11.

At some federal agencies, private keys are changed on a quarterly basis, while other agencies change keys on a monthly, weekly, and even a daily basis. The driving force behind the frequency of key changes should be the worth of the data whose contents are being hidden by encipherment and the potential threat to that data. The latter may be extremely hard to judge, since most persons will not know their electronic conversations have been targeted for interception until it is too late. In addition to the potential threat, you must balance key changes against the effort required to develop and distribute new keys on a periodic basis. If the system you devise is difficult to implement or requires too much effort to effectively use, many potential users may bypass the system you develop. Thus, the old military adage—Keep it simple—is worth remembering when you consider various methods for the generation and distribution of keys.

Types of Ciphers

A visit to a large university or public library will reward you with the ability to locate a large number of books which discuss the use of cipher systems. Some books, such as The Codebreakers (Macmillian, 1969) by David Kahn and Cryptanalysis (Dover Publications, 1956) by Helen F. Gaines, provide an excellent overview of a variety of cipher systems, primarily focusing upon the historical use of such systems. More recently published works, such as Security for Computer Networks by D.W. Davies and W.L. Price, can bring you up to date on recent developments in the construction of cipher systems from a mathematical basis. Reading these and other books will acquaint you with hundreds of types of cipher systems, ranging in scope from an elementary process that can be performed mentally to very complex systems that require the use of a computer. What each of those cipher systems has in common is the ability to be classified into one of two general categories—substitution and transposition.

The remainder of this section focuses on an initial overview of each cipher category and discusses several of the variants used to develop specific types of cipher systems. This is followed by a discussion of the constraints that must be employed in considering the algorithms and key space used to convert plaintext to ciphertext which will enable ciphertext to be carried by many electronic mail systems. Our examination of substitution and transposition cipher systems will be based upon the use of private keys. Although it is quite possible to develop public key based substitution and transposition cipher systems since the former dates from the 1970s while the latter can be traced to the time of Caesar, from a historical perspective the cipher systems we will examine were all developed based upon the use of private keys. Thus, we will respect the historical evolution of encryption and primarily examine the characteristics of substitution and transposition cipher systems via the use of private keys in this chapter.

Substitution Cipher Systems

In a substitution cipher system, each plaintext character is replaced by a ciphertext character using an algorithm which operates upon the plaintext in the sequence in which the plaintext characters appear. In a simple substitution cipher system, the replacement process is unaltered. That is, each plaintext character is replaced by the same ciphertext character. For example, the well-known Caesar cipher, in which the ciphertext represents a fixed displacement in the alphabet, would encipher the message KILL ALL THE LAWYERS as LJMM BMM UIF MBXZFST using a displacement of one character position as the encipherment algorithm.

You can denote the relationship between a plaintext alphabet and a ciphertext alphabet by listing one alphabet above the other. For example, restrict your plaintext and ciphertext alphabets to the 26 uppercase letters. Then, for the simple one-character Caesar cipher displacement, the relationship between the plaintext alphabet (P) and the ciphertext alphabet (C) is as appears below. In this example, the letters in the ciphertext alphabet are displaced by one character position from the letters in the plaintext alphabet. We can denote this relationship between the mapping of plaintext and ciphertext characters as P_A=C_B, which indicates that the letter A in the plaintext alphabet is aligned with the letter B in the ciphertext alphabet.