In cryptography, a cipher is an algorithm used to perform encryption and/or decryption. Some people may use the alternative spelling “cypher”, but the meaning is still the same. In common usage, the terms code and cipher may be considered synonymous. In the field of cryptography, however, the two are distinct.
Codes are not really ciphers
A code typically describes a system where certain words or phrases are assigned a meaning. The code words or phrases may have a legitimate, well-understood meaning, however, the code implements a secondary meaning that only those “in the know” can understand. Alternatively, the code can be a completely meaningless combination of characters.
For example, two agents wanting to confirm that they can trust each other may use a pair of code phrases. “I hear the weather in Paris is nice this time of year.” and “I’ve always been more partial to Dublin personally.” could be a pair of challenge-response code phrases. One of the benefits of using code phrases with established and secondary meanings is that an outside observer may consider the conversation entirely unexceptional and unlikely to have a hidden meaning. Such a code phrase system benefits from plausible deniability.
Care, however, needs to be taken so that the phrases chosen are not likely to be used by a random passer-by. If the first code phrase is spoken to a random member of the public, they might consider it a little odd, but otherwise just idle chit-chat. The code response should be chosen to make sense to anyone that might be listening, but extremely unlikely to be said by any random person.
Some codes may not use full words at all. For example, “UBDIBF” could be a code word used to indicate “mission complete, all objectives fulfilled”. Anyone seeing or hearing such a code would be able to assume that some secret message is being passed. Without knowing the code, however, they would be unable to determine the meaning. Such codes benefit from being shorter and easier to transmit. Both methods also run the risk that the operative forgets the correct code to use.
A cipher is an algorithmic way to mangle a message in such a way that the output, known as a ciphertext, can’t be understood. To prevent the entire cipher from becoming useless as soon as someone understands how it works, a “key” is used to vary the output.
In modern cryptography, there are two distinct ways of defining algorithms. The first is by the type of key. A symmetric cipher, uses the same key to encrypt and decrypt data. A symmetric key is generally referred to as the secret key. An asymmetric cipher uses two different keys, one to encrypt data and one to decrypt. Typically, the asymmetric key used to encrypt data is known as the public key while the decryption key is referred to as the private key. Utilising them this way around lets anyone encrypt a message, confident in the knowledge that only the legitimate owner of the private key can decrypt and read the message.
Ciphers can also be classified as a stream or block cipher. A stream cipher encrypts a continuous stream of symbols. A block cipher encrypts fixed-sized blocks of data, as such block ciphers need padding if the data doesn’t exactly fit the block size.
Classical vs modern ciphers
Classical ciphers were relatively simple. This was necessary due to the low tech levels necessitating that ciphers were usable by hand or using simple tools. These tended to involve transposition or substitution. A substitution cipher such as the Caesar cipher or ROT13 substitutes one letter in the alphabet for another. In ROT13, each letter is substituted with the letter 13 characters after it in the alphabet. A transposition cipher acts similarly but doesn’t have the same shift for each character. Such techniques, even when the transposition alphabet is changed after each letter are relatively easy to crack. This is because the possible key space is low, there are only so many different keys that can be used. Once an enemy understands the cipher, they can just try all the keys and break the system.
Modern ciphers rely on Kerckhoff’s principle. That states that any cryptosystem should remain secure even if the entire system, apart from the key, is known to the enemy. As such, modern ciphers are public and well-researched without compromising their security. Now only the key needs to be kept secret, a feat much more manageable than keeping the entire system secret.
A cipher is another name for an encryption algorithm. Some people may use the term interchangeable with code (as in enciphered = encoded). This is not strictly correct though. A code relies on the meanings of the code remaining secret. A code can also be arbitrarily decided. A cipher is a repeatable algorithm for enciphering arbitrary data. A cipher’s security relies on the key remaining secret.
The term “cipher” comes from the Arabic word for zero صفر (sifr). The roman numeral system didn’t have the concept of zero, so when the Arabic numeral system spread to Europe in the middle ages the Arabic word was adopted into medieval Latin ad “cifra”. Over time, in England, this term evolved into the word “cipher”. It is believed that the new concept of zero was hard to understand so the term was used to refer to any message or communication that was hard to understand even if it wasn’t actually encoded or enciphered.
Did this help? Let us know!