The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography
Simon Singh
1999 Fourth Estate/Doubleday 416pp £16.99/$24.95hb
Immediately after humans discovered writing, they must also have discovered that concealing information is almost as important as expressing it. They also learned that there is nothing more fascinating than other people’s secrets. The ancient art of cryptography (code-making) has throughout history been matched against the ingenuity of cryptanalysts (code-breakers), sometimes in very dramatic circumstances. The battles of wits, intellects, cunning, mathematical prowess and, more recently, technology have made the history of cryptology so colourful that it is bound to appeal to everyone’s imagination. It is a great story to tell, and Simon Singh, in The Code Book, tells it very well indeed.
Turn the first page and you are taken back to 1586 and introduced to the world of Elizabethan intrigue. Had it not been for code-breaking, we learn, Mary Queen of Scots might have kept her head. Her plot to assassinate Queen Elizabeth I and inherit the throne was uncovered by Francis Walsingham, the founder of the British secret service, through the cryptanalysis of his cipher secretary, Thomas Phelippes. Mary was convicted of treason and executed.
What follows is a tour de force, presenting the field that starts in about 400 BC in Sparta with the “scytale”, a device used for communication between military commanders, and ends with quantum cryptography. The scytale was a tapered baton around which was wrapped a spiral strip of parchment or leather containing the message. Words were then written lengthwise along the baton, one letter on each loop of the strip. When unwrapped, the letters of the message appeared scrambled and the parchment was sent on its way. The receiver wrapped the parchment around another baton of the same shape and the original message reappeared.
The next step in the history of ciphers was due to Julius Caesar, who allegedly used a simple letter-substitution method in his correspondence. The emperor replaced each letter in the message with the letter that followed it alphabetically by three places. Thus the letter A was replaced by D, the letter B by E, and so on. For example, the English word COLD after the Caesar substitution would appear as FROG. This method is still called the “Caesar cipher” (regardless of the size of the shift used for the substitution).
Singh alternates between cloak-and-dagger stories and explanations of how ciphers are designed and broken. He takes us from simple Caesar substitutions – so vulnerable to the analysis of frequency of characters – to more complex, polyalphabetic ciphers. Conceived during the Renaissance and subsequently developed into a fully formed system of encryption in the 16th century, the polyalphabetic ciphers were considered unbreakable – with the result that code-makers had a clear advantage over code-breakers for more than two centuries.
Finally, in the 19th century, the polyalphabetic ciphers were broken by, among others, Charles Babbage, better known for his “analytical engine” – the first blueprint for what we would now call a computer. Here, Singh, in one of his delightful digressions, also tells us about other ideas of Babbage’s, such as the cow-catcher – a device that could be fixed to the front of a steam locomotive and used to clear cattle from railway tracks.
No book on the history of cryptology is complete without the famous “Zimmermann telegram” and Enigma stories. Thus we are told how America might not have become involved in the First World War if the famous telegram from the German foreign minister Arthur Zimmermann to the German ambassador in Mexico had not been intercepted and deciphered by the British intelligence services. The telegram proposed that Mexico should be offered territorial gains in America in return for entering the war on the German side.
The Enigma story is, in my opinion, the best part of the book. The Enigma cipher was used by the German military, who believed that their code was unbreakable. However, teams of British intelligence workers at Bletchley Park succeeded in breaking the code with the help of massive electromechanical machines known as “bombes”. Singh lucidly explains how the Enigma coding machines worked, and, after reading this part of the book, one can only be left in astonished admiration for the pioneering work of a gifted Polish cryptanalyst, Marian Rejewski – the first man to crack the Enigma cipher. It is clear that, without his efforts and without the cryptanalytic know-how passed by the Poles to the British in 1939, the Bletchley team would not have known where to start. Subsequently, steadily refined versions of Enigma called for novel and ever more powerful cryptanalytic solutions. The formidable mathematical task of breaking increasingly complicated codes led Alan Turing and others to develop Colossus – one of the world’s first computers.
Indeed, the advent of computers led to both code-making and code-breaking becoming even more complicated. Every electronic message is a sequence of numbers (such as ASCII code), and, when confidentiality is required, those sequences of numbers must somehow be encrypted in such a way that only the intended recipient can decrypt the message. These sets of numbers are usually combined with another sequence of random numbers, called a “cryptographic key”, to produce a cryptogram. Both sender and receiver must have exact copies of the key beforehand. The sender needs the key to encrypt the message, while the receiver needs the exact copy of the key to recover the message from the cryptogram.
Although such ciphers are very secure, they suffer from what is known as the “key-distribution problem”. These random numbers have to be distributed securely and quickly, and, until the late 1960s, that was thought to be impossible without literally carrying the keys around in locked suitcases – a necessity that severely limited the size and bandwidth of secure communications networks. However, the 1970s brought an ingenious mathematical solution: the so-called “public-key” cryptosystems, and Singh provides a simplified but adequate explanation of the underlying mathematical techniques and the history of public-key cryptography.
Funnily enough, had he written his book a couple of years earlier, he would have attributed the discovery of this new encryption system to three Americans – Whitfield Diffie, Martin Hellman and Ralph Merkle. However, in December 1997 the British government officially confirmed that public-key cryptography was originally invented at the Government Communications Headquarters (GCHQ) in Cheltenham. By 1975 James Ellis, Clifford Cocks and Malcolm Williamson from GCHQ had discovered what were later rediscovered in academia and became known as the “Diffie-Hellman” key exchange and the “RSA cryptosystem”, both of which were based on the difficulty of factorizing very large numbers. The three British cryptologists, being constrained by secrecy, could never cash in on the invention that on the other side of the Atlantic was being turned into a highly profitable business.
However, Singh points out several times that the subject of secrecy is so important that it might simply be impossible to discover what the experts really know. So, if it takes only a couple of prime numbers to hide the most sinister plans of terrorists organizations, what sort of line should the law and law-enforcement agencies take here? What about our civil liberties? Do we not have rights to privacy? Singh touches on this point, but it reads more like an excuse to tell the story of “Pretty Good Privacy” – the software developed by the computer scientist Phil Zimmermann for keeping e-mail secret, and his battle with the US government to allow the software to be exported from America over the Internet.
Finally, Singh makes his leap into the quantum future. The story of quantum cryptography is designed, I guess, to be the book’s grand finale. However, unfortunately, at this important point the book falls sadly short of the high expectations we have come to have of Singh. This part strikes me as neither well researched nor well explained. Some parts of the text left me flabbergasted. It is shocking to read such nonsense as “the development of a fully operational quantum computer would imperil our personal privacy, destroy electronic commerce and demolish the concept of national security. A quantum computer would jeopardise the stability of the world”.
After all, quantum computers admit their own one-way functions, and in all probability public-key cryptosystems will be implemented at the quantum level long before quantum code-breaking devices become feasible. Moreover, quantum cryptography offers security that is not only superior to anything currently available, but invulnerable even to the power of quantum computing. So there is no need to panic.
Another notable omission from Singh’s story of quantum cryptography is the British contribution. It was at the Defence Research Agency in Malvern, not far from GCHQ, that quantum cryptography took its mature experimental shape. Without this work it might not have attained feasibility to this day.
Despite my disappointment with the last chapter, I think this is a delightful book. Simon Singh is a good storyteller. Many anecdotes, such as the one about IBM’s Charlie Bennett boiling a (dead) turtle in alkali, make it a smooth and very enjoyable read. It’s probably the best book on the history of ciphers since David Kahn’s Codebreakers. Read it!