Recap of Historical Cryptography

Summary

In this chapter, we have examined a number of historical cryptosystems. Although none of these cryptosystems is suitable for modern use, they provide several important design lessons for modern cryptosystems. These include the following:

• A large keyspace is necessary for a practical cryptosystem, but a large keyspace alone does not guarantee security.

• It’s possible to break a cryptosystem without first determining the key. Designers of cryptosystems thus need to worry about much more than just the protection of the key.

• The ciphertext produced by a cryptosystem should disguise the statistics of the underlying plaintext alphabet.

• Effective techniques for disguising plaintext statistics include increasing alphabet size, ensuring plaintext letters encrypt to a variety of different ciphertext letters, and introducing positional dependency, but these properties alone do not guarantee security.

• Efficiency and security are often traded off against one another when designing a cryptosystem.

• It is unlikely that anyone will use a cryptosystem in which the balance of efficiency versus security is inappropriate. In particular, secure cryptosystems that are inefficient to use in practice aren’t a good fit for most applications.

• We can design cryptosystems to be secure against attacks we know and understand, but unknown attacks could be discovered at any time in the future.