Talk:Cryptography/Archive 2
This is an archive of past discussions about Cryptography. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page. |
Archive 1 | Archive 2 | Archive 3 | Archive 4 | Archive 5 |
Cryptology = cryptography + cryptanalysis ?
In everyday talk cryptography may be considered a synonym of cryptology but since this article is more in depth thus different from everyday sense don't we have to have only cryptology as the broader sense? And correct the cryptology article not to redirect to cryptography but instead explain what I have just said and give links to both cryptography and cryptoanalysis? At least that's the meaning of cryptology/cryptography I've seen in any book about this topic I've read. --Phaito 20:52, 5 Aug 2004 (UTC)
- My thoughts along these lines are: 1) For naming this article (which is about the entire discipline of crypto stuff), we should use the most common term for the entire field, and I think that's "cryptography"; 2) I've moved up the mention of "cryptology" up into the lead section, and formatted it in bold — does that help? 3) Wikipedia isn't a usage guide, nor a dictionary; having an entire article which simply defines the meaning of the word "cryptology" probably isn't the way to go. — Matt 23:55, 5 Aug 2004 (UTC)
- I agree with Matt. This precise terminological issue arose earlier here(see that heading above), and was settled (for WP purposes, anyway) by merging the cryptology article with cryptography and setting up the redirect noted here. This usage was also discussed, with the additional flavour of cognate Polish terms, at Talk:Marian Rejewski. Both discussions may be illuminating on this point. ww 15:12, 6 Aug 2004 (UTC)
- okay, whatever. I guess it's not that important how you call it after all. In Bulgarian there's a clear distinction between the terms though --Phaito 22:47, 6 Aug 2004 (UTC)
- Phaito, Can you enlighten us on the usage in Bulgarian? Polish would appear to be similar to Bulgarian if I have caught the inference here correctly. ww 13:52, 9 Aug 2004 (UTC)
- Terminology is more diverse in the languages that where first used in developing a theory. But once the terms were settled, later nations/languages that describe the theory will choose the best suited terms. Cryptology seems to be the best term for the collective meaning so that one is used in Bulgarian. But 'cryptogtaphy' in English still has that collective meaning which it likely never had in Bulgarian. So in Bulgarian the terms cryptography and cryptanalysis have the meanings that '-graphy' and '-analysis' suggest,
simply said - encoding/decoding--Phaito 19:13, 9 Aug 2004 (UTC)
- okay, whatever. I guess it's not that important how you call it after all. In Bulgarian there's a clear distinction between the terms though --Phaito 22:47, 6 Aug 2004 (UTC)
- I agree with Matt. This precise terminological issue arose earlier here(see that heading above), and was settled (for WP purposes, anyway) by merging the cryptology article with cryptography and setting up the redirect noted here. This usage was also discussed, with the additional flavour of cognate Polish terms, at Talk:Marian Rejewski. Both discussions may be illuminating on this point. ww 15:12, 6 Aug 2004 (UTC)
<-- I give up on :, off to the left!
P, So encoding = cryptography and decoding = cryptanalysis in Bulgarian? Or as nearly as the Englishified Bulgarian spelling will take me. So, I am a cryptographer when I encode (encypher as well?), and a cryptanalyst when I decode (decypher?) a message to you / from you.
If so, this is quite different than English usage, which breaks it down more finely (encrypt/decrypt, and encode/decode) and yet has no specific word for the person who invents/develops codes/cyphers except cryptographer, yet a cryptanalyst is also a cryptographer. For that matter English has no graceful word for one who merely uses codes/cyphers (doing the encoding/decoding etc) except possibly 'code clerk'.
I wonder how things change so, as the words all come from the same (?) source. Some German writer in 1500 I presume who chose 'crypt' as the root. Fascinating. ww 19:27, 9 Aug 2004 (UTC)
Sorry, i'm not used to the English terminology it seems. I didn't mean encoding/decoding but rather 'developing a cypher system' for cryptography and 'analysis of encrypted data without prior knowledge of the cypher system being used' for cryptanalysis. That was a foolish mistake i made :) That's because in Bulgarian the word for decode could mean 'to break code(encoding)' --Phaito 11:31, 11 Aug 2004 (UTC)
- P, I'm told by a friend who speaks Russian (and of course English as I have no Russian) that Pushkin is not translatable. And another friend who is bilingual in German and English says that the standard translation of Shakespeare into German is something of a miracle as it manages to get across quite a lot that ought not to be translatable. Wherever different languages come from, they have certainly introduced a lot of grit into human thought and interaction. Plus, of course, some opportunity for amusement! ww 13:34, 11 Aug 2004 (UTC)
It seems to me that, and I do have a fair amount of formal education in maths, that this article should be named Cryptology, and redirect cryptography to the page currently called cryptography, that would be called cryptology of course. As cryptology itself contains both cryptanalysis and cryptography as subsets of itself. Why would the superset redirect to one of the subsets? This makes no logical sense. I propose that cryptology be treated as the main page, providing a brief overview of topics in both, with links up near the top of the cryptology page to both the cryptography subpages and more in depth articles on cryptography. In addition, cryptanalysis would be given the same treatment. As to the changes in word usage over the years suggesting that they're interchangeable or perhaps one being used more in modern usage, and as such we should go with the current trend. I believe we should go with a definition in several current dictionaries - that cryptology is the broad study of codes, codewriting, and codebreaking. So my suggestions in brief are: this page should be on a secondary level of access, with cryptology being the first, global article of the subject, and containing a brief discussion of both (cryptography and cryptanalysis) with ample links to further reading and discussion. It seems to me that this, or something similar would be a good way to refactor these articles into a more comprehensive discussion of the topics at hand.69.92.141.242 04:11, 8 September 2005 (UTC)
- 69; I rather sympathize with the illogicality of the language usage here that you speak of, but must note a couple of things. There was exactly this discussion here about 2 years ago (?) as there was then a somewhat respectable cryptology article and a rather better written and more complete cryptography article. The upshot was then, among those active on WP in the crypto corner, to set things up as they are now. US military usage is as you describe, but civilian usage isn't by and large (books, book titles, etc). So at least for WP, it was decided to do the way she's being done now. Some of this history is here in this talk page, along with some pointers to others.
- You might be amused at another illogicality in this langauge we all speak in connection to crypto here on WP. It is the cypher v cipher teapot tempest to which pointers may be found above on this talk page. English spelling is not merely illogical but insane in my view. No wonder the dyslexia rate is so much higher for English speaking school children than for others with a remotely acceptable orthography.
- I hope this covers some of the issue you raise? ww 12:10, 8 September 2005 (UTC)
I agree absolutely with the the initial thrust of this paragraph for several reasons. First, cryptography, in it's Latin original, simply means "secret writing." As such is is very broad, and encompasses all forms of encryption. It's focus, however, is primarily on the encoding of secret messages. Similarly, cryptanlysis is the study of how to decode those messages. Cryptology, meanwhile, is the science of the study of both cryptography and cryptanalysis. Cryptology and cryptography are NOT synonymous, yet Wiki lumps them together. Cryptanalysis is the counterpart to cryptography, and both fall under the broader heading of cryptology. Thus, I strongly believe the Wiki entries need to be rewritten such that Cryptology is the main entry with two subentries, Cryptography and Cryptanalysis, and that searches for the latter two point to the main entry. Subentries, however, such as various methods like public key cryptography, should remain independant of the main article. Note: By lumping cryptography and cryptanalysis under the broader topic cryptology on the same page, you reinforce the proper relationship between all three while eliminating the current level of confusion. Dr1819 19:31, 28 February 2006 (UTC)
- 1819, I agree that the usage of cryptography and redirect of cryptology to it are awkward. As you can see above (at 'merge proposal'), this awkwardness ran up against a practical concern here on WP, namely the possiiblity of having two article trees, mostly duplicating each other at every leaf. Cryptiacs active at the time decided to merge ology into ography and to adopt ography as the highest level noun for the field here on WP. This is not so out to lunch as you seem to think as ography is quite widely used outside military circles for the enitre field. See any number of serious books perhaps starting with Applied ography by Schneieir.
- The intent was merely practical and nothing more, speaking as one of the participants in the decision, which, it might be noted included a graduate student in the field from India, and another (history I think) from London as well me, a US writer in the field. Since then another crypto grad student has gotten actively involved (Matt) along with many others, some also academic, some industrial, some hobbyists, some professional cryptographers (several senses), but all somewhat less actively. By now I think that long ago decision is more or less cast in concrete as the work required to change everything would be large, and mostly fruitless anyway as, ideally, we will end up with the same content, but with opne word substituted for another throughout.
- The wide military (and NSA) use of cryptology is influential, but not definitive as to usage. Ography as a viable option is not so entirely confused, and out to lunch, as you seem to imply. So the decision is somewhat arbitrary, I suppose. We see here another example of English' anarchic ways, and the annoyances it causes to those of tidying sort of dispostion. ww 23:11, 28 February 2006 (UTC)
- Dr1819, personally, I don't think it matters too much either way. In some modern usage (and some old usage), "cryptography" and "cryptology" are synonymous, and in other uses, "cryptography" is just one half of "cryptology" alongside "cryptanalysis". I've come to the conclusion that article names aren't really worth arguing about. What's more important is the articles themselves, so in that sense I'm happy to have the "entire field" article either at "cryptography" or "cryptology"; both are reasonable choices for a name for the entire field. — Matt Crypto 08:07, 1 March 2006 (UTC)
Some good points in response to my comments, folks - thank you. If I was unclear before... I think we should merge the two topics, as most of the stuff in the -ology belongs in the -ography. Then, under the -ology umbrella, have two headers, cryptography and cryptanalysis.
Sadly, someone appears to have merged the two, all right. Unfortunately, they merged the -ology into the -ography, which is like merging the set ALL GM VEHICLES into the subset YUKONS.
Cryptology is the superset, not cryptography. Whoever did the merging is apparently unaware that a high level of forethought goes into the meanings of each word in the dictionary, with inputs from experts in those fields. In short, the cart is now before the horse! http://www.m-w.com pretty much spells it all.
I hope someone with a greater grasp of both the English language and the history and science of encryption corrects this obvious oversight. Thanks, all. Dr1819 21:13, 4 March 2006 (UTC)
- I concur about the conceptual primacy of "cryptology" over "cryptography." "Cryptology," as a -logy, denotes the study of "secret writing" ("cryptography"), for purposes either of maintaining its security or of breaching it. And, yes, where two related words exist, typically they fill somewhat distinct conceptual niches (cf. the classic example: "regal," "royal," "kingly").
- I would view favorably the abolition, or at least disuse, altogether of "cryptanalysis" as a late, redundant neologism coined by cryptobureaucrat William Friedman. logologist|Talk 00:49, 5 March 2006 (UTC)
Let's take a closer look at these, courtesy of the Merriam-Webster dictionary:
Cryptology - 1 : the scientific study of cryptography and cryptanalysis
- Cryptography - 1 : secret writing; 2 : the enciphering and deciphering of messages in secret code or cipher; 3 : CRYPTANALYSIS
- Cryptanalysis - 1 : the solving of cryptograms or cryptographic systems
2 : the theory of solving cryptograms or cryptographic systems : the art of devising methods for this
From the definition of Cryptology, it appears Cryptography (secret writing) and Cryptanalysis (the solving of it) fall neatly beneath, as subheaders. But the definitions of each muddy the waters by equating cryptanlysis as a subset of cryptography.
As such, I'm reversing my position and agree that Cryptography should be the main header. After all, for many people, cryptography isn't a science (cryptology), it's merely a hobby, or even a useful tool.
But does this make sense? cryptography is to cryptology as biography is to biology...
Ahhh... Such is the English language.
- Yet in a number of years the English language may become completely different by any number of things.
Query
How does one edit the 'graphic' alongside the third paragraph, i.e. 'Unsolved problems in Computer Science'? This is because the 'one way' needs to be corrected to 'one-way'. Duncan.france 02:09, 1 May 2005 (UTC)
- If you click "edit this page", then look in the 2nd paragraph, you'll see a line starting:
- {{unsolved|computer science|One way functions are [[functions]] that....
- You can edit it there. The "{{" bit denotes the start of a Template. Hope that helps! — Matt Crypto 02:32, 1 May 2005 (UTC)
Is there a page that gives the general definition of a cryptographic break? I was looking but couldn't find anything, but I don't want add it if it already exists.--Mpeisenbr 17:37, 2005 August 31 (UTC)
- If it's not already there, cryptanalysis might be a good place for it. — Matt Crypto 18:42, 31 August 2005 (UTC)
"Crypto"-proliferation
Let me stir up a hornet's nest. Why are two serious quarterlies, devoted to this field, titled Cryptologia and Journal of Cryptology rather than Cryptographia and Journal of Cryptography? I suggest that "cryptology" is the term that should be used for the study (-logy) of codes and ciphers. Conceivably the term "cryptography" (Greek for "secret writing") might retain some marginal utility in designating the set that subsumes the two subsets, codes and ciphers. But William Friedman's neologism, "cryptanalysis," as a fancy synonym for "solution (of a cryptographic system)," is surely dispensable. Marian Rejewski, the Polish mathematician-cryptologist who broke the German Enigma cipher, accomplished this without benefit of acquaintance with the term "cryptanalysis." logologist 05:42, 10 September 2005 (UTC)
- Erm, I don't understand what you're saying about Rejewski -- how does the fact that some Polish mathematician managed to make do without the English word "cryptanalysis" some 70-odd years ago make any difference to the suitability of that word for Wikipedia? The word "cryptanalysis" is the term used in modern cryptography to refer to attacking ciphers (and hash functions, MACs, etc). "Codebreaking" is also a widely-used term for historical attacks on codes and ciphers, even in scholarly work. You might wish that everyone used the word "cryptology" instead, but it isn't Wikipedia's purpose to choose the best words for people to use; Wikipedia's task is to describe topics using the jargon of the subject itself. "Cryptography" is widely-used within the field to refer to the entire field itself, although "cryptology" pops up occasionally, as with the journals you mention. — Matt Crypto 12:07, 10 September 2005 (UTC)
- Where one has a choice of terminology, he is not obligated to use the more pretentious, but no more communicative, term. Why title an article "Cryptanalysis of the Enigma" where "Solution of the Enigma" would do and would be simpler — not to mention, easier to say (3 syllables vs. 5)? Why foster cryptological bureaucratese? logologist 20:37, 10 September 2005 (UTC)
- Because "cryptanalysis" is the usual term used in the field, and it's perfectly idiomatic. — Matt Crypto 21:49, 10 September 2005 (UTC)
- L: What Matt said. And note the terminological history reflected in the immediately preceding headline block above. There is no good solution to differences in erspective in the mapping of words_to_real_world things, and still less where the real_world things are not concrete things, but abstract concepts without a concrete referent. In addition, when you have a language, in this case English, which has a very long history of a deplorable (to the Miss Fidditches of the world and classroom) weakness for sponging off other languages for terminology and concepts, you have even more trouble. Which is not even to mention the wobbly orthography the language tolerates -- to the eternal irritation of the Miss Fidditches.
- I think we're stuck with it, and that doesn't even include the still more deplorable lack of typo discipline amongst the computer reliant. To the dogs, I say, it's all going to the dogs and in future gernerations it will be seen to be jointly the fault of deficient evolution (thumbs are too fat and insufficiently agile) and SMS cellphones. It's hard to credit that teenagers can even speak the language given what one sees in text messaging.
- As for the Rejewski business, surely your position is a rather too extreme version of the Sapir-Whorf hypothesis, to wit that langauge determines / limits / controls thought? That's if my memory for the spelling is correct. Given my difficulties, it may even have been the Michelson-Morley experiment I'm trying to remember.
- And there are too many ':'. ww 22:40, 11 September 2005 (UTC)
- What does it say about a field, when its practitioners and historians can't agree on its name? When etymologies are ignored, and superfluous terms are coined by cryptologist-bureaucrats who claim for themselves the achievements of their subordinates? (James Gannon, Stealing Secrets, Telling Lies: How Spies and Codebreakers Helped Shape the Twentieth Century, Washington, D.C., Brassey's, 2001, chapter 6: Who Broke Purple?, pp. 94-106.)
- I don't believe in Benjamin Lee Whorf's hypothesis. Each language is a vessel that is shaped by, and gets filled with substance poured into it by, its speakers. Each language meets the needs of its users.
- As to the chaotic spelling of the English language, every thinking person since Benjamin Franklin, Noah Webster, Melvil Dewey and G.B. Shaw has lamented it. Which language(s) do you suppose the world should begin learning as replacement? logologist 03:42, 12 September 2005 (UTC)
- Because "cryptanalysis" is the usual term used in the field, and it's perfectly idiomatic. — Matt Crypto 21:49, 10 September 2005 (UTC)
- Where one has a choice of terminology, he is not obligated to use the more pretentious, but no more communicative, term. Why title an article "Cryptanalysis of the Enigma" where "Solution of the Enigma" would do and would be simpler — not to mention, easier to say (3 syllables vs. 5)? Why foster cryptological bureaucratese? logologist 20:37, 10 September 2005 (UTC)
Logologist, you wrote: "What does it say about a field, when its practitioners and historians can't agree on its name? When etymologies are ignored, and superfluous terms are coined by cryptologist-bureaucrats..."...erm, well, it says nothing at all. Most people care more about the actual subject matter than the utterly trivial details of what the field happens to be called in the English language, and whether or not the term has a fitting etymology. Names are just labels we hang off concepts so we can communicate about them. It's the concepts that are interesting. — Matt Crypto 08:47, 12 September 2005 (UTC)
- What Matt said. ww 19:26, 18 September 2005 (UTC)
Crypto steps / layers
I am working on a cryptographic article that covers something I think is missing both on Wikipedia and in most crypto books. An article that briefly explains which steps one does in which order when encrypting a message. That is, make/exchange IVs, perhaps compress the message, MAC the message, encrypt the message etc. Since I have not come up with a good name for the article yet and it only is a very rough draft I have put it under my user page for now: User:Davidgothberg/Crypto_steps I would love to get some help to brush it up to an acceptable level and to figure out a good name for it. --David Göthberg 15:36, 2 November 2005 (UTC)
- That should go in Wikibooks, not Wikipedia. Phr 22:08, 1 April 2006 (UTC)
Good old Xor
I have found that for quick'n'dirty encryption that your kid sister won't be able to decrypt, the good old xor is more than enough. I think individuals need not use heavy metal encryption too much that big brother cannot decrypt easily because then he may single you out for questioning, getting suspicious about you quite unnecessarily. Xor works just fine for me and keeps my kid sister away from those special pics of my romantic escapades ! 193.251.135.124 22:24, 22 February 2006 (UTC)
- let's hope your kid sister doesn't read Wikipedia :-) - the fixed headers in JPEGs means that XOR can be broken without even having to guess the key! --Alvestrand 07:46, 23 February 2006 (UTC)
Dittoing... Yep. And posting any algorithm of unbreakable encryption on the Internet is a felony under US law, so... Think twice! BTW, "Other" rewritten to reflect reality. And, no, I won't be posting an algorithm! --Dr1819 22:38, 26 February 2006 (UTC)
- Wikipedia is screwed with one-time pad then ;-) — Matt Crypto 21:19, 28 February 2006 (UTC)
- Matt, I agree and think the remaining question is whether we turn oursleves in to the FBI before they notice the offense or only after. Should we warn Wales and the Metawiki board? Give 'em a chance to run for it? What about the Foundation? And who goes to jail (gaol for you)? Will you petition Her Majesty's Government for a waiver of extradtion for you, so you can see the USA from a jail cell maximally promptly? Or do you think you'd prefer to force the Justice and State Departments to bother HMG with formal requests to waive extradition hearings in your case? Prosecuting minds want to know, so please don't be dilatory. Mayhap we'll finally meet in adjoining cells in Gitmo? What do you think? ww 23:19, 28 February 2006 (UTC).
Explanation of trim-down
Just to explain why I feel my recent trimming was necessary. First of all, I feel strongly that we shouldn't be internal-linking words like "encryption" every time they come up, and we shouldn't link "encipherment" at all if it's only linked to encryption. It's better to have fewer links that are more relevant.
Second, this article is not really about the subtle variations in the usages of "encryption","encipherment","encoding","cipher" vs "cypher", and so on; actually, I don't think that stuff belongs in the article at all, except that it's necessary in order to discuss the rest of the topic clearly. The article is too long, and that's one of the places I found that it can be trimmed down. It may be worth having an article on cryptography terminology, but here we want the barest possible introduction. Also, the text I removed claimed to be authoritative and yet gave information contrary to what I know about crypto terminology. There is no "strict" meaning of encipher vs. encryption vs. encoding, unless you want to arbitrarily pick one dictionary of glossary. And "decryption" is MAINLY meant as the reverse of "encryption," without the connotation of an unauthorized person doing it. I agree that it's best to use "decryption" in a sentence like "The NSA decrypted the suspicious email," but this is a side connotation, not the main usage. Mangojuice 18:07, 13 March 2006 (UTC)
- If "to decipher," "to decode," and "to decrypt" all mean the same thing, then why did the cryptographers and cryptologists bother coining three separate terms?
- Ditto regarding "to encipher," "to encode," and "to encrypt."
- And if there is a reason for the existence of all these distinct terms, then what better place for the briefest explanation of the distinctions than in an article on cryptography?
- logologist|Talk 07:03, 14 March 2006 (UTC)
- I'd say the answer is partly historical (terminology changes over the years). In current technical usage I'd say "decipher" is not a cryptographic term that a specialist would use, but in everyday language it means to recover plaintext when you don't have the key (e.g. through cryptanalysis of something encrypted, or deciphering illegible handwriting). "decode" is also non-cryptographic: it means to get plaintext out of a data stream that's in some special format, but not encrypted; e.g., an mp3 decoder takes mp3 audio files (that use a sophisticated data compression algorithm) and turns them back to PCM samples. "Decrypt" usually means convert the ciphertext to the plaintext using the key, but it can also sometimes mean by cryptanalysis. Contemporary Cryptology edited by Gus Simmons I think talks about this stuff a little, but my copy is in storage and I can't get to it easily right now. Kahn's The Codebreakers is probably the best historical book.
- Funny story: Leo Marks in "Between Silk and Cyanide" (WW2 memoir) tells of being given some military aptitude test in cryptography after elsewhere completing a course in the subject. The boss gave him a stack of papers with some ciphertext on one page (some WW2-era pencil and paper cipher) and told him to "break the code". Marks spent hours doing the cryptanalysis process he'd been trained in (make frequency and bigram tables, blah blah), covering the desk with worksheets while the boss wondered what the heck was taking so long. He finally handed in his answer to the glum-faced boss, in whose look it was obvious that Marks had failed by being so slow. The confusion was that the test was not of cryptanalysis at all: the stack of papers included the key, and by "break the code" the boss meant Marks was supposed to just use the key to decrypt the message (i.e. like a code clerk), not cryptanalyze it, and the boss was astonished when it became clear what Marks had actually done (he didn't realize it was even possible). Phr 07:42, 14 March 2006 (UTC)
- I'd forgotten that one, but Marks' book -- if fairly representing what went on at SOE -- is a vivid condemnation of the dangers of letting the cryptographically ignorant determine how to proceed. A little cryptographic knowledge was then, and remains now, a very dangerous thing. As for the terminological back and forth (above), I agree that it should be brief, but would point out that conventional (ie, uniformed) usage leads to considerable confusion and much pointless handwaving. We do need to make the conceptual differences reflected in the terminology clear. A code is not a cypher, and decryption could be done to both codes and cyphers, but decode applies only to codes (except in popular confusing misusage whenit includes solving puzzles generally). Since many people, probably especially our Average Reader, rely on language structure (or apparent structure) to guide them across unfamiliar ground, we are obliged as writers, to make clear when that structure is misleading, and might dump them into a conceptual bog. This attempt at clarification is not, in my view, in any way optional for us. ww 08:04, 14 March 2006 (UTC)
- There's a very old cryptographic notion of "codes" where numbers represent phrases and stuff like that. These days the term is hardly ever used that way. It always means either software (as in "source code") or non-cryptographic things like error correcting codes, bar codes, base64 encoding, etc. If you really want to include all these terms I think it's best to have a special glossary section (or even a separate article) for them rather than interspersing them through the main article where they just get in the way. Btw, I think of "cypher" as an archaic spelling that was repopularized in some circles because of Jude Milhon's term "cypherpunk" (analagous with cyberpunk) invented in the 1990's. Kahn has some 18th century quotes that use it. I can't think of a single time I've ever seen that spelling used by anyone working in the field in the past century (though I haven't been exactly searching). Yardley's books from the 1930's and later use "cipher" consistently, as does the English version of André Langie's Cryptography from 1922. Phr 08:33, 14 March 2006 (UTC)
- I'd forgotten that one, but Marks' book -- if fairly representing what went on at SOE -- is a vivid condemnation of the dangers of letting the cryptographically ignorant determine how to proceed. A little cryptographic knowledge was then, and remains now, a very dangerous thing. As for the terminological back and forth (above), I agree that it should be brief, but would point out that conventional (ie, uniformed) usage leads to considerable confusion and much pointless handwaving. We do need to make the conceptual differences reflected in the terminology clear. A code is not a cypher, and decryption could be done to both codes and cyphers, but decode applies only to codes (except in popular confusing misusage whenit includes solving puzzles generally). Since many people, probably especially our Average Reader, rely on language structure (or apparent structure) to guide them across unfamiliar ground, we are obliged as writers, to make clear when that structure is misleading, and might dump them into a conceptual bog. This attempt at clarification is not, in my view, in any way optional for us. ww 08:04, 14 March 2006 (UTC)
I agree with Mangojuice. Perhaps an extended description of the terminology might be better in encryption? Here, I feel it distracts unnecessarily from our overview, and much of the field of modern cryptography is concerned with many other things besides encryption. — Matt Crypto 08:50, 14 March 2006 (UTC)
- I enjoyed Phr's Leo Marks story. It illustrates some points that I think are worth keeping in mind lest we, as ww says, end up dumping readers into a conceptual bog.
- The "boss" confuses concepts in referring to a cipher (it was a "ciphertext") as a code ("'break the code'"). Breaking is a colloquialism for "decryption," and that is how Marks (mis)understood his directions. The boss should instead have told him to "decipher" the ciphertext (if he was to use a known key, obtained legitimately from its originator) or to "decrypt" it (if the key had been obtained by theft or cryptanalysis).
- Traditional codes, by the way, are not all that antideluvian. They were extensively used as recently as World War II, and I suspect more recently than that.
- If one isn't very careful about context, a reader may easily misconstrue what is being said. Sloppy English-speakers tend to call everything a "code." Sloppy Poles, by way of a contrasting example, tend to do the opposite, and call everything a "cipher" (hence the Polish "Cipher Bureau").
- I think that it's incumbent on us, particularly as the tools of cryptology become more precise (with the use of mathematics and computers), to also be precise in our use of terminology.
- logologist|Talk 09:20, 14 March 2006 (UTC)
- I think that's a precision that isn't actually carried in those words. "decrypt" certainly today usually means decrypt using the key; e.g., you send your friend a PGP message encrypted with her key, and she decrypts it so she can read it. But historically we speak of the "Enigma decrypts" from Bletchley Park propagating through the Ultra system, etc. I can't think of any times I've ever seen "decipher" in contemporary technical usage--it was used historically (see Kahn) and it means something in everyday English, but it's not normally used by cryptographers nowadays. I'm with Matt and Mangojuice in agreeing that the article should be streamlined. (Also I don't think Marks' boss used "ciphertext"; that was my own description of the piece of paper that Marks was given. The boss did say "break the code" and apparently also referred to the key as a "code"). I have nothing against explaining and comparing all these old and similar terms somehow, but right now they distract from the article's flow, so some reorganization is a good thing. Re traditional codes: Jim Reeds has a good article and bibliography [1] but these codes were not used for secrecy; the purpose was more like data compression. And stuff has changed tremendously since the computer era took root. Phr 10:42, 14 March 2006 (UTC)
- I tried to make things more clear in the article without going on at length. At this point, I think every word usage in the article is the right one, and I'll continue to try to keep this true. I think as long as we're using the words correctly in the actual body of the article, we don't need to get into this too carefully. I think in the article as it stands, the terminology section does break up the flow, but where else should we put it? The only idea I have is that it could be incorporated into the history section. What do people think of that? Mangojuice 15:44, 14 March 2006 (UTC)
- I'd prefer to not keep it where it is. I'm not sure there's such a thing as "correct" usage--the meanings of all these words have always been somewhat fluid, so this whole discussion seems a bit pedantic. Having the terminology section at the top of the article makes the article seem like it's going to be boring. I'd prefer to just have a brief mention at the top of the article of the most important terms, and move the more extended terminology section to the bottom of the article or to a separate article ("glossary of cryptographic terms") since the main article is already rather long. Also I'd probably take issue with some of the descriptions; I've never had a sense that "cryptology" once meant what we now call cryptanalysis, and it certainly isn't limited to that meaning nowadays (see Simmons' book Contemporary Cryptology, for example). Part of the problem is that the article covers both historical and modern cryptography, which are really very different from each other. There just isn't much reference in today's work to historical practice and usage, for the same reason that today's aerospace engineers don't really worry much about how things were done in the era of the Wright Brothers. Phr 01:03, 15 March 2006 (UTC)
- I tried to make things more clear in the article without going on at length. At this point, I think every word usage in the article is the right one, and I'll continue to try to keep this true. I think as long as we're using the words correctly in the actual body of the article, we don't need to get into this too carefully. I think in the article as it stands, the terminology section does break up the flow, but where else should we put it? The only idea I have is that it could be incorporated into the history section. What do people think of that? Mangojuice 15:44, 14 March 2006 (UTC)
Terminology and description
With due respect to the contributions of Logologist, I'd like to remove the description of "cryptology" as formerly meaning what we now call cryptanalysis, and also the description of "cryptanalysis" as a neologism. The OED2 gives cites of "cryptology" with something like today's meaning, back to the 17th century or maybe earlier (I don't have it in front of me right now). "Cryptanalysis" was coined in the 1930's, which is ancient history now. If we really have a problem with that term, our best bet is to get a time machine and take it up with Friedman. Finally, I'm inclined to expand the description of crypto as a field within math and CS, to include the engineering aspects. For example, one of the design criteria for AES was suitability for efficient hardware implementation. Crypto research sometimes even spills over into physics, for example, Don Davis had a Crypto 95 (iirc) paper on generating random numbers from chaotic airflow inside a disk drive; there's also all the crypto-inspired work on quantum computing. Any objections? Phr 13:49, 22 March 2006 (UTC)
- Go for it. I think it's worth including the information that Friedman invented the term "cryptanalysis" but the notation section is not the place for it! Also, it's inaccurate to say that "cryptology" isn't used because we use "cryptanalysis" -- cryptanalysis is not synonymous with cryptology, and cryptology is still used. Each of the terms has their own subtlely different meaning, which is not particularly interesting, or what the article is about. We probably shouldn't define cryptanalysis in that section at all (we can define it under the section "Cryptanalysis"), but we need to say somewhere (probably early) that cryptology is basically synonymous with cryptography in practice (because Cryptology redirects here). Mangojuice 13:59, 22 March 2006 (UTC)
New Heading?
I'm not sure who edited the intro to the article, but I'm very tempted to change it, as it's attempting to rewrite history.
Several key points:
1. Cryptology and cryptography are not synonomous - not then, and not now. Not even close. The first deals with encryption and decryption, while the latter is a science. Any dictionary will contrast the difference between -ography and -ology. There are many amateur cryptographers. There are no amateur cryptologists. These two terms are about as synonomous as "surfing" and "oceanography." Certainly the surfer has a budding, if merely intuitive knowledge of waves and currents, but many surfers know little about the science behind waves, much less about the vast world beyond a few hundred yards from shore.
2. Authentication (and validation) is a key element of communication, not cryptography. While the two are used in conjunction with one another in various secure communication strategies, they are NOT synonymous either. Again, this is like saying that engines are synonomous with wheels. Both are elements of a vehicle, designed to safely and effectively transport people and cargo, but just because they're used together doesn't mean that wheels are a part of an engine. The same is true of cryptography and authentication. There are working examples of each which have nothing to do with one another! Case in point: One WWII soldier says, "Halt, who goes there?" The other says, "Apple pie." The first says "Bette Grable." If these were the pre-briefed terms, they just authenticated one another. Neither of the pre-briefed terms were encrypted. They could as easily have said, "oogh," "ugga" and "wugug," or used hand signals. That's not encryption - that's authentication. Similarly, encryption without authentication happens every day, as well, although in modern times it carries less meaning, and is only used with non-critical systems.
More later. Definately! Right now I'm going to dinner... Dr1819 14:35, 1 April 2006 (UTC)
- Feel free to change it but I wouldn't get too hung up over this terminology stuff. It's supposed to be a cryptography/cryptology article, not a philology article. The terms really do get used pretty interchangeably. The OED2 has several cites for "cryptology" as meaning about the same as "cryptography". I don't think Ron Rivest or Victor Shoup would get upset if you described either of them as terrific cryptographers. Oded Goldreich's two-volume book on crypto theory, which is intensely mathematical and abstract, is called "Foundations of Cryptography". To the extent there's a difference between cryptography and cryptology, I'd say it's less vast than surfing vs. oceanography; it's more like engineering vs. science. What I haven't seen is "cryptology" as specifically meaning "cryptanalysis" and I suspect any such historical usage was in languages other than English. So I'd like to see that part cited or removed.
- I wouldn't sweat the authentication vs crypto issue either. I think most folks in the field have no problem describing the NIST Digital Signature Algorithm or the HMAC construction as cryptographic authentication schemes or SHA-1 as a cryptographic hash function, even though none of them encrypt anything. And today's crypto conferences are full of papers on multiparty computation, voting protocols, etc. That's what I liked about Rivest's description, "cryptography is about communication in the presence of an adversary": it summarizes the whole field nicely. Phr 21:45, 1 April 2006 (UTC)
- I concur with Phr on this. The language is sloppy, admittedly. But that is not something WP can fix, nor for that matter you. English speakers are an anarchic lot, to the eternal frustration of Ms Fidditch. We are here to describe actual usage, whether correct by some criteria or not. The terminology section at one time made this point about variable meanings in an attempt to warn the reader of unsteady footing, but several non-bemused folks removed it. I suggest that we concentrate on content and informing Our Reader, rather than worrying at reform of sloppy language users. ww 03:52, 4 April 2006 (UTC)
- It's even worse than just "English speakers" being anarchic. Most cryptography research papers are written in English, but the researchers themselves are a very international community, so quite a lot of crypto terminology these days is being invented (in English) by non-native English speakers, and can sometimes sound strange. Phr 06:44, 4 April 2006 (UTC)