected the outcome of the
837:In practice, frequency analysis relies as much on
573:A Manuscript on Deciphering Cryptographic Messages
183:The goal of cryptanalysis is for a third party, a
3104:Elementary Cryptanalysis: A Mathematical Approach
2664:1944 Cryptographic Dictionary defined a depth as
2465:"Al-Kindi, Cryptgraphy, Codebreaking and Ciphers"
1647: – An exercise in communication intelligence
1632: – Exploitable weakness in a computer system
1599: – Mass surveillance across national borders
336:(e.g., test encryptions) which must be performed.
3234:Codebreakers: The inside story of Bletchley Park
1560:Quantum computing applications for cryptanalysis
507:Manuscript on Deciphering Cryptographic Messages
1232:cipher and aspects of the WEP design that made
1121:
822:, quoted the western Supreme Allied Commander,
602:. In natural languages, certain letters of the
203:Amount of information available to the attacker
38:, a device used to break the encryption of the
2723:Former NSA tech chief: I don't trust the cloud
3577:
3106:, Mathematical Association of America, 1966.
2633:
2631:
2316:Al-Kindi is considered the first code breaker
2020:The Codebreakers: the story of secret writing
717:—"the indecipherable cipher"). Nevertheless,
378:(1998) classified various types of attack on
180:to protect email and internet communication.
8:
3006:, Oxford, England: Oxford University Press,
2848:"Shor's Algorithm – Breaking RSA Encryption"
2622:
2550:
877:With reciprocal machine ciphers such as the
2694:
2648:
2598:
1400:operations could be performed much faster.
729:, inventors in several countries developed
3584:
3570:
3562:
3558:
2201:Al-Jubouri, I. M. N. (February 22, 2004).
2145:
2143:
3496:Cryptanalysis of number-theoretic ciphers
2610:
2301:
2022:(second ed.), Scribners, p. 235
1982:"Communication Theory of Secrecy Systems"
1892:Learn how and when to remove this message
1266:, cryptanalysis and the broader field of
745:Ciphers from World War I and World War II
709:(1523–96). For some three centuries, the
530:" is relatively recent (it was coined by
2574:
2149:
1617: – annual cryptographic competition
3552:How Alan Turing Cracked The Enigma Code
2809:IEEE Transactions on Information Theory
2562:
2253:
2251:
2069:IEEE Transactions on Information Theory
2062:"A cryptanalytic time-memory trade-off"
1910:
904:and then the British cryptographers at
248:, and a variety of classical schemes):
135:, confidential information (called the
3036:– The Story of Secret Writing", 1967.
2927:Budiansky, Stephen (10 October 2000),
2412:Al-Jubouri, I. M. N. (19 March 2018).
721:(1791–1871) and later, independently,
159:the ciphertext by applying an inverse
3387:Cryptanalysis of RSA and Its Variants
2913:, 16(2) (April 1992) pp. 97–126.
2637:
2586:
2538:
2526:
2514:
2502:
2365:
2326:
2324:
2039:. John Wiley & Sons. p. 45.
1310:Improbable differential cryptanalysis
1305:Impossible differential cryptanalysis
1236:practical. WEP was later replaced by
1208:40-bit "export-strength" cryptography
795:– and Japanese ciphers, particularly
7:
1830:adding citations to reliable sources
1778:– 17th-century English mathematician
1425:Attacking cryptographic hash systems
1169:, proposed as a replacement for the
949:" operator, which is also known as "
34:Reconstruction of the appearance of
2117:McDonald, Cameron; Hawkes, Philip;
350:required for a particular approach.
3451:Stamp, Mark; Low, Richard (2007).
2747:. National Academies Press. 2022.
1998:10.1002/j.1538-7305.1949.tb00928.x
1980:Shannon, Claude (4 October 1949).
1108:cryptanalysis of the Lorenz cipher
1067:Development of modern cryptography
755:Cryptanalysis of the Lorenz cipher
703:polyalphabetic substitution cipher
606:appear more often than others; in
587:, which contains the first use of
389:– the attacker deduces the secret
25:
3277:, London, England: Random House,
1221:(WEP), a protocol used to secure
1094:replicated the action of several
912:that led to the diagnosis of the
826:, at the war's end as describing
302:Adaptive chosen ciphertext attack
3919:
3918:
3542:The National Museum of Computing
2889:from the original on 2022-10-10.
2800:Coppersmith, Don (4 July 1984).
2228:Leaman, Oliver (July 16, 2015).
2106:from the original on 2022-10-10.
1919:"Cryptanalysis/Signals Analysis"
1806:
1495:
1432:
346:Data – the quantity and type of
324:Time/memory/data tradeoff attack
318:Computational resources required
2378:Leaman, Oliver (16 July 2015).
1817:needs additional citations for
662:for use of frequency analysis.
644:Risalah fi Istikhraj al-Mu'amma
595:words with and without vowels.
569:Risalah fi Istikhraj al-Mu'amma
534:in 1920), methods for breaking
343:required to perform the attack.
3780:Information-theoretic security
3527:Distributed Computing Projects
1571:could factor large numbers in
1471:Hash function security summary
1052:Plaintext1 ⊕ Ciphertext1 = Key
936:key generator initial settings
585:Book of Cryptographic Messages
1:
3472:Swenson, Christopher (2008).
2777:"An Overview of Cryptography"
1986:Bell System Technical Journal
1212:DVD Content Scrambling System
589:permutations and combinations
3493:Wagstaff, Samuel S. (2003).
3333:, London: Orion Books Ltd.,
2977:Churchhouse, Robert (2002),
1661:Conel Hugh O'Donel Alexander
1017:(or phrases), also known as
983:Ciphertext ⊕ Key = Plaintext
963:Plaintext ⊕ Key = Ciphertext
449:In academic cryptography, a
3896:Message authentication code
3851:Cryptographic hash function
3664:Cryptographic hash function
3537:Simon Singh's crypto corner
2822:Stallings, William (2010).
2732:. Retrieved March 14, 2010.
2721:Tim Greene, Network World,
1412:elliptic curve cryptography
1378:Diffie–Hellman key exchange
1200:Brute-force keyspace search
751:Cryptanalysis of the Enigma
686:was tried and executed for
676:De Furtivis Literarum Notis
3975:
3775:Harvest now, decrypt later
2282:AIP Conference Proceedings
1485:
1300:Harvest now, decrypt later
1295:Differential cryptanalysis
748:
628:simple substitution cipher
526:Although the actual word "
511:
469:
415:– the attacker gains some
407:Instance (local) deduction
348:plaintexts and ciphertexts
321:
206:
3914:
3891:Post-quantum cryptography
3561:
3478:. John Wiley & Sons.
3457:. John Wiley & Sons.
3408:Algorithmic Cryptanalysis
3363:Bard, Gregory V. (2009).
3176:Friedman, William F. and
3074:10.1080/0161-110091888754
2435:– via Google Books.
2401:– via Google Books.
2384:. Bloomsbury Publishing.
2333:The American Statistician
2244:– via Google Books.
2234:. Bloomsbury Publishing.
2217:– via Google Books.
2060:Hellman, M. (July 1980).
1949:10.1007/978-3-319-90443-6
1615:National Cipher Challenge
1549:Rubber-hose cryptanalysis
1325:Meet-in-the-middle attack
849:, where efforts to crack
818:victory in World War II.
715:le chiffre indéchiffrable
583:(717–786), who wrote the
296:Adaptive chosen-plaintext
3881:Quantum key distribution
3871:Authenticated encryption
3726:Random number generation
3384:Hinek, M. Jason (2009).
2947:Burke, Colin B. (2002).
2081:10.1109/tit.1980.1056220
1939:Dooley, John F. (2018).
1534:Man-in-the-middle attack
1247:using weaknesses in the
1219:Wired Equivalent Privacy
671:Giambattista della Porta
423:Distinguishing algorithm
3876:Public-key cryptography
3866:Symmetric-key algorithm
3669:Key derivation function
3629:Cryptographic primitive
3622:Authentication protocol
3612:Outline of cryptography
3607:History of cryptography
3366:Algebraic Cryptanalysis
3273:Smith, Michael (2000),
3232:; Stripp, Alan (eds.),
3182:Military Cryptanalytics
2418:. Authors On Line Ltd.
2207:. Authors On Line Ltd.
1529:Black-bag cryptanalysis
1372:research in a new way.
1365:public-key cryptography
1361:Asymmetric cryptography
1161:ciphertext-only attacks
1125:chosen plaintext attack
482:history of cryptography
472:History of cryptography
339:Memory – the amount of
214:Cryptanalytical attacks
119:, the best-known being
42:. Based on sketches in
3617:Cryptographic protocol
3405:Joux, Antoine (2009).
3321:University of Waterloo
3134:Military Cryptanalysis
2345:10.1198/tas.2011.10191
2180:. Simon and Schuster.
2124:SHA-1 collisions now 2
2033:Schmeh, Klaus (2003).
1655:Historic cryptanalysts
1640:Topics in cryptography
1630:Security vulnerability
1315:Integral cryptanalysis
1238:Wi-Fi Protected Access
1129:
1103:
953:" (symbolized by ⊕ ):
865:equipment, and in the
775:, the breaking of the
768:
692:Elizabeth I of England
648:polyalphabetic ciphers
509:
226:Kerckhoffs's principle
76:messages, even if the
47:
3949:Cryptographic attacks
3770:End-to-end encryption
3716:Cryptojacking malware
3178:Lambros D. Callimahos
2877:"Grover vs. McEliece"
2811:. IT-30 (4): 587–594.
1921:. Nsa.gov. 2009-01-15
1676:Lambros D. Callimahos
1603:Information assurance
1592:Economics of security
1394:integer factorization
1369:mathematical problems
1270:remain quite active.
1089:
902:Polish cryptographers
762:
731:rotor cipher machines
591:to list all possible
500:
413:Information deduction
332:Time – the number of
121:integer factorization
33:
3886:Quantum cryptography
3810:Trusted timestamping
3554:Imperial War Museums
3184:, Part I, Volume 1,
3130:Friedman, William F.
2174:Kahn, David (1996).
2018:Kahn, David (1996),
1826:improve this article
1782:William Stone Weedon
1691:Agnes Meyer Driscoll
1624:Security engineering
1609:Information security
1482:Side-channel attacks
1320:Linear cryptanalysis
1268:information security
1137:side channel attacks
857:device, the British
824:Dwight D. Eisenhower
684:Mary, Queen of Scots
652:statistical analysis
640:substitution ciphers
626:. For example, in a
518:Index of coincidence
197:cryptographic attack
161:decryption algorithm
153:encryption algorithm
85:side-channel attacks
3954:Applied mathematics
3649:Cryptographic nonce
3521:Basic Cryptanalysis
3117:Christopher Swenson
2957:Calvocoressi, Peter
2873:Daniel J. Bernstein
2781:www.garykessler.net
2712:, November 1, 2002.
2492:on August 28, 2008.
2294:2019AIPC.2086c0033S
1701:William F. Friedman
1597:Global surveillance
1488:Side channel attack
1330:Mod-n cryptanalysis
1234:related-key attacks
1112:orders of magnitude
777:Zimmermann Telegram
765:Zimmermann Telegram
658:(1187–1268) was on
522:Kasiski examination
417:Shannon information
238:reverse engineering
178:computer networking
66:information systems
3755:Subliminal channel
3739:Pseudorandom noise
3686:Key (cryptography)
3327:Winterbotham, F.W.
2905:Ibrahim A. Al-Kadi
2728:2010-03-08 at the
1696:Elizebeth Friedman
1686:Alastair Denniston
1580:Grover's algorithm
1507:. You can help by
1444:. You can help by
1382:discrete logarithm
1356:Asymmetric ciphers
1335:Related-key attack
1285:Brute-force attack
1104:
867:Colossus computers
820:F. W. Winterbotham
769:
707:Blaise de Vigenère
577:frequency analysis
514:Frequency analysis
510:
476:Cryptanalysis has
357:order of magnitude
310:Related-key attack
220:is known; this is
97:Colossus computers
48:
3936:
3935:
3932:
3931:
3815:Key-based routing
3805:Trapdoor function
3676:Digital signature
3506:978-1-58488-153-7
3485:978-0-470-13593-8
3464:978-0-470-11486-5
3443:978-1-60750-844-1
3418:978-1-4200-7002-6
3397:978-1-4200-7518-2
3376:978-1-4419-1019-6
3340:978-0-7528-3751-2
3243:978-0-19-280132-6
3125:978-0-470-13593-8
3013:978-0-19-284055-4
3000:Copeland, B. Jack
2992:978-0-521-00890-7
2940:978-0-684-85932-3
2826:. Prentice Hall.
2762:978-0-309-49135-8
2697:, pp. 33, 86
2623:Calvocoressi 2001
2601:, pp. 33, 34
2551:Winterbotham 2000
2303:10.1063/1.5095118
2046:978-0-470-84745-9
1958:978-3-319-90442-9
1902:
1901:
1894:
1876:
1711:Friedrich Kasiski
1565:Quantum computers
1525:
1524:
1462:
1461:
1274:Symmetric ciphers
1256:collision attacks
1226:wireless networks
1141:quantum computers
951:modulo-2 addition
938:for the message.
832:Sir Harry Hinsley
723:Friedrich Kasiski
618:. Similarly, the
600:classical ciphers
493:Classical ciphers
334:computation steps
288:chosen-ciphertext
244:and the Japanese
170:cryptographic key
78:cryptographic key
16:(Redirected from
3966:
3922:
3921:
3750:Insecure channel
3586:
3579:
3572:
3563:
3559:
3510:
3489:
3468:
3447:
3422:
3401:
3380:
3351:
3318:
3317:
3315:
3309:
3303:, archived from
3302:
3294:(19 June 1998),
3287:
3269:
3246:
3096:
3094:
3093:
3084:. Archived from
3056:(January 2000).
3034:The Codebreakers
3016:
2995:
2984:
2973:
2961:Top Secret Ultra
2952:
2943:
2891:
2890:
2888:
2881:
2869:
2863:
2862:
2860:
2859:
2844:
2838:
2837:
2819:
2813:
2812:
2806:
2797:
2791:
2790:
2788:
2787:
2773:
2767:
2766:
2739:
2733:
2719:
2713:
2704:
2698:
2695:Churchhouse 2002
2692:
2686:
2685:
2683:
2658:
2652:
2649:Churchhouse 2002
2646:
2640:
2635:
2626:
2620:
2614:
2613:, pp. 97–99
2608:
2602:
2599:Churchhouse 2002
2596:
2590:
2584:
2578:
2572:
2566:
2560:
2554:
2548:
2542:
2536:
2530:
2524:
2518:
2517:, pp. 63–78
2512:
2506:
2505:, pp. 45–51
2500:
2494:
2493:
2488:. Archived from
2486:"Crypto History"
2482:
2476:
2475:
2473:
2471:
2461:
2455:
2443:
2437:
2436:
2434:
2432:
2409:
2403:
2402:
2400:
2398:
2375:
2369:
2363:
2357:
2356:
2328:
2319:
2318:
2305:
2273:
2267:
2255:
2246:
2245:
2225:
2219:
2218:
2198:
2192:
2191:
2171:
2165:
2158:
2152:
2147:
2138:
2137:
2136:
2134:
2129:
2114:
2108:
2107:
2105:
2066:
2057:
2051:
2050:
2030:
2024:
2023:
2015:
2009:
2008:
2006:
2004:
1977:
1971:
1970:
1936:
1930:
1929:
1927:
1926:
1915:
1897:
1890:
1886:
1883:
1877:
1875:
1834:
1810:
1802:
1771:William T. Tutte
1740:Battle of Midway
1736:Joseph Rochefort
1726:Solomon Kullback
1706:Meredith Gardner
1650:
1635:
1620:
1569:Shor's Algorithm
1520:
1517:
1499:
1492:
1457:
1454:
1436:
1429:
1280:Boomerang attack
1192:systems used in
735:Arthur Scherbius
696:Thomas Phelippes
549:The Codebreakers
542:are much older.
532:William Friedman
397:Global deduction
282:Chosen-plaintext
117:pure mathematics
60:, "hidden", and
21:
3974:
3973:
3969:
3968:
3967:
3965:
3964:
3963:
3959:Arab inventions
3939:
3938:
3937:
3928:
3910:
3839:
3595:
3590:
3517:
3507:
3492:
3486:
3471:
3465:
3450:
3444:
3426:Junod, Pascal;
3425:
3419:
3404:
3398:
3383:
3377:
3362:
3359:
3357:Further reading
3354:
3341:
3325:
3313:
3311:
3310:on 10 July 2007
3307:
3300:
3290:
3285:
3272:
3267:
3249:
3244:
3224:
3091:
3089:
3054:Schneier, Bruce
3052:
3047:Lars R. Knudsen
3014:
2998:
2993:
2976:
2971:
2955:
2946:
2941:
2926:
2900:
2895:
2894:
2886:
2879:
2871:
2870:
2866:
2857:
2855:
2846:
2845:
2841:
2834:
2821:
2820:
2816:
2804:
2799:
2798:
2794:
2785:
2783:
2775:
2774:
2770:
2763:
2741:
2740:
2736:
2730:Wayback Machine
2720:
2716:
2705:
2701:
2693:
2689:
2681:
2675:
2674:
2672:
2670:
2668:
2665:
2659:
2655:
2647:
2643:
2636:
2629:
2621:
2617:
2609:
2605:
2597:
2593:
2585:
2581:
2573:
2569:
2561:
2557:
2549:
2545:
2537:
2533:
2525:
2521:
2513:
2509:
2501:
2497:
2484:
2483:
2479:
2469:
2467:
2463:
2462:
2458:
2444:
2440:
2430:
2428:
2426:
2411:
2410:
2406:
2396:
2394:
2392:
2377:
2376:
2372:
2364:
2360:
2330:
2329:
2322:
2275:
2274:
2270:
2256:
2249:
2242:
2227:
2226:
2222:
2215:
2200:
2199:
2195:
2188:
2173:
2172:
2168:
2159:
2155:
2148:
2141:
2132:
2130:
2127:
2119:Pieprzyk, Josef
2116:
2115:
2111:
2103:
2064:
2059:
2058:
2054:
2047:
2032:
2031:
2027:
2017:
2016:
2012:
2002:
2000:
1979:
1978:
1974:
1959:
1938:
1937:
1933:
1924:
1922:
1917:
1916:
1912:
1907:
1898:
1887:
1881:
1878:
1841:"Cryptanalysis"
1835:
1833:
1823:
1811:
1800:
1792:Herbert Yardley
1788:in World War II
1731:Marian Rejewski
1666:Charles Babbage
1657:
1648:
1645:Zendian Problem
1633:
1618:
1588:
1573:polynomial time
1562:
1554:Timing analysis
1521:
1515:
1512:
1505:needs expansion
1490:
1484:
1466:Birthday attack
1458:
1452:
1449:
1442:needs expansion
1427:
1386:Don Coppersmith
1358:
1340:Sandwich attack
1276:
1204:EFF DES cracker
1096:Enigma machines
1069:
922:
875:
757:
747:
719:Charles Babbage
711:Vigenère cipher
524:
505:'s 9th century
495:
474:
468:
372:
326:
320:
270:Known-plaintext
254:Ciphertext-only
222:Shannon's Maxim
211:
205:
129:
44:Marian Rejewski
28:
23:
22:
15:
12:
11:
5:
3972:
3970:
3962:
3961:
3956:
3951:
3941:
3940:
3934:
3933:
3930:
3929:
3927:
3926:
3915:
3912:
3911:
3909:
3908:
3903:
3901:Random numbers
3898:
3893:
3888:
3883:
3878:
3873:
3868:
3863:
3858:
3853:
3847:
3845:
3841:
3840:
3838:
3837:
3832:
3827:
3825:Garlic routing
3822:
3817:
3812:
3807:
3802:
3797:
3792:
3787:
3782:
3777:
3772:
3767:
3762:
3757:
3752:
3747:
3745:Secure channel
3742:
3736:
3735:
3734:
3723:
3718:
3713:
3708:
3706:Key stretching
3703:
3698:
3693:
3688:
3683:
3678:
3673:
3672:
3671:
3666:
3656:
3654:Cryptovirology
3651:
3646:
3641:
3639:Cryptocurrency
3636:
3631:
3626:
3625:
3624:
3614:
3609:
3603:
3601:
3597:
3596:
3591:
3589:
3588:
3581:
3574:
3566:
3556:
3555:
3549:
3544:
3539:
3534:
3529:
3524:
3516:
3515:External links
3513:
3512:
3511:
3505:
3490:
3484:
3469:
3463:
3448:
3442:
3428:Canteaut, Anne
3423:
3417:
3402:
3396:
3381:
3375:
3358:
3355:
3353:
3352:
3339:
3323:
3288:
3283:
3270:
3265:
3247:
3242:
3226:Hinsley, F. H.
3222:
3212:
3202:
3192:
3174:
3164:
3154:
3144:
3127:
3114:
3100:Abraham Sinkov
3097:
3050:
3044:
3027:
3017:
3012:
3002:, ed. (2006),
2996:
2991:
2974:
2969:
2953:
2944:
2939:
2933:, Free Press,
2924:
2914:
2901:
2899:
2896:
2893:
2892:
2875:(2010-03-03).
2864:
2839:
2833:978-0136097044
2832:
2814:
2792:
2768:
2761:
2753:10.17226/26168
2734:
2714:
2699:
2687:
2662:Bletchley Park
2653:
2641:
2627:
2615:
2611:Budiansky 2000
2603:
2591:
2579:
2567:
2555:
2553:, p. 229.
2543:
2531:
2519:
2507:
2495:
2477:
2456:
2438:
2424:
2404:
2390:
2370:
2358:
2339:(4): 255–257.
2320:
2268:
2247:
2240:
2220:
2213:
2193:
2186:
2166:
2153:
2139:
2109:
2075:(4): 401–406.
2052:
2045:
2025:
2010:
1972:
1957:
1931:
1909:
1908:
1906:
1903:
1900:
1899:
1814:
1812:
1805:
1799:
1796:
1795:
1794:
1789:
1786:Fredson Bowers
1784:– worked with
1779:
1773:
1768:
1763:
1758:
1752:
1750:Abraham Sinkov
1747:
1742:
1733:
1728:
1723:
1718:
1713:
1708:
1703:
1698:
1693:
1688:
1683:
1678:
1673:
1671:Fredson Bowers
1668:
1663:
1656:
1653:
1652:
1651:
1642:
1637:
1627:
1621:
1612:
1606:
1600:
1594:
1587:
1584:
1561:
1558:
1557:
1556:
1551:
1546:
1541:
1539:Power analysis
1536:
1531:
1523:
1522:
1502:
1500:
1486:Main article:
1483:
1480:
1479:
1478:
1473:
1468:
1460:
1459:
1439:
1437:
1426:
1423:
1357:
1354:
1353:
1352:
1347:
1342:
1337:
1332:
1327:
1322:
1317:
1312:
1307:
1302:
1297:
1292:
1290:Davies' attack
1287:
1282:
1275:
1272:
1260:
1259:
1241:
1215:
1197:
1174:
1164:
1148:cryptography:
1100:Bletchley Park
1068:
1065:
1060:
1059:
1058:
1057:
1056:
1055:
1054:
1053:
1039:
1038:
1037:
1036:
1035:
1034:
1033:
1032:
1015:probable words
1011:
1010:
1009:
1008:
1007:
1006:
1005:
1004:
991:
990:
989:
988:
987:
986:
985:
984:
971:
970:
969:
968:
967:
966:
965:
964:
921:
918:
914:Lorenz SZ40/42
906:Bletchley Park
883:Enigma machine
874:
871:
811:intelligence.
789:Enigma machine
763:The decrypted
746:
743:
501:First page of
494:
491:
470:Main article:
467:
464:
431:
430:
420:
410:
404:
394:
371:
370:Partial breaks
368:
363:Bruce Schneier
352:
351:
344:
337:
319:
316:
315:
314:
306:
292:
278:
266:
207:Main article:
204:
201:
128:
125:
109:mathematically
101:Bletchley Park
40:Enigma machine
26:
24:
14:
13:
10:
9:
6:
4:
3:
2:
3971:
3960:
3957:
3955:
3952:
3950:
3947:
3946:
3944:
3925:
3917:
3916:
3913:
3907:
3906:Steganography
3904:
3902:
3899:
3897:
3894:
3892:
3889:
3887:
3884:
3882:
3879:
3877:
3874:
3872:
3869:
3867:
3864:
3862:
3861:Stream cipher
3859:
3857:
3854:
3852:
3849:
3848:
3846:
3842:
3836:
3833:
3831:
3828:
3826:
3823:
3821:
3820:Onion routing
3818:
3816:
3813:
3811:
3808:
3806:
3803:
3801:
3800:Shared secret
3798:
3796:
3793:
3791:
3788:
3786:
3783:
3781:
3778:
3776:
3773:
3771:
3768:
3766:
3763:
3761:
3758:
3756:
3753:
3751:
3748:
3746:
3743:
3740:
3737:
3732:
3729:
3728:
3727:
3724:
3722:
3719:
3717:
3714:
3712:
3709:
3707:
3704:
3702:
3699:
3697:
3696:Key generator
3694:
3692:
3689:
3687:
3684:
3682:
3679:
3677:
3674:
3670:
3667:
3665:
3662:
3661:
3660:
3659:Hash function
3657:
3655:
3652:
3650:
3647:
3645:
3642:
3640:
3637:
3635:
3634:Cryptanalysis
3632:
3630:
3627:
3623:
3620:
3619:
3618:
3615:
3613:
3610:
3608:
3605:
3604:
3602:
3598:
3594:
3587:
3582:
3580:
3575:
3573:
3568:
3567:
3564:
3560:
3553:
3550:
3548:
3545:
3543:
3540:
3538:
3535:
3533:
3530:
3528:
3525:
3522:
3519:
3518:
3514:
3508:
3502:
3499:. CRC Press.
3498:
3497:
3491:
3487:
3481:
3477:
3476:
3470:
3466:
3460:
3456:
3455:
3449:
3445:
3439:
3436:. IOS Press.
3435:
3434:
3429:
3424:
3420:
3414:
3411:. CRC Press.
3410:
3409:
3403:
3399:
3393:
3390:. CRC Press.
3389:
3388:
3382:
3378:
3372:
3368:
3367:
3361:
3360:
3356:
3350:
3346:
3342:
3336:
3332:
3328:
3324:
3322:
3306:
3299:
3298:
3293:
3289:
3286:
3284:0-593-04641-2
3280:
3276:
3271:
3268:
3266:1-85702-879-1
3262:
3258:
3257:
3252:
3248:
3245:
3239:
3235:
3231:
3230:Hinsley, F.H.
3227:
3223:
3221:
3220:0-89412-076-X
3217:
3213:
3211:
3210:0-89412-075-1
3207:
3203:
3201:
3200:0-89412-074-3
3197:
3193:
3191:
3190:0-89412-073-5
3187:
3183:
3179:
3175:
3173:
3172:0-89412-198-7
3169:
3165:
3163:
3162:0-89412-196-0
3159:
3155:
3153:
3152:0-89412-064-6
3149:
3145:
3143:
3142:0-89412-044-1
3139:
3135:
3131:
3128:
3126:
3122:
3118:
3115:
3113:
3112:0-88385-622-0
3109:
3105:
3101:
3098:
3088:on 2015-09-11
3087:
3083:
3079:
3075:
3071:
3067:
3063:
3059:
3055:
3051:
3048:
3045:
3043:
3042:0-684-83130-9
3039:
3035:
3031:
3028:
3026:
3025:0-486-20097-3
3022:
3018:
3015:
3009:
3005:
3001:
2997:
2994:
2988:
2983:
2982:
2975:
2972:
2970:0-947712-41-0
2966:
2962:
2958:
2954:
2950:
2945:
2942:
2936:
2932:
2931:
2925:
2923:
2922:3-540-42674-4
2919:
2915:
2912:
2911:
2906:
2903:
2902:
2897:
2885:
2878:
2874:
2868:
2865:
2853:
2852:AMS Grad Blog
2849:
2843:
2840:
2835:
2829:
2825:
2818:
2815:
2810:
2803:
2796:
2793:
2782:
2778:
2772:
2769:
2764:
2758:
2754:
2750:
2746:
2745:
2738:
2735:
2731:
2727:
2724:
2718:
2715:
2711:
2708:
2703:
2700:
2696:
2691:
2688:
2680:
2679:
2663:
2657:
2654:
2650:
2645:
2642:
2639:
2634:
2632:
2628:
2624:
2619:
2616:
2612:
2607:
2604:
2600:
2595:
2592:
2589:, p. 244
2588:
2583:
2580:
2576:
2575:Copeland 2006
2571:
2568:
2564:
2559:
2556:
2552:
2547:
2544:
2540:
2535:
2532:
2529:, p. 116
2528:
2523:
2520:
2516:
2511:
2508:
2504:
2499:
2496:
2491:
2487:
2481:
2478:
2466:
2460:
2457:
2453:
2452:
2451:The Code Book
2447:
2442:
2439:
2427:
2425:9780755210114
2421:
2417:
2416:
2408:
2405:
2393:
2391:9781472569455
2387:
2383:
2382:
2374:
2371:
2367:
2362:
2359:
2354:
2350:
2346:
2342:
2338:
2334:
2327:
2325:
2321:
2317:
2313:
2309:
2304:
2299:
2295:
2291:
2288:(1): 030033.
2287:
2283:
2279:
2272:
2269:
2265:
2262:
2261:
2254:
2252:
2248:
2243:
2241:9781472569455
2237:
2233:
2232:
2224:
2221:
2216:
2214:9780755210114
2210:
2206:
2205:
2197:
2194:
2189:
2187:9781439103555
2183:
2179:
2178:
2170:
2167:
2163:
2157:
2154:
2151:
2150:Schneier 2000
2146:
2144:
2140:
2126:
2125:
2120:
2113:
2110:
2102:
2098:
2094:
2090:
2086:
2082:
2078:
2074:
2070:
2063:
2056:
2053:
2048:
2042:
2038:
2037:
2029:
2026:
2021:
2014:
2011:
1999:
1995:
1991:
1987:
1983:
1976:
1973:
1968:
1964:
1960:
1954:
1950:
1946:
1942:
1935:
1932:
1920:
1914:
1911:
1904:
1896:
1893:
1885:
1874:
1871:
1867:
1864:
1860:
1857:
1853:
1850:
1846:
1843: –
1842:
1838:
1837:Find sources:
1831:
1827:
1821:
1820:
1815:This article
1813:
1809:
1804:
1803:
1797:
1793:
1790:
1787:
1783:
1780:
1777:
1774:
1772:
1769:
1767:
1764:
1762:
1759:
1756:
1755:Giovanni Soro
1753:
1751:
1748:
1746:
1745:Frank Rowlett
1743:
1741:
1737:
1734:
1732:
1729:
1727:
1724:
1722:
1719:
1717:
1714:
1712:
1709:
1707:
1704:
1702:
1699:
1697:
1694:
1692:
1689:
1687:
1684:
1682:
1679:
1677:
1674:
1672:
1669:
1667:
1664:
1662:
1659:
1658:
1654:
1646:
1643:
1641:
1638:
1631:
1628:
1625:
1622:
1616:
1613:
1610:
1607:
1604:
1601:
1598:
1595:
1593:
1590:
1589:
1585:
1583:
1581:
1576:
1574:
1570:
1566:
1559:
1555:
1552:
1550:
1547:
1545:
1544:Replay attack
1542:
1540:
1537:
1535:
1532:
1530:
1527:
1526:
1519:
1510:
1506:
1503:This section
1501:
1498:
1494:
1493:
1489:
1481:
1477:
1476:Rainbow table
1474:
1472:
1469:
1467:
1464:
1463:
1456:
1447:
1443:
1440:This section
1438:
1435:
1431:
1430:
1424:
1422:
1420:
1415:
1413:
1408:
1403:
1397:
1395:
1391:
1387:
1383:
1379:
1373:
1370:
1366:
1362:
1355:
1351:
1348:
1346:
1343:
1341:
1338:
1336:
1333:
1331:
1328:
1326:
1323:
1321:
1318:
1316:
1313:
1311:
1308:
1306:
1303:
1301:
1298:
1296:
1293:
1291:
1288:
1286:
1283:
1281:
1278:
1277:
1273:
1271:
1269:
1265:
1257:
1253:
1252:hash function
1250:
1246:
1242:
1239:
1235:
1231:
1227:
1224:
1220:
1216:
1213:
1209:
1205:
1201:
1198:
1195:
1191:
1187:
1183:
1179:
1175:
1172:
1168:
1165:
1162:
1158:
1155:
1151:
1150:
1149:
1145:
1142:
1138:
1134:
1128:
1126:
1120:
1118:
1113:
1109:
1101:
1097:
1093:
1088:
1084:
1082:
1078:
1074:
1066:
1064:
1051:
1050:
1049:
1048:
1047:
1046:
1045:
1044:
1043:
1030:
1029:
1028:
1027:
1026:
1025:
1024:
1023:
1022:
1020:
1016:
1002:
1001:
1000:
999:
998:
997:
996:
995:
994:
982:
981:
980:
979:
978:
977:
976:
975:
974:
962:
961:
960:
959:
958:
957:
956:
955:
954:
952:
948:
944:
943:Vernam cipher
939:
937:
933:
932:
927:
919:
917:
915:
911:
907:
903:
898:
896:
892:
888:
884:
880:
879:Lorenz cipher
872:
870:
868:
864:
861:, the use of
860:
856:
852:
848:
844:
840:
835:
833:
829:
825:
821:
817:
812:
810:
806:
802:
798:
794:
793:Lorenz cipher
790:
786:
782:
778:
774:
766:
761:
756:
752:
744:
742:
740:
736:
732:
728:
724:
720:
716:
712:
708:
704:
699:
697:
693:
689:
685:
680:
678:
677:
672:
668:
663:
661:
657:
653:
649:
645:
641:
636:
633:
629:
625:
621:
617:
613:
609:
605:
601:
596:
594:
590:
586:
582:
578:
574:
570:
566:
562:
557:
555:
554:Arab scholars
551:
550:
545:
541:
537:
533:
529:
528:cryptanalysis
523:
519:
515:
508:
504:
499:
492:
490:
487:
483:
479:
473:
465:
463:
461:
456:
452:
447:
445:
441:
437:
428:
424:
421:
418:
414:
411:
408:
405:
402:
398:
395:
392:
388:
385:
384:
383:
381:
380:block ciphers
377:
369:
367:
364:
360:
358:
349:
345:
342:
338:
335:
331:
330:
329:
325:
317:
312:
311:
307:
304:
303:
298:
297:
293:
290:
289:
284:
283:
279:
276:
272:
271:
267:
264:
260:
256:
255:
251:
250:
249:
247:
243:
242:Lorenz cipher
239:
235:
231:
227:
223:
219:
215:
210:
202:
200:
198:
194:
192:
186:
181:
179:
174:
172:
171:
166:
162:
158:
154:
150:
148:
142:
140:
134:
126:
124:
122:
118:
114:
113:cryptosystems
110:
106:
102:
98:
94:
88:
86:
81:
79:
75:
71:
70:cryptographic
67:
63:
59:
56:
52:
51:Cryptanalysis
45:
41:
37:
32:
19:
3856:Block cipher
3701:Key schedule
3691:Key exchange
3681:Kleptography
3644:Cryptosystem
3633:
3593:Cryptography
3495:
3474:
3453:
3432:
3407:
3386:
3369:. Springer.
3365:
3330:
3312:, retrieved
3305:the original
3296:
3292:Tutte, W. T.
3274:
3255:
3251:Singh, Simon
3233:
3103:
3090:. Retrieved
3086:the original
3068:(1): 18–34.
3065:
3061:
3003:
2980:
2960:
2929:
2908:
2867:
2856:. Retrieved
2854:. 2014-04-30
2851:
2842:
2823:
2817:
2808:
2795:
2784:. Retrieved
2780:
2771:
2743:
2737:
2717:
2702:
2690:
2684:, p. 27
2677:
2656:
2651:, p. 34
2644:
2625:, p. 66
2618:
2606:
2594:
2582:
2570:
2563:Hinsley 1993
2558:
2546:
2534:
2522:
2510:
2498:
2490:the original
2480:
2468:. Retrieved
2459:
2449:
2441:
2429:. Retrieved
2414:
2407:
2395:. Retrieved
2380:
2373:
2368:, p. 17
2361:
2336:
2332:
2315:
2285:
2281:
2271:
2263:
2258:
2230:
2223:
2203:
2196:
2176:
2169:
2162:slide attack
2156:
2131:, retrieved
2123:
2112:
2072:
2068:
2055:
2035:
2028:
2019:
2013:
2001:. Retrieved
1989:
1985:
1975:
1940:
1934:
1923:. Retrieved
1913:
1888:
1879:
1869:
1862:
1855:
1848:
1836:
1824:Please help
1819:verification
1816:
1761:John Tiltman
1577:
1563:
1513:
1509:adding to it
1504:
1450:
1446:adding to it
1441:
1416:
1414:to be used.
1398:
1374:
1359:
1345:Slide attack
1261:
1154:block cipher
1146:
1130:
1122:
1105:
1073:intelligence
1070:
1061:
1040:
1018:
1014:
1012:
992:
972:
947:exclusive or
940:
929:
925:
923:
909:
899:
894:
891:World War II
887:Nazi Germany
876:
863:punched card
847:World War II
836:
813:
781:World War II
770:
714:
700:
681:
674:
664:
643:
637:
597:
584:
572:
568:
558:
547:
527:
525:
506:
475:
454:
450:
448:
432:
422:
412:
406:
396:
386:
376:Lars Knudsen
373:
361:
356:
353:
347:
340:
333:
327:
308:
300:
294:
286:
280:
268:
252:
212:
209:Attack model
196:
188:
185:cryptanalyst
182:
175:
168:
144:
136:
130:
105:World War II
89:
82:
80:is unknown.
61:
57:
50:
49:
18:Codebreakers
3844:Mathematics
3835:Mix network
3062:Cryptologia
2910:Cryptologia
2577:, p. 1
2541:, p. 4
2454:, pp. 14–20
2446:Simon Singh
2266:(2): 97–126
2260:Cryptologia
1776:John Wallis
1766:Alan Turing
1681:Joan Clarke
1402:Moore's law
1384:. In 1983,
926:"in depth."
843:mathematics
773:World War I
727:World War I
665:In Europe,
660:sample size
427:permutation
387:Total break
259:ciphertexts
246:Purple code
167:, called a
151:) using an
3943:Categories
3795:Ciphertext
3765:Decryption
3760:Encryption
3721:Ransomware
3297:Fish and I
3136:, Part I,
3092:2011-01-11
3030:David Kahn
2858:2017-01-17
2786:2019-06-03
2707:David Kahn
2638:Tutte 1998
2587:Singh 1999
2539:Smith 2000
2527:Singh 1999
2515:Singh 1999
2503:Singh 1999
2470:12 January
2366:Singh 1999
1992:(4): 662.
1925:2013-04-15
1882:April 2012
1852:newspapers
1798:References
1721:Dilly Knox
1516:April 2012
1453:April 2012
1419:public key
1350:XSL attack
1210:, and the
1117:David Kahn
839:linguistic
749:See also:
632:ciphertext
624:statistics
544:David Kahn
512:See also:
460:secret key
322:See also:
147:ciphertext
133:encryption
53:(from the
46:'s memoirs
36:cyclometer
3785:Plaintext
3349:222735270
3329:(2000) ,
3314:7 October
2959:(2001) ,
2667:'column'.
2353:123537702
2312:0094-243X
2089:0018-9448
1905:Citations
1578:By using
1217:In 2001,
931:indicator
895:indicator
873:Indicator
656:Ibn Adlan
616:plaintext
581:Al-Khalil
546:notes in
478:coevolved
401:algorithm
275:plaintext
263:codetexts
230:espionage
218:algorithm
191:plaintext
139:plaintext
107:, to the
74:encrypted
3924:Category
3830:Kademlia
3790:Codetext
3733:(CSPRNG)
3430:(2011).
3253:(1999),
3082:53307028
2884:Archived
2726:Archived
2431:19 March
2397:19 March
2101:Archived
1967:18050046
1716:Al-Kindi
1586:See also
1407:key size
1163:in 1998.
1079:and the
1019:"cribs,"
885:used by
881:and the
797:'Purple'
791:and the
733:such as
669:scholar
604:alphabet
565:polymath
561:Al-Kindi
503:Al-Kindi
451:weakness
234:betrayal
157:decrypts
127:Overview
62:analýein
3600:General
2898:Sources
2290:Bibcode
2133:4 April
2003:20 June
1866:scholar
1157:Madryga
1133:bugging
1119:notes:
889:during
809:'Magic'
805:'Ultra'
688:treason
667:Italian
620:digraph
608:English
540:ciphers
486:ciphers
466:History
341:storage
58:kryptós
3711:Keygen
3503:
3482:
3461:
3440:
3415:
3394:
3373:
3347:
3337:
3281:
3263:
3240:
3218:
3208:
3198:
3188:
3170:
3160:
3150:
3140:
3123:
3110:
3080:
3040:
3023:
3010:
2989:
2967:
2937:
2920:
2830:
2759:
2422:
2388:
2351:
2310:
2238:
2211:
2184:
2097:552536
2095:
2087:
2043:
1965:
1955:
1868:
1861:
1854:
1847:
1839:
1264:Enigma
1194:mobile
1188:, and
1167:FEAL-4
1139:, and
910:depths
816:Allied
785:Allies
783:, the
739:Enigma
593:Arabic
520:, and
442:, and
93:Bombes
3741:(PRN)
3308:(PDF)
3301:(PDF)
3078:S2CID
2887:(PDF)
2880:(PDF)
2805:(PDF)
2682:(PDF)
2349:S2CID
2128:(PDF)
2104:(PDF)
2093:S2CID
2065:(PDF)
1963:S2CID
1873:JSTOR
1859:books
1223:Wi-Fi
1092:Bombe
920:Depth
859:Bombe
855:Bomba
828:Ultra
801:JN-25
567:, in
552:that
536:codes
484:—new
455:break
453:or a
444:SHA-1
55:Greek
3501:ISBN
3480:ISBN
3459:ISBN
3438:ISBN
3413:ISBN
3392:ISBN
3371:ISBN
3345:OCLC
3335:ISBN
3316:2010
3279:ISBN
3261:ISBN
3238:ISBN
3216:ISBN
3206:ISBN
3196:ISBN
3186:ISBN
3168:ISBN
3158:ISBN
3148:ISBN
3138:ISBN
3121:ISBN
3108:ISBN
3038:ISBN
3021:ISBN
3008:ISBN
2987:ISBN
2965:ISBN
2935:ISBN
2918:ISBN
2828:ISBN
2757:ISBN
2660:The
2472:2007
2433:2018
2420:ISBN
2399:2018
2386:ISBN
2308:ISSN
2286:2086
2236:ISBN
2209:ISBN
2182:ISBN
2135:2012
2085:ISSN
2041:ISBN
2005:2014
1953:ISBN
1845:news
1363:(or
1190:DECT
1186:CMEA
1182:A5/2
1178:A5/1
1176:The
1152:The
1090:The
1077:GCHQ
851:Axis
799:and
753:and
538:and
236:and
165:bits
95:and
3070:doi
3032:, "
2749:doi
2341:doi
2298:doi
2077:doi
1994:doi
1945:doi
1828:by
1511:.
1448:.
1390:RSA
1249:MD5
1245:SSL
1230:RC4
1206:),
1171:DES
1081:NSA
771:In
610:, "
440:MD5
436:DES
391:key
261:or
131:In
103:in
99:at
3945::
3343:,
3180:,
3132:,
3102:,
3076:.
3066:24
3064:.
3060:.
2882:.
2850:.
2807:.
2779:.
2755:.
2630:^
2448:,
2347:.
2337:65
2335:.
2323:^
2314:.
2306:.
2296:.
2284:.
2280:.
2264:16
2250:^
2142:^
2121:,
2099:.
2091:.
2083:.
2073:26
2071:.
2067:.
1990:28
1988:.
1984:.
1961:.
1951:.
1421:.
1184:,
1180:,
1135:,
803:.
737:'
698:.
679:.
516:,
438:,
232:,
123:.
3585:e
3578:t
3571:v
3509:.
3488:.
3467:.
3446:.
3421:.
3400:.
3379:.
3095:.
3072::
2861:.
2836:.
2789:.
2765:.
2751::
2565:.
2474:.
2355:.
2343::
2300::
2292::
2190:.
2164:.
2079::
2049:.
2007:.
1996::
1969:.
1947::
1928:.
1895:)
1889:(
1884:)
1880:(
1870:·
1863:·
1856:·
1849:·
1822:.
1518:)
1514:(
1455:)
1451:(
1240:.
1214:.
767:.
612:E
571:(
429:.
393:.
305:.
285:(
277:.
265:.
193:"
189:"
149:"
145:"
141:"
137:"
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.
